UK fungi site launched following demise of the Wild About Britain website

A combination of a developer who didn’t care, and the efforts of hackers caused the demise of the Wild about Britain website, which had some great content on British natural history. Despite many pleas, the developer did nothing and refused to hand the site over. As a fungi enthusiast, I decided to launch a forum for people interested in uk fungi, to identify, discuss and record species of fungi in the uk. I welcome feedback.

It is at


Google must amend search results on the request of individuals

A top EU court has ruled that Google must amend search results if individuals request it. This was based on the case of a Spanish man whose house was repossessed and he didn’t want the story to be hanging around for years. Fair enough!

At first glance this seems quite reasonable. Many of us have skeletons in our closets and in some cases, information held on us is innacurate or obsolete. It is therefore quite reasonable that this information should be updated or removed.

Sadly, this just demonstrates a lack of understanding of what a search engine is. The website which publishes, for example, house repossessions, is still allowed to continue, and you will still be able to visit such websites.  All it means is that Google will have a massive (and impossible admin task in filtering its results.)

In its judgement on Tuesday, the court in Luxembourg said people had the right to request information be removed if it appeared to be “inadequate, irrelevant or no longer relevant”.

It remains to be seen what the outcome will be. Will it allow companies to remove material from search results that they feel is critical or doesn’t reflect well on them? If the BBC publishes a story and someone complains it infringes their privacy, does Google remove links to that story? Surely, the complaint should be directed to the BBC!


UK Internet censorship move by Virgin Media and Talk Talk

Although widely described as being a block on Internet porn, the scope covers a range of material. In the case of Talk Talk, there are 9 adult categories, including self-harming, gambling and suicide sites.

Content in these categories will be blocked by default. This means that Talk Talk will be deciding what is appropriate for you to access. It is possible to opt in to receive this content, however, Talk Talk now have a list of people who could be considered “sordid” or undesirable. If the police want to view this list, we move further towards a Big Brother society.

Make no mistake, I am in favour of protecting children from internet nastiness, but I don’t believe private corporations should decide what is nasty. The job should primarily be that of the parents, or by the government if it is clearly illegal. Parents should be aware of what their children are doing, and if they don’t understand, they need to ask. If you give smartphones and laptops to children and they take them to their bedrooms, or out and about, you will have no idea what they are looking at. They will find ways to get around censorship. A better solution is to give the choice when people sign up with a provider, and to contact existing providers and ask if they want it or not. However, the bigger issue is the relationship between parents and children, and knowing what your children are doing, and who they are talking  to.

Police powers to snoop on email, social media and phone

New legislation being drafted will force Internet providers to retain data for a year and hand this over to police, intelligence agencies and HM Revenue & Customs. The argument being that this will enable them to counter terrorism, paedophilia and fraud. So, how will this be implemented.

“The data would include the duration, time originator and recipient of a communication and the location of the device from which it was made. It would not include the content of messages – what is being said. Officers would need a warrant to see that. ”

The first question would be, does the data stored have to include the content of the messages. It is unclear whether ISPs are required to do this.

Secondly, what would be done about encrypted conversations. Certain protocols could be deciphered if the ISP installs a “middle-man” certificate, or would decipher messages on request. Eg, Gmail provides encryption for users. If both recipient and sender are using gmail, email messages intercepted would be in encrypted form, and not easily cracked without access to Google’s certificate. These powers are UK powers, so would the UK authorities have the power to access a foreign company’s encryption certificate?  Google pulled out of China when the Chinese government tried to censor search results.

However, the real question is whether it would make a difference to serious criminal organisations, and I would say no. Criminal organisations are already using means to evade surveillance. They use zombie PCs (botnets) where unsuspecting users’ pcs are hijacked for criminal purposes. This is commonly fraud, but could also be used for other purposes. You can also buy your own encryption certificates, or use “self-signed” ones. There is no known way to decrypt a strongly password protected certificate in a reasonable timeframe.

The use of encryption also avoids the automated scanning of millions of emails for keywords etc. Finding criminals these way would be like finding a needle in a haystack, when you don’t even know which barn the haystack is in.

Heavy handed legislation only makes life more difficult for the law-abiding. Just like the annoying copyright notices you see in some DVDs are not even seen by criminals, as they edit that bit out, but the innocent purchasers of DVDs are forced to watch this.

Criminals are usually found out by talking to people.

How to spot a bogus email or “phishing” attack

There are many dodgy emails we receive in our inboxes. Often, they appear to come from a bank, PayPal or even the police. Typically, they ask us to click on a link to update our details. Often, they warn of dire consequences if we fail to obey. They will close our account, it will cost us money, the police will come knocking on our door!

This is quite scary for people, so I will give 4 pointers on what to look for to detect genuine emails from the fraudulent ones.

First rule: trust no-one. I mean an email that comes in, even from a friend, might have been initiated by a virus on your friend’s computer.

Second rule: Is the message using your full name? I received a few messages claiming to come from banks or PayPal, but start “dear customer.” If it really is your bank or PayPal account, they will address you by name.

Third rule: Were you expecting an email from said organisation? If you signed up for an account a minute earlier, then you would expect it. If it turns up out of the blue, put your cautious hat on.

Fourth rule: Don’t click on links if you can help it. If it claims to be from one of your accounts, instead of clicking the link, why not just log into PayPal (or whatever site) the way you usually do, by going to their website via your favourites/bookmarks.

Offering free open wifi – think again..

Many business owners want to offer free wifi access to their customers as an added courtesy/benefit. Few realise they could end up in court. Why?

As the owner of the network, you are held responsible for the activities on your network. (see

For example, if someone stays in your hotel and looks at child pornography, the police may well seize your computers and arrest you, unless you are able to prove it was one of your guests. The same would apply to hacking attempts using your connection, or people spamming emails from your wifi.

However, the most aggressive lawyers are from the music and movie industries, who routinely sue people for copyright infringements. In 2009, a pub owner was fined £8000 for filesharing

A very useful guide to using a wireless network in a business can be found at

To protect yourself or your business, you need to be able to prove the illegal activity was carried out by someone else. The only way to do this is to authenticate people logging on. You need a password, and only give this to those who complete a registration process. You also need proof of ID (e.g  a car number plate, a credit card, or drivers licence.)  The information needs to be recorded and produced in case of investigation. Passwords would need to be changed routinely also.

For most businesses, this overhead may be too cumbersome, so another approach is to use a service like The Cloud or BT Openzone. In these cases, the user has to sign up for the service with a card, who records their activities. It may not be as convenient as open wifi, but you can at least say you have acted responsibly.

Virus removal annoyance!

It’s so annoying when 3 hours into a virus scan, from a Rescue CD the laptop just decides to power down. A whole host of malware found but not removed, so it has to be done again. Before anyone says, the power lead WAS plugged in and the power was on..oh well, I’ll try a different CD. 

For anyone unfamiliar with boot CDs, the idea is you can load clean software from the CD to perform a virus scan on an infected disk. If you start (Windows) from an infected hard disk, the infection may be able to hide itself, or use various blocks to prevent the user, or an antivirus tool from removing it.