IT & Communications

It's not rocket science. Ever since (I think) 1998 when the BBC's lawyers blocked an explanation I gave to BBC TV on how the nature of HTML facilitates on-line fraud (the feared that it would increase the number of criminals using it) criminals have, indeed, used certain features of HTML to hide what they are up to and ordinary people have lost many millions of dollars and have suffered innumerable attacks on their computers simply because of one, very simple, trick, writes Nigel Morris-Cotterill

One has to wonder whether being listed on Microsoft's Bing search engine is worth the trouble. It's stupid and it slows down websites generating log entries that look suspiciously similar to those created by hackers and spambots. It's time to decide whether to simply block BingBot from all access to sites and accept that means an absence of web presence (except there are a couple of tricks that can keep web presence while keeping BingBot away from active sites).

Last year it was FinTech. 2018 was scheduled to be the year of RegTech but the crazy inflation in the value of crypto-currencies at the end of 2017 hijacked that and this year became the year where no sentence was complete without the word "blockchain" somewhere in it, or so it seemed. But the love affair is already turning sour as reality sets in and the buzzword junkies are at last being shown for what they are: opportunists who will be onto the next big thing as soon as someone tells them what it is.

Source: U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:
AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide [ https://www.us-cert.gov/ncas/a... ] 11/10/2018 11:19 AM EDT
Original release date: 11 October, 2018

We all get the scams telling us that a criminal has our data. Many of us get scams saying that the criminals have details of access to pornographic websites and, even, footage taken from cameras on our desktop or laptop machines. Usually, we are told that we are being blackmailed and ordered to pay a sum, via bitcoin, to a specified wallet, 1Lughwk11SAsz54wZJ3bpGbNqGfVanMWzk. This wallet should, obviously, be disabled with immediate effect.

When Drupal 8 was first announced, I installed it and within a couple of hours had given up with it. It was clunky, many of the modules I relied on were not available and may never be but, most of all, it was clear that if I wanted it to do what I wanted it to do I was going to have to relearn programming - which is exactly why we moved to Drupal: I can make Drupal 7 do what I want with minimal digging around under the covers. Three years and many releases later, as the threat of Drupal 7 reaching end of life becomes real, and in the light of some big complex sites we are building, it was time to review D8's progress. I don't just not like it, I actively detest it. And with one press of the delete key acting on the server, I'm free of it.

When Australia took action against an internet scammer for sending out notices relating to domains (see here) the effect on those committing similar frauds was... zero.

One can say many things about the EU but here are two: one it really, really does not understand the internet and how companies operate within it and two it really, really likes simplistic and brutal solutions to complex problems. Perhaps the two things are the same. Article 11 of the Copyright Directive, which a European Committee (the usual handful of grey men in grey suits that were so much a reason for Brexit) has just passed is a perfect example of both. The grey men in grey suits are different depending on the topic. The result is the same: they set law which is rarely subjected to effective review later in the legislative process. But protestors have missed the bus: it left in a 2001 Directive that hardly anyone pays attention to.

E-mail inboxes have long been plagued with dubious offers to renew domain names or to buy similar names to prevent cybersquatters taking control of them or even for entries into some kind of directory. It's a nuisance but, so far, the perpetrators of the actions have avoided prosecution by a range of sneaky tactics. Australia's Competition and Consumer Commission (ACCC) has obtained orders (not convictions) against two companies and a disqualification order against their principle officer.

Sending server: webmail.123-reg.co.uk
Request for External Wire transfer

We can do no more than post the content of three spams that arrived in five minutes and urge readers to block the domain trixologyvapors.com to prevent this hyperactive spammer's material reaching staff.

I get it. India has more than 1,000 million people and lots of them work in some IT related job and they all have to earn a living. But, why do they all have to plunder our details from domain name registrations and send us offers for their services. Do they not realise that there are hundreds, literally hundreds, of them doing that every single day.

On 4th April, Mark Zuckerberg was in full PR mode: he'd posted family photos on Facebook, carefully emphasising that in his house both Jewish and Christian festivals are marked with food but no sign of frivolity and he'd been seen looking suitably tired. He'd brushed off, at least so far as America is concerned, his refusal to appear before a British Parliamentary Committee. And he'd had a bit of the news agenda taken away from his own, and Facebook's bad news stream by the shooting at YouTube. And so, on a conference call with media selected by Facebook's PR people, when he began to present what he calls "Hard Questions: Q&A with Mark Zuckerberg on Protecting People’s Information" he was not expecting anything like the BBC's Hard Talk. And so it proved: he set the agenda, questions were soft and answers were nebulous.

This weekend has been an interesting weekend for spam, not the least of which is because such a large amount got through our first line filters: far more than usual. But they were all stopped at the second line of defence and as we trawled through the blocked messages, we came across several that were worthy of comment. One is that old chestnut, the United Nations scam; another is the latest example from a spam-house that now allows us to identify their server farm and it is particularly interesting because it appears to promote a scheme that fell under the bus when the British tax authorities began action in relation to that scheme. And then there's the special mention of the persistent finditeasy.info which is just the most blatant spam-scam that it's hard to understand how they think it will pass any filter. And there's more....

We are now a further 24 hours into the chaos that was brought to our notice at about 13:00 hours GMT on 10th April when our Group websites began to do down as Names.co.uk started a process of migration of our websites. It is several weeks since Names.co.uk bought our previous provider and their actions have been incredibly disruptive leading to total failure of service to unreliability.