Re: Windows giant aware of Teams social engineering phishing attack
It wasn't quite such a dumb idea when every password in The Known Universe wasn't out there.
Using the same device for 2FA as the one you're trying to log-in via, though...
561 publicly visible posts • joined 17 Apr 2007
Meanwhile, elsewhere in Microsoft, push authentication via Microsoft Authenticator has been enhanced to...... improve its defence to.... social engineering attacks.
Whilst this bit of MS blames users for being vulnerable to them.
What's bunch of d**ks
But my back's broken.
Moving 10 feet? Not the brightest idea in the world.
See, every suggestion that someone comes up with to "fix" W3W is worse than the obvious solution of not using it, but using a proper, pre-existing, geolocation system with a public location code generation algorithm
I'm old enough (and in this case that's not a sarcastic phrase) to remember GCHQ demonstrating an analogue multi-channel HF Comms system they'd developed called "Piccolo". This was at the annual RSGB show In the late 1960s. Damn clever it was, and pretty much entirely analogue.
I also recommend reading RAIB (Rail Accident Investigation Branch) reports.
In this case, though, you will see a recurring theme of "we've already discovered what the industry should do, but they STILL haven't done it" (e.g. zero hours contracts for staff working for contractors so they inevitably have multiple jobs and are fatigued when working on safety-critical tasks) or, even worse, the lessons learnt after the Clapham disaster being forgotten so another one is on the cards.
"We take data security very seriously ..."
It's the same sort of terminological inexactitude as
"Your call is important to us"
when you've been told that 50 times after being on hold for 25 minutes.
It clearly isn't the least bit important to you, otherwise you'd have, you know, actually answered the call by now.
This is your regular pointer to the strategy Peter Cochrane advocated when BT's CTO, which would have seen FTTP to every premise decades ago.
But instead, because Public bad, Private and Competition good, we had the cable companies, lots of little local franchises until the inevitable consolidation into one national operator came about.
Oh yes, the blinkenlights were a joy to behold. Getting the DEC engineer to replace all the faulty ones was always a challenge.
But.... when we had to take the slave off maintenance 'coz of budget cuts (late 70's UK IMF rescue days....) I got to recognise the logic state when we got SSP (Stop Second Processor) crashes. Apparently random series stabilisers (per row of TTL logic) tripping out on overcurrent. Finally (after 4 pints of Directors one lunchtime) tracked it down to an O/C end winding on the PSU transformer, so the unregulated DC feed was a volt or so down. Dropped it down a tap each side of the halfwave, all was good, and DEC none the wiser when it went back on contract.
We used TOPS-10's brilliant ability to do both timesharing and realtime for the data capture from an HPD flying spot digitiser for bubble chamber film. Although timesharing did stop for a couple of seconds while a frame scan took place.
I remember the joy when our systems programmers finally got SMP going, that was the time the second processor started earning its keep.
Interesting you mention IBM peripherals on DEC 10 there. We had the Systems Concept SC10 on our dual-proc KI10 in Imperial's HENP (as then was) group. Only had tape on it, but it got us 6250bpi well before DEC managed to deliver, which was the main goal. That, and reliable tape drives.
Confused the hell out of the IBM FS guys when they asked to run OnLine Tests...
The PSTN has generators as well as batteries. Certainly in the larger "exchange" buildings in urban and sub-urban areas, tho I'm not so sure about the small rural ones.
Mobile base stations and Fibre exchanges housing OLTs and associated IP kit generally don't.... And lack of aircon on power failure can mean extended battery operation isn't viable anyway.
The solution for most operators is driving a mobile genny to site. Not scaleable to a wide-area extended outage.
Not if:
i) You've got the functional specification right
ii) Each machine has a separately coded implementation
This is, after all, how safety-critical fly-by-wire systems were supposed to be implemented.
I have no idea:
a) If that is still the case
b) If cryptobros have heard of this
It turned out with Oilivetti writing one of their OSs in the early 80s in Pascal, because some NCGs believed what they'd been taught.
Needless to say, didn't turn out well. Fortunately the OS from the previous generation of kit worked on it.
A good exposition there.
What it misses is the conclusion that healthcare has to be rationed. The debate over how to do that has never properly been had (much like how to pay for long-term care) but at root there are 2 methods being tried.
One is rationing by ability to pay - the inevitable end-point of a wholly private insurance based system with some state intervention for the most needy.
The other is rationing by cost-effectiveness trying to balance clinical need with cost and outcome of treatment. This is the role of NICE - unfortunately people understandably don't like it when the treatment they hope for is denied or delayed.
Of course, political decisions about NHS funding (and purpose) determine where the rationing line is drawn....
Only if you insist on attempting to speak to it in English. Try the tiniest bit of school O level French on it and all of a sudden its attitude will improve dramatically.
It's only human and hoping for a little bit of respect, after all.
SOTAP is the answer to your question
"When it is launched, you will be able to use SOTAP to provide broadband and internet protocol (IP) phone services, because it connects to your exchange infrastructure.
We’re developing SOTAP to help us withdraw Wholesale Line Rental (WLR). We’re planning to launch it UK-wide by August 2022.
It will only be for areas where there aren’t any fibre products available. And it won’t include a managed phone service, or any associated calling and network features."
Indeed. Looks out of my window at the pole-mounted single-phase 11KV-230V transformer feeding half a dozen properties.
Nope, no telemetry there. Now, if I had a SMETS2 smart meter, perhaps they could use that. Oh, hang on, no network here yet. And it would be passing data to my electricity supplier, not the DNO.
Agreed, SIP is a technology with remote intercept capability and other inherent vulns. Especially since SIP over TLS and S/RTP are so very hard (once you've found a provider who can offer it - and I've been there)
But is it.worse than POTS? Pitch up to a street cab or DP with appropriate bits including yellow hi-viz and you'll have hours, if not days, to find the pair you want and listen in.
VM used to make it really easy, having street cabs with the doors flapping in the breeze everywhere, but I hear they've upped their game lately.
PS the existing phone sockets in the UK aren't RJ11, but a unique design chosen solely to prevent unapproved phones being connected. All in the name of preventing bell tinkle when using pulse dialling and electromagnetic bells. Back then even trivial stiff like that was important, let.alome important stuff like the phone working during a power cut. Once this is implemented, I'll have to walk 200m to get mobile coverage to report a power outage to the DNO. (Not really, I have a UPS. But I'm a techy)