JISCMail - DATA-PROTECTION Archives

Not yet!  But I've asked for mine :)

Now I've been looking for articles on security.  This one
http://www.complianceandprivacy.com/News-stronger-is-better.asp looks
reasonably relevant.

Strong Authentication looks like the way they should be going

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Broom, Doreen
Sent: 07 February 2006 11:49
To: [log in to unmask]
Subject: Re: [data-protection] BT Suspends SMS Trial

Has BT paid up then - did you all get £25?
D 

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tony Bowden
Sent: 07 February 2006 11:42
To: [log in to unmask]
Subject: Re: BT Suspends SMS Trial

On Tue, Feb 07, 2006 at 10:55:01AM -0000, Tim Trent wrote:
> That raises an interesting point. Organisations who "accept" bills 
> tend to copy them and refuse not to do so.
> So that renders the alleged security worthless.

I was thinking about this some more, and trying to remember the times I've
had to actually call BT. Unless I'm misremembering, I don't think they've
ever asked me for any information other than my account number, and possibly
my address, (i.e. nothing that isn't clearly printed on a
bill) before discussing my account with me.

I could understand this if I was calling from my own phone line, but I
rarely even have a phone connected to that[1], so I've often called them
from the office.

So it seems the SMS service may have just the same level of security as if
you were actually to call 150 ...


Although I do remember an interesting experience once where we'd moved into
new offices, and discovered a phone socket that, when we plugged a phone
into it, appeared to be working. The company whose offices we were sharing
couldn't work out which of their numerous phone lines it might be, so I
called BT from the phone and asked "what number am I calling you from?"
(this was before 1471, and caller display etc.) They refused to tell me for
"privacy reasons". I eventually remembered the number you can dial to have
your number read back to you (17070). Always seemed strange that you can get
an automated service to tell you information that a human won't.

But judging from some of the responses BT have given people here in the last
few days, it seems that the job of BT staff is just to get rid of "problems"
as quickly as possible with whatever sounds even reasonably plausible.

Tony

[1] I only have a BT line because I need it for my ADSL.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET.
 
On entering the GSi, this email was scanned for viruses by the Government
Secure Intranet (GSi) virus scanning service supplied exclusively by Cable &
Wireless in partnership with MessageLabs.
 
Please see http://www.gsi.gov.uk/main/notices/information/gsi-003-2002.pdf
for further details.

In case of problems, please call your organisational IT helpdesk




********************************************************************
* This email is privileged, confidential and subject to copyright. *
* Any unauthorised use or disclosure of its content is prohibited. *
* The views expressed in this communication may not necessarily    *
* be the views held by Scottish Borders Council.                   *
* Please be aware that any email sent or received by the Council   *
* may require to be disclosed by the Council under the provisions  *
* of the Freedom of Information (Scotland) Act 2002.               *
********************************************************************

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^