Latest news with #DanWilliams
The Guardian
2 days ago
- Business
- The Guardian
Virgin Media O2 mobile users' locations exposed for two years in security flaw
The locations of millions of Virgin Media O2 mobile customers were exposed for up to two years until a network security flaw was corrected, it has emerged. Before the fix was implemented on 18 May, anyone with a Virgin Media O2 sim card could use their phone to obtain sensitive information about the network's other customers using a 4G-enabled device, including their location to the nearest mobile mast. The flaw has now been patched and reported to the UK's communications and data protection regulators. Virgin Media O2 said there was no evidence that its network security systems had been externally breached. The locations of customers could be tracked most precisely in urban areas, where mobile masts cover areas as small as 100 square metres. Dan Williams, an IT specialist who discovered the defect, wrote that he was 'extremely disappointed' not to receive a response when he flagged the issue, which was resolved only after he blogged about it two months later, on 17 May. He said there had been no explanation for the delay. He wrote: 'I don't want to be the enemy, I simply want to feel comfortable using my phone.' Williams noticed Virgin Media O2's failure to configure its 4G calling software correctly when he was looking at messaging between his device and the network to work out call quality between himself and another O2 customer. 'I noticed that the responses from the network were extremely long, and upon inspection noticed that extra information from the recipient of the call was sent to the call initiator,' he told the Guardian. This included normally private information, such as the cell ID, which is the current cell tower a caller is connected to; information about sim card, which could be used for a cyber-attack; and the phone model, which can be used to work out how to access it. He believed that it was 'possible this was used in the wild and not reported against' though there was no way to quantify that. If it had been that would be 'quite a large problem', as 'there are situations where this data is extremely, extremely sensitive', for example domestic abuse survivors or government workers, he added. 'I came across it by accident. Someone purposefully trying to find these kinds of vulnerabilities would have probably come across it,' he said. 'There are white papers detailing this exact scenario and warning networks against doing this.' The FT, which first reported Williams's findings, said he had tested the problem with another O2 customer, successfully tracking them to Copenhagen, Denmark. Disabling the 4G calling feature on devices would have prevented them from being tracked, though this is not possible on some handsets, such as iPhones. The issue may have also affected some customers of Giffgaff and Tesco Mobile, which use Virgin Media O2's network. Sign up to Business Today Get set for the working day – we'll point you to all the business news and analysis you need every morning after newsletter promotion Alan Woodward, cybersecurity professor at Surrey University, said location data 'could be valuable for scams such as social engineering, or even blackmail' and for phishing attempts referencing a recent location, though they would need other information about the person for this to work. He said this was unlikely to happen for normal people who were not criminal targets, but nevertheless fixing the vulnerability should have been a 'matter of urgency'. A Virgin Media O2 spokesperson said: 'Our engineering teams had been working on and testing a fix for this configuration issue over a number of weeks, and we can confirm this fix was fully implemented on 18 May. 'Our customers do not need to take any action, and we have no evidence of this issue being exploited beyond the two illustrative examples given by a network engineer in his blog which we reported to the ICO [Information Commissioner's Office] and Ofcom. There has been no external compromise of our network security at any time.' An Ofcom spokesperson said it was 'aware that O2 has experienced a network security issue', and is in contact with the provider to establish the scale and cause of the problem. An ICO spokesperson said that after assessing the information provided by Telefonica and remedial steps taken, 'we will not be taking further action at this stage'.
Economist
4 days ago
- Business
- Economist
Want to destroy American business? Protect it, writes Carl Benedikt Frey
By Invitation | American business and trade Illustration: Dan Williams D ONALD TRUMP insists that tariffs will bring back jobs and revitalise American industry, and that short-term pain would be worth it for long-term gain. Yet history suggests they are more likely to steepen America's slide into stagnation. It is time to think beyond regional success, says Yannis Stournaras Investment in supporting democracy in its neighbourhood and beyond is not charity. It serves strategic interests But the country must also modernise monetary policy, rewire banking and reconnect with global markets, argues Abdulkader Husrieh One version of thought control is being replaced with another that is worse, argues Richard Hanania Russia is less visible, the Gulf more so, and America and China are rethinking their traditional roles Two human-rights barristers on how to address systemic abuse by authoritarian states
Rhyl Journal
4 days ago
- Sport
- Rhyl Journal
Prestatyn Running Club members record personal bests at Mid-Cheshire 5k
Eight of the club's men took full advantage of the opportunity, with two of them, captain Jonah Armstrong and Dan Williams, recording PBs. Also having good reason to be happy with his performance was Alex Ryder, who achieved his aim of bettering his Christleton time despite a last-minute injury scare. The placings were: 223 Jonah Armstrong 16.38 (PB), 237 Tom Carter 16.41, 334 Dan Williams 17.12 (PB), 447 Alex Ryder 18.07, 451 Oliver Birch-Jones 18.13, 490 Dave Ellis 18.18, 653 Marc Jones 20.09, 782 Martin Cortvriend 23.25. On Saturday (May 24), the club took over the organisation of the Nova parkrun and the red vests were prominent not only among the officials and marshals but also among the competitors. With a strong headwind in the closing stages, only one club member, Zak Webster, recorded a PB. The positions were: 22 Darrell Jones 21.17, 23 Dave Ellis 21.28, 28 Eve Manifold 22.42 (first female), 37 Zak Webster 23.46 (PB), 40 Reg Jonas 24.00, 46 Steve Weedman 24.31, 57 Philip Howarth 25.01, 60 Neil Davidson 25.08, 64 Will Lines 25.17, 68 Lisa Lines 35.58, 99 Andy Scott 27.27, 132 Dan Williams 29.46, 239 Steve Hatfield 40.20, 290 Suzanne Evans 56.27, 297 Martin Cortvriend 60.28, 298 Julie Evans 60.29 (he last three were all parkwalkers). Other parkruns: Erddig: 88 Sophie Johnson 28.19, 101 Mandy Cartwright 28.52. Greenfield Valley: 3 David Hudd 21.44. In the Eryri Half-Marathon, a scenic but tough race in the hills above the Conwy Valley, David Hudd had an excellent run, finishing 25th in 1-44.16. In the same event, Ann Claire Jones finished 89th in 2-19.41. Only two club members made the long trip to Porthmadog for the Moel y Gest race, the eighth in the Tuesday Evening Series of fell races. Gareth Jones was 26th overall in 43.24 and Mark Dakeyne 82nd in 60.44.
Bloomberg
19-05-2025
- Politics
- Bloomberg
Israel Poised to Step Up Gaza Offensive
Israeli officials say they're poised to order tanks and troops into unconquered parts of the Gaza Strip in an all-out bid to destroy Hamas, throwing an ultimatum at the Palestinian Islamist faction to concede on terms for a negotiated winding down of the war. Israel said however it would shortly begin to 'admit a basic amount of food for the population in order to ensure that a famine crisis does not unfold' after a full block of food and other aid into Gaza that began on March 2. Bloomberg's Dan Williams reports. (Source: Bloomberg)
Yahoo
16-05-2025
- Business
- Yahoo
EPA clears way for CO2 project to proceed
Wabash Valley Resources received the final permits to begin constructing two injection wells for geologic sequestration of carbon dioxide, the Environmental Protection Agency reported in a press release Friday. The final permits contain no changes from the 2024 permits for the projects, one in West Terre Haute and one in Vermillion County. The EPA opted not to exercise its discretion to allow additional public notice and comment. Pete Rimsans, WVR's VP of government relations, issued a statement on behalf of the company: "Today, following an internal administrative review, the U.S. Environmental Protection Agency (EPA) finalized the Class VI Underground Injection Control (UIC) permits for Wabash Carbon Services. The permits clear the way for one of the nation's most advanced carbon capture and sequestration (CCS) projects. "The decision, which follows a remand from the Environmental Appeals Board (EAB) to EPA Region 5, marks a turning point for American energy and agricultural security," the statement continued. The statement then quoted Dan Williams, chief operating officer of WVR: 'We sincerely appreciate the EPA restoring momentum to a permitting process. Their decisive action reflects a renewed national commitment to leveraging America's abundant resources in clean and innovative ways that promote American infrastructure, American jobs and American-made energy solutions.' It concluded, "The finalized permits authorize WVR to construct injection wells for the safe and permanent sequestration of captured CO₂ deep underground, supporting the company's $2.5 billion investment in low-carbon ammonia fertilizer production. "By transforming a shuttered coal gasification facility into a manufacturing hub, WVR is demonstrating the future of American fossil fuel infrastructure and a reliable energy addition to the nation's supply." In 2023, Indiana Senate Bill 451 authorized carbon sequestration in West Terre Haute and Vermillion County, paving the way for the deep underground injection wells. Former District 38 Sen. Jon Ford championed the bill, which was immediately unpopular locally. Citizens and the Vigo County Commissioners publicly expressed anger that WVR was able to embark on such an enterprise without input from local leaders and residents alike and expressed concern about the wells' environmental impact on the area. On July 7, 2023, the EPA issued WVR two draft Underground Injection Control permits to construct wells for injection of carbon dioxide for permanent sequestration. A public meeting regarding the draft permits was in Terre Haute in August of 2023. Things quickly grew contentious, with residents expressing concern about the resulting damages from a potential leak in the underground well. WVR provided statistics showing that since the 1950s, only nine fatalities have resulted — four in the '60s and five in the '90s, which saw 18 accidents, the most of any decade. Concerned Citizens against Wabash Valley Resources was formed, and vociferously protested WVR's efforts every step of the way in a series of frequent appearances at Vigo County officials' meetings and Facebook posts. In July of 2024, Vigo County Commissioners received the brunt of residents' anger during discussions of the Community Benefits Agreement that WVR had proposed. Speakers during the meeting's public comments section were unmoved on WVR's proposal to endow the Wabash Valley Community Foundation with $3 million. Commissioner Mike Morris said, 'If the community does not take this money, that does not stop [WVR's] plan. The plan will go ahead.' In September of 2024, the U.S. Department of Energy's Loan Programs Office announced a conditional commitment of a $1.559 billion loan to WVR to finance its waste-to-ammonia fertilizer production facility in West Terre Haute so it can employ carbon capture and sequestration technology. In March this year, the Environmental Appeals Board issued a statement that said WVR's project "ensures non-endangerment of USDWs [underground sources of drinking water]." It raised no new issues or substantial questions. At this point, Concerned Citizens against Wabash Valley Resources' last recourse may be to take the issue to court. Resident Whitney Boyce said in July of 2024, 'Litigation is not our goal, but if that's what it takes to get the protections in place for our community, that's what's going to have to happen.' Construction of the plant is expected to create 500 jobs and 125 full-time employees will work at the facility.
