Archive for the ‘Internet’ Category

Ireland: 3 Strikes and out is just not good enough.

Published by calhoun on October 14th, 2010 - in Internet, News, Technology

Scales of JusticeThe UK Parliament chaired by the dark Lord Mandelson forced through the Digital Economy Bill  designed to give the music industry severe power over the Internet has today received a major blow to the credibility of the act. A Judge at a High Court in Ireland has ruled that the 3 strikes rule just is not good enough.

One ISP, UPC stood defiant of the Irish Recorded Music Association (IRMA) by refusing to cooperate with the 3-strikes agreement which IRMA had negotiated with the largest ISP. The deal meant that the IRMA had to achieve cooperation with all ISPS in order for it to be valid. They stood by their customers, and they were brought to court over it.

Mr Justice Peter Charleton ruled that an injunction against UPC is not possible as Ireland does not have a legal framework to support it and more importantly that it contravines European Law.

References
Softpedia

Customer Services from Bill to Complaint

Published by calhoun on October 12th, 2010 - in Internet

Complaint DepartmentThis month has been drastic for money for us. Unfortunately this meant that the most important bill came thudding through the door this morning. Yes, you’ve guessed it, our Internet, Television and Telephone was shut down this morning shortly after I got up. So you might be wondering, how we can possibly go from a completely legitimate turn off of services due to not paying the bill into a complaint?

Well, if you had asked me that this morning i’d probly have responded with good question! Indeed it is a good question.

I got into work this afternoon, and promptly got into my account luckily my wages had just cleared this morning quite literally so there was some cash sitting in the bill. Then however I got a shock (like having no Internet at home wasn’t a shock in its own right!). They said i owed them £180.00, but I realised especially with my email saying that today they had generated this month’s bill was included. So I paid off the outstanding balance from the previous bill and thought, alright, its paid for, I’ll hopefully have my services when I get home.

I got home, after what seemed like an endless trip, my boyfriend had got money from University so we went shopping after getting off the train – dinner is literally just being cooked right now. Got in the door and turned on the TV praying that it would be on. Alas, it still was not, the site did inform me that it could take up to 24 hours to get that up and running.

Still no reason to complain your saying no? Your right, but I thought I’d take a chance, I picked up the phone, and got through to customer services. I asked if there was any way they could speed up the process and was told no. Remembering that I thought I was due an upgraded box, I asked them about it. This is where it started to go downhill, I was transferred to an outsource agency, whom after not listening to what I had to say – I clearly explained that I had paid my bill this morning, but was enquiring about the believe that I was supposed to have a different box they insisted on transferring me to the queue for the finance department. So I got through to a message saying that the department was closed!

Furiously, I slammed the phone down, well actually not quite, i merely hung up and redialed but it sounds more dramatic that way! I asked to speak to a manager about it, thats when i got stopped by one of the arragont customer service barriers. I spent a good 10 minutes fighting with him to speak to a manager.

What is the purpose of those customer service barriers? Did it benefit the company that I spent 10 minutes fighting on the phone all I wanted to do was make an official complaint about the previous agent. He claimed he had the same power, and that I wouldn’t be able to get any money off! Even threatened me with a report to the police. Eventually however, I got past the barrier and spoke to his manager.

To my surprise, she was actually willing to listen. She has sent a email to the agent in question, despite the barrier claiming they had no ID on who it was and noted down my concerns with the behaviour of the agent. She went on to advise me that she could actually restore my services tonight, and, within 15 minutes of the call it was up and running! She also took a few moments to explain that the offer was new and not on at the time when I had signed up. So a couple of minutes on the phone to the Manager and I got not only my service restored, information on when I need to pay the next bill, information that clarified what I wanted to check in the first time. So really, what was the point of the previous 15 minutes of going through loops with an agent when a quick transfer to the manager would have saved me time, and allowed him to deal with a customer which had a general enquiry that was at his pay level!

So I’m online, and I’m happy, despite the efforts I had to take to get through to someone who could go that extra mile at Virgin surely if all customer service places were to think about the nature of the problem, queue time could be halved simply by a Manager dealing with a complaint on the call – it only takes  a moment in some cases. Let the manager speak, and if the complaint cannot be resolved in a few minutes, then it can be escalated into a call back or extended session.

High Speed Broadband is coming ….

Published by calhoun on October 12th, 2010 - in Internet, Technology

Broadband Pipe… then again, Christmas is coming also, actually, its 73 days away at the time of writing. Anyway, a study of UK Broadband has been conducted and has found once again that the UK is lagging behind many European counterparts.

Over at the Telegraph, one commenter points out that in Finish Law, access to high speed broadband is a right sitting on his 130Mbps standard home Broadband kit one wonders if the UK will ever catch up on the Broadband race.

From the results conducted by Broadband-expert.co.uk , it is showing that Liverpool has the fastest average connection rate weighing in at a ‘massive’ 7.72Mps. Given that the usual package offered is an 8Mbps this is quite impressive, relatively speaking anyway. However is nothing compared with Virgin’s top 50Mbps Package! The Northwest England area seems to have a significant amount of “high speed”, hardly surprising – Manchester is a second level point of presence for the Internet hooking up with the London Lynx and up north to the Trans-atlantic links. I would therefore have expected the connectivity to be higher in this area.

On the other end of the scale, the folks living in Dunfries unfortunately are seeing speeds closer to 2Mbps hardly a viable speed to call high speed. The results however have no distinction between different types of connectivity – fiber or adsl. Even taking these into account however, Broadband here leaves much to be desired.

BT may be finally under taking the roll out of fiber, which they should have done years ago but I suspect even with that, we will still be far behind Europe.

References
The Telegraph
Broadband-Expert

Amazon offers fair Royalty scheme for eBook Authors

Published by calhoun on October 6th, 2010 - in Internet, News, Technology

Amazon ebook readerAmazon has announced that 70% of the sale of a eBook product will go to the author. In comparison with the music industry this is a huge change. Instead of rights holders getting the money the person responsible for the product’s creation will get the money instead.

The technology does also mean that new authors can actually see the benefit of their work without having to hire professional publishers – Amazon is already established as a place to purchase books from and authors are able to submit their works there will likely be a check to verify that they are authorized (ie really are the author) prior to it going live. Once it has however they will be able to keep the huge chunk of the profit.

There is a number of requirements of the scheme which seems very fair: The cost must be in the range of £1.49 to £6.99. It must be at least 20% cheaper than the physical book – this will be especially easy for new content. Surprisingly they are charging delivery on ebooks, at a cost of £0.10 per Mb. Luckily, text does not tend to take a huge chunk of space so many delivery costs will be less  than that is.

This scheme seems fair to the author, the question becomes when will the music industry catch up where musicians get barely a fraction of the money generated from their work ?

References
TechRadar

Twitter users subjected to worms

Published by calhoun on September 22nd, 2010 - in Internet, Technology

Certain twitter users, by which it seems the vast majority have found they were vulnerable to a Cross-Site-Scripting XSS vulnerability in the twitter software. It allowed the site to generate a self replicating worm that spread very rapidly across many users at the peak of it around 100 replications a second were being generated.

The result varied from harmless messages to more dubious redirects. The most amusing of these would perhaps have been former prime minister’s wife Sarah Brown’s twitter account redirecting people to pornographic accounts.  She has around 1.1 million followers. I would not be in the slightest surprise should 1.05 million of those actually took up the vulnerability spreading it further whilst visiting the Japanese Porn sites. I am sure we really don’t want to know what she ended up linking to! She updated her feed shortly afterwords to say sorry, I wonder if she took the opportunity to have a nosey herself.

This kind of security breach is relatively straight foward to resolve and given the size and popularity of Twitter, it is a surprise that no one ever considered the security aspects of user input! In the security world, users should never be trusted, they are out to get you!

The most interesting thing about these kinds of problems is they are relatively straightforward to deal with by assuming from the outset of the project by simply presuming that your users will go out of their way to destroy your system. Its true, users sooner or later will find ways to break the system either deliberately and maliciously or through sheer accidental foolishness. As a developer you need to think about these problems. Think about encoding raw input should you not need to do any processing on it that’ll easily prevent a sql injection. Or verify before inserting that it is in an expected format like a date should have 3 parts to it separated by a separator such as “/” so if you get 3 “/” and 4 sets of numbers then it cant possibly be a valid date now can it?

References
The Independant
xkcd

Is your card details safe?

Published by calhoun on August 17th, 2010 - in Internet

Having been at a meeting today discussing a ePOS system, we were informed that new regulations were coming into play regarding storing of credit card information.

In my bid to find out more about these new regulations i came across some disturbing information that earlier this year Argos had been storing credit card numbers along with their card verification number inside source codes to customer emails. This seems to be a major breach of the PCI-DSS standard.

More to the point however changes do seem to be pending from the PCI council. The organization which deals with card securities has indicated nine new points are under consideration. The majority of the changes proposed however are for clarification purposes.

The link to the official release is below, if this applies to you feel free to have a look and prepare yourself for the next generation in security.

References
The Register
SearchSecurity.com
PCISecurityStandards.org

Pirate Party lawsuit lead to increased piracy

Published by calhoun on August 15th, 2010 - in Internet, Technology

You will likely remember one of the first major legal case brought against Pirate bay in Sweden. The court ruled against the site. Yet even today the sie is still running stronger than ever.Both parties have appealed the case

The media coverage of the case however likely to the disappointment of the recording industry as a whole, lead to a greater usage of the site. Both of the parties are confident of winning the appeal case which is expected later this year. Other events since the case is the formation of Sweden’s fourth largest political party, Pirate Party

United States looking for internet censorship

Published by calhoun on August 7th, 2010 - in Internet, Technology

I recently criticized the UK Government over the IE6 browser not being upgraded and general security breaches of astronomical scales. Now it is the turn of the United States to be criticized, again.

“Wikileaks.org should be shut down by any means necessary.”

US Government Conservative Representative

Of course, I am not surprised that a conservative wants to shut down the Internet site by any means necessary lets face it the US Conservatives are trigger happy maniacs ready to shoot anything that doesn’t agree with them. Lets face it, some of the documents released on that site about the Afghanistan war have apparently left many Americans thinking the war was a mistake. US policy is to hide up the facts rather than simply admit they were wrong and try to leave the war as quickly as possible.

However, its time for them to wake up and smell the modern world. The Internet is here, and it is not the domain of the United States Government no matter how much they want to control it.

“The military is telling the troops they cannot even view what is publicly available, even though the WikiLeaks documents are on hundreds of websites.”

There are other nations that insist on censorship such as Afghanistan and China. It seems that the United States is keeping in good company with its friends such as them.

The Demand

The US Department of Defense has demanded that Wikileaks remove, delete and return all documents that they have classified. This being the property of the United States Government. Given that the main server that is being used is hosted in Sweden, Not USA they are likely to face a tough time of bringing it down lawfully.

I completely understand that the information may indeed be classified and should not have been leaked in the first place but that is the lesson that Governments need to learn. The weakest link in the government is the Government. Remove the Government and there wont be any more leaks of Government documents! Beef up security, stop using ancient software, ensure your staff are trained and vetted.

References
ZDNetUK
CNet
Washington Times

Paid to find security bugs?

Published by calhoun on July 21st, 2010 - in Internet, Technology

Security for most companies these days is paramount. There are many steps one can take to ensure that a system is secure, from switching it of at one extreme to hiring consultants to analyse every minute line of code to look for problems. Balancing money with time however leads to most companies taking somewhere in between.

Google Chrome

google chrome The guys at google have released details of an increase in their awards. The project initially started in the region of $500 which has now increased its bounty  to $3,133.70. It beats the Firefox security bounty.

How do I get it?

In order to achieve this pay out, you must discover a serious security related flaw in the Google Chrome Web Browser and submit it through the proper channels.

Read more or Download

Firefox

Firefox LogoThe Mozilla team have been doing this for longer their security reward program started in 2004. Unlike chrome, they outright disallow bugs in third party applications whereas google will consider (which in all likelihood I’d wager means would not pay out).

How Do I get it?

Like in the case of google it is necessary to have submitted a sufficiently critical bug which they define as being critical and high. Also you must not be involved in the bug in anyway that is worked on the firefox core as a developer.

The two projects are very much alike and are likely to help improve the general quality of both projects – people interested in earning a few thousand will likely dig up the browser and start trying to find one of those illusive bugs. Consequently they will submit bug reports and these will hopefully be fixed along the way.

So with around $3K for critical bugs between each browser it would make for a nice summer bonus for someone. Good luck hunting.

References
Download Google Chrome
Download Firefox
Chromium Security Award
Mozilla
The Registrar

The Registrar

Rootkit breaches network security in India, Are you effected?

Published by calhoun on July 18th, 2010 - in Internet, Technology

In my role at work I recently had the opportunity to discuss with a expert in security aspects of the PCI-Data Security Standard in the context of storing credit card information. This covers amongst many other things, whom has access to the data. Our client has a team in India doing work for his site as well.

This means that when he comes round to getting pci-dss compliant he will have to factor in them into his equation.  Now I’m seeing that there’s been a pretty major security breach across India. This is one of the many factors one should consider when outsourcing work to beyond national borders.

The breach is in the form of a rootkit hijacking against certificates for drivers by Realtek whom quite commonly develop Ethernet cards for many manufacturers. Therefore there is a significant risk that your outsource partner could be effected.

References
ZDNetUK

© Copyright (c) 2011 Whitebunnywabbit
Web design manchesterBytes Consulting
Digital Photography at Digitcal