Welcome to the O2 Community

Has your question already been answered? See the community FAQ's

Off-Topic

Reply
Highlighted
Anonymous
Posts: 0

Re: Talk Talk Stolen Data

@anticipated

 

Sorry, but I don't really understand what you're saying.

 

I think I dumbed down the http HEAD example, (which was just a trivial thing off the top of my head), to gutter level when I said that anybody could search for it on Google, and discover websites that let you check up on what other sites are running.

 

Are you seriously telling me it's beyond the average man in the street to do a google search, then put his bank's/retailer's/charity's website in to a dialogue box and click OK?  When it comes back and says something like "that site runs Apache 0.9", you can search google for "Apache 0.9", and what people in the industry are saying.  Based on that, you can maybe draw your own conclusions on the level of tecnho-awareness the organisation has.

 

Sorry, but I like to give people the opportunity to do their own research, and I don't think that's inappropriate.

 

Regarding your second comment, I am completely confused.  Stuxnet, and the OpenSSL exploit, (I assume you are referring to 'heartbleed'), are two completely different extremes.  In a nutshell, Stuxnet was a highly specialised and targetted attack against a very specific target.  The OpenSSL exploit was, on the face of it, a programming error that went undetected, (there are some conspiracy theories about that, which I can't discount).  What those have to do with my expectation that companies handling personal data can be reasonably expected to employ good IT professionals, I don't know.  For reference, fixing the OpenSSL exploit was fairly trivial for anyone even reasonably skilled in IT, although it was tedious for various reasons.

 

Your comment that you are an advocate of privacy but not naive to believe that people won't cut corners, just demonstrates what I am trying to tell people.  STOP allowing corner-cutting in IT to be so socially acceptable!

 

Would you accept an electrician who replaced all the fuses in your house with wires?  Even though everything appeared to be working?  Is that socially acceptable?

 

As for dumbing down the terminology, I have only mentioned two technical terms relevant to the discussion.  You have brought up php, perl, GET and POST requests, stuxnet and OpenSSL, none of which appear remotely related to the issue at hand.

 

I'm afraid I don't really understand what point you're trying to make.

Highlighted
Posts: 3,154
Topics: 129
Blog Posts: 1
Registered: ‎06-04-2012

Re: Talk Talk Stolen Data

Yes, bringing up development languages and those security breaches is not really related to your original point and I'm sorry for meandering. 

 

I found that Facebook is a big harvester of data and removed my account as much as possible. And these cold call you get from Foreign Call centres don't help matters either. Recently I was advised to remove myself from the Open Register as this is often a way for companies to obtain information cheaply.

 

OK back on topic....

 

I would love to think that my information was 99.99% safe however 98.3% isn't too much of a compromise.

 

Talk Mobile/Talk Talk as far as I can tell are a cheap company from a consumer point of view administered from a call centre in New Dehli. Being as I am not a fan of call centres I avoid them like the plague although the women from Netflix was nice and pleasant.

 

Even everyone looked up the information on Google what good is it going to do if the companies at hand are following the OFCOM regulations to the letter (or at least appeaing to).

 

Who knows?

 

Last time I did a website I ran a phpinfo() command for a server dump although I can't remember the Apache version. Maybe I have the file still the file on my laptop.

 

Leave your candy-colored cans in the toy chest and try a pair of proper headphones.
Highlighted
Anonymous
Posts: 0

Re: Talk Talk Stolen Data

Something that I'd like to point out is that there is often no technical or legal obligation to give ACCURATE personal details out.

 

For example, my mother's maiden name can be anything I want it to be on a website form.  "Fred" was a entertaining choice once.

 

Whenever a helpdesk insists on a contact number to call me back on if the line drops, when I just want some general information, they're given 020 7946 0439.

 

Postcode?  Use the company's own one.  They rarely think to block that.

 

First school attended?  First car owned?  Come on!  Use your imagination!

Highlighted
Posts: 3,154
Topics: 129
Blog Posts: 1
Registered: ‎06-04-2012

Re: Talk Talk Stolen Data

I've got to be honest unless I actually telephone any call centre I don't give any information out.

Leave your candy-colored cans in the toy chest and try a pair of proper headphones.
Highlighted
Posts: 3,154
Topics: 129
Blog Posts: 1
Registered: ‎06-04-2012

Re: Talk Talk Stolen Data

Maybe I'll give you a call and try to sell you rusty tap from a well-loved kitchen sink then....

Spoiler
Smiley LOL
Leave your candy-colored cans in the toy chest and try a pair of proper headphones.
Highlighted
Posts: 86,422
Topics: 729
Registered: ‎14-01-2013

Re: Talk Talk Stolen Data

[ Edited ]

Amazing how far this thread has come if honest. Who knew what would happen when I shared the info about Talk Talk and their 'stolen data'?....

Most of it has gone flying over the top of my head.... as its far too technical for me......

Someone once said 'you can confuse a dumb ass with jargon'....I forget the rest of what was said...but I am sure you get the gist.

Anyway I refuse to be intimidated by it all....I shall plod on keeping myself and my data as safe as possible LOL

*The Game Is On*

Most-Helpful-MemberFriendliest-MemberMost-Useful-GuideBest-Feedbacker
Highlighted
Posts: 86,422
Topics: 729
Registered: ‎14-01-2013

Re: Talk Talk Stolen Data

NB: I edited the above post as it initially showed I had used a swear word....(which I definitely did NOT) Smiley Wink

*The Game Is On*

Most-Helpful-MemberFriendliest-MemberMost-Useful-GuideBest-Feedbacker
Highlighted
Anonymous
Posts: 0

Re: Talk Talk Stolen Data


@Cleoriff wrote:

NB: I edited the above post as it initially showed I had used a swear word....(which I definitely did NOT) Smiley Wink


That's really annoying when the system automatically censors an innocent word Smiley Very Happy

Highlighted
Anonymous
Posts: 0

Re: Talk Talk Stolen Data

I hope the technical discussion hasn't distracted too much from the point I was trying to make, which was basically that it is NOT unreasonable to expect companies who process your private info electronically, to keep it private.

 

It might all seem highly technical and beyond the average person in the street, but honestly, to anyone skilled in the art, it should be all in a day's work.

 

There seems to be a growing belief that computers and the internet are some kind of growing monster that we don't have any control over, (oh no, I've just got the music from "The Blob" in my head now!), but it's NOT true!

 

It's being used as an excuse for corporate laziness, cost cutting, and lack of responsibility.  To blame that on "hackers", really insults the people who WANT to do a good job with IT, and who are prevented from doing it by a lack of desire from management and directors, simply because it's easier to appologise afterwards.

Highlighted
Anonymous
Posts: 0

Re: Talk Talk Stolen Data


@Anonymous wrote:

I hope the technical discussion hasn't distracted too much from the point I was trying to make, which was basically that it is NOT unreasonable to expect companies who process your private info electronically, to keep it private.

 

It might all seem highly technical and beyond the average person in the street, but honestly, to anyone skilled in the art, it should be all in a day's work.

 

There seems to be a growing belief that computers and the internet are some kind of growing monster that we don't have any control over, (oh no, I've just got the music from "The Blob" in my head now!), but it's NOT true!

 

It's being used as an excuse for corporate laziness, cost cutting, and lack of responsibility.  To blame that on "hackers", really insults the people who WANT to do a good job with IT, and who are prevented from doing it by a lack of desire from management and directors, simply because it's easier to appologise afterwards.


I think you made the main point most effectively @Anonymous in what has been a most interesting topic.  What I am not entirely clear about is what customers/users like me can actually do about it in our everyday interactions with the digital world, apart from withdrawing our custom from "guilty" companies.  Of course we can ensure we have some anti-virus/malware/firewall precautions in place, but how do we know we can trust them?   Most businesses will have a paragraph somewhere on their websites informing us that they take our data security and privacy seriously etc. but how do we check that out?

When Norton shows me "This page is safe" does that tell me anything about how good the originating company might be in safeguarding my personal information?