Re: Unhearing government Bank phone security
On occasion I have stated that I have deposited a security number with them and can they please give me the 2nd and 4th digits.
149 posts • joined 29 Jun 2013
It wouldn't be the first time - the Huascar in 1879 had the latest infernal device - an automotive torpedo. This was powered by compressed air and rather slow. When discharging this the device slewed through 360 degrees and returned to sender...
Not all was lost - the ships doctor jumped overboard, swam to the torpedo and pushed it away from his ship - in the middle of a battle. Of such stuff are hero's made.
So what happens if a malicious agency (e.g. pensions or a local council) decides to use RIPA - to quote from the relevant code of practice
"3.8. Section 2 of RIPA defines “telecommunication service” as any
service that consists in the provision of access to, and of facilities for
making use of, any telecommunication system. Section 2(8A) of RIPA
makes clear that any service which consists in or includes facilitating
the creation, management or storage of communications transmitted,
or that may be transmitted, by means of such a system are included
within the meaning of “telecommunications service”. Internet based
services such as web-based email, messaging applications and cloudbased services are, therefore, covered by this definition. The
definition of “telecommunications service” in RIPA is intentionally
broad so that it remains relevant for new technologies. "
So RIPA does cover this anonymous data. Perhaps the local police will use it to identify alleged breaches of the lock in (sorry, but it's not really that) and prosecute?
Not saying we shouldn't do it, am saying it is neither anonymous nor secure under today's laws and as such theoretical arguments about potential hacks or potential state access are inappropriate - the state already has legal access to the data and with so many different organisations having those powers then private enterprise will probably not ever get a look in.
99% accuracy - with a nominal 70 million tests a day means 700 thousand false results. Assuming 1% of the population is actually infected gives 7000 false negatives. Plus 693,000 false positives. Every day.
Sorry but the maths don't make this doable. And if you say well test again the next day - that is no problem. Except that we've now got the results of that days testing added into the mix as well.
3 blue one brown - very simple explanation of Bayes theorem which explains this better than I can:
The lag calculation is theory at it simplest. Suppose Bob is infected by Alice. He manifests with the disease and is identified 10 days later. Now Alice is asymptomatic or else does not register as having the disease.
Along go the tracers to Alice, unaware that she infected Bob. Even if they can access her anonymous data (shome mistake shureley?) immediately they will have lost 10 /16ths of her contacts - over 60% of her contact list. So in order to identify and trace contacts holding data for only 14 - 16 days is ill thought out and ineffective.
Yep - and members of model aircraft flying societies have just dropped by a quarter. I haven't flown radio controlled model aircrafts for 40 years but they all weighed about 1 - 4 Kg then. Amazing how you can make legal illegal with just the trivial law.
I think I will start flying RCMA's again. But not join a club who are legally obliged to submit appropriate details of membership. Sadly the civil service has yet to determine exactly what those details are. But (HooBloodyHooray) they have managed to decide on the penalties.
Twats & Toe rags seems an insufficient description
"something he described as "a significant change in approach that seemed excessive and would have required significant changes to be made."
So IBM's official position is that data does not need to be encrypted in transit. So does that mean they don't lock the filing cabinets in the moving van then?
As I understand it the capacity of patent granting agencies to check for prior research or previous public disclosure is severely limited in time and money. So why not turn the system around? If you apply for a patent then you should be required to identify prior research, public disclosure and explain why your patent is not affected by these events. In simple terms the onus is on you to prove originality. This should be easily challengeable.
* If this is something included in the patent it should be the requirement of the challenger to prove why it is not covered by the patent. Use the method below with the presumption that the patent is valid.
* If it is not covered then there should be a simple hearing to establish the likelihood of a successful challenge. No more than 3 hours per side to provide evidence; no more than 2 witnesses per side, no more than 2 advocates per side. If you can't do it in that time it is usually legal sophistry. Some of these will be wrong, but not many and no justice is perfect.
* If the hearing states there may be a case then go to a full hearing, BUT - no more than 3 hours per side, no more than 2 witnesses and no more than 2 advocates. If you or your team can't cope with this, tough shit. Cut the prices, cut the processes. If you can't say it in 3 hours you are bullshitting. Oh and the challenger pays the legal costs under any circumstances. They had an opportunity to fight the patent when it was registered and did not; thus it is only right that that they should pay the re-introduction costs. And these costs to be flat rate at an agreed rate by the hour (no more than 5 days costs per advocate of which a maximum of 2 exist).
I don't think this is either perfect or comfortable to the legal profession. I think it would reduce costs, concentrate minds, and make for quite a lot of fun in reading the transcripts of the law courts.
As I understand it in civil law decisions are based on the balance of probabilities.
Well I have no track record of harassing people with multiple calls. They do. And as company directors their protection is solely limited if the company articles of incorporation are clearly and specifically followed. Having checked with companies house there seems to be no exception to UK Law as one of the articles. So if the scheming scumbag shites who woke me up when I had severe mental health issues (I was seriously pissed off with then waking me up in an acute state of depression due to psoriatic arthritis) are not exempt then the limited liability does not protect them.
All that stuff about having to have clean hands etc.
Now of course if they can show there were worst people than them then I would, being a decent sort of chappie merely hire a couple of large Glaswegians (possibly Sikhs as I met some of them as gentlemen who enforced (legally) about 30 years ago and they scared the shit out of me, whilst also being quite inexpensive), to go and remonstrate with them in the nicest possible way.
Otherwise, should they fail to provide an adequate defence then no doubt my small claims court case would be proven and then I would....
See antepenultimate paragraph for enforcement modality.
PS, does anyone have an address to send the summons to?
The study of formally defined electoral methods is called social choice theory or voting theory, and this study can take place within the field of political science, economics, or mathematics, and specifically within the subfields of game theory and mechanism design. Impossibility proofs such as Arrow's impossibility theorem demonstrate that when voters have three or more alternatives, it is not possible to design a ranked voting electoral system that reflects the preferences of individuals in a global preference of the community, present in countries with proportional representation and plurality voting.
I mean, I understand it - you'd like to have a fair system. So it seems so reasonable to criticise the unfair ones.
Pot, kettle black.
But I am sure that you are sure and that most certainly should be part of being sure enough. Or not.
Around Y2K the USA got paranoid about people invading from ships. Seemed improbable as there were lots of quicker and more dangerous ways - like the Canadian and Mexican borders but they were paying. Well actually the shipping support company I worked for, sounded a bit like Inchcape cars, was.
Had three months to get it all ok - me and me oppo (Hello Pete) and we bloody well did it. Not helped that the US Coastguard who were administrating it were prioritising US firms first and we came well down the list. Anyway, it were there. Singing and dancing.
And (probably Y2K+1) I got a phone call from the state side scene manager. At 3.45 ish on New Years day. "Panic. Panic. Panic. Oh and definitely Panic". Understandable as demurrage charges could run to tens or hundreds of thousands of dollars a day. (This was just stupid, taking on a risk of $100K plus based on a computer (bog standard PC) running in Essex for a deal worth 50-500$)
And just me and my oppo (Hello Pete) running tier 1-3 support as well as developing the damn thing. I had tried to get it offloaded (no team available), had pointed out we were hired as developers (well doesn't that include support? You wrote it) and told me oppo (Hello Pete) to go off for Christmas and the New Year, and get stotious and I would handle the brown stuff hitting the fan.
Being very soft hearted and actually not blaming the American lass at all, she had been eminently suitable to talk to on the phone, liked Mark Twain, and after we had explained that consistency in her requirements was perhaps the deal breaker (Only three months, shedloads of work, …) I explained I was pissed, very pissed and would deal with it some time later today - only to be told "I don't care how angry you are - we need to fix this!)
After the 2 people separated by a common language misunderstanding I managed to point out that
* the office was closed
* I wasn't a key holder
* I didn't have remote access
* I had been whinging (repeatedly pointing out these issues) for the last 2 months
And when I looked at it the next day it was a simple Y2k+1 issue.
That solved all the first three points above.
Not even a conspiracy. Just an unfortunate set of circumstances.
Well that will be jolly useful, no need for Greta and we could sort of solve a few other problems at the same time. (P.S. Should anyone find the plans for the real BMD (and it is apparently available here
if you can find the right one, that would also be useful.
When I recollect the past, the other star of "Bedtime for Bonzo" might have made a good president, compared to the current incumbent. That is, if you didn't object to him not having a tail.
Hey, I ordered a new hardback book from Amazon and was charged VAT on it. They are exempt from VAT. I was told that it was one of their associate suppliers who did it. But Amazon allowed the charge to be made.
If they can't even be bothered to check that VAT rules are being applied correctly, what chance is there of them collecting the VAT I was fraudulently charged?
There is an argument which may be slightly different.
Taking the image may well be lawful. It is no more than photographing a crowd or a snapshot of an individual. Police and other systems do this all of the time. But associating a name with a particular image may well be unlawful. Particularly if it has less than 50% probability of being that person.
So in civil law it is necessary to prove that on the balance of probabilities that there is a causal relationship, which is quite obviously not the case it the probability of the accuracy is less than 5%.
And for criminal law with its beyond all reasonable doubt requirement this is much more difficult.
So if this information is associated with your image then presumably this could be described as libelous if published or otherwise slanderous.
And anyone who claimed "we have reason to believe" would be knowingly propagating a libel or a slander.
They discovered that the star's rotational frequency increased by about 16 microhertz, a tiny amount, over 30 seconds or so, according to a paper published in Nature Astronomy on Monday.
That amounts to "about one part in a million," Gregory Ashton, first author of the paper and an assistant astrophysics lecturer at Monash University,
It's about one and a half parts in a hundred thousand. Too many tinnies sport!
How can you even be sure that there is or is not information in the AI which is relevant to an individual? And even more worryingly how can you be certain that you fake data does not create relationships which seem to identify individuals. After all, if the data is realistic then it must mimic reality.
On another note, some 20 years ago when I was writing HMRC's personal review system they were using real data for test purposes. I thought this was a no no and so used some name generators I and a colleague had written for some simulations.
Being a bit fed up at the time I didn't use the English language names.
Some samples follow:
Brictius filius Æson
Galenus filius Artemidorus
Rogatus filius Luciferus
Antipater filius Alcinder
Isocrates filius Clophas
Watching the attempts at pronunciation was fun.
You have detained me on the basis that you have identified me with an alleged offender, such justification being on a purely computerised system with no human evaluation at all. What happens next? I am going to leave right now as you have no particular justification for stopping me. After all, you can always find me again should you need to.
You have no valid justification to arrest me, and should you so try then I will attempt to depart. Should you attempt to stop me you will have to explain and justify your actions to the legal system of the UK.
Now that is what should happen. It becomes more difficult day by day (Think of the Children / Victims)!
I have arrested a police officer for "impersonating a police officer", but that was about 25 years ago. He wasn't playing by the rules and attempted to bully me. These days it is much more difficult to resolve this sort of nonsense. When you can be arrested for obscuring your face against a trial of facial recognition software we live in a world of deep fake; we have faked the perception of justice and replaced it with the processes perception of what the law should be.
Just play along with them, ask if it is anything to do with Tonia Antoniazzi, the MP for Wales' Gower peninsula and the surrounding area (c.f. https://www.theregister.co.uk/2019/06/27/mps_5g_electrosensitivity_5g_cancer_doom_apocalyse_etc/) and 5G radiation signals. They tell you they don’t understand and they then say that your router is sending messages to their system.
At this stage get very concerned and ask if the messages are criminal?
Ask if the police will arrest you?
Bit more wind up, then
Ask which messages have they received?
Was it the one that called them lying scum?
Or maybe the one that called them thieving shitheads. Or was it the one that asked if their mother knew they were a thief?
If you can get the last one out before they put the phone down give yourself 5 brownie points.
The rules should be very simple. Whenever a company is challenged (threatened) with a Tax Process (I'll use that because there are lots of things it could have been) then the government should be required by law to prove that this is not part of any process that is accepted from any other organisation.
And that is fine. Because then you have to apply it to everybody. Many years ago the Inland Revenue claimed that if you gave them your info then they would do your tax return. I asked them if they would give me every tax advantage available or merely give me whatever they thought I should get? Well they changed the wording afterwards which was a casual admission that they would rather stuff you than be hones.
And only if they can show that exactly the same rules have been applied to the players who didn't pay the taxes, then they should be required to state exactly how it would have been impossible (other than accountancy, for every one knows that accountants are honest. Or simply incompetent, so as an after thought lets allow accountancy and their clever games to be copied too) for that company to have failed to have the benefit of those rules.
Of course some companies will have better accountancy teams or lawyers than other companies. So what? The law should be equal to all, and it should be one of the primary duties of any government to ensure that that is the case.
I'm not a socialist, nor am I a capitalist. If anything I am an egalitarian, which simply means there are no acceptable circumstances for money (capitalism), group fascism (often trades unions), or any other power group claiming special exemptions of circumstances. And the easiest way to do that is to simply extend any particular view or exemption to everybody. And it seems to me that that should be a duty of government.
I had one of these, from a legacy with Tiscali. I didn't use it other than for potential exploratory reasons. I was not surprised when it was hacked - I was well aware of the soft and strong access routes. But what I wanted to see was the reaction of TT.
In simple terms, there is no universal guarantee that you shall not be hacked. Anyone who claims otherwise is marketing their bullshit. Teams I have worked with have assured me that any hack will simply fall into one of many traps which will both adsorb the hack; identify the hacker (through various quasi legal processes) and deal with the problem. BTW see the comment about QLP.
And they were always right - they told me so themselves. But usually there were fewer than 50 of them. Which leads me to think that marketing may be less accurate than reality. Cos even assuming they were as good as the hackers I have been told about, well maths suggests there are a lot of holes - maybe 10 ^ 3 per hundred thousand lines of code (1%) and so with guy's trying to plug the hole in the dike, well 4 fingers and a dick ain't going to work.
But they always assured me they were in control.
Yep, believed that
Digressions but a realistic understanding of risk is probably useful. There are always more people looking to hack than making it in the first place.
Oh, and about TT, incompetent, stupid, multiple times used inappropriate scripts, which had the users known would have been lying, and soft targets if you were to spend sufficient time.
Sad to see my expectations gratified
The sub pens were, in general, bombed after completion. Up to 10m. of re-enforced concrete then made the bombing ineffective; and hitting the subs in the brief time of entering or leaving the pens, which they rapidly learned to do underwater was not a trivial task.
I have seen pictures purporting to be the remnants of a tallboy (or grand slam) which penetrated the pens at Brest, I think, but that was some 2 1/2 years later.
So bombing the pens in the construction phase was viable; although many French would have been killed a little earlier than otherwise, after construction useless. Although many French were killed.
Bomber Command, whom in general I support, did put the kybosh on Liberators which they claimed were imperative, so that Coastal Command did not get replacements for their VLR (Very Long Range) ones of which they had about 24. This was silly.
BTW converting a Liberator into a VLR Liberator took several months, not a simple task.
This actually partially answers the previous question.
No - I do not think that the UK (8th largest trading country in the world) will inherently be able to enforce it's laws on the USA. Or the FRS. Or China. But I do think that if you start killing our people with nerve gases there will probably be a reciprocal sanction somewhere, at some time that is to our convenience. That doesn't mean that we will necessarily kill or otherwise use violence to "send a message".
Messages can and have been sent in many ways. It is particularly noticeable that as the cold war grew, the casualties from direct military action between the primary actors reduced. Don't shoot down that spy plane, it is in the Baltic sea and is keeping both sides happy.
That is for mutual convenience. At the very least the UK could certainly inconvenience Facebook, Google, et al by making individuals liable. This is what the Americans have done when they claim jurisprudence over any bankers who deal with the USA; even if they are apparently not immediately constrained by their laws. (e.g. Autonomy, Barclays etc.)
A risk of personal sanction will make travel abroad much more difficult. Just as the USA have found that Canada is amenable to arresting Huwaiu (No idea how to spell that) CFO's the USA may well find that it is a bad idea for those of dubious intent to go anywhere we can reach.
That should include the USA but having agreed a reciprocal extradition treaty the US decided it was unilateral. But such actions only last as long as you have sufficient power to be arrogant bastards. I can't quite recollect when we last sent a gunship to deal with "Jenkins Ear" or its last equivalent but I doubt if we do it as often as we used to do.
Plus ca change, plus la meme chose. But the actors change
I still don't really understand it. As I see it there are 2 obvious possibilities with regard to the server:
1 - This is mission critical; and yet you are allowing it to run unfixed (on average) for 3 1/2 days.
2 - It is not mission critical, but you still use an arbitrary date system for "OK" which apparently could be met by simply rebooting the server.
And, not to make too fine a point of it, if you spin up another version of the same thing, then it is the same thing. (Unless you claim it isn't to meet your bullshit targets).
I had been sacked and at the tribunal rather than fight it they settled for the maximum legal amount (in those days about £24000) which of course was reduced by the salary that they paid to me in the mandatory "gardening leave".
No particular surprise there. But as the new chief executive had arbitrarily sacked me when re - applying for what was my old job I had a bit of fun.
At the time it was merely sufficient to prove that they had broken the HR rules and should have given me the job automatically.
But two years later when she was coming up to be re-appointed I sued again - in the small claims court of the county court. And claimed that since it had already been agreed that I had been unfairly dismissed then my compensation should have been based on the salary I should have had, not my previous salary.
This lead to the solicitor (poor sod) on their side claiming that you couldn't have two bites at the same cherry. When the judge for the 3rd time explained that he understood and decided the law I felt it was not going well for the poor sod. They settled for a rather larger fee than the original compensation not to set the precedent. And they sacked the chief executive who sacked me. (That was my only non negotiable point (Oh, and giving her a bottle of gin to help her on the way to the gutter)). But to be fair, I paid for the gin myself.
And the point of this, who would have expected English law to be easier to manipulate that that of the US. And having comprehensively fucked on the NHS, it is just a small pity that I never got to do the same to Oracle; nor that is as simple and effective in high cost high pressure law in the land of the free and the slave.
There is a serious problem here, other than the apparent stealing of IP. The clear issue is whether or not the patent issuers are aware of previous work. Most authorities haven't got a (fucking) clue where to look, and even if they did, are not paid to do it and haven't the time. So they functionally can't look for it.
Thus if you discuss your work, and someone appropriates it (after all, it is neither in the public domain(s) that the issuers check) then challenging it is much more difficult than the trivial process of claiming it.
So YOU ARE FUCKED.
But it is so tempting to deal with a huge firm like google. (sort of claiming "first do no harm"). And not all of them have to be lying. Simply a few and the inertia of lawyers and "well it's ours" is sufficient.
(TLDR even if you can trust some of the cunts, there are still cunts there.)
Don't let the Shites happen.
This doesn't answer the question of how to solve the problem; nor am I convinced there is a trivial solution. But the ownership of the problem by the big companies might just help. But that would require the concept of maximalising shareholder return to be constrained by ethical considerations. And we have seen no clear examples of that working. (Failures include Greenhouse gas emission, Asbestos, Slavery, Tobacco, Insurance fraud and all sorts of bullshit.)
I guess you can neither trust companies nor people. And in the long term that is catastrophic for people.
Biting the hand that feeds IT © 1998–2020