Posts by h3nb45h3r

Re: Lessons ?

The Police & Criminal Evidence Act (PACE) 1984, section 69 https://www.legislation.gov.uk/ukpga/1984/60/section/69/1991-02-01, was repealed by the Youth Justice and Criminal Evidence Act 1999 Section 60 https://www.legislation.gov.uk/ukpga/1999/23/section/60 following BT, CPS, Post Office, Department of Trade and Industry and the Inland Revenue writing to the law commission advising that the burden of having to provide evidence to a court that the computer was functioning and without issue was expensive and hampering prosecutions.

Whilst Horizon was released to the Post Office branches in November 1999 (following live testing at multiple branches during the year), the Youth Justice and Criminal Evidence Act 1999 was enacted on the 13th April 2000.

This brought in the 'presumption of computer reliability' to the courts, and effectively meant if you are faced with evidence from a computer, it was up to you to prove it wasn't functioning properly, and good luck if you don't have access to logs, the system design or anything else. Importantly, this was also used to prevent people challenging speed camera's and breathalysers for calibration certification.

This remains the current status of the law in England and Wales, and the new Data (Use and Access) Bill https://bills.parliament.uk/Publications/57084/Documents/5415 will seek to address this.

Here are the letters I mentioned above:

BT: https://startme-uploaded-files.s3.amazonaws.com/Uploaded-file-6368156-2024-1-2-f05b7aa3fe8d758a.pdf

CPS: https://startme-uploaded-files.s3.amazonaws.com/Uploaded-file-6368156-2024-1-2-7de74e0a6ad88ea1.pdf

DTI: https://startme-uploaded-files.s3.amazonaws.com/Uploaded-file-6368156-2024-1-2-4db06386ab297b4e.pdf

Inland Revenue: https://startme-uploaded-files.s3.amazonaws.com/Uploaded-file-6368156-2024-1-2-10324bf082032a89.pdf

Post Office: https://startme-uploaded-files.s3.amazonaws.com/Uploaded-file-6368156-2024-1-2-60e16cfd87e24754.pdf

Why would the CPS need to be there? The CPS were not involved in the vast majority of Post Office cases and have no skin in the game, they were involved some DWP cases. It is the Post Office that have objected to some cases being cleared

Re: Talk is cheap, where's the £?

I'm going to say they knew everything, if only as they were mainly (OK, wholely) responsible for it all...

A timeline:

Fujitsu bought 80% of ICL in 1990, ICL effectively became the European arm of Jujitsu at that point.

In 1996 the Horizon (or Pathways as it was known internally) contract was signed.

In 1998, Fujitsu purchased the remaining 20% of ICL

In October 1999 the first Horizon terminal was put on a Post Office Counter

In 2022, ICL was officially rebranded Fujitsu and all ICL branding dropped.

Re: I've mentioned this before but bears repeating..

That's not true at all, Fujitsu bought 80% of ICL in 1990, long before the Horizon contract was signed (in 1996). At that point Fujitsu were essentially the European arm of Fujitsu.

In 1998 Fujitsu purchased the other 20%, Horizon didn't a Post Office counter until November 1999. In 2002, ICL was officially rebranded Fujitsu.

Here's that document in it's entirety https://www.postofficehorizoninquiry.org.uk/file/871/download?token=gDkssh69

Re: Bollocks

Rebecca Thomson was the first journalist to write about the Post Office Horizon Scandal. Nick Wallis is clearly a power house that help push it more into the public eye, but it's shocking that it's not known about more. I know lots of people who work at Fujitsu and this isn't mention in the company, some of those staff have been with Fujitsu when they were ICL (ICL was 80% owned by Fujitsu).

Nick and Rebecca have a podcast that is covering the inquiry https://www.postofficescandal.uk/podcast/

Yes

They announced the appeal of the client status determination in both the public and private sector.

Re: Hopefully their last

Yeah... about that

Went to edit it and it timed out whilst I was distracted by something else, my bad, apologies to all concerned

Re: Why?

"The expert witnesses from Fujitsu surely must have been advised by Fujitsu's legal team, and it's beyond belief that they would have advised those witnesses to commit perjury.....There's more to this than meets the eye."

You've clearly never had any dealings with Fujitsu, if their legal team is internal, providing that advice would make complete sense and would be in-keeping with how all the other Fujitsu departments conduct themselves...

Re: Perjury?

Wonder if any have ISACA or ISC2 certifications, if so they would have agreed to abide by the code of Ehtics.

Having passed the CISSP recently (please don't hate me, I have a mortgage pay for and wife and kids to support), they make a big deal of these and I'm sure and the Post Office or Fujitsu staff working on that project would have clearly breached 1,2 and 4, wonder if anyone will have their certifications removed or face over sanctions?

Code of Ethics Canons:

1. Protect society, the common good, necessary public trust and confidence, and the infrastructure.

2. Act honorably, honestly, justly, responsibly, and legally.

3. Provide diligent and competent service to principals.

4. Advance and protect the profession.

Source https://www.isc2.org/Ethics

Re: Yet another elastoplast with unexpected consequences?

The MAC address is only seen in the layer 2 broadcast domain the host connects to.

As soon as the host requests a resource that is not available on the broadcast domain it resides on it sues IP addressing, and with each hop across the various networks the traffic goes, the source and destination MAC addresses will change (to be the ingress and egress interfaces MAC addresses of that layer 2 broadcast domain).

TL:DR

Which basically means:

Unless 'the likes of Google, Amazon, Facebook, NSA etc etc' own (of have access to) the AP you are connecting to, they're unlikely to see you MAC address.

The big issue here is connecting to your office environment and the supporting of that.

If you believe that someone with the resources of 'the likes of Google, Amazon, Facebook, NSA etc etc' would be using the MAC address to track you is ludicrous, I can see the argument about companies tracking you, but for a lot of public WiFi you need to register anyway!!!

In short, from a security perspective, yes it is better then nothing, but they should have an option to be able to set a MAC address for a SSID so that when you go to your trusted networks, such as work and home or VPN, it will cause less issues (and allow of the use of Dynamic ARP Inspection and other LAN security measures) and randomly set it for any network that you select to be 'public'.

The latter where being the default maybe?

Not if employed via an agency and the agency deem the role to be inside IR35

Re: Coriander?!!

I know they're French, but even I feel that's a little harsh....

It also doesn't solve the issue with the insects.

Re: Sick

Who said they were lady-bits?