Acuity takes the security of its customers' data seriously
really, well obviusly not seriously enough...
Posts by EnviableOne
2001 publicly visible posts • joined 28 Jan 2016
Page:
Feds probe alleged classified US govt data theft and leak
HP CEO pay for 2023 = 270,315 printer cartridges
Record breach of French government exposes up to 43 million people's data
It's time we add friction to digital experiences and slow them down
Thursday 15th February 2024 15:29 GMT
Move Fast and Bloat things
for the sake of speed a lot of corners are cut that lead to vulnerabilities, sub optimal performance and security and privacy issues.
in the modern coding world (i hesitate to use the word programming) you pull in a whole library just for one function, you could write yourself in 2 minutes.
this bloats the application runtimes and adds all the complexity and vulnerabilities from the library to the piece of code you just "created"
this is why when people do things right, things become smalller quicker iverall and more secure.
see openvpn vs wireguard
also the tech industry really needs to sort its obsession with can we, and inject a momentary pause of should we in the conversation.
How governments become addicted to suppliers like Fujitsu
Why do IT projects like the UK's scandal-hit Post Office Horizon end in disaster?
WTF? Potty-mouthed intern's obscene error message mostly amused manager
UK-US data deal could hinge on fate of legal challenges to EU arrangement
So what if China has 7nm chips now, there's no Huawei it can make them 'at scale'
Meta's data-hungry Threads skips over EU but lands in Britain
Friday 7th July 2023 09:30 GMT
Re: Eh?
the thing is GDPR doesnt go far enough, and the ICO were part of the faction campaigning for it to be stricter, so being allowed to go our own way does not necessarily mean restrictions will be relaxed. The ICO were trying to give GDPR the teeth to make companies and board members criminally liable for data protection
Deloitte wins deal worth up to £100M for UK border platform
TCS bags £234M Teachers' Pensions deal as Capita set to end 29-year run
Biden lines up $42.5B for US broadband boost
Tuesday 27th June 2023 13:05 GMT
Ah the venerable Bede
perhaps a mistake of locality, but the ancient English monk came straight to mind when reading this sentence:
"Whether BEAD will be vulnerable" ...
the monk famed for his first-ever history of England would be amazed by even the speed his work would carry under the current system, but then again he died in 735AD
Supreme Court says Genius' song lyric copying claim against Google wasn't smart
Tuesday 27th June 2023 12:52 GMT
Re: "the results were often character-for-character copies of song texts it hosts"
Elton John's: "Hold me closer Tony Danza"
The Beegees' "One Legged Woman"
Kids these days that can just google the lyrics, have been robbed of the fun...
it took me hours to work out the lyrics to "Gangsta's Paradise" by the late Coolio, and I'll never forget them now...
Microsoft rethinks death sentence for Windows Mail and Calendar apps
Palantir's deals with NHS England top £60M – without competition
EU boss Breton: There's no Huawei that Chinese comms kit is safe to use in Europe
Friday 16th June 2023 09:48 GMT
Re: Following the series of links starting with the reference to Huawei backdoors...
Yeah, GCHQ's HSCIC said if there were backdoors in Huawei's kit, they were indistinguishable from the shoddy code in the rest of it.
The only reason it got banned in the UK is the US de-stabilised the Huawei supply chain, so the president's lapdog AKA prime minister used this as an excuse.
Singapore to roll out (literally) more Robocops
US government extends software security deadline because vendors aren't ready
Wednesday 14th June 2023 16:17 GMT
regulations also should address open-source software
JK right
all open-source licences confer no warranty that it is fit for the intended purpose.
if you are going to use an open-source tool, you need to ensure its security before you use it in your product, and if its broke, do the hobbyist a favour fix it and submit it.
Florida man insists he didn't violate the law by keeping Top Secret docs
Cisco promises to unify its net management silos in the next three to five years
Wednesday 7th June 2023 12:00 GMT
Re: Best thing about fabric is…
Meraki is a lot better than you are making out, and Cisco's wireless is only still good, as they are absorbing the Meraki features.
The Meraki UI is great, its all plug and play and cloud configurable, none of the expensive site visit stuff, just get your average non-intelligent hand to plug the stuff in it picks up its config and it just works. deploying multiple sites, building a template and configuring everything just once. for retail/B2C-focused branch-heavy orgs like you seem to be working with it's simple to manage and just works.
I got out of DC networking when NSX came out, as it basically negates the need for anything more complex in the switching.
Wednesday 7th June 2023 11:50 GMT
Re: "admins who work with Cisco are very familiar with"
Cisco Bought Meraki over 12 years ago, and have just started to ruin its UI with its own design elements.
Apparently, Meraki was supposed to be the cloud offering as its portal just worked, and cisco and UI design were largely strangers.
This what the third time they have integrated everything and about the fifth name change anyone else remember the Prime Suite?
I'll believe it when it happens...
although the Security Cloud is starting to move, basically its core is Secure X with a rebadge
British Airways, Boots, BBC payroll data stolen in MOVEit supply-chain attack
UK warned not to bother racing US, EU on EV subsidies
Tuesday 6th June 2023 09:53 GMT
LFP is Lithium Iron(Fe) Phosphate, which has lithium, but no cobalt, in the cells, but a lower energy density.
Still doesn't discount the fact that shipping the components from around the world and extracting lithium and the various packaging materials and electrolyte chemicals, along with the clean-up of the ICE production process, means that over 10 yr service life of the battery, the difference between a Diesel and BEV is negligible.
Sodium-ion batteries have a lower energy density than LiFePO, meaning you need more of them too.
current tech is not there, the grid can't handle everyone switching to electric: there just isn't enough supply to charge on demand or the distribution infrastructure to fast charge at home. Hydrogen is coming along and requires less new infrastructure, when you look at its efficiency as a storage medium people tend to discount the fat an ICE is only about 20% efficient whereas a fuel cell is between 2-3 times as efficient, and most of the distribution infrastructure used for ICE fuels can be reused, along with cost, refuel times and ranges similar to ICE.
taking into account new tech like that produced by Viritech (currently working with Ford on the Hydrogen Transit) there is a lot that could be mainstream within 5 years
'Strictly limit' remote desktop – unless you like catching BianLian ransomware
Compatibility mess breaks not one but two Windows password tools
Ransomware crooks steal 3m+ patients' medical records, personal info
Microsoft switches Edge’s PDF reader to pay-to-play Adobe Acrobat
WAN router IP address change blamed for global Microsoft 365 outage
Wednesday 1st February 2023 16:15 GMT
Re: There's always a fallback option
It's the perennial cost-benefit approach, the purse strings tend to open more when you can put things in $ amounts.
this $connection being down for $time costs you $$$$$, and if this happens during peak business it cost $$$$$$$$$$$$$$, and we have guaranteed it will be up for $9s
so simple sums if we spend $$ extra by building the system this way, we save the $$$$$$$$ on average and if the worst happens it will cost us $$ more, so saving us in the long run
if you want to disappear the risk entirely we can build it this way but that will cost you $$$$$ if the worst doesn't happen its a waste of $$$.
I spend my time trying to quantify the variables in those equations and have a drawer of reports I can bring out to refute any accusations...
JD Sports admits intruder accessed 10 million customers' data
Wednesday 1st February 2023 15:14 GMT
Re: no payment information was among the mix
Mastercard and VISA are no better than the retailers, after all they are just processing networks.
FFS there are not even rate limits on transactions from the same vendor, or IP or even for the same card.
based on the "Card-holder not present" workflow, you can brute force a valid set of card details, as by mixing processors you can get incrementally more details, and the card network tell you not just that the details are invalid, but which ones are wrong.
but its all moot anyway, the details that were leaked are far more valuable to any miscreant than the card data would have been.
full address details, security answers and transaction details will get you full access to their credit profile and leverage for extortion...
Victims of IT scandal in UK postal service will get fresh compensation
Citizen Coder? Happiness Concierge? Here come 2023's business cards
Wednesday 4th January 2023 17:04 GMT
Re: You are Steve Bong
not that long ago, I had to manage a reputable estate agent (are there any) through selling a 10-bedroom house, as their in-house designed system didn't cater for anything over 6. the a week later a 45 bedroom £85m mansion came on the market in Guildford.
you'd be lucky to get 6 for £85m nowadays
OneDrive back on its feet, but ongoing Skype credit problem hasn't gone away
Wednesday 4th January 2023 16:37 GMT
Re: Repeat after me:
the name Cloud is far too clean for what it is. It invokes pictures of white castles in the sky unassailable by mere mortals
when the truth is closer to
Dodgy Dave's lockup down the road with security cameras that worked at some point, the fire exit propped open for ventilation and some bloke saying your data will be safe if you pay them $ExhorbitantAmount, making it apparent if you don't it definitely won't be.
I prefer the acronym OPT (other peoples tin)
Brit MPs pour cold water on hydrogen as mass replacement for fossil fuels
Wednesday 21st December 2022 18:31 GMT
Re: Vans and Lorries
the whole point of H2, as a storage medium is you can reuse most of the Petroleum infrastructure with a little modification, it's also a far more environmentally friendly storage medium than lithium-ion-based batteries.
the ideal situation is large offshore wind farms that are expensive to connect to the grid, use the energy generated to electrolyse hydrogen, which is stored locally, and collected by modified LNG tankers that take it to shore, where it is expanded and transported by pipe to distribution hubs, then in pressurised tankers to modified filling stations, for rapid transfer to vehicles, or in re-fillable hot swappable fuel cell units.
the technology is there, the problem is the petro industry need to get on board. there are viable solutions to the problems, the problem is you need another Telsa to prove them.
UK govt study says IR35 contractor tax reforms plain sailing for most
US Air Force signs $344m deal for hypersonic Mayhem aircraft
Tuesday 20th December 2022 14:03 GMT
Re: Expendable
I always go back to what the Airfield Fire team told me, their job is to get the pilot out because including fuel and training it costs more than the £100m+ the aircraft cost.
The other thing is the meat bag in the cockpit has the need to breathe and survive so anything over 6G is an issue
Doctors call for greater scrutiny of bidders for platform that pools UK's health info
Monday 28th November 2022 11:02 GMT
Palantir might get your info, for 50% the TLAs already do
hate to keep harping on about this but:
EMIS Health was bought by UnitedHealth Group EMIS's cloud-based patient record system cunningly titled EMIS Web, contains about 50% of GP and community records.
if your GP app is Patient Acess, this is you and your records
UK bans Chinese CCTV cameras on 'sensitive' government sites
BOFH: We're an industry leader … in employing idiot managers
Qualcomm teases custom Arm-compatible Oryon CPU cores designed by Nuvia
NSA urges orgs to use memory-safe programming languages
Monday 14th November 2022 18:19 GMT
stop Blamimg C / C++
it's not C's fault people are using it for stuff it's not supposed to be used for
it's an ultra-low-level language designed for those applications, ie single core applications running at highly efficient speeds on highly limited resources, where you need to control the memory space and re-allocate it to get the required performance or capability from the limited hardware.
if you don't need to use C/C++ then don't use it, if you do, you make your trade-offs and know how to make it work for your situation.
Breached health insurer won't pay ransom to protect customers, warns of more attacks
UK government set to extract hospital data to Palantir system without patient consent
Monday 7th November 2022 16:49 GMT
At least I have a new source of infinite electricity
Dane Fiona Caldicott (the former NHS data Guardian) is currently generating 1GW while spinning in her grave.
Who else saw this happening when NHS DIgital got absorbed into NHS England ...
this is definitely against GDPR, as Health Data Is "Special Category data," and very difficult to Anonymise, especially when you have a unique identifier like an NHS number or an uncommon condition.
As has been said above, this system is broken, you can see it in all the figures, the NHS got into trouble in about 2014, which is when the Lansley reforms of the Health and Social Care Act 2012 kicked in, it wasn't perfect before then, but it was better than this.
The NHS doesn't exist, its 2700ish organisations that get to put the badge on, that are all independent fiefdoms, which have their own boards (full of people on multiple 6 figure salaries)
Biting the hand that feeds IT
