VoIP Fraud — Technological Conventionality Achieved

VoIP has reached the mainstream. We know because the fraudsters are coming after us. Trefor.net welcomes VoIP Week guest contributor Colin Duffy, CEO of Voipfone and ITSPA Council member. VoIP merges two of the largest industries in the world: Telecommunications ($5.0 trillion) and the Internet ($4.2 trillion). It is big business. Estimates of VoIP market […]

Announcing ITSPA trefor.net VoIP security workshop sponsored by Yealink

trefor.net is teaming up with ITSPA, the Internet Telephony Service Providers’ Association, to produce a twice yearly VoIP security workshop. The first one is during the Convergence Summit South show at Sandown Park on October 8th, Read on to find out more. Announcing the ITSPA/trefor.net VoIP security workshop Telecom Fraud – Part 1 – A Case […]

Website Blocking Report

See if your website is being blocked by ISPs using the Open Rights Group (ORG) website blocking Blocked resource. Had an interesting tweet this morning from @boggits pointing me at blocked.org.uk, specifically this link. It shows, as is seen in the header screenshot, that three mobile networks: 3, O2 and EE have blocked users access to […]

Lock screen strategy – show your home phone number

Showing your home phone number on your lock screen could avoid a lot of problems if the phone is lost. I’ve always had “Tref’s phone” as text on the lock screen on my phone. Once when the phone was accidentally left on the bar at the cricket club it was returned to me immediately. V […]

Voice Fraud – You Need to Act!

Trefor.net welcomes VoIP guest contributor Simon Woodhead, CEO of wholesale voice provider Simwood. In February, we published VoIP Fraud Analysis, a white paper that details Simwood’s three years of operating a Honeypot, coloured in by many years of real-world experience servicing wholesale voice clients of all sizes and seeing them compromised. Our research has been […]

Oops – was that the red button? Nuclear near uses

Following last week’s post in which we discussed the precautions taken by Nominet to withstand nuclear attack we beginning to realise how sensible this was. A Chatham House Report Too Close for Comfort: Cases of Near Nuclear Use and Options for Policy describes thirteen incidents of near nuclear use. It’s almost like reading the notes used […]

Heartbleed – a pain in the proverbial

Big fuss doing the rounds over the Heartbleed bug. Google it. Every man and his dog1 is saying it is really bad and offering advice which basically says change your passwords oh and btw it might not make sense to change it yet because your specific service might not have patched their SSL. Now this […]

New Joules shop opens – queue remains calm, Bruce Schneier signs book

Could hardly contain my excitement walking to work this morning. A new shop has opened on Lincoln High Street! I wouldn’t have notice were it not for the fact that a woman got in my way trying to take a photo of the queue. I too like to take photos (of queues) so I reversed […]

Selling your contact information – who does it?

One of the things I’ve been looking forward to in life post Timico is having a cleaner inbox. I don’t get spam using Gmail and the platform very kindly filters most commercial mails in to a tab called “Promotions”. This I love. I do look occasionally and note that the mails are typically from rewards […]

Lloyds Bank – 2 out of 7 servers “down”

Problems with Lloyds Bank & TSB cashpounts attributed to failiure of 2 out of 7 servers by BBC. Interesting article on BBC Radio 4 Today Prog this morning. Apparently last night some Lloyds & TSB customers were unable to use their debit cards for a couple of hours or so. Not me. I was at […]

Intro & Password Pain by @LindseyAnnison

I’m grateful to Tref for leaving the corporate treadmill and embarking on this new venture.  Although he never appeared to hate, or even dislike, his day job as some others in the industry seem to (in fact, having seen him in situ in the Timico offices several times, he seemed to positively revel in it!), […]

Gmail update – Google+ comment

Got an email yesterday from Google about a change to Gmail. Everyone probably got the same mail. Certainly the mainstream media made big news of it, in the tech sections. When you are sending an email from a gmail account you will now be offered Google+ account holders as recipients of the mail. One site, […]

Eventbrite security really on the ball – Adobe hack

Had an email from Eventbrite yesterday with the subject “Keeping your account protected”. Fair play to them. Eventbrite have looked at the 3 million user name email addresses recently hacked at Adobe and cross referred them to any in use on the Eventbrite platform. They have then let the Eventbrite users with these identical email […]

Team Cymru – the correct pronounciation

On a completely different note whilst I was at the Euro-IX conference last week someone gave a talk that included something about Team Cymru. Team Cymru are a top bunch of guys in the cyber security space. However there is something that urgently needs addressing about the organisation and that is how you pronounce their […]

Government Minister responsible for leaking secrets to enemy spies?

I note that old Francis Maude, Cabinet Office minister, has taken his communications services into his own hands and  installed a WiFi connection. The Telegraph article doesn’t go into any great detail as to what the WiFi is connected to. You get the impression he has ordered a separate broadband line to his office. I […]

Is Huawei in your network a national security concern?

I am reminded that yesterday’s post on how would Huawei spy on your network has an additional dimension in the UK in that a significant chunk of BT’s 21CN infrastructure is based on the Chinese vendor’s kit. I hadn’t noticed that this hit the headlines a couple of months ago. The BT Huawei deal would […]

How to tell if a phone call is going to be a scammer

Most people have picked up scam phone call at sometime in their recent short lives. I’ve noticed that they all have similar characteristics in that when you pick up the phone there is always a second or two of silence followed by a foreign voice saying “can I speak to Mr Davies please?” (replace Davies […]

The return of the “virus on your Microsoft PC” scam #speedytechies @TeamViewer

The “you have a virus on your Microsoft PC” scam is back. I thought they had locked up the people responsible and this was dead. Like everything related to the internet crime – spam, botnets they always find a way back. I got home from work on Friday and took a call from Anna of […]

How would Huawei spy on your network?

Last week the talk was about a story about former head of the CIA and the NSA, Michael Hayden, who thinks Huawei are spying on networks that have installed their kit. Link here to the Register story though it appeared in a lot of places. One has to think about how Huawei might do this […]

Privacy on London Underground Metropolitan Line #googleglass

The Metropolitan Line on London Underground has nice newish interconnected carriages and you can walk from one end of the train to the other. As we wound our way to Kings Cross for me to catch the train back north I noticed that the carriages were making interesting snake like movements. Very artistic I thought. […]

The Fortigate100D firewall & MPLS networks

I find it profitable to sit around the development teams. Someone always says “hey Tref come and see this”. On this occasion it was a couple of Fortigate100D firewalls. Now the cynics amongst you will say so what? A firewall? What’s so interesting about that? I realise that there can be few readers of this […]

How to make your VoIP secure #fraud

It’s a pretty simple process to set up your own VoIP phone system. Google “free VoIP server” and you will find links to 3CX or Asterisk. Download their free software and install it on a computer in your office. Sign up for a few SIP trunks from an Internet Telephony Service Provider (eg Timico) and […]

How to achieve a PCI Compliant network

A lot of effort goes into achieving PCI compliance for a network. Without going into huge detail I thought some of you would like to know the type of work we had to do to get the badge. Implementation of secure LDAP cluster This consists of a master server and three read-only slaves, the master […]

The Report of the Joint Select Committee on the Draft Communications Data Bill

The Report of the Joint Select Committee on the Draft communications Data Bill was issued this morning at one minute past midnight. It’s been in the news this morning with the deputy Prime Minister Nick Clegg calling on ministers to rip up their plans and go to “back to the drawing board“. The 105 page […]

Automated spam calls to mobile – what to do

The scam business continues. Just got what I think was another PPI mis-selling call via automated call to my mobile. The originating number was 07588034908. I was expecting a call and was just trying to figure out if this was it at the same time as answering the phone so I missed the first half […]

Payment Protection Insurance – are you eligible for £7,500 compensation?

Just had a phone call from an Indian sounding gent called Harry Connor. Actually he wasn’t totally sure what his name was because when I asked him again at the end of the call he said it was Sean Connor (not sure how he spells Sean – could be Shaun or Shawn – sorry). Perhaps […]

Now where did I leave that important information? #commsdatabill

You will of course recall my recent post on Big Data in which I related how many laptops are left in the back of taxis. 10,857.14 of them every year to be precise. Well I was wrong. Not only did I underestimate how many cabs there are in London but the average number of laptops […]

your password here? oh dear! #LinkedIn

I note from the Daily Telegraph that LinkedIn has had 6.5 million passwords stolen and published on a Russian website. When did you last sort out your passwords> Have you got a password policy? Worth getting one I’d say. This is a perfect example of why we shouldn’t let the government collect data about us. […]