More uselessness from DBC

[Two-lane]

6 minutes ago, John Wright said:

I think there’s a restriction on accessing the government server ( where Douglas is hosted ),  and e-mails/info hosted on it, whilst of island.

You can use something like Private Internet Access to pretend that you are here - PIA lists the IoM.

[Gladys]

12 minutes ago, Two-lane said:

You can use something like Private Internet Access to pretend that you are here - PIA lists the IoM.

There has to get some way of securely accessing IOMG hosted emails, or how else will the St Helena delegation keep a tabs on issues of moment while off-island?

[WTF]

4 minutes ago, Gladys said:

There has to get some way of securely accessing IOMG hosted emails, or how else will the St Helena delegation keep a tabs on issues of moment while off-island?

facebook ??

[Kopek]

Remember the Richard  Corkhill/ Ramsey post office scandal!!! Corkhill claimed that he was on holiday in the U.S. at the time and had 'no way to influence the decision '??? 'phones Richard, phones!

As CM at the time, he should have been provided with an official phone to keep in touch as well as his personal mobile???

[Sheldon]

Dual/multi-factor authentication should be mandatory these days for anyone accessing systems and/or email remotely. If you don't have 2FA you're just asking to be hacked at some point, regardless of your location, and if & when that happens you can hardly turn round and say you weren't warned.

It's not as if there's some magical electron barrier around the IOM coastline that means on-Island is safer than off-Island. (Although there are indeed additional risks - especially in some of the jurisdictions Frank travels through.)

[Sheldon]

7 minutes ago, Kopek said:

As CM at the time, he should have been provided with an official phone to keep in touch as well as his personal mobile

That was a while back, and it's easy for an organisation to install security and ring-fencing on personal devices now. Nobody except maybe James Bond should need to carry an additional official phone. However, some staff won't agree to this because they don't trust their employer for whatever reason, or are just complete privacy freaks. I doubt Claire or Frank fall into that category, though.

[John Wright]

It may not apply to Frank. But MHK’s and senior civil servants will have government issue laptops ( old, clunky, slow, and with an outdated OS ).

I wanted to use my own laptop for HSIRB, and my desk top.  That proved impossible.

[Sheldon]

1 minute ago, John Wright said:

I wanted to use my own laptop for HSIRB, and my desk top.  That proved impossible.

But, but... "Digital Isle!" 

[cissolt]

1 hour ago, Roger Mexico said:

The point about how a spoofed email actually works has been made on here numerous times by numerous people to those repeating it and it's ignored every time.  The only one who was spoofed was someone at Manx Radio doing the weekend shift.  It's like the guy obsessed with the Rosemount's bins and his supporters (indeed it's probably the same people) - no matter how often it's explained that the Council has nothing to do with it, they continue insisting it does.  Because facts aren't remotely important, what's important is feeling that they always in the right and attacking someone they have decided they don't like, no matter how ridiculously.

(In this of course they are just like the British media - indeed that's where they learnt this behaviour from).

The repeated lies that not only was the spoof email a hack but that the council has reported it to ocsia is mind boggling.  Why have the media not pressed this issue?  It's an important aspect of public office that we can trust official statements.

On the issue of accessing emails remotely, this is even more baffling.  I have have never heard such nonsense. Securing a mail server from malicious actors is trivial, preventing access to email from off island is not going to prevent a hack.  This is either a lie to coverup the original lie or complete incompetence from the IT department or supplier.

Spoofing an email is trivial and would take 30 seconds on google to find a site that does it for you. 

 

[Amadeus]

4 hours ago, Albert Tatlock said:

Sounds more like for 'poor security reasons'...there are lots of cost-effective secure methods and apps for delivering communications if thought through.

I know that as well as you do and have been working safely and effectively from some super remote places in recent weeks. I’ve raised it before but I have better things to do than argue with the IT department. 

[Amadeus]

1 hour ago, John Wright said:

I don’t think there was a breach of cybersecurity over the Wells spoof e-mail

I do think DBC notified it to OCSIA, in a sort of throw away, this has happened, sort of way

I don’t think DBC actually reported it to OCSIA or asked them to investigate or report

I don’t think OCSIA have investigated or reported ( as they weren’t asked to do so ) 

Not sure why DBC are pretending they did or that they are awaiting a report

I think there’s a restriction on accessing the government server ( where Douglas is hosted ),  and e-mails/info hosted on it, whilst off island. But I’m pretty sure that you can access if you set up dual factor authentication. This based on my experience when I was a member of the Health Services Independent Review Body.

Weird thing is they set up my 2fa before I left and then told me I can’t access from off island. Baffling. 

[FANDL]

9 minutes ago, cissolt said:

The repeated lies that not only was the spoof email a hack but that the council has reported it to ocsia is mind boggling.  Why have the media not pressed this issue?  It's an important aspect of public office that we can trust official statements.

If Mr Wheeler is to be believed, and he seems fairly confident, it’s suggested that this week via IOM newspapers we may find out that Cllr Wells is more than used to making up stories that are reported to the Press as fact which then subsequently appear to have no (or tenuous at best) elements of fact in them. 

[cissolt]

1 hour ago, Amadeus said:

I know that as well as you do and have been working safely and effectively from some super remote places in recent weeks. I’ve raised it before but I have better things to do than argue with the IT department. 

I would wager that DBC have spent more money on their PR agency than cyber security this year. 

The problem with these little fiefdoms is they get away with spouting this kind of nonsense and pretending that its going to make their systems more secure.  This is demonstrably false.

 

[John Wright]

3 hours ago, FANDL said:

If Mr Wheeler is to be believed, and he seems fairly confident, it’s suggested that this week via IOM newspapers we may find out that Cllr Wells is more than used to making up stories that are reported to the Press as fact which then subsequently appear to have no (or tenuous at best) elements of fact in them. 

Do we believe

The bin belonged to DBC

The bin was the responsibility of DBC to empty

The bin was on DBC land, rather than brewery land

DBC secretly changed and backdated the bye laws to allow the bin to be kept by the brewery on its land?

[FANDL]

15 minutes ago, John Wright said:

Do we believe

The bin belonged to DBC

The bin was the responsibility of DBC to empty

The bin was on DBC land, rather than brewery land

DBC secretly changed and backdated the bye laws to allow the bin to be kept by the brewery on its land?

Or a bit like the OCSIA point mentioned above. Do you believe the police were involved in anyway at all, or even contacted or called to investigate anything, as claimed by Mrs Wells in the newspapers at the time? It would be unfortunate if they weren’t when an attempt was made to discredit the complainant by trying to paint him as the subject of a police investigation which may turn out to be completely fictitious. Just like their likely non existent OCSIA investigation.