Comments on: Is it my fault? http://www.kryogenix.org/days/2008/01/09/is-it-my-fault scratched tallies on the prison wall Mon, 01 Dec 2008 20:36:09 +0000 http://wordpress.org/?v=2.6.5 By: philwilson.org » Blog Archive » Safeguarding our data http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104983 philwilson.org » Blog Archive » Safeguarding our data Sun, 20 Jan 2008 23:02:08 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104983 [...] Langridge recently asked a question along the lines of "Is it my fault if I make some piece of information public, and [...] [...] Langridge recently asked a question along the lines of "Is it my fault if I make some piece of information public, and [...]

]]> By: Michael Moncur http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104326 Michael Moncur Fri, 11 Jan 2008 00:39:59 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104326 I think "is it your fault" is an interesting question, but that's a matter of ethics or philosophy. To me the question is, "is there anything you could have easily done to prevent it?" and the answers in all three cases are "yes". Stuart's right, with openness comes responsibility. I think “is it your fault” is an interesting question, but that’s a matter of ethics or philosophy.

To me the question is, “is there anything you could have easily done to prevent it?” and the answers in all three cases are “yes”.

Stuart’s right, with openness comes responsibility.

]]> By: Scott James Remnant http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104242 Scott James Remnant Wed, 09 Jan 2008 17:06:49 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104242 Sure, he made his sort code and account number public, and the banks tell you not to do that. But that's complete arsegravy, at least where Barclays are concerned. Take a look at your bank cards, they have your name, sort code and account number written on them. Likewise so do your cheque books and paying in slips. And if that weren't enough, Barclays helpfully ensure every single letter they send you has your name, address, sort sode and account number written on them. It's tiresomely easy to obtain enough information to do this, none of it is private. For any other kind of transaction with the account, a "secret" is involved; be it a pin number, three digits on the back of the card or some of the letters of an extra password for online transactions. Even in-person withdrawls need additional identification, usually a drivers licence or passport. Yet no secret information is required to set up a Direct Debit. It's all public. Consider this example: I don't know about you, but our postman suck and maybe once a month or so, we'll get someone else's letters or someone on our street will helpfully pop round with one of ours. If they're not very honest, and they see it's a letter from Barclays, they might decide to open it instead. They now have all of my bank details necessary to set up a Direct Debit in my name. Ah the bank will say, only reputable companies are part of that scheme and they all obey the "Direct Debit Guarantee". No normal person on the street can just take money out of my account by direct debit. Maybe not, but they can still profit by it. Maybe that postman delivered a final warning reminder bill from NPower along with my post? Looks awfully tempting to the naughty people, that. They can pop onto the NPower website, tap in the details, and hey presto; I've now paid for their electricity bill. I won't even receive a courtesy letter to let me know the direct debit has been set up, the first I'll know about it is when I read through a statement -- probably to try and find out why I have less money than I thought I had. At least the Direct Debit Guarantee is there to protect us, right? Hah! Anyone who believes that has clearly never had to try and deal with a bank when things go wrong. Only a couple of months ago, I had to read out the Direct Debit Guarantee to a member of Barclay's complaints department when they refused to refund an incorrect payment -- they said I had to get the refund for it (and a refund for Barclay's own charges) from the originating company. This is a direct contradiction to the guarantee, and their own exact words were "we aren't bound by the Direct Debit Guarantee". Sure, he made his sort code and account number public, and the banks tell you not to do that. But that’s complete arsegravy, at least where Barclays are concerned.

Take a look at your bank cards, they have your name, sort code and account number written on them. Likewise so do your cheque books and paying in slips.

And if that weren’t enough, Barclays helpfully ensure every single letter they send you has your name, address, sort sode and account number written on them.

It’s tiresomely easy to obtain enough information to do this, none of it is private.

For any other kind of transaction with the account, a “secret” is involved; be it a pin number, three digits on the back of the card or some of the letters of an extra password for online transactions. Even in-person withdrawls need additional identification, usually a drivers licence or passport.

Yet no secret information is required to set up a Direct Debit. It’s all public.

Consider this example:

I don’t know about you, but our postman suck and maybe once a month or so, we’ll get someone else’s letters or someone on our street will helpfully pop round with one of ours.

If they’re not very honest, and they see it’s a letter from Barclays, they might decide to open it instead. They now have all of my bank details necessary to set up a Direct Debit in my name.

Ah the bank will say, only reputable companies are part of that scheme and they all obey the “Direct Debit Guarantee”. No normal person on the street can just take money out of my account by direct debit.

Maybe not, but they can still profit by it.

Maybe that postman delivered a final warning reminder bill from NPower along with my post? Looks awfully tempting to the naughty people, that.

They can pop onto the NPower website, tap in the details, and hey presto; I’ve now paid for their electricity bill.

I won’t even receive a courtesy letter to let me know the direct debit has been set up, the first I’ll know about it is when I read through a statement — probably to try and find out why I have less money than I thought I had.

At least the Direct Debit Guarantee is there to protect us, right? Hah! Anyone who believes that has clearly never had to try and deal with a bank when things go wrong.

Only a couple of months ago, I had to read out the Direct Debit Guarantee to a member of Barclay’s complaints department when they refused to refund an incorrect payment — they said I had to get the refund for it (and a refund for Barclay’s own charges) from the originating company. This is a direct contradiction to the guarantee, and their own exact words were “we aren’t bound by the Direct Debit Guarantee”.

]]> By: sil http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104236 sil Wed, 09 Jan 2008 15:52:00 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104236 Phil: to some extent, yep. However, you, Phil Wilson, can't independently and autonomously decide to not participate, and this is a problem; these issues need to be fixed by large-scale public debate and challenge. This is why I'm a member of the Open Rights Group, and why I've written to my MP to try and persuade her to persuade the Government that big government-owned databases are a bad idea. I suspect you have too, on a similar subject. Phil: to some extent, yep. However, you, Phil Wilson, can’t independently and autonomously decide to not participate, and this is a problem; these issues need to be fixed by large-scale public debate and challenge. This is why I’m a member of the Open Rights Group, and why I’ve written to my MP to try and persuade her to persuade the Government that big government-owned databases are a bad idea. I suspect you have too, on a similar subject.

]]> By: http://philwilson.org/id/ http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104234 http://philwilson.org/id/ Wed, 09 Jan 2008 15:24:44 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104234 What about where your details are published by a third party and subsequently put into the public domain? Take for example the recent government fuckup with the personal details of junior doctors or the magical disappearance of the HMRC CDs? Are these just to be expected because we've delegated ownership of our data to a third party? What about where your details are published by a third party and subsequently put into the public domain? Take for example the recent government fuckup with the personal details of junior doctors or the magical disappearance of the HMRC CDs?

Are these just to be expected because we’ve delegated ownership of our data to a third party?

]]> By: Nermal http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104212 Nermal Wed, 09 Jan 2008 13:28:00 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104212 Going back to the ipod being stolen example - I wonder, if the owner had bought all the music on it from say, itunes, would the thief also be able to be charged under copyright / intellectual property laws for 'stealing music'..? Going back to the ipod being stolen example - I wonder, if the owner had bought all the music on it from say, itunes, would the thief also be able to be charged under copyright / intellectual property laws for ’stealing music’..?

]]> By: Giacomo http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104208 Giacomo Wed, 09 Jan 2008 12:58:22 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104208 I agree on principle, but it has to be stressed that it's a *trade-off* situation, not a "either/or". Police and government are still responsible for avoiding that the streets get infested by hordes of would-be muggers. I agree on principle, but it has to be stressed that it’s a *trade-off* situation, not a “either/or”. Police and government are still responsible for avoiding that the streets get infested by hordes of would-be muggers.

]]> By: pscoop http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104206 pscoop Wed, 09 Jan 2008 12:53:28 +0000 http://www.kryogenix.org/days/2008/01/09/is-it-my-fault#comment-104206 I tend to agree but I think you have to be careful with this train of thought other wise you could get into "if you dress like a slut, you're asking to get raped" or vigilante territory - I'm not suggesting that is what you're saying, but it's a fine balance. And remember bad things can happen even if you are prudent and take responsibility for your life. Anyway, on a lighter note, someone pointed me to this Mitchell and Webb piece about identity theft, http://youtube.com/watch?v=CS9ptA3Ya9E I tend to agree but I think you have to be careful with this train of thought other wise you could get into “if you dress like a slut, you’re asking to get raped” or vigilante territory - I’m not suggesting that is what you’re saying, but it’s a fine balance. And remember bad things can happen even if you are prudent and take responsibility for your life.

Anyway, on a lighter note, someone pointed me to this Mitchell and Webb piece about identity theft,

http://youtube.com/watch?v=CS9ptA3Ya9E

]]>