Profile cover photo
Profile photo
Duncan Pierce
Duncan's posts

Post has attachment
Scientific American reports: "the object that exploded in a fireball over Chelyabinsk, releasing hundreds of kilotons of energy, was small potatoes."

Who knew potatoes could be so dangerous? I've put ours in the fridge as a precaution. Are astronauts properly trained to peel potatoes in low gravity? Or are these extra-terrestrial potatoes? So many unanswered questions.

Post has attachment
Spoken English translated into spoken Chinese, in real time, using synthesis of your own voice. Very impressive (I assume - Chinese not being one of my strengths). The full demo is in the last couple of minutes.

UK companies have to provide Companies House with an SIC classification for their business activities.

These range from the ridiculously specific (64110 "Central banking") through broad categories with strange exclusions (47599 "Retail of furniture, lighting, and similar (not musical instruments or scores) in specialised store") to the pointlessly general (70100 "Activities of head offices").

This year the codes have been updated, as finely illustrated by 46439 "Wholesale of radio, television goods & electrical household appliances (other than records, tapes, CD's & video tapes and the equipment used for playing them)". What code should I use for audio-visual products invented after 1982 please?

I learned all this because it's getting pretty difficult to find a sensible classification for your business. Do Dolce and Gabbana agonize over whether to choose 14141 "Manufacture of men's underwear"? Or should they go for 14142 "Manufacture of women's underwear"? (Fear not - there are codes for plenty of other layers of clothing too).

I leave you now to contemplate my personal favourites: 10730 "Manufacture of macaroni, noodles, couscous and similar farinaceous products" and, of course, 01440 "Raising of camels and camelids". Which happens a lot in the UK.

Post has attachment

Post has attachment
Russians crack down on miniature anti-Putin protesters:

"Passersby admired the display with giggles, but police took it more seriously, examining its details and writing down each placard."

A conversation with O2 Customer Services (LONG)

Welcome to O2. Someone will be with you soon.
You're through to Steve.
Steve: Hi I'm O2 : Steve. How can I help?
Duncan Pierce: I've read today O2 has been revealing mobile phone numbers to every website visited by mobile phone.
Duncan Pierce: I've also read O2's response on your blog.
Duncan Pierce: It reads like PR and downplays the seriousness of the situation.
Duncan Pierce: Is O2 going to make a more substantive response to this serious security breach?
Duncan Pierce: The second I've been affected by since being a customer
Steve: Yes. Very soon.
Steve: Duncan, Our customers privacy is the most important thing for us then anything else.
Duncan Pierce: Where and when please?
Duncan Pierce: That being the case, failing to fix the O2 wireless box security flaws the year before last for many months is a poor way of achieving it.
Duncan Pierce: I gave up and bought a Draytek router because the fix was taking so long.
Steve: I understand your concern.
Duncan Pierce: I'm not concerned, I'm outraged.
Steve: Its about millions of customer that O2 has and would like to be known as its fan. We can never let them down in anyways.
Duncan Pierce: I'm not sure how that statement helps.
Steve: We have our panel of experts working on the issue. And very soon it would be cleared in public
Duncan Pierce: Do you mean the security breach hasn't yet been fixed?
Steve: I would suggest you to visit us in twitter for the latest update on this. As far as I know there is no data that was compromised.
Duncan Pierce: News reports state that phone numbers were compromised. Are you disputing that?
Duncan Pierce: And please will you let me know what the panel of experts are working on.
Steve: Was the data compromised or not.
Duncan Pierce: News reports state that phone numbers were compromised. Are you disputing that?
Steve: I can't comment on it.
Steve: I'm fo
Steve: *I'm giving the info that has been forwarded to me.
Duncan Pierce: So the PR people have already been telling you what to say?
Steve: Well I"m sorry but you are taking things
Steve: the way you want it to be.
Steve: the conversation will go on heading no where.
Steve: *The
Duncan Pierce: "Well I"m sorry but you are taking things the way you want it to be." - I don't understand what this means. I don't think I've said anything untrue so far. If I have, please will you let me know what it is.
Steve: I would suggest you to follow us on twitter.
Duncan Pierce: Which twitter id are you using?
Duncan Pierce: Hi, are you still there?
Steve: Yes.
Duncan Pierce: Which twitter id are you using please?
Steve: We are not supposed to disclose our personal info.
Duncan Pierce: No, I mean, which twitter id should I be following to get updates from O2 as you suggested?
Duncan Pierce: Steve?
Steve: You need to use your own Id.
Duncan Pierce: No, I need O2
Duncan Pierce: 's id so I can follow
Duncan Pierce: Sorry, mistyped - I mean I need O2's twitter id so I can get the updates
Duncan Pierce: Are you still there? I keep not getting a response.
Steve: You can view it from your Id as well.
Duncan Pierce: Understood, but which twitter id are O2 publishing the updates on?
Steve: I didn't got got whwn you said you nweed O2 id.
Duncan Pierce: Never mind, I'll search for it on twitter.
Duncan Pierce: Is twitter where the panel will be announcing the outcome of their investigation?
Duncan Pierce: One other question I have is: will O2 be releasing the list of trusted partners you normally share our phone numbers with? And will we be able to opt out of any number-sharing in future?
Duncan Pierce: Steve, are you still there? I'm not getting any responses. This chat window seems really slow.
Steve: We never share our info of customers with anybody.
Duncan Pierce: It says on O2's blog that you share with "trusted partners".
Duncan Pierce: I'm asking who they are.
Steve: I've no info about that so far.
Duncan Pierce: Steve, is there a supervisor there I can talk to please?
Duncan Pierce: This is really taking a long time. Much longer than the time needed to type a response.
Steve: Let me check this for you.
Duncan Pierce: Ok thanks.
Steve: Welcome.
Duncan Pierce: Hi
Duncan Pierce: The chat window still says you're Steve
Duncan Pierce: Is anybody there?
Duncan Pierce: There's been no response for an extended period of time. I'm starting to think there's no supervisor, and that this discussion has been a wind-up.
Steve: I'm sorry just went to see if I could get a manager online but it looks like all of them are details with the same issue with other customers. So right now, I don't have any manager to get online.
Duncan Pierce: Who said "welcome" then?
Steve: As per the information that we have the partners information will not be released. We are already in talks with OFFCOM about this issue.
Duncan Pierce: I see. From a customer's perspective that's not very satisfying. You tell them about us, but don't even tell us who they are. O2 should be expecting a lot of complaints about that.
Steve: ’re in contact with the Information Commissioner's office as well.
Duncan Pierce: Will there be an opt-out?
Steve: Sorry didn't get what you mean by opt-out?
Duncan Pierce: A way to ask O2 to stop sharing my details.
Steve: No, there is no way to opt-out of that because they are some web site we have to release the information to manage age verification, which manages access to adult content, to enable third party content partners to bill for premium content such as downloads or ring tones that the customer has purchased and to identify customers using O2 services, such as My O2 and Priority Moments. This only happens over 3G and WAP data services, not wifi.
Duncan Pierce: Yes, I read that on O2's blog, but will there be an opt-out in future?
Duncan Pierce: Bearing in mind that this secret information sharing is the cause of the security breach and is not that welcome to some customers (see the comments under the blog post).
Steve: No, I don't thing so because for billing purpose the phone number needs to be released however it too early for me to comment on this issue.
Duncan Pierce: I see. Also not good.
Steve: I understand but the information on the blog is the only information that we have as of this time. Once we do get more information we will be sharing in as well.
Duncan Pierce: Ok, thanks for your help Steve. I have to say that O2's response has been slow and pretty poor. It's not the first security hole. I get the feeling O2 treats security as a public relations exercise, so I'm worried there will be other breaches in future because customer security isn't taken seriously, despite O2's claims to the contrary. Food for thought.
Duncan Pierce: Thanks once again for your assistance.
Steve: I'm sorry if I could not answer much but could share what ever information I had. You have a great day ahead.
Duncan Pierce: You too.

How satisfied are you with the chat you just had?
1 - Very dissatisfied

What made you very dissatisfied with the WebChat service you received on this occasion?
Failed to address any of my concerns and took nearly 1 hour.

Did we sort everything out for you?

Would you use this service again?

How would you have contacted us if chat wasn't available?

So we can improve our service to you, tell us how we could have done better today

You need to be be much faster. I think your advisors must be multi-tasking among a great number of customers.

Advisors need to be given relevant information so they can pass it on. Telling people to get updates on the security breach from Twitter and then not being able to say what O2's twitter id is or even understanding how twitter works is very unhelpful. Assuming all your customers want to use twitter isn't really appropriate.

Refusing to engage with the deep problems this secret information sharing and lack of security creates is very unsatisfactory. Customers don't want to hear vacuous PR phrases in response. O2 has too many security breaches, it takes too long to fix them and O2 isn't really honest about the impact for customers.

Would you say you're a fan of O2? You're delighted with us & would recommend us; you trust us and would give us a second chance? (where 1 is 'not at all' and 5 is 'absolutely')
2 - Not much

Post has attachment
O2 have been revealing your mobile phone number to every website you visit.

O2 claim "This is standard industry practice", and (page 11+) supports them [source:]. The author provides a privacy checker: - it's green for me after O2's fix so I can't say if it works.

O2's official response is here: It's a pretty vacuous piece of PR, unfortunately. I was going to comment but O2 aren't responding and I couldn't find any other way to send my comments to them so... I'm going to post them as publicly as possible.

O2 say: "Every time you browse a website (via mobile or desktop), certain technical information about the machine you are using, is passed to website owners. [...] When you browse from an O2 mobile, we add the user's mobile number to this technical information, but only with certain trusted partners."

Many people asked to see the list or be given an opt-out. So far O2 hasn't responded.

So, the "trusted partners" are so trustworthy their identities can't be revealed. But ours can, without us knowing to whom. That's a bit Orwellian.

O2: "In between the 10th of January and 1400 Wednesday 25th of January, in addition to the usual trusted partners, there has been the potential for disclosure of customers’ mobile phone numbers to further website owners."

News reports indicate that it was not just a "potential for disclosure" - phone numbers WERE being disclosed.

O2: "The only information websites had access to is your mobile number, which could not have been linked to any other identifying information we have about customers."

However, it could easily have been linked to other identifying information the visited websites have, such as your login details, your home address, which pages you visit, who your friends are, etc. It can also be used to make unwanted calls to you and send you spam text messages.

It's disingenuous to avoid mentioning that. This blog post is not a straightforward and honest attempt to answer the obvious questions. Rather, it evades them. It reads like it was written by a spin-doctor.

O2: "Why did this happen? Because of a maintenance change"

That's not actually an answer. It must surely have happened because (at a minimum):

1) O2 didn't test the new software thoroughly enough.
2) O2 didn't do enough monitoring to notice the breach until it became a news story.
3) O2 didn't encrypt the data or use surrogate data to make it impossible for non-trusted parties to read it if it was ever inadvertantly revealed.

O2 had few or no measures in place to prevent this happening. They've probably got nothing in place to prevent the next security breach either.

O2 doesn't take security seriously. I waited months for a fix for the security hole in O2 wireless boxes which allowed "drive-by" hacking by a malicious website. Several times customer services gave me a date on which the fix would be deployed, and it never was. This was despite the fix being available - they just had to deploy it! I gave up waiting and replaced my O2 router with a Draytek ADSL router in the end.

"Security through PR" ought to be O2's mission statement.
Wait while more posts are being loaded