Category: Bad Stuff

Broken phones, nuisance calls, security, bad stuff

Categories
Business online safety

UKCCIS Summit today

UKCCIS was launched last year by the Government following the Byron Report and to an excited fanfare. Today sees the first UKCCIS annual summit and on the BBC news this morning is the announcement that lessons in using the internet safely are set to become a compulsory part of the curriculum for primary school children in England from 2011.

There’s nothing on the UKCCIS website as yet but I’m sure it will emerge during the day. We should watch these proceedings carefully because this committee represents an important step in the evolution of how our society copes with the move away from the streets and onto the internet.

There has been a concern that during its first year of operation progress has been very slow and dominated more by the desire of Government to be seen to get quick PR wins rather than achieving anything of substance.  This would be a huge shame as this is important work.

Lets see what the day brings.

Categories
Business piracy Regs

Digital Economy Bill Second Reading

The Second Reading of the Digital Economy Bill was held yesterday in the House of Lords. All sections of the Bill were considered, although the main focus was on clauses 4-17 that address copyright infringement. A brief summary is provided below:

  • Lord Mandelson presented the Bill, outlining the two initial obligations on ISPs and explaining the rationale behind the reserve power to impose technical sanctions. He described the clauses as proportionate. Former Cabinet Minister Lord Fowler, responding on behalf of the Conservatives, described the step-by-step process outlined in the Bill as ‘correct’, subject to RHs taking action to make their products legally accessible.
  • On behalf of the Lib Dems, Lord Razzall welcomed the Bill. He did, however, cite a number of sections that the Lib Dems were unhappy with. He requested that clause 6.5(b), which provides for retrospective penalties, be removed. He also questioned the lack of details on the apportioning of costs and the inclusion of clause 17.  He further underlined the need to honour the principles of natural justice.
  • Support for the Bill was voiced by Lord Birt, Lord Puttnam, Baroness Morris (all of whom declared rightsholder interests in this area) and Baroness Howe.
  • Baroness Miller voiced strong opposition to a number of clauses in the Bill. She suggested that the Bill would protect the old model of content distribution rather than encourage new models. She also criticised the decision to make one industry pay for the protection of another and questioned clause 15, which outlines the role of the Secretary of State in defining the level of cost recovery. The Baroness further asked the Government about the effect that increased encryption, which the Bill could cause, would have on the work of law enforcement and cited the threat that the Bill posed to open wif-fi connections.
  • Conservative peer Lord Lucas voiced a number of strong arguments against the Bill. He first questioned the motivation for legislation, explaining that this was protecting music companies rather than artists, and lamented the inability of music companies to offer legal alternatives. He also suggested that it should be compulsory for rightsholders to pursue legal action through the notification system, called for due process for consumers and requested that the Conservative front bench vote against clause 17.
  • Lord Whitty also outlined his opposition to the proposals, questioning the suggested cost to the rightsholder industry, the potential of the user to breach users’ human rights and the lack of focus on education and alternative models of content distribution.
  • Lib Dem Culture Media and Sport Spokesperson Lord Clement-Jones expressed concerns around the power that the Bill granted to the Secretary of State. Conservative Shadow Culture Media and Sport Minister Lord Howard agreed that there would have to be close scrutiny of clause 11 to understand the power being given to the Secretary of State.

At this stage of the game it is difficult to tell how this Digital Economy Bill will pan out because it seems to be getting some degree of qualifed support from all parties at the Second Reading stage.

The debate in full is available here. I understand that the Committee Stage of the Bill will begin on January 6th.  Also I am indebted to the ISPA Secretariat for this input which is mostly a plagiarism of their report.  It is a full time job keeping an eye on this stuff.

Categories
Business piracy

Timesonline market research shows music artists revenues on the up.

Timesonline Labs blog published some interesting market research in November suggesting that revenues that musicians receive from non record label sources is on the rise.  The increases seem to more than compensate for the decrease in their incomes from record label contracts.

Record label revenues though are shown to be hugely in decline which says a lot about why they are making such a fuss over Music Piracy. I don’t think anyone should criticise the labels for their efforts.  However in considering the Digital Economy Bill Government should take a 60,000 foot view and recognise that business models are changing and the old record label way might well have to change with the times.

Bob Dylan foresaw this in “The Times They Are A Changing” -you better start swimming or you’ll sink like a stone, for the times they are a-changing.  I think the labels are just swimming in the wrong direction.

Link to the Timesonline article here.

Thanks to boggits for the link.

Categories
Business piracy

Dan Bull – Dear Mandy [an open letter to Lord Mandelson]

Sometimes music is intended to be pirated. Check out the YouTube video by Dan Bull.

The people speak out.

Categories
Business internet piracy

Alliance Against IP Theft meets MPs

The Alliance Against IP Theft held a meeting yesterday at Westminster Hall in The House of Commons.  Present were 5 speakers from the creative industries – from Fulham FC, Universal Music, a freelance writer and journalist, a publisher from Random House and a construction manager at a film studio – and a panel of MPs including Tom Watson, John Whittingdale, Kerry McCarthy, Lord Corbett and Steven Pound. The meeting was chaired by Janet Anderson who leads the All Party IP Group.

Each speaker gave a talk on how piracy was having a negative impact on things like investing in new talent.  The MPs then asked a series of questions.

Most vocal was Tom Watson who argued that to give the Secretary of State unrestricted power to make rulings on copyright in the future was actually a potential problem for rights holders – MPs would be concerned that a Bill was trying to give powers to the Secretary of State without parliamentary oversight.

Mr Watson also questioned the figures that rights holders produced that suggested that every unlawful download was a lost sale. The panel agreed with him when he said that the creative industries had never been in a healthier state in terms of popularity, despite filesharing.

Lord Corbett gave an indication of how the Bill will progress through the Lords – it will receive its Second Reading next Wednesday December 2nd and is likely to leave the Lords and enter the Commons by the end of January. With a two week half term break in February, it was suggested that as Parliament is rumoured to be dissolved at the end of March for the general election, there was a good chance that the Bill will run out of time.

This is clearly an important phase where lobbying for and against this Bill is going on.  It is the first time I have been involved at such close quarters in something so important – one that is generating high emotion from both sides. The strange reality is that I doubt that there is a single person who is against the proposed regulation on P2P filesharing who actually supports the illegal activity.  It is just that they don’t think this regulation is the right way to go about it.

Also I’m not a particularly political person but it does strike me that we should now just get on with a General Election because we are now entering a silly season where there is a danger that Laws will be rushed in without properly being thought through. Of course I know politics doesn’t work like that…

Categories
Business internet piracy Regs

P2P regulation in Digital Economy Bill ain't going to work

Now that the Digital Economy Bill has been published we can comment on its specifics. and in particular on the aspects relating to what the Government describes as “Online infringement of copyright” or illegal filesharing/Music Piracy in every day language.  It doesn’t just pertain to music, it includes movies and software as well – many of the abuse notices received by Timico in respect of naughty customers are concerned with the latter.

First of all the proposed Bill grants Lord Mandelson far too much control.  The Secretary of State will have the power to make specific recommendations on costs and impose an obligations on ISPs to use technical sanctions. The uninitiated should read this as “telling ISPs how much they will be allowed to charge rights holders for the implementation of the requirements of the Bill.  Technical sanctions = cutting off broadband connections.

In the first instance the industry thinks these responsibilites should be given to an independant body.  Also the idea that ISPs should share some of the cost burden is contrary to the Government’s own legislation – the Regulation of Investigatory Powers Act (2000) (RIPA) – which considers it appropriate for ISPs to be reimbursed for costs incurred when assisting in serious criminal investigations,  such as terrorism or kidnap.

What the Government is saying here that it believes that it is ok to recover costs for assistance with the pursuit of serious criminals but not for costs incurred pursuing an alleged civil infringement on behalf of a commercial interest. A scenario that normally burdens the party with the commercial interest with the cost.

ISPs are happy to help and indeed are not in favour of copyright infringement but think it is grossly unfair that they have to pay to police it.

Secondly the suspension of users’ accounts as a potential sanction is wholly disproportionate and is in direct opposition to the objectives outlined in Digital Britain to increase online participation. It seems that this will enable the suspension of users’ accounts without a ruling from a judge. This is potentially in defiance of the forthcoming EU Telecoms Package that guarantees users’ rights to a presumption of innocence until proved guilty.

The Government seems to be blind to the fact that serious copyright infringers can easily evade detection by employing encrypted P2P (for example).

Instead of wielding a big stick Government should be asking rightsholders to reform the licensing framework so that legal content can be distributed online to consumers in a way that they are clearly demanding. Currently the online copyright law is a mess spread across many countries and legislatures and the costs to industry of getting it sorted are huge. 

The Government is trying to push this Bill through quickly but it isn’t going to stop the problem. Lift up your heads and raise your voices all!

Categories
Business internet piracy Regs

P2P regulation in Digital Economy Bill ain’t going to work

Now that the Digital Economy Bill has been published we can comment on its specifics. and in particular on the aspects relating to what the Government describes as “Online infringement of copyright” or illegal filesharing/Music Piracy in every day language.  It doesn’t just pertain to music, it includes movies and software as well – many of the abuse notices received by Timico in respect of naughty customers are concerned with the latter.

First of all the proposed Bill grants Lord Mandelson far too much control.  The Secretary of State will have the power to make specific recommendations on costs and impose an obligations on ISPs to use technical sanctions. The uninitiated should read this as “telling ISPs how much they will be allowed to charge rights holders for the implementation of the requirements of the Bill.  Technical sanctions = cutting off broadband connections.

In the first instance the industry thinks these responsibilites should be given to an independant body.  Also the idea that ISPs should share some of the cost burden is contrary to the Government’s own legislation – the Regulation of Investigatory Powers Act (2000) (RIPA) – which considers it appropriate for ISPs to be reimbursed for costs incurred when assisting in serious criminal investigations,  such as terrorism or kidnap.

What the Government is saying here that it believes that it is ok to recover costs for assistance with the pursuit of serious criminals but not for costs incurred pursuing an alleged civil infringement on behalf of a commercial interest. A scenario that normally burdens the party with the commercial interest with the cost.

ISPs are happy to help and indeed are not in favour of copyright infringement but think it is grossly unfair that they have to pay to police it.

Secondly the suspension of users’ accounts as a potential sanction is wholly disproportionate and is in direct opposition to the objectives outlined in Digital Britain to increase online participation. It seems that this will enable the suspension of users’ accounts without a ruling from a judge. This is potentially in defiance of the forthcoming EU Telecoms Package that guarantees users’ rights to a presumption of innocence until proved guilty.

The Government seems to be blind to the fact that serious copyright infringers can easily evade detection by employing encrypted P2P (for example).

Instead of wielding a big stick Government should be asking rightsholders to reform the licensing framework so that legal content can be distributed online to consumers in a way that they are clearly demanding. Currently the online copyright law is a mess spread across many countries and legislatures and the costs to industry of getting it sorted are huge. 

The Government is trying to push this Bill through quickly but it isn’t going to stop the problem. Lift up your heads and raise your voices all!

Categories
broadband Business internet piracy

Digital Economy Bill is a Lesson in Politics

It’s out, after the first reading in the Lords yesterday!  The Digital Britain bill that is, now known as the Digital Economy Bill.

After months of debate, lobbying and speculation the proposed detail has been published and at first sight it appears to have bits missing. Of interest to ISPs is that there is a lot of content pertaining to Copyright of online digital content – ie illegal P2P filesharing but nothing regarding the Universal Service Obligation for broadband.

There is clearly some political manouvering going on here.  The 50pence tax is already supposedly going to be in the Finance Bill.  Word is that the Government doesn’t think that the USO specifically needs to be in any legislation as it will either be covered by the Finance Bill or the money is already there from the Digital Surplus – the fund set aside to help with Digital TV switchover.

By doing this the Government is trying to increase the likelihood of some of  the Digital Britain Review becoming law by splitting it up into smaller bits. It is also quite possibly using this to brush under the table that they are going to struggle with the implementation of an USO.  They just can’t get their brains round the problem. It is very unfortunate for the millions of Digitally Excluded unfortunates around the UK in suburbs and rural communities alike.  I might be wrong about this but I don’t think so.

Also of interest are proposed powers that will allow the Goverment to take over management of Domain Name Registry Nominet if it doesn’t like how it is being run. Nominet has seen some board room action this year with a couple of Directors making a lot of noise over governance.   The issue is fairly compicated but I believe that one of the issues was the amount of surplus cash being generated by the not for profit organisation.

Details of the Bill can be found here.  Separate post on copyright comes next.

Categories
Engineer internet security

Woke up this mornin and nearly got the IMP blues

I woke up this morning (there’s a song there…) to the news from the Daily Telegraph that ” Government announced yesterday it was pressing ahead with privately-held “Big Brother” databases”.  This is the Interception Modernisation Programme that has periodically been in the news this year with general opposition and a subject I have posted on in the past.  It would indeed have given the ISP industry a headache.

I now hear a contrary position from the Guardian which tells me “Legislation to access public’s texts and emails put on hold. Widespread concern about the safety and security of communications data prompts Home Office rethink.”

My understanding is that it is the Guardian that is right on this occasion and that the Telegraph has tapped into the wrong wires. I imagine that the Labour party has enough on its plate in the run up to an election without further alienating the voters.

When they woke up this morning someone got their wires crossed and my head it felt confused, oh yeah. ”  I think that’s what I was trying to say 🙂

Categories
Business piracy

Peer 2 Peer Piracy – good lord no!

Had a meeting with BIS this morning as the final opportunity to influence the forthcoming Digital Britain bill. Nothing was said really that hasn’t already been published somewhere. We will know the precise content in a couple of weeks.

There is an awful lot of detail that will have to be worked out and with only around 5 months or so until the notional date of the General Election there is, apart from the increasingly vociferous opposition from the ISP industry,  a concern that the time available is not enough to properly consider the bill.

Notwithstanding all that ISPs will have to start working very hard to make sure that all MPs fully understand the issues being debated/proposed here.

This includes Members of the House of Lords which of course introduces a whole new set of issues. What will their Lordships think of a Bill with a major tenet being Peer to Peer Piracy? It is just not the done thing old chap. The Upper House works on a strong basis of trust 🙂 . Seriously though the bill will have to go through the Lords and their Lordships are likely to be closely examining the privacy / consumer rights aspects of the legislation

Notwithstanding that bit of fun I thought it worth adding a few educational points to the debate at this late stage.

Firstly serious P2P illegal downloaders will just move to on to private encrypted networks/Newsgroups that hide your underlying network address and so make it hard to track you down. These do charge which might make it unattractive for Music Pirates wanting freebies. These sites are also unfortunately apparently often attract child pornographers and other lowlife.

If you don’t know anything about them check out the links below:

wikipedia NewsRazor UseNeXT

There is also a continued stream of information suggesting that those that do indulge in Music Piracy also spend more money than those that don’t. Check out the latest market research here.

Categories
Business piracy

TalkTalk pr campaign against Mandelson Digital Britain stance

Carphone Warehouse’s consumer ISP TalkTalk seems to have stolen a march on its rivals with a PR campaign against the Government’s stance on Music Piracy.  This is where Lord Mandelson wants to disconnect persistent illegal downloaders from the internet.

TalkTalk has done a great job with the campaign website, also available via the domain name dontdisconnect.us.

It must be said that this is a sterling effort on their part to even up the balance on the huge lobbying campaign conducted by the music industry on this subject.

Categories
Business internet security

Government confirms it won't mandate IWF list

Further to my post of a couple of weeks ago it has been confirmed that legislation is unlikely to be introduced to mandate support for the IWF blocking list.

Alan Campbell, Parliamentary Under-Secretary at the Home Office, said that it remains the hope of Government that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis in answer to a Parliamentary question by James Brokenshire MP this week.

Mr Campbell said that the Government recognised the work of the internet industry in reaching the figure of 98.6 per cent of consumer broadband lines being covered by blocking of sites identified by the IWF. It remains the Government’s hope, he added, that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis.

The ISPA met with Alun Michael MP on Monday to discuss this issue and it was agreed that ISPA was commited to the eradication of child abuse images in the UK and that it will continue to work with the IWF and Government to achieve this target.

The Parliamentary question can be found here.  Again thanks to Nick Lansman and his ISPA team for both this input and the excellent work they have been doing in the background on this issue.

Categories
Business internet security

Government confirms it won’t mandate IWF list

Further to my post of a couple of weeks ago it has been confirmed that legislation is unlikely to be introduced to mandate support for the IWF blocking list.

Alan Campbell, Parliamentary Under-Secretary at the Home Office, said that it remains the hope of Government that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis in answer to a Parliamentary question by James Brokenshire MP this week.

Mr Campbell said that the Government recognised the work of the internet industry in reaching the figure of 98.6 per cent of consumer broadband lines being covered by blocking of sites identified by the IWF. It remains the Government’s hope, he added, that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis.

The ISPA met with Alun Michael MP on Monday to discuss this issue and it was agreed that ISPA was commited to the eradication of child abuse images in the UK and that it will continue to work with the IWF and Government to achieve this target.

The Parliamentary question can be found here.  Again thanks to Nick Lansman and his ISPA team for both this input and the excellent work they have been doing in the background on this issue.

Categories
Business internet piracy

ISPs meet with Lord Mandelson to discuss P2P

Representatives of the big five consumer ISPs together with Nicholas Lansman of the Internet Services Providers Association met with Lord Mandelson on Wednesday to discuss P2P legislation.  I will have more details of the meeting next week.

There is quite a bit going on here and this week speaking before the Culture, Media and Sport Select Committee under persistent questioning from former Minister Tom Watson MP, Secretary of State Ben Bradshaw confirmed that rightsholders would have to seek a court order before restricting or suspending users’ connections and also explained that users would have the right to appeal before any sanction was enforced. The evidence session in full is available on video here (relevant section starts at 20:35). This appears to be  a postive move from the ISP industry’s perspective.

Also an Early Day Motion tabled by Tom Watson last week has now been signed by 36 MPs, including representatives from all three main political parties. The EDM and signatories can be viewed here.

I would like to thank ISPA for this input. This level of Parliament watching requires some diligence and in the ISPA trade association the industry has a faithful servant.

Categories
Business security

House of Lords inquiry into cyber security

Sub-Committee F (Home Affairs) of the House of Lords Select Committee on the European Union is conducting an inquiry into EU policy on protecting Europe from large scale cyber-attacks.

That opening sentence is, in my mind, a great example of beaurocracy in action. I will say however that actually this is a good subject for their venerable Lordships to be considering.

The European Union is very much concerened about “Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience” and in March 09 issued a 400 page Communication on this subject. I’m not about to read the 400 pages but an international approach to cyber security makes sense.

In fact we really need a global approach to many interent related issues: child abuse, fraud, online copyright to name but a few.  The House of Lords inquiry is in the “Call for Evidence” phase which lasts until 13th November.

The original doc is here >  Cyberattacks call for evidence 16 10 09.

Categories
End User scams security

New phishing attempt doing the rounds under guise of HMRC

It amuses me more than anything to see phishing attempts hit my inbox though it does worry me that I will one day have this uncontrollable urge to click on the link provided.

Today’s, looking as if it had come in from Her Majesty’s Customs and Revenue, was mildly believable.  It is after all coming up to that time of year where we have to think about tax returns.

The message read:
Taxpayer ID: trefd-00000159883557UK
Tax Type: INCOME TAX
Issue: Unreported/Underreported Income (Fraud Application)

Please review your tax statement on HM Revenue and Customs (HMRC) website (click on the link below):

We caught this spam but it did attempt to get delivered to many Timico employees. For the safety of the reader I haven’t reproduced the link but I’d be mildly interested in a straw poll to see how many people got the email. And how many actually responded to it!

That’s not my taxpayer ID by the way 🙂

Categories
Business internet piracy

Stephen Timms Digital Britain Minister

I met with Stephen Timms, Communications Minister today. His official title is Minister for Digital Britain.

I have met Government Ministers before in a long career spent lobbying Parliamentarians on behalf of various trade associations. This was my first meeting in what might be termed a formal environment. I was there with some of the ISP Association Council members to discuss topical issues pertinent to the ISP industry.

I was quite impressed with the process. We assembled in reception at 1 Victoria Street in plenty of time. At some stage an aide met us, whizzed us up to the top floor of the Department of Business Innovation and Skills. It was a round elevator – very impressive – funny what sort of things you notice.

Arriving at the 8th floor we were ushered into a holding room before moving in to see Steve himself. At the appointed time a different aide moved us into ST’s office where we said our hellos and got down to the business of the day.

I was quite impressed with Stephen Timms. Being in the Dept of BIS his remit is to look after industry and he seemed genuinely interested in doing so.

In 45 minutes there is only a limited amount we could cover. We discussed the P2P aspects of the Digital Britain report. I’ve written plenty about this. Key points put across today were that in considering the legislation the Government should ensure that a fair way of apportioning the costs was implemented and that a review of the licensing framework should be conducted.

The current proposals hinge more around sticks than carrots. If illegal music downloaders are to be pursued then a legal alternative should be offered. This is not easy at the moment because of the complexities of licensing the Intellectual Properties of the various rights holders. I’ll detail this in a separate blog post.

We also discussed “prospective effect” and, briefly, more of the Digital Britain report. I doubt many of you have heard of prospective effect – again I will need to write a separate post on this. If I said “mere conduit” perhaps that gives you a clue.

I have to apologise to those of you who wanted me to bring up the subject of broadband 2Meg Universal Service Obligation. We ran out of time on this occasion but now contact has been established there will be other opportunities. 45 minutes, though it seems short, is quite a lot of time to be given by a Government Minister. His diary is chock a block and the next lot were already waiting in the holding room as we were leaving.

As a footnote the clock in his office had stopped – funny what you notice!…

Categories
End User piracy Regs

Government P2P plans could cost broadband users £365 million a year

In its response to the Government’s consultation on Music Piracy BT has stated that the three strikes approach may cost each broadband user £24 a year (up to £1million a day in total). This represents what BT thinks may be the cost of implementing the legislation and which it might find itself having to pass on to its customers. It would likely be the same (if not more) for all ISPs. It makes the proposed 50p tax on phone lines pale into insignificance. There should be no doubt that it is a tax.

Actually I’m not in principle against raising taxes to spend on the roll out of a national fibre network. It’s just that 50 pence is inadequate. We would all better spend this money on the fibre roll out.

There is clearly a lot of politicking going on in what is the run up to the next general election. The Government is looking for quick PR wins. If it is not careful this is one that is going to come back to bite.

I read the BT position in the Daily Mirror. I obviously have a wide range in tastes when it comes to literature 🙂

Categories
Business internet piracy

Technology Strategy Board Digital Britain workshop

The Technology Strategy Board promotes the development and adoption of new technology, ideas  and applications in the UK. It has been given a pot of money to seed the development of technology that will underwrite the aims and objectives of the Digital Britain report.

The briefing was in London on Friday, the aim being to bring network providers and rights holders together to finalise the specification for the Technology Strategy Board’s Digital TestBed. About £30m is apparently available to spend and I understand that in excess of 400 application forms have been downloaded from their with a likely 80 projects to be chosen to go forward to the “feasibility study” stage.  Some applicants will clearly be disappointed.

Whilst I think that his activity is to be applauded I did hear of one interesting bit of feedback from the day.  The representative from Sony, who presumably was there to discuss ways of making music more easily available online in a legal manner, suggested that if it was licensing models that were up for discussion, he would need to get the lawyers on the case. 

The whole issue of legal online access to music is indeeed all about licensing models. The cost of the licenses basically. I get the feeling that the rights holders aren’t really interested in making this easy or lowering the costs. Once you get lawyers involved things take forever. You can’t talk about licensing without lawyers. ergo it will never happen.

Categories
broadband Business internet online safety piracy Regs

UK Government Efforts ISP Regulation Gets Opposition from Unexpected Sources

There has been a lot in the press recently regarding Government plans to regulate the ISP industry. ISPs have been vociferous where they consider that this regulation is unnecessary and adds cost burdens that will have to be borne by consumers.

Quite pleasingly other industries which the Government is likely to think would be the beneficiaries of the legislation have also come out against it.

For example the high profile “three strikes” approach to Music Piracy whereby persistent file-sharers have their broadband cut off is attracting a lot of opposition from the music industry itself. The BBC reports:

Radiohead guitarist Ed O’Brien, a member of the Featured Artists’ Coalition (FAC), said: “It’s going to start a war which they’ll never win.”

Feargal Sharkey’s UK Music allegedly has a war chest of up to £20 million a year to lobby Government on the subject of ISP regulation. This FAC stance seems to be clear disagreement within that industry.

The leak in the Independent this week that the Queen’s Speech currently is planned to propose mandatory blocking of consumer broadband connections for child abuse images has also created a bit of a stir.

The vast majority of consumer broadband connections already have such screening and it seems that the Government is trying to make political capital out of a subject which everyone will of course support in principle.

The issue is how much effort and money will it take to cover the last few consumers not already “protected” particularly as it is smaller ISPs who are most likely to be affected. This is particularly relevant considering that all we are not talking about stopping hard core child abusers who already know how to get around the blocking.

The Register has come out with an interview on this subject with Jim Gamble, Chief Executive of the Child Exploitation and Online Protection Centre (CEOP), and effectively the UK’s leading investigator of online child abuse who has come out against legislation in this area.

There is potentially a lot more regulation in the pipeline. Somewhere in a Government office near you someone is plotting to gain more control ever our every day lives. It is at least nice to see that there are people out there with some common sense who are willing to stick their hands up and say “this is not right”.

Categories
Business security

Internet security – a synonym for sleepless nights

How do we sleep at nights? Everywhere I turn I seem to come across security issues relating to my use of the internet.

In catching up on my reading I find that a team of Japanese researchers have figured out how to crack the WPA encryption technology that up until now I had considered to offer my home wireless network a safe and secure browsing environment, at least from the next door neighbour.

As it is the wireless performance of my home router is suspect because I suspect that it is finds it harder to cope with WPA than the previously less secure but more performant WEP.

Next I’m writing a blog post and a security warning flashes up in front of my eyes on the WordPress console telling me about a vulnerability in older versions of the blogging software that has caused some bloggers to lose large numbers of posts. Fortunately I am up to date with my patches.

One of my sons then complains that his website has been identified as a source of malware by Google. I investigate and find that indeed this is the case and remove the problem. His laptop, however, is a difficult kettle of fish to clean. It has conficker and some other nasties that won’t let any of the worm removal tools on to sort it out. So we are having to reflash his laptop and I then go around the house cleaning up all 12 memory sticks that the kids have in their possession (the fruits of a number of visits to trade shows 🙂 ) .

I could go on. It’s all very well for me though because I have dozens of highly skilled engineers sat outside my office door for who all this is bread and butter stuff. Our customers can also access these resources (for a fair price). The real problem is going to be for Joe Public who, as a consumer, is going to drown in the stormy seas of internet security.

Sorry if this one seems a little on the pessimistic side – it isn’t normally my nature.

Categories
Engineer internet spam

Anti spam best practice

You may have noted the spam theme of my posts this week.  This is because we are in the process of upgrading our anti spam capabilities. The management of spam is a hugely complex process and involves many factors contributing to a scorecard against which an email is rated.

 

There is a general set of principles that the industry could apply that would make it a lot harder for spammers. Unfortunately many ISPs seem to the fairly lenient with their customers about how they set up their email services and are prepared to accept mail from poorly configured mail servers.

 

For example most spam comes from compromised Windows computers at residential or business premises.  When a host connects, ie when a mail is being set up for sending, it should perform a HELO with it’s fully qualified domain name (FQDN) as specified in RFCs (industry standards or standards in waiting).  The sender sometimes lies and presents a fake or incorrect HELO string, which can be used to judge the validity of the sending server. The string given at HELO time should have forward and reverse DNS that matches. 

 

Additionally, the reverse DNS of the sending host could be considered.  If there is no reverse DNS, it’s very unlikely that the mail is legitimate, and should be rejected.  If the reverse DNS makes it clear that the sending host is within a DSL pool, ie at the user premises at the end of an ADSL line rather than an ISP’s mail server, this could also be taken into consideration when it comes to scoring.

 

A genuine Reverse DNS might look like mail.timico.net whereas a corresponding ADSL based DNS, (and therefore likely to be the source of spam), would be xxx.xxx.xxx.xxx.adsl.timico.net where the x’s represent the ip address.

 

Another technique in the fight against spam is to rate limit emails from users. In other words to apply a policy controlling a maximum number of emails an individual can send in a day.  A rate limit for a residential user might be 200 mails a day for example.  It is unlikely that the residential user will send more than 10 or 20 mails in a day.  A compromised machine may, however, send thousands in the same time period. The rate limit would prevent this. 

 

Customers with a genuine need to send more emails than the limit can easily be accommodated.  The limit is there to protect the user rather than to stop them sending emails. The spam being sent would normally be caught here anyway but this technique does at least minimize the load on spam filters.

 

The factors taken into consideration in spam scoring systems are not normally made public domain because to do so would just help spammers.

Categories
Engineer spam

More spam

As an update from yesterday’s post the botnet attacks are getting even more frequent. I’ll post some notes tomorrow on best practice for ISPs contending with spam. You can see the increase in frequency and intensity over yesterday. Some crook somewhere has obviously decided on a new “marketing campaign”.

mail-darktues

Categories
Engineer internet spam

Spam attacks

I sometimes sit and watch SPAM attacks coming in on our mail servers. ISPs are constantly having to ward off spam. It is like being in a cyber war. What is mind boggling is that sheer volume. The chart below shows unwanted mail below the x axis and legitimate stuff above.

You can barely make out the legitimate mail because in the scale it is dwarfed by the spam. It is also interesting to observe that the attacks come in waves.  You can see the major incoming waves on Sunday evening followed by periodic smaller attacks which appear to be the work of botnets.

This spam is of course not passed on to our customers who pay us for a premium service. You can zoom in by clicking a couple of times on the picture.

mail-dark1

Categories
Business scams

Phorm fails

I read on Monday that BT had abandoned Phorm. I didn’t consider this worth commenting on. Today I see that Talk Talk has also dropped the behavioural advertising company.

From a consumer’s perspective I say hooray. As an ISP I don’t have a big enough business to make the Phorm business model work so I haven’t had the moral dilemma myself.  Apparently BT has said it has nothing to do with the furore over privacy rights but I doubt that anyone believes this.

Phorm is now having to say that it is concentrating on faster moving markets such as Korea and talks about live trials with Korea Telecom.  All I can say is that for it to work Korea Telecom has to have a thicker skin than any western based ISP.  Perhaps there isn’t the same privacy rights activity  in Asia.

Categories
End User internet media piracy

94 percent say they would choose a legal music site over a pirate one

Bit of a long post title but this is the feedback from research conducted in June on consumer behaviour and preferences in respect of music downloading.  The research was commissioned by music site We7 and conducted on 2012 consumers aged 16 to 60 over 7 days in June 2009.

Its key findings make very interesting reading:

  • 46% of UK music fans do not understand how to legally consume music online
  • 64% do not know how to stream and share music legally
  • 85% of consumers are happy to listen to a short ad in exchange for unlimited access to free music that they can share with others
  • 94% say they would choose a legal music site over a pirate one if it had the same range of music and was easy to use
  • Women and those over 55 are least likely to stream – 85% say they don’t know how and are unlikely to try
    64% of 16-24 year olds share music with friends online and 71% know what streaming is but only 48% have ever tried it
  • Londoners and Bristolians are the biggest sharers of music online but only 39% and 46% respectively have ever streamed music. 
  • The majority of music buyers (78%) would buy the same or more music if they could listen to streamed music too, showing that the We7 model compliments the industry rather than cannibalises it

All this reinforces the ISP industry’s position that what we need is more legal ways for consumers to easily access music online.  7  million consumers can’t be criminals.  We7 is doing a great job pioneering this so thanks goes to Steve Purdham, and his team. 

Tonight I’m going to go home and listen to some free and legal music streaming online. Frank Sinatra methinks.

Categories
Business internet piracy

Virgin agrees anti-piracy music deal

Virgin has announced a deal with record label Universal that will provide unlimited access to the company’s music catalogue for a fixed monthly fee.  The level of this fee is as yet unnanounced but is reckoned to be the equivalent to the cost of two albums. The service will be available by Christmas 09.

The biggest aspect of this news is that Virgin has also undertaken to attempt to tackle the problem of online music piracy with the ulitmate disconnection a potential penalty for persistent offenders.  This appears to be a big step forward and is likely timed in advance of the Digital Britain report, delayed now until later this week.

This deal is likely to bring pressure to bear on other large consumer ISPs.  It does remain to be seen how the removal of broadband service from persistent pirates (to put it poetically) is handled.  This has been the one aspect of the debate that has had ISPs up in arms. They don’t want to be seen to be doing the police’s job.

The Virgin paid for model is of course different to the We7 advertising funded service discussed last week. The whole area is of a great deal of interest to many people.  My We7 posts get more hits than any other published item on this blog.  Helped no doubt by the fact that I have been giving away free We7 promotional codes :-).

If you want one let me know. I got a fresh batch in recently.

Categories
End User internet scams security

Email scams

I went in to BBC Radio Lincolnshire this morning, as is my occasional wont, this time to talk about email scams. I am not particularly a security expert but I guess being in the ISP game I would get more exposure to this than your average Radio Lincolnshire listener.

It was all about phishing emails from people after your bank account details, and especially spoof emails notionally from people you know. As a bit of background research I googled “how to hack MSN” and I was astounded to find 952,000 websites on the subject.

Similarly there was plenty on Twitter and no doubt there will be stuff out there on Facebook and others. I didn’t follow more than a couple of links and the first article had already been removed. It does certainly highlight the vulnerabilities of the web.

I get phishing email daily, mostly caught in my spam quarantine folder, and all of which get ignored/deleted. I do get some very genuine looking spam though appearing to come from reputable contacts.  In one example a business partner of Timico’s had its contact databased copied a number of years ago.  I still get spam appearing to come from this partner.  There is nothing they can do about it. The data is gone.

I have never personally met someone who has been caught out by one of these phishing attempts. Not that is until last night when a friend rang me up and during the conversation mentioned that it had only just happened to him. He was busy and stupidly responded to an email and typed in his bank account details!

Luckily for him the bank spotted an unusual transaction and refunded the cash after calling him to check. It just goes to show how easily it can happen – to the unwary.

Categories
Business online safety

CEOP ANNUAL REPORT PUBLISHED

There is nothing that engenders feeling of disgust and revulsion more than the thought of child sexual abuse. This week the The Child Exploitation and Online Protection Centre (CEOP) published its third annual report.

It is pleasing to read that CEOP has been increasingly successful with its work which is growing harder because of the proliferation of social networking websites that make it easier for adults to approach children online.

I normally don’t like to publish posts that don’t add any value to information already published and available elsewhere. In this case however the results are emotionally pleasing enough for me to simply copy some key statistsics and to help distribute the news of the good work more widely:

-139 children have been safeguarded from sexual abuse either directly or indirectly as the result of CEOP activity
-20 of whom have been identified through the examination of child abuse images.
-334 suspected child sex offenders have been arrested – for offences ranging from possession of indecent
images to rape – as a result of intelligence reports from CEOP and/or through the deployment of CEOP resources.
-82 high risk sex offender networks have been disrupted or dismantled as a result of CEOP activity.
-79 of the UK’s highest risk child sex offenders have been located as a direct result of the CEOP Centre’s
UK and Overseas Tracker Teams.
-5,686 intelligence reports have been received by the CEOP Centre – a culmination of reports through
the public’s ‘report abuse’ mechanism, from the online and mobile industries and law enforcement partners in
the UK and overseas.
-3,734 child protection professionals have attended CEOP’s specialist training courses.
-Over 25,000 teachers, trainers, police officers and youth leaders have been trained or have registered
to use the Thinkuknow programme since 2006.
-Over 4,000,000 children and young people have participated in the Thinkuknow programme delivered
to them since 2006.

I’m sure that, in the light of the issue, the staff (together with the rest of us) at CEOPs would wish the numbers were even better but heartfelt appreciation goes out to everyone involved here.  It is a hugely difficult job to have to do but, clearly from the stats, with good results.

You can read the full report here.

Categories
Engineer internet spam

Spam 2.0

I don’t know about you but I have started getting spam through Facebook. So far it isn’t the classical type of spam selling viagra etc.  I have however been getting friend requests from attractive young ladies with exotic names. 

I also seem to be inundated with notifications of rubbish that I have no interest in checking out.

I was discussing this with Dave Ward, one of our Tech Consultants, who mentioned that Fortinet have now brought out Spam2.0 filters for their firewalls.  Social Networking sites have started having their vulnerabilities exploited. 

People are getting spammed with direct messages, apparently from friends.  Facebook chat, for example, is one way used to insert worms onto someone’s PC and thence onto your network.

Fortinet has an application that allows companies to let employees access Facebook whilst blocking access to applications such as chat known to be vunerable.  Screenshot below. You might need to click a couple of times on the picture to get it to a viewable size/quality.  Also check out the recent Wikipedia article on Social Networking Spam.

spam20

PS Don’t get me wrong here.  I am a happily married man and whilst I’m sure I quite like being chatted up by nice young ladies one has to ask why complete strangers, whose interests seem to be dating and meeting members of the opposite sex, would want to approach me…