UK ISPs now automatically refund customers £8 a day for Internet outages
Getty Images | Mario Gutiérrez.
Internet service providers in the United Kingdom now automatically refund customers for outages in landline phone and broadband service, and also for missed appointments or delays in starting new service.
When a customer’s landline or Internet service goes out and is not fully fixed within two business days, an ISP will issue £8-per-day refunds, according to UK telecom regulator Ofcom.
“You will receive an initial £8 if the service is not fixed two full working days after you report it, and then £8 for each full day it is still not fixed after that,” Ofcom said.
Refunds will be £25 for each missed appointment, specifically when an engineer doesn’t show up for a scheduled appointment or when the appointment is canceled with less than 24 hours’ notice. There will also be £5-per-day compensation when a provider fails to start up new service on the promised installation date.
The new guidelines took effect yesterday, Ofcom announced. They’re part of a voluntary industry code, but ISPs serving more than 95 percent of UK customers have committed to the new guidelines. Ofcom frequently pushes ISPs to sign up for voluntary guidelines while warning that it may impose regulations if ISPs don’t live up to their promises.
“If a customer loses service from 1 April, they will simply have to report the fault to their provider,” Ofcom’s announcement said. “They do not then need to ask for compensation, as providers will start paying out automatically if the repair takes too long.”
No such guarantees exist in the US, either by voluntary code or regulation.
Ofcom said it “will carefully monitor companies’ compliance with the compensation scheme, and report on how it is working next year. If customers are not being treated fairly, we will step in and take action.”
ISPs could pay £142M a year
BT, Sky, TalkTalk, Virgin Media, and Zen Internet were the first ISPs to sign up for the UK’s new refund scheme. Hyperoptic and Vodafone agreed to it more recently and “will start paying compensation automatically later this year,” Ofcom said. EE signed on but won’t start paying compensation automatically until next year. Plusnet also committed to providing the automatic refunds, but the Ofcom announcement didn’t say when that provider will do so.
Ofcom found that only about one in seven customers who suffered delayed repairs or installations, or missed engineer appointments, received compensation, “and even then, only in small amounts.”
“Ofcom figures suggest there are 7.2 million cases each year where broadband or landline customers suffer delayed repairs, installations or missed appointments,” the regulator said. “Financial compensation, totaling around £16 million, is currently paid out in 1.1 million of these cases. We estimate people receive an average of £3.69 per day for loss of service and £2.39 per day for delayed installations.”
Under the new guidelines, Ofcom said providers would pay out £142 million a year if they don’t improve their service.
The refunds apply to fixed broadband and landline telephone services only for residential customers and small businesses that buy residential packages. “Our analysis indicates that the number of mobile customers likely to lose service for more than 24 hours is low, and mobile customers generally receive more compensation than broadband and landline customers,” Ofcom said.
It took two years for the automatic compensation scheme to be implemented, as Ofcom first proposed it in March 2017. Ofcom originally proposed to require £10-per-day refunds for outages but lowered the amount to £8 and agreed to a voluntary code instead of a requirement.
In October 2017, Ofcom proposed changes to an industry code that lets Internet customers exit contracts without penalty when broadband providers fall short of their advertised speeds. Those changes were designed to improve the accuracy of speed information provided to customers before they sign up for broadband, letting customers exit a contract if ISPs fail to provide a minimum guaranteed speed. That new guideline took effect on March 1 this year.
For mobile, Ofcom is implementing new guidelines to make it easier to switch carriers starting July 1.
https://arstechnica.com/?p=1485029
British Microsoft, Nintendo hacker given 18 month sentence
Two men were given suspended prison sentences in a London court yesterday after entering guilty pleas to hacking charges that saw both Microsoft and Nintendo breached (via the Verge, the Evening Standard).
Zammis Clark, now 24, broke into a Microsoft server in early 2017 and for about three weeks had access to part of Microsoft’s network. He copied some 43,000 files relating to as-yet unreleased versions of Windows, accumulating substantial information about build numbers, code names, and unreleased products. He subsequently shared access to the servers with others over IRC.
One of those others appeared alongside Clark in court: Thomas Hounsell, now 26, performed numerous searches for product information over a 17-day period. Until earlier this year, Hounsell operated BuildFeed, a site tracking internal Windows build numbers and releases, even those that were not made public.
Microsoft estimated that recovery incurred costs of around $2 million.
Both men were arrested in June 2017 after Clark installed malware on one of the Microsoft machines. They were released on bail with no restrictions on their computer usage. After his release, Clark turned his attention to Nintendo, and in March 2018, he broke into development servers and stole 2,365 sets of account credentials before eventually being discovered in May 2018. Nintendo estimated that recovery from the hack cost some £1.4 million ($1.8 million).
This was not Clark’s first run-in with law enforcement; he had been arrested in 2015 for hacking into toymaker VTech. On that occasion, however, he received only a police caution, as VTech didn’t want to cooperate in any prosecution.
At the time of his arrest in 2017, Clark was a security researcher working for Malwarebytes, and made the hacks from his family home.
Clark was given a 15 month prison sentence, suspended (or delayed) for 18 months. So as long as he stays out of trouble for the next year and a half, he won’t have to spend any time inside. At sentencing, Judge Alexander Milne QC said he was spared a custodial sentence because of the efforts made by his parents—his mother has quit her job so that she can aid his rehabilitation and supervision—and reports that he would suffer unduly in prison due to a combination of autism and face blindness. Hounsell was sentenced to six months in prison, also suspended for 18 months, and 100 hours of community service.
Le infrastrutture della Rete sono vulnerabili ad attacchi e abusi. Ma per cambiare le cose serve un intervento complessivo a tutti i livelli.
Buone pratiche, policies adeguate e controlli attraverso software di sicurezza sono elementi indispensabili per proteggere i dati ed evitare furti di informazioni. In alcuni casi, però, tutti questi strumenti non sono sufficienti a evitare che dati e informazioni riservate finiscano sotto gli occhi di chi non dovrebbe metterci sopra le mani.
Il problema è che, quando il dirottamento dei dati avviene a un livello più “alto”, i singoli soggetti non possono fare nulla per impedire che questo avvenga. È il caso, per esempio, del DNS poisoning, cioè degli attacchi che prendono di mira i server DNS a cui è deputato il compito di indirizzare il traffico a livello di sistema.
La loro struttura, basata su un sistema “a piramide”, non prevede alcun sistema di autenticazione sufficiente a impedire che un attacco a questo livello possa portare al dirottamento e la cronaca recente ha mostrato numerosi casi (principalmente legati al furto di cripto-valute) in cui i cyber-criminali sono riusciti a fare leva sull’architettura dei server DNS per mettere a segno colpi clamorosi.
Il mese scorso, come abbiamo raccontato su queste pagine, l’abuso dei sistemi DNS ha permesso a ignoti hacker (che secondo FireEye potrebbero avere legami con il governo iraniano) di rubare le credenziali di numerosi account di posta elettronica collegati ad aziende ed enti pubblici.
Teoricamente, attacchi come questi potrebbero essere bloccati (o per lo meno mitigati) attraverso l’uso di tecniche come le Domain Name System Security Extensions, che prevedono l’uso di un sistema di signature crittografiche per verificare l’autenticità delle informazioni trasmesse. Sono ancora poche, però, le organizzazioni che si sono dotate di sistemi del genere.
Lo stesso ragionamento vale per quanto riguarda BGP (Border Gateway Protocol), il sistema di smistamento dei dati che li indirizza tra le varie reti.
In questo caso il punto debole è rappresentato dal fatto che il routing dei dati è affidato a un sistema che si basa, essenzialmente, sulla fiducia reciproca tra gli operatori. In caso di anomalie (come accadde nel 2017 quando il traffico relativo a transazioni finanziare sono finite non si sa come in Russia) diventa addirittura estremamente difficile capire se si tratti di un errore tecnico o di un attacco vero e proprio.
Anche in questo caso la soluzione potrebbe passare per un sistema di autenticazione applicato a ogni livello di Internet, ma la loro efficacia è legata al raggiungimento di una “massa critica” che consenta di avere continuità nella verifica della trasmissione dei dati.
Insomma: siamo di fronte alla classica situazione in cui la necessità di un intervento è evidente a tutti, ma nessuno vuole essere il primo a impegnarsi (e investire) in un’impresa che per i suo successo richiede un’ampia partecipazione.
Stiamo parlando infatti di modifiche architetturali che, in molti casi, richiederebbero la sostituzione di componenti hardware (i router utilizzati dai provider) e, di conseguenza, dei costi piuttosto elevati.
A muoversi, per il momento, sembrano essere più che altro i governi. Qualche esempio? Nel Regno Unito l’iniziativa è stata presa dal National Cyber Security Center, che ha recentemente annunciato di aver avviato una “interlocuzione” con i provider nazionali per irrobustire BGP.
Il problema però rimane: fino a quando queste iniziative (con tutti i dubbi legati ai reali intenti che le muovono) rimarranno isolate e autonome, un vero cambio di passo a livello globale rimane lontano.
Explore the role colour can play in making us feel better, see a pioneering mobile clinic designed to provide adaptable healthcare in emergency situations and examine the history and continuing reality of how we design for health.
Most broadband providers in the UK “have been forced to cut the headline speeds they advertise when selling deals” because of new UK rules requiring accurate speed claims, according to a consumer advocacy group.
“Eleven major suppliers have had to cut the advertised speed of some of their deals, with the cheapest deals dropping by 41 percent,” the group wrote last week.
The analysis was conducted by Which?, a brand name used by the Consumers’ Association, a UK-based charity that does product research and advocacy on behalf of consumers.
Hong Kong-born, UK-based artist Nora Fok creates wearable textiles inspired by science and math, using nylon microfilament. Hand-woven, knitted, braided and knotted, a single piece can take weeks to finish! See more of Fok’s ethereal work below or on display at the Cooper Hewitt Smithsonian Design Museum in New York City until May 28th. Spotted this over on Colossal.
I’m a nuclear armageddon survivor: Ask me anything
It’s Thanksgiving week in the US, and most of our staff is recovering from food and family rather than a Friday at the office. As such, we’re resurfacing this story of visiting old nuclear bunkers in the UK (you know, in case you need a break from family this weekend). This story originally ran on November 19, 2015, and it appears unchanged below.
Press events are usually decadent affairs of food, drink, and well-dressed executives in up-market hotels. Not this one. A small number of journalists including your correspondent were dumped at dusk in a wet field in the Essex countryside, given blue boilersuits and a small knapsack containing bottle-tops and leaflets, and told to await developments. As most press events don’t ask for disclosure of any medical conditions, nor involve signing a waiver against accidents, those developments were unlikely to be pleasant.
But then, it’s rarely pleasant after a nuclear war. In honour of the launch of Fallout 4, set in the aftermath of virtual atomic conflict, we were about to be taken into an ex-government, ex-secret nuclear bunker and trained to survive the apocalypse. Not the zombie kind, which has of late spawned an entire industry of movies, games, and survival books, but the real thing, which hasn’t.
You probably haven’t thought nearly as much about atomic weapons as you have about zombies. That’s odd. Zombies don’t exist, while on the other hand there’s a nuke programmed with your postcode sitting in a bunker right now (see “Atomic Weapons: A Consumer’s Guide” later in this story for more details). The real apocalypse could be four minutes away from now. Really.
If a nuke lands near your house, rather than on top of it, we figured you’d like some tips on how to survive the apocalypse.
The intrepid band of would-be nuclear apocalypse survivors trek out into the countryside to find the bunker.
There’s now a rather large radio mast right on top of the bunker.
The bunker is deeeeep underground.
The main communications centre has plenty of screens and keyboards, but almost no computers. These are telex machines; electronic rather than electro-mechanical, but still recognisably the same idea that linked RAF Fighter Command to men with binoculars during the Battle of Britain.
Step one: Find a bunker
Here, we were lucky: a bunker had been provided. Kelvedon Hatch is an underground, three-floor complex built in the early 1950s with its own power, water, and filtered air conditioning. Disguised as a hill with a bungalow on top, the deception is somewhat marred by a huge radio mast. The bunker saw various uses, most notably as a regional HQ for government in the event of the big one, before being sold off in the 1990s with most of its accoutrements intact.
Fully stocked, it can support up to six hundred people for up to three months. Those supplies are important: the first thing we learned was that you will die from dehydration in about three days or from starvation in three weeks. If you don’t have safe sources of food or water, you can drink your own urine (or, indeed, someone else’s) up to three times before it becomes toxic. Muscle meat from apparently healthy animals may be safe, but not other parts. Anything exposed, gritty, or dirty is very unsafe. Tinned food, if you can find it, is your best bet, and you can use living plants to filter water simply by putting their roots in it—rhizofiltration. Species like sunflowers are amazingly efficient at absorbing contaminants from the environment, but it can take weeks.
You’re better off in the bunker. Not just because that’s where the food is, but because it can keep others out. One of the first effects of nuclear warfare, and one that can hit before the bombs, is a breakdown in law and order as people try to self-evacuate from cities to the safer parts of the country—deep rural areas like northern Scotland and remote Wales. The roads will clog, petrol will run out as supply chains collapse, food supplies will be hoarded, and violence will break out.
We know this because the UK government ran three exercises in the late ’70s and early ’80s called Scrum Half, Square Leg, and Hard Rock, positing attacks of around 100-200 nuclear warheads. The results were a massive breakdown in infrastructure, starting as international tensions rose, and “vast destruction, enormous casualties and widespread chaos” as the bombs fell, with easily more than half the population dead in the first few days after the actual attack.
Anyone left will probably want to eat you. Get in the bunker.
During attacks, information coming in over the wires was to be marked up on giant sheets of perspex with chinagraph pencils. Crude but effective, it’s proof against electromagnetic pulse, power failures, hackers and the server going down.
When a nuke goes off, you want simple tech that won’t be disrupted by EM radiation.
A highly useful lecture on why everyone would die if there was actually a nuclear war.
We were taught some useful skills that would, in theory, increase our chances of being welcomed into a nuclear bunker, rather than being left out in the cold to die of radiation sickness.
Step two: Stay in the bunker
Once you’re in the bunker—stay there. Assuming you haven’t been injured by the heat flash, initial radiation, or blast wave from a nuclear strike, your next major problem is fallout: the now-radioactive soil and other materials pushed into the air by the blast. Alpha radiation isn’t dangerous while it’s outside you, because it’s easily stopped by air and your skin; inside you, inhaled or ingested, it’s vastly disruptive to DNA. Beta radiation is more penetrating but still hugely attenuated by modest shielding. Gamma is best avoided.
However, the good news—for certain values of good—is that the sort of fallout radiation provided by standard thermonuclear weapons has a reasonably short half-life. It decays by a factor of ten for each factor of seven increase in time—in other words, after seven hours, the radiation has decreased tenfold. After two weeks, it’s down to one thousandth. 14 weeks, one ten thousandth.
But how much radiation was out there to begin with? There’s no good news here: it’s impossible to tell unless you measure it. Where a bomb falls, how high up it explodes, prevailing winds, and later weather are all important and unknowable variables. The UK government did maintain a large network of Royal Observer Corps stations equipped to determine some of this and report back to central HQ so that contamination could be tracked. Like the rest of the UK nuclear civil defence infrastructure, though, the ROC was dismantled in the 1990s. This was partially on the grounds of cost, but that was secondary to the main conclusion reached after the exercises: nothing anyone could do would make any difference whatsoever. Worse, everyone knew it.
Why would anyone let you into the bunker? Here, we were told, having useful skills would count in your favour. Mechanical and electronic maintenance chops, medical or personal defence training, physical strength—anything that could justify giving you space and scarce resources. We did get some emergency medical training, but it used a coffin lid as the work surface, so expectations weren’t high.
While you’re in the bunker, don’t get sick and do as you’re told. Being an arse will be punishable by death.
Knowing how to shoot a gun will significantly increase your chances of survival—if you have a gun.
This guy in a ghillie suit taught us how to drink our own urine. I’m not sure why we needed someone to demonstrate this.
Hand-to-hand combat will help, if you don’t have access to a shotgun or other insane-person-killing weapon.
Leave the bunker, but only when you have to
Once inside, you can ponder the question of how to survive outside once the immediate danger is over. We were given firearm and self-defence training—assuming there are enough guns and ammunition to go around, it doesn’t take long to pick up the basics of shooting insane cannibalistic survivors (a zombie fixation may actually help here). Self-defence is harder and takes much more practise: enrolling now in a reputable martial arts course will get you up to speed in a year or so, and our instructor particularly recommended learning about pressure point fighting. Intense pain and paralysis can be very persuasive.
Enlarge/ When a nuke goes off, you want simple tech that won’t be disrupted by EM radiation.
Most gadgets will be useless after a nuclear attack. Despite its reputation as “being designed to withstand a nuclear attack,” the Internet will have gone away, as will main electricity and the cellular networks. To prepare for the apocalypse, you can invest in walkie-talkies and Geiger counters, together with solar chargers and a stock of rechargeable batteries. Keep any radio equipment in a sealed tin to reduce the chances of damage by electromagnetic pulses from a high altitude detonation. The only long-distance communication working after a nuclear attack will be shortwave radio, so if you’re really keen on rebuilding civilisation get yourself a ham radio licence.
One recent innovation that does have some potential for post-apocalyptic survival is the quadcopter/drone. No consumer drone comes as standard with radiation detectors, but Geiger counter kits as small as a matchbox are available and, if you have the requisite electronics skills, can be simply interfaced to a telemetry transmitter. The whole setup will be light enough to be lifted without impacting flight range or duration and will give you a quick way to scout your immediate surroundings for radiation hot spots or insane cannibalistic survivors. It will also announce your presence and location to same, so use with discretion.
Enlarge/ There was a little tuck shop where you could buy stuff with bottle-tops—to simulate what it would be like to buy stuff in the post-apocalypse world.
Other standard survivalist skills—trapping animals, staying hidden, navigation, improvising weapons, and so on—are less likely to be useful, unless you’re alone in an uncontaminated area. If it is, you won’t be. Leadership training and a good supply of printed pornography for trading will be more helpful. The bottle-tops in our knapsacks were supposed to stand in for money, but vintage copies of Knave would probably be more effective.
At the end of our evening in the Kelvedon Hatch bunker, we were escorted out past the ranks of silent teleprinters and lethality wall charts, treated to a mock attack by insane cannibalistic survivors, given sandwiches in the gift shop, and put on the train home.
None of us was in any doubt that, had it been a real apocalypse, we’d have been long dead. Those of us old enough to have lived through the 1980s—when the Soviets came within hours of launching a nuclear strike by mistake—knew that already. Such days have gone, but the warheads haven’t: while they exist, so does the possibility of Armageddon. The post-apocalyptic world in Fallout 4 is fantastic, not because of its monsters and machinery, but because so much is still standing.
