Just a heads up for anyone with Talk Talk that might have missed it, seems the have been hacked and currently don't know what was exactly taken :-
http://www.bbc.co.uk/news/uk-34615226
Just a heads up for anyone with Talk Talk that might have missed it, seems the have been hacked and currently don't know what was exactly taken :-
http://www.bbc.co.uk/news/uk-34615226
Jon
https://paul.reviews/value-security-avoid-talktalk/
I'd hope heads would have rolled last time, but I doubt it.
Drupal and PHP simply shouldn't be used when anything needs any kind of security, the practices both the language and platform encourage are incongruent to a safe secure software development lifecycle.
throw new ArgumentException (String, String, Exception)
Anyone who think ANY computer system is in any way secure, is a total fool.
Saying that, even an unpatched windows 2000 install is safer than old skool paper filing.
Main PC: Asus Rampage IV Extreme / 3960X@4.5GHz / Antec H1200 Pro / 32GB DDR3-1866 Quad Channel / Sapphire Fury X / Areca 1680 / 850W EVGA SuperNOVA Gold 2 / Corsair 600T / 2x Dell 3007 / 4 x 250GB SSD + 2 x 80GB SSD / 4 x 1TB HDD (RAID 10) / Windows 10 Pro, Yosemite & Ubuntu
HTPC: AsRock Z77 Pro 4 / 3770K@4.2GHz / 24GB / GTX 1080 / SST-LC20 / Antec TP-550 / Hisense 65k5510 4K TV / HTC Vive / 2 x 240GB SSD + 12TB HDD Space / Race Seat / Logitech G29 / Win 10 Pro
HTPC2: Asus AM1I-A / 5150 / 4GB / Corsair Force 3 240GB / Silverstone SST-ML05B + ST30SF / Samsung UE60H6200 TV / Windows 10 Pro
Spare/Loaner: Gigabyte EX58-UD5 / i950 / 12GB / HD7870 / Corsair 300R / Silverpower 700W modular
NAS 1: HP N40L / 12GB ECC RAM / 2 x 3TB Arrays || NAS 2: Dell PowerEdge T110 II / 24GB ECC RAM / 2 x 3TB Hybrid arrays || Network:Buffalo WZR-1166DHP w/DD-WRT + HP ProCurve 1800-24G
Laptop: Dell Precision 5510 Printer: HP CP1515n || Phone: Huawei P30 || Other: Samsung Galaxy Tab 4 Pro 10.1 CM14 / Playstation 4 + G29 + 2TB Hybrid drive
sammyc (24-10-2015)
Mum uses it and is worried. I've been following the news today and apparently some dumps are available now on the 'dark web'.
Good news the police are involved already though. Watch out for phone call scams, people!
hexus trust : n(baby):n(lover):n(sky)|>P(Name)>>nopes
Be Careful on the Internet! I ran and tackled a drive by mining attack today. It's not designed to do anything than provide fake texts (say!)
Millennium (23-10-2015)
@theanimus
What software stack do you recommend in preference to PHP? I'm starting to build a web app and I'm platform agnostic, but I'd prefer something that runs on Linux for cost reasons.
I think he likes Java based stuff the best
(https://www.youtube.com/watch?v=moSFlvxnbgk)
Last edited by malfunction; 23-10-2015 at 10:26 PM.
Talk Talk have advised that customers change their account password. But their site is offline at the moment, so how are customers meant to change their password lol..
Even more mind boggling is the fact that their webmail section of the web site is still up and perfectly functional at the moment. Meaning intrusions into 4 million customers email accounts could be ongoing/happening right now. As all you need for the webmail login is the client email address and the password, both of which are the same as those used for the customer account.
Why leave the webmail still open.. ? Baffling.
Last edited by Dave_07; 23-10-2015 at 09:19 PM.
Intel Core i7 5930k @ 3.7Ghz Turbo
MSI X99A Gaming 7
16Gb Corsair DDR4 2667Mhz
2x SLI MSI GTX 980
2x 500Gb SSD's (Raid 0)
EVGA 1000w PSU
Windows 7 Pro 64Bit
G-Sync AOC G2460PG 1080p
LG Flatron W2261VP
Customer data stored unencrypted. Massive fine headed their way.
It's just not acceptable.
There are reports that Talk Talk tried to cover up the extent of the security breach too. Some customers had their bank accounts drained and received fraudulent calls the day before Talk Talk admitted they had a problem it seems. I get the impression that Talk Talk are criminally negligent or incompetent or both.
On BBC news their technology corespondent described the holes in talk talks security as "novice like vulnerabilities". Also their stock price is down. Makes you wonder if they will be able to recover from this.
Intel Core i7 5930k @ 3.7Ghz Turbo
MSI X99A Gaming 7
16Gb Corsair DDR4 2667Mhz
2x SLI MSI GTX 980
2x 500Gb SSD's (Raid 0)
EVGA 1000w PSU
Windows 7 Pro 64Bit
G-Sync AOC G2460PG 1080p
LG Flatron W2261VP
Really depends on what you are doing, don't get caught up with OS as a separate part of 'costing' than the core performance. For instance I'm currently paying through the nose for my database license, but considering the requirements we've got, it's the cheapest option. When even a day of our junior dev guy costs more than 5 windows box licenses per month, people get hung up about software licensing costs and often end up wasting money. I've watched someone claim they shouldn't use commercial frameworks because it costs £150 per dev per year, that same organisation devs cost internally 150k eur per year, insanity.
Most people don't need the 'high performance' they think they do, so frameworks and languages which are slower but have more safety are often a better choice. 'General Purpose' ones I tend to like are Asp.Net MVC5, NodeJS (only ever with TS), Ruby On Rails in that order.
Depending on your tasks, you might find that C#/F# running on Windows is cheaper because of the performance benefits over running say Ruby on Linux, sure some C++ would be even cheaper but that has an order of magnitude higher dev cost. I'm not a fan of Go, D or Rust tbh. Python I've never been a fan of because of it's threading model.
Java died a decade ago for me, no reason to ever use it except for legacy, it's too limiting a language, if you have to target a JVM, consider scala, it's actually a language for the 21st century.
throw new ArgumentException (String, String, Exception)
Saracen (24-10-2015)
There are currently 1 users browsing this thread. (0 members and 1 guests)