The State of Mobile Banking (in the UK)
- Details
- Published: Tuesday, 21 June 2016 02:19
- Written by Ben Tasker
News recently broke that Tesco Bank's Android App refuses to run when Tor is also installed on the handset, presumably in the name of security.
So, out of morbid curiousity, I thought I'd take a quick look at just how effectively various banking apps were secured. Banks, after all, should be at the forefront of security (even if they often aren't)
To start with a disclaimer - personally, I think using banking services on any mobile device is a bad idea from the outset, and some of the results definitely support that idea. I've only taken a cursory look, and not made any attempt to dis-assemble any of the apps.
Bentasker.co.uk now available as a Tor Hidden Service
- Details
- Published: Saturday, 23 May 2015 01:43
- Written by Ben Tasker
Hidden Services have had something of a bad rap in the media of late, whilst it's undoubtedly true that some host some unpleasant material, the same can equally be said of the World Wide Web.
Hidden Services do have the potential to bring a much higher level of privacy to the end-user, and aren't always about hiding the origin from the user (or an attacker). The cryptography used in Tor's transport is arguably much stronger (and easier to change if found to be broken) that is available for HTTPS.
To that end, I thought it would be wise to configure the site to be multi-homed, that is to be accessible via both methods.
Because both are run by the same back-end, updates will appear on both at the same time.
So, you can now access BenTasker.co.uk at either
A link to the .onion has also been added to the Privacy bar on the left.
All Digital Downloads Withdrawn From Sale
- Details
- Published: Friday, 02 January 2015 03:38
- Written by Ben Tasker
As I wrote recently, the EU definition of the Place of Supply with regard to digital services has shifted to the place in which the customer resides.
As a result of the change (and more importantly, the bureaucracy involved in both recording the place of supply and filing returns) all digital downloads within my Shop section have been withdrawn from sale.
You can read more about why this decision had to be made in my earlier post.
If, for whatever reason, you've a burning desire to purchase something that was previously on sale, please Contact Me to arrange a manual transaction.
David Cameron: Idiot, Dangerous or just a lover of soundbites?
- Details
- Published: Tuesday, 13 January 2015 15:07
- Written by Ben Tasker
We've heard Theresa May parroting the same lines for months, but in the wake of the Charlie Hebdo massacre, David Cameron has joined the choir of people calling for new surveillance powers.
Mr Cameron has stated that if the Conservatives are re-elected, he will ensure that there is no form of communication that cannot be intercepted by the government.
So, one of the question we'll be examining in this post, is - Is David Cameron
- An idiot who doesn't understand the technology he's talking about
- Demonstrating that pre-election promises are inevitably broken
- Planning on introducing a draconian surveillance state
- Being mis-informed by other parties
- Simply creating sound-bites to raise the chances of re-election
Most of the coverage thus far has focused on option 3 - which seems fair given that it's the inevitable result of actually attempting to do what he is claiming.
We'll also be taking a look at why Option 3 could, and should not happen
The DVLA is routinely sending sensitive details via email
- Details
- Published: Sunday, 28 December 2014 20:25
- Written by Ben Tasker
It's that time of year - time to renew car tax. I figured I'd give the monthly direct debit a go and see whether paying the extra little bit is worth avoiding the yearly pain of remembering you need to find a few hundred quid up front.
For anyone who's not used it yet, the process of setting up is smooth and easy (in an almost distinctly non-government IT way), unfortunately it turns out there's a fairly big issue with the final step.
I should be fair, and point out that the service is provided by DirectGov rather than the DVLA directly, but IMHO it remains the DVLA's responsibility.