Security

  • MP escapes Essex for some winter scum

    The dishonourable member for Clacton, one Nigel Paul Farage, has a reputation that stretches way back to his days as a member of the European Parliament of raking in his salary and not doing the work that supposedly comes with the job of being an assembly member in a representative democratic institution.

    Indeed, as The Guardian noted over six years ago: “His voting record while a member of the influential European parliament fisheries committee is utterly dire – over three years, he turned up to one of 42 meetings“.

    He is now treating the gullible burghers of Clacton with the same contempt. He has not so far organised a single surgery for constituents citing spurious “security” concerns, on which he later backtracked.

    Furthermore, he seems to spend more time away from the House of Commons than actually in it, which might just be understandable given the frog-faced grifter earns far more money outside than his already generous MP’s salary of £91,346, according to both the press and his register of declared financial interests.

    We are all aware too that the western shore of the North Sea can be a dismal place in the heart of winter; and Nigel definitely thinks so too, as he’s just decided to put the whole of the Atlantic between himself and his constituency, as he has posted the photo below on his on-off pal Elon Musk’s apology for a social platform.

    A grinning Nigel Farage against the background of Washington DC at night
    Toto, I don’t think we’re in Clacton anymore!

    Farage is not the only right-wing British politician clogging the streets of Washington DC with their malign presence at the moment. The former MP for West Norfolk, one Mary Elizabeth Truss, whose term of office as prime minister was shorter than the shelf life of a lettuce, is also there, taking a break from sending cease and desist letters to one Keir Rodney Starmer via her lawyers.

    Post reads In DC. The new @realDonaldTrump term can't come soon enough asbove a picture of Truss dressed in red, white and blue and wearing a MAGA baseball cap
    Make America Grate Again

    The reason for this outflow of talentless right-wing (ex-)politicians? The inauguration in Washington tomorrow of the disgraced 47th president-elect of the United States, the disgraced former 45th president, insurrectionist, convicted felon, adjudicated sexual predator, business fraudster, congenital liar and golf cheat, one Donald John Trump.

    The actions of both fake man of the people Farage and Lettuce Liz remind your ‘umble scribe of moths circling a lit candle… 😀

    In other news, Farage’s party colleague, the perma-tanned Richard James Sunley Tice, the ‘businessman‘ whose smile would be gleaming as he stole your granny’s savings, is now splitting his time between his original constituency of Boston and Skegness and his new bailiwick of Dubai.

  • Irish Data Protection Commission fines Meta €251 million

    Irish DPC logoYesterday the Irish Data Protection Commission (DPC) announced its final decisions following two inquiries into Meta Platforms Ireland Limited (‘MPIL’). These inquiries were launched by the DPC following a personal data breach which was reported by MPIL in September 2018.

    New logo as Facebook morphs into MetaThis data breach involved some 29 million Facebook accounts around the world, of which approximately 3 million were based in the EU/EEA. The categories of personal data affected included: user’s full name; email address; phone number; location; place of work; date of birth; religion; gender; posts on timelines; groups of which a user was a member; and children’s personal data. The breach arose from the exploitation by unauthorised third parties of user tokens – i.e. coded identifiers that can be used to verify the user of a platform or utility, and to control access to particular platform features and to personal data of the user and their contacts – on the Facebook platform. The breach was remedied by MPIL and its US parent company shortly after its discovery.

    The DPC submitted a draft decision to the GDPR cooperation mechanism in September 2024, as required under the GDPR’s Article 60. No objections to the DPC’s draft decision were raised.

    The DPC’s final decisions list the following infringements of the GDPR:

    1. Decision 1
      1. Article 33(3) GDPR – By not including in its breach notification all the information required by that provision that it could and should have included. The DPC reprimanded MPIL for failures in regards to this provision and ordered it to pay administrative fines of €8 million.
      2. Article 33(5) GDPR – By failing to document the facts relating to each breach, the steps taken to remedy them, and to do so in a way that allows the Supervisory Authority to verify compliance. The DPC reprimanded MPIL for failures in regards to this provision and ordered it to pay administrative fines of €3 million.
    2. Decision 2
      1. Article 25(1) GDPR – By failing to ensure that data protection principles were protected in the design of processing systems. The DPC found that MPIL had infringed this provision, reprimanded MPIL and ordered it to pay administrative fines of €130 million.
      2. Article 25(2) – By failing in their obligations as controllers to ensure that, by default, only personal data that are necessary for specific purposes are processed. The DPC found that MPIL had infringed these provisions, reprimanded MPIL, and ordered it to pay administrative fines of €110 million.

    DPC Deputy Commissioner Graham Doyle commented as follows:

    “This enforcement action highlights how the failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms, including a risk to the fundamental rights and freedoms of individuals. Facebook profiles can, and often do, contain information about matters such as religious or political beliefs, sexual life or orientation, and similar matters that a user may wish to disclose only in particular circumstances. By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data.”

  • US firm fined by Dutch for illegal facial recognition data gathering

    Autoriteit Persoonsgegevens logoThe Dutch Autoriteit Persoonsgegevens (Personal Data Protection Authority) has announced today that it has imposed a fine of €30.5 mn. on the US company Clearwiew AI, as well as a non-compliance penalty in excess of €5 mn.

    Stylised facial recognitionClearview is an American company that offers facial recognition services, which has, inter alia, built up an illegal database with billions of photos of faces, including those of Dutch citizens. Furthermore, the authority has warned that using the services of Clearview is also prohibited.

    Clearview offers facial recognition services to intelligence and investigative services. Moreover, Clearview customers can provide camera images to find out the identity of people shown in the images. To this end, Clearview has a database with more than 30 billion photos of people, which it has scraped automatically from the internet and then converted into a unique biometric code per face, all without the knowledge and consent of its victims.

    According to the authority’s chair Aleid Wolfsen, “Facial recognition is a highly intrusive technology, that you cannot simply unleash on anyone in the world. If there is a photo of you on the internet – and doesn’t that apply to all of us? – then you can end up in the database of Clearview and be tracked. This is not a doom scenario from a scary film. Nor is it something that could only be done in China. This really shouldn’t go any further. We have to draw a very clear line at incorrect use of this sort of technology.’

    Clearview says that it provides services to intelligence and investigative services outside the European Union (EU) only.

    Clearwiew’s services illegal and in breach of the the GDPR

    Clearview has seriously violated the privacy law General Data Protection Regulation (GDPR) on several points: the company should never have built the database and is insufficiently transparent. It should never have built the database with photos, the unique biometric codes and other information linked to them. This especially applies to the codes. Like fingerprints, these are biometric data. Collecting and using them is prohibited. There are some statutory exceptions to this prohibition, but Clearview cannot rely on them.

    Clearview is an American company without an established presence n Europe. Other data protection authorities have already fined Clearview on various earlier occasions, but the company has not changed its conduct. For this reason the Dutch regulator is investigating ways to ensure the violations stop, including whether the company’s directors can be held personally liable for data protection violations.

    Wolfsen: ‘Such [a] company cannot continue to violate the rights of Europeans and get away with it. Certainly not in this serious manner and on this massive scale. We are now going to investigate if we can hold the management of the company personally liable and fine them for directing those violations. That liability already exists if directors know that the GDPR is being violated, have the authority to stop that, but omit to do so, and in this way consciously accept those violations.’

    Clearview has not objected to the decision and is therefore unable to appeal against the fine.

  • Crowdstrike and Microsoft – culprit identified

    The BBC reports that a massive IT outage is causing chaos around the world, affecting airports, railways, broadcasters and untold companies..

    Cyber-security firm CrowdStrike Holdings has admitted that the problem was caused by a dodgy update to its software which is allegedly designed to protect Microsoft Windows devices from hacking.

    At the same time, Microsoft has said it is taking “mitigation action” to deal with “the lingering impact” of the outage.

    Although Crowdstrike has admitted liability, social media had long since decided who was to blame and where.

    This is Alan Ferrier on Mastodon, who wins the prize for the best attribution of blame.

    Post reads: Anyone heard how Liz Truss's first day at Microsoft is going?

    Liz TrussThe disaster known as Mary Elizabeth Truss was ousted from her comfy job misrepresenting the long-suffering burghers of Norfolk at the 4th July election. She was recently seen at the extreme right-wing Republican National Convention in Milwaukee, where the perpetual victim, one Donald John Trump, has been anointed its presidential candidate despite his being a convicted felon 34 times over, confirmed business fraudster, document thief, adjudicated sexual predator, congenital liar, oath breaker and golf cheat.

  • Election special: Tories pretend to be HMRC

    There’s only a week to go until the vote for the Untied Kingdom’s general election to end 14 years of Tory misrule will be taking place.

    A wipeout of Conservative members of parliament has been/is being widely predicted, which will give the opposition Labour party what is now being erroneously called a supermajority. For the sake of clarity, a supermajority is a otherwise known as a qualified majority. Older readers may recognise that what is being actually being talked of is in fact a phenomenon known as an elective dictatorship, a thumping great parliamentary majority that makes political opposition little more than tokenistic, a subject tackled by Quintin Hogg in his 1976 Richard Dimbleby Lecture.

    As is usual, this general election has seen its fair share of bad behaviour, which was first documented by the likes of William Hogarth in the mid-18th century.

    Chairing the Member from William Hogarth's 1755 Humours of an Election series. Image courtesy pf Wikimedia Commons.
    Chairing the Member from William Hogarth’s 1755 Humours of an Election series. Image courtesy of Wikimedia Commons.

    The most egregious bad behaviour so far in the current campaign has been the Conservative election betting scandal, which has so far implicated 15 Tory candidates and officials who are being investigated by the Gambling Commission for using inside knowledge to place bets and gain unfair pecuniary advantage.

    However, more bad behaviour by the Blue Team was uncovered earlier today by Alan Beattie who writes opinion pieces for the Financial Times, namely impersonation, trying to pass themselves off as a different organisation, in this case HMRC.

    Mr Beattie has today posted the following on the social media site formerly known as Twitter.

    Post reads Government: make sure you don't fall for phishing scams from people doing fake HMRC letters. Conservatives: here's election material made to make you think it's an HMRC letter.

    Mr Beattie’s post contains 2 screenshots, the first of which is from the HMRC section of the government’s website, informing visitors what to look out for in genuine content and/or information from the tax authorities.

    Screenshot of HMRC spot the scam web page

    The other screenshot shows a letter to small businesses from the Conservative Party and purporting to come from an organisation calling itself Briefing for Business. Anyone who has been in communication with the tax authorities will immediately notice how the letter mimics the fonts, layout and colours used by HMRC. The giveaway is that all party political materials must bear an imprint indicating who is responsible for publishing the material and for whom they’re promoting it.

    Screenshot of post from Conservatives showing letter to business mimicking fonts, style and colours used by HMRC in correspondence

    Your ‘umble scribe is aware that in the past political parties have passed themselves off as their opponents in election materials in an attempt to discredit them, but this is the first time he can remember a party trying to mimic a government department; if you know differently, please post details in the comments below.

    And finally…

    Don’t forget to vote and never forget that the emphasis on Conservatives is on the first syllable, i.e. con. 😀

  • MoD: you have Mali!

    Mali flagToday’s Guardian reports that civil servants at Whitehall’s Ministry of Defence (MoD) inadvertently sent classified emails intended for the United States military to Mali.

    How did this happen? Email addresses for the US military come under the .mil TLD. By omitting the letter i from this TLD, one is left with the two letter country code top level domain .ml, denoting Mali.

    To cover its blushes from this glaring example of digital dyslexia, the Ministry has commented as follows:

    We have opened an investigation after a small number of emails were mistakenly forwarded to an incorrect email domain.


    We are confident they did not contain any information that could compromise operational security or technical data.

    All sensitive information is shared on systems designed to minimise the risk of misdirection.


    The MoD constantly reviews its processes and is currently undertaking a programme of work to improve information management, data loss prevention, and the control of sensitive information.

    Whitehall is currently illuminated bright red by all the embarrassed faces lurking behind all the impressive military statues of senior dead white squaddies fronting its main building in SW1.

    Maybe such a cock-up would not have happened had the ministry’s civil servants paid proper attention to what they were typing on their email clients instead of constantly reviewing their processes!

  • 50 years on

    In October 1973, a large cohort of (mostly) young people aged 17-19 left their homes with varying levels of street wisdom under their belts and dampness behind the ears (not to mention essential life skills such as being able to manage money and cook. Ed.) to embark on something that was going to change their lives for ever – studying the BA Modern Languages course at Wolverhampton Polytechnic, now the University of Wolverhampton, a matter that was going to occupy us for the next four years until the summer of 1977.

    Just shy of 50 years later, twenty-two alumni plus partners (including some who are also Wolverhampton veterans. Ed.), some travelling from as far away as New Zealand, and seven of our lecturers all assembled for a significant anniversary celebration back in the city that grew up around the site of an abbey dedicated to St Mary founded by Wulfhere of Mercia in 659 and in which they studied from 1973 to 1977.

    BA Modern Languages 1973-77 50th reunion group photo
    Alumni, lecturers and partners stand back from the bar. Photo courtesy of Paul, edited by photography wizard Tim.

    The hair may be greyer or diminished in luxuriance, the limbs less lissome, the waistlines somewhat stouter, but the same personalities still shine through the physical changes and laughter and good times prevailed as they did all those decades ago, even though some of the party had not seen each other for over 45 years instead of the 5 years since the last reunion.

    This time your ‘umble scribe travelled up to Wolverhampton on Friday afternoon; and it proved to be worth the effort, allowing plenty of time to settle in and relax instead of the mad rush of arriving on the day and then scrabbling to get ready in time before sitting down to meat. After a meal and a couple of lemonades at nearby hostelries, it was back to the hotel where we kept the barman busy serving us brown beverages of various shades.

    Saturday dawned far too early, but any lack of sleep was cured by an excellent breakfast, assisted by the excellent company. At lunchtime, a small party gained access to the room where our revels were to take place, to decorate it, sort out the seating plan and ensure that the music and visuals worked properly.

    Two o’clock on a warm Saturday afternoon saw a large group of alumni assembled in front of the oldest part of the university – known as The Marble for a campus tour led by David from the Alumni Office. Since our time, many of the university building that we remember have been demolished and replaced by more modern facilities. Long gone are the wooden huts and the perishing cold St Pater’s Hall (which the the polytechnic shared with a vegetable wholesaler. Ed.) Part of the tour took in secure parts of the campus and for this we were joined by David from security who’s worked for the university for nearly two decades. His tales of student high jinks revealed very little has changed over the decades/generations. Finally, any Wolverhampton Polytechnic/University of Wolverhampton alumni who have not provided their contact details to the Alumni Office or need to update them can do so here, whilst back copies of the alumni magazine can accessed online too.
    Alumni on tour with Dave from security. Photo credit: David from the Alumni Office.

    The traditional Saturday night celebratory meal saw new directions and a new dimension. Firstly, the usual disco was dispensed with and replaced with Sheila’s Spotify playlist as background music. This meant there was no need to SHOUT TO HOLD A CONVERSATION. 😀

    Secondly, much mirth and merriment was occasioned by the presence of an inflatable Selfie Station photo booth complete with props – silly hats, inflatable musical instruments and the like.

    Last but not least, your ‘umble scribe had volunteered to compile a video slideshow. Comprising mostly photos from our student days, this 32 minutes’ long movie was played on loop throughout the meal until coffee was served and we reached the speeches slot. For the nerds, the slideshow was compiled with Imagination, “a lightweight and easy to use slide show maker” for the Linux and FreeBSD operating systems. Similar software is available for other, more common operating systems. Those whose photos were not used will be pleased to hear there is mofre than enough material for another slideshow for the 50th anniversary of our graduating in 2027.

    Feedback on the meal itself was most appreciative and it was possibly the best our gatherings have enjoyed to date.

    With coffee served, it was speech time, with former assistant head of department Alan on his hind legs for a few well-chosen and thought-provoking words. These ranged from the benefits of a period of residence abroad, including not only gains in maturity, but also finding common ground with one’s hosts, primitive hygiene arrangements in 1960s Spain, the difficult relationship of Britain with the rest of Europe and the continuing need to teach and study other languages in a world where English in the de facto lingua franca.

    Once the applause died away, MC Dave leapt up to respond and in amongst the anecdotes of student life during our mandatory year abroad, which featured broken sanitary fittings and a visiting England rugby league team, he found time to propose a heartfelt toast and tribute to absent friends – both staff and students – who had not survived to join our revels that weekend. Many remarked afterwards that Dave is a natural public speaker, so well done mate!

    Celebrations continued well into the small hours on that warm and sunny June evening with the moon and stars shining down before it was finally time for bed.

    All in all it was a brilliant weekend and my gratitude goes out to all my fellow attendees for their kindness, generosity and company. We now have a couple of years off until planning for the next event needs to start.

    Thanks to…

    Of course, events don’t happen of their own accord and a fair bit of time was spent planning in various Zoom sessions. Your correspondent would like to express particular thanks to the following:

    • Sheila, Paul & Gwenda for the bulk of the organising;
    • Sheila (again!) for the Saturday evening playlist;
    • Whoever arranged the flowers for Paul and Gwenda;
    • Dave for relieving Paul of master of ceremonies duties;
    • Alan for his speech;
    • Jill for her exhibition of course paperwork and photographs;
    • Jane for liaising with the alumni office and arranging the university tour; and last but not least
    • Anyone who bought me a drink! 😀
    Final bouquets and brickbats

    First the bouquets. Your ‘umble scribe is indebted to: the staff and management of The Mount Hotel for being so welcoming and accommodating (the food was excellent! Ed.); the Westacres for feeding nineteen of us on Friday evening; the Swan Inn for their splendid draught Banks’s Mild and idiosyncratic urinals; David of the Alumni Office and David of security for the university tour; the weather gods for their lack of wrath; and finally, the good folk of Wolverhampton for filling my ears with the music of the Black Country accent and dialect.

    Brickbats (so no links. Ed.) are awarded to: Cross Country Trains, First Great Western, London Northwestern Railway and Network Rail for making the British Railways Board of yore appear a model of efficiency and punctuality. Other attendees who endured railway hell are invited to add the names of the guilty parties in the comments below.

  • Facebook’s parent company fined €1.2 bn. for GDPR breach

    New logo as Facebook morphs into MetaMeta, the parent company of social media platform Facebook, has been fined a record €1.2 bn. by Ireland’s Data Protection Commission (DPC) in relation to breaches of the European Union’s General Data Protection Regulation (GDPR) in respect of user data transfers from the EU to the USA, Irish broadcaster RTE reports.

    The company has been given five months to implement changes to such data transfers.

    The DPC said Meta had infringed the GDPR by continuing to transfer EU user data to the US despite a ruling by the European court of justice requiring strong protection of such information, adding that the data transferred by Facebook under a measure called standard contractual clauses “did not address the risks to the fundamental rights and freedoms of data subjects that were identified by the [European Court of Justice] in its judgment”.

    Meta has said it will appeal the decision, as well as commenting that it was disappointed to have been singled out when using the same legal mechanisms as thousands of other companies providing services in Europe.

    The EU and the USA have agreed a new data transfer framework which is expected to be in place later this year.

    This is the largest ever fine levied in the EU for a privacy breach. The previous record penalty of €746 mn was imposed on Amazon in 2021.

  • Firefox Focus – first impressions

    Your ‘umble scribe is a great fan of the free and open source Firefox web browser and has been using the desktop version since version 0.x many years ago. One of its major attractions has been its emphasis on security and privacy.

    Until recently it was also the default browser on my smartphone, until I discovered Firefox Focus. Firefox Focus is a free and open-source privacy-focused mobile browser based on Firefox which is available for Android and iOS devices. First released in December 2015, it was initially a tracker-blocking application for mobile iOS devices, but was developed into a minimalistic web browser shortly afterwards.

    Firefox Focus iconAccording to Mozilla, Firefox Focus is a dedicated privacy browser with automatic tracking protection. meaning web pages load faster and your data stays private. It’s also easy to delete history, passwords and cookies, so advertisers and other ne’er-do-wells don’t follow you around online. Just tap the erase button on the search field and all that data is gone. Tracking protection is also very strong. The browser blocks a wide range of common trackers by default, including social trackers and those sticky ones that come from things like Facebook ads.

    After using Firefox Focus for one week, I can say I’m impressed with the way it works. Although it required me to learn how to use tabbed browsing (hint: hold down a link in your search results and a menu appears, offering the option to open the link in a new tab. Ed.), once that was cracked, I was away. As for fast page loading, that’s not disappointing either, even on notoriously slow-loading sites, like that of Bristol City Council, which still seems to be powered by a horse turning a shaft in the basement of the Counts Louse (which some call City Hall. Ed.). 😉

    If you value your privacy and security, I’d recommend Firefox Focus on your mobile device.

Posts navigation