Got something to say or just want fewer pesky ads? Join us... 😊

In light of TalkTalk how do folk feel about the government’s surveillance legislation?



Herr Tubthumper

Well-known member
NSC Patreon
Jul 11, 2003
59,204
The Fatherland
It's been demonstrated that commercial companies are unable to hold our data. So how you feel that the government will mandate that telecoms companies keep all our search info? And what happens when they inevitably lose this valuable and sought after info?

"The investigatory powers bill is expected to reintroduce a requirement that telecommunication firms retain records of sites accessed by their users, known as weblogs, for a 12-month period"


http://www.theguardian.com/law/2015/oct/30/telecoms-companies-to-retain-browsing-data-under-new-law

http://www.theguardian.com/technolo...ications-data-bill-honeypot-hackers-criminals
 




JC Footy Genius

Bringer of TRUTH
Jun 9, 2015
10,568
The amount of data companies already keep about users is probably far more extensive than we realise. If government is going to make it mandatory then they should also stipulate minimum levels of security/encryption.
 


Hampster Gull

New member
Dec 22, 2010
13,462
Some commercial companies, not all. But I suspect all are at risk. I would trust the government no more than a multi national. It does feel that we should be exploring minimum security standards and letting consumers know where companies sit vs that.
 


peterward

Well-known member
NSC Patreon
Nov 11, 2009
11,235
It's been demonstrated that commercial companies are unable to hold our data. So how you feel that the government will mandate that telecoms companies keep all our search info? And what happens when they inevitably lose this valuable and sought after info?

"The investigatory powers bill is expected to reintroduce a requirement that telecommunication firms retain records of sites accessed by their users, known as weblogs, for a 12-month period"


http://www.theguardian.com/law/2015/oct/30/telecoms-companies-to-retain-browsing-data-under-new-law

http://www.theguardian.com/technolo...ications-data-bill-honeypot-hackers-criminals

thats not the answer at all, snooping on private citizens in case of the odd random corporate attack.

The hackers wont always get caught, they'll be routing through TOR network, with encrypted routers etc.

The best answer is to have heavy fines on companies based on company size/profitability. Make the fine for their security systems being breached, so prohibitive it makes them spend a shed load on securing all data.

If their breached on numerous occasions, and can't ensure security or handle self policing. The government should have the power to enforce a leading 3rd party security company onto the corporation.

The Talk Talk CEO wasn't even sure, when first asked, if customer data was encrypted, ends up it wasn't.
And for that spying on all citizens would achieve nothing, but Talk Talk should have been severely financially reprimanded. And as they've previous, the government should impose a leading security company on them to clean up their act.
 




glasfryn

cleaning up cat sick
Nov 29, 2005
20,261
somewhere in Eastbourne
sadly even Tesco know what my cats eat:(
 


Hampster Gull

New member
Dec 22, 2010
13,462
Theresa May is a authoritarian lunatic. She is determined to have every person in the UK watched and controlled - with ever increasing powers to incarcerate dissidents.

I can't help but fear that this is all a smokescreen, as Western governments are preparing for the inevitable social unrest as this economic system nears its end.

:lolol:

It will be here long after you are gone
 


Dec 29, 2011
8,014
It's a worrying trend. The UK are heading down a dark path in terms of personal liberties. We need to be passing laws to make the internet secure, encrypted and private. The government SHOULDN'T know everything we do online, it's not their job. They SHOULDN'T be censoring what we see online either. The government have shown multiple times they're incompetent when it comes to handling private data, why would that change now?

We need the EU as it seems that's the only thing protecting our civil liberties right now.
 




happypig

Staring at the rude boys
May 23, 2009
7,935
Eastbourne
I work for a (the) big telecomms company and data retention/storage is taken very seriously; for example all laptops are encrypted (whether there's commercially sensitive information on it or not) and if you plug in a USB drive, it's read-only unless you encrypt it). I've just done a security refresher training module, which everyone from me to the chairman has to do, and it's drummed home how important keeping data secure is.
I really hope that we don't get further regulated because of the sloppy practices of a tinpot outfit, I'd rather see them fined until their eyeballs bleed.
 




El Presidente

The ONLY Gay in Brighton
Helpful Moderator
Jul 5, 2003
39,689
Pattknull med Haksprut
I'd rather see them fined until their eyeballs bleed.

Highly unlikely giVen that the CEO of TalkTalk is

A Tory life peer
A former classmate of David Cameron
Married to a Conservative MP
A member of David Cameron's council of business advisors.

She was paid £6.8 million for her job last year, but doesn't even know whether TalkTalk encrypted their data. It's almost as if she was completely incompetent but was appointed due to her connections rather than ability to do the job.
 




Herr Tubthumper

Well-known member
NSC Patreon
Jul 11, 2003
59,204
The Fatherland
I really hope that we don't get further regulated

Why not? From a public point of view I'd say this is absolutely paramount.
 


beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,265
She was paid £6.8 million for her job last year, but doesn't even know whether TalkTalk encrypted their data.

im not sure i excpect the CEO to know such matters. i would expect someone to and that person should have been more in the public. i found Hardings handling of this story refreashingly honest (to the point of overstating the impact), compared to typical data breach stories where theres evasion of questions and the issues. whats not appriciated by the public is theres no legal requiement to encrypt anything, just an obligation to keep data secure.

which of course they didnt, and for that they should be hauled over the coals. and there we need some more strict regulation, so that fines make it worth the cost of securing the data. companies rely on staff training, restricting USB etc, rather than apply actual security around their data systems, which is expensive and little understood at C-level. so yeah, its pretty bad timing for the police to asking for ISPs to retain data when one has just shown how well they take security.
 


Herr Tubthumper

Well-known member
NSC Patreon
Jul 11, 2003
59,204
The Fatherland
im not sure i excpect the CEO to know such matters.

I would fully expect a CEO facing the media to know such matters. The fact she wasn't, at the very least, briefed about this particular issue speaks volumes about the company's overall attitude IMHO.
 




El Presidente

The ONLY Gay in Brighton
Helpful Moderator
Jul 5, 2003
39,689
Pattknull med Haksprut
im not sure i excpect the CEO to know such matters. i would expect someone to and that person should have been more in the public. i found Hardings handling of this story refreashingly honest (to the point of overstating the impact), compared to typical data breach stories where theres evasion of questions and the issues. whats not appriciated by the public is theres no legal requiement to encrypt anything, just an obligation to keep data secure.

which of course they didnt, and for that they should be hauled over the coals. and there we need some more strict regulation, so that fines make it worth the cost of securing the data. companies rely on staff training, restricting USB etc, rather than apply actual security around their data systems, which is expensive and little understood at C-level. so yeah, its pretty bad timing for the police to asking for ISPs to retain data when one has just shown how well they take security.

I'm not sure everyone is as impressed by Harding as you are.

http://www.marketingmagazine.co.uk/...-boss-dido-hardings-utter-ignorance-lesson-us
 


beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,265
I'm not sure everyone is as impressed by Harding as you are.

i wouldnt say im impressed. the normal response is denial and general arse covering, at least they were upfront about this incident.

I would fully expect a CEO facing the media to know such matters. The fact she wasn't, at the very least, briefed about this particular issue speaks volumes about the company's overall attitude IMHO.

the problem is, with encryption in particular, its too complex to simply brief on. saying "dont know" was probably accurate, because some is and some isn't, some matters, some doesnt. companies wont encrypt lots of data as there is no need and little security from doing so. you could have your database encrypted, when you pull the data it has to be decrypted, so at that point data is exposed. hacking the website means you are likely able to pull data decrypted, so the problem is securing the interfaces that access the data, not necessarily the data itself (though important).
 


Herr Tubthumper

Well-known member
NSC Patreon
Jul 11, 2003
59,204
The Fatherland
the problem is, with encryption in particular, its too complex to simply brief on. saying "dont know" was probably accurate,

I'm not sure you get it. This is a CEO, a handsomely remunerated CEO as well, who for whatever reason was the chosen public face of TalkTalk after a huge security disaster. And any fool could have told you that a question about encryption would come up. To simply say you don't know isn't good enough. Either swot up, or put the right person in front of the cameras. As I say, if this how casual they behave after this escapade it's no wonder the company has such shite security.
 


beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,265
I'm not sure you get it.

i do get it: their security is shite, and they dont encrypt lots of data. the answer was given because no one knew really, or couldnt give a clearer answer without a lot of technical details of databas schema, API, process models and so on, itself a security breach. yes the CIO should have been there in the press conferences too, the CEO isnt the best placed person in this situation.
 




Herr Tubthumper

Well-known member
NSC Patreon
Jul 11, 2003
59,204
The Fatherland
i do get it: their security is shite, and they dont encrypt lots of data. the answer was given because no one knew really, or couldnt give a clearer answer without a lot of technical details of databas schema, API, process models and so on, itself a security breach. and yes the CIO should have been there in the press conferences too.

Interesting that you know, but she didn't.
 


Super Steve Earle

Well-known member
Feb 23, 2009
8,313
North of Brighton
I really couldn't care less who knows my phone number, birthday, how often I phone my son or whatever. It's not long ago that we were handing out our bank details to the milkman, the local shop, the builder and every other Tom, Dick and Harriet on our cheques. I genuinely don't understand we people are so precious about data nowadays.

The only data I care about is my bank balance and that my bank prevents anyone else getting at it. If they fail, I am confident they will refund me promptly. So frankly, ain't that bothered.
 



Paying the bills

Latest Discussions

Paying the bills

Paying the bills

Paying the bills

Albion and Premier League latest from Sky Sports


Top
Link Here