info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Namesco MFU during Demon exorcism
28 views
Skip to first unread message
Martin Brown
Sep 15, 2020, 11:40:02 AM9/15/20
to
I was somewhat bemused to get this email today. Has anyone else got one?
You really couldn't make it up! My fossilised website is still there.
I wish the third party well with all the spam that I left pointing at
nezumi.dcu but wonder if the odd personal contact may have been caught.
--- begin email ----
Important information about
your names.co.uk services
Dear customer,
As per our previous correspondence, use of the sub-domain(s) below has
now expired, meaning no mail or hosting services can be associated with
them. We have, however, identified a risk to any incoming mail
associated to the sub-domain(s) below, between 31st July and 06th August
2020.
nezumi.demon.co.uk
Security risk and impact
Since spring 2020, we have made you aware of the process of
decommissioning the sub-domain(s) above. Unfortunately, for a short
period of time, a manual error arose during the process to stop your
sub-domain(s) receiving emails.
Between 31st July and 06th August 2020, a connection was incorrectly
established with a third party server, meaning that this server
temporarily logged your now de-activated Demon email address(es) and the
email address(es) of anybody who sent email to that address. Please
note, no email content was ever delivered to the third party, as the
server rejected this content.
We have undertaken a full investigation and have obtained a signed,
legally binding undertaking from the operator of the third party server
confirming that no personal data, including email content, was accessed,
forwarded, viewed or stored. Additionally, we have confirmed through our
technical investigations that the logs were never accessed and have been
permanently deleted.
For the sake of clarity, we want to reassure you there is no question of
your names.co.uk account or any other associated services having been
compromised.
How did this happen?
As a result of human error, an incorrect dummy domain name was used to
manage the decommissioning process, and this domain was subsequently
registered by a third party.
What have we done to mitigate the problem?
Once we had identified the manual error, the dummy domain was changed
and records updated. Since this happened, we have begun the process of
analysing how the error could have taken place.
We reported the risk to the Information Commissioner’s Office (ICO) and
traced the third party who had registered the dummy domain. We have
obtained a legally binding undertaking, from the third party, and we are
confident that there had been no intention to cause harm or access or
receive data, information or content.
What next?
We appreciate that communicating this security risk may cause you
concern and that it may leave unanswered questions. However, we want to
reassure you that we have investigated and taken appropriate action to
confirm that your personal data was not accessed.
As always, we recommend that you remain vigilant and act promptly in the
event of any unusual activity on any online platforms or channels that
may have been associated with your old email address.
Please accept our apologies for this error and for the concerns it may
have created. If you have any further questions, please get in touch
directly by calling us, emailing us at d...@names.co.uk or by raising a
ticket in your names.co.uk Online Control Panel.
Kind regards,
Steve Ewart, Commercial Director
names.co.uk
----end email ----
It strikes me as very bad practice to use a dummy domain that you do not
actually have control of in this situation. "Human error" apparently...
Now where did I leave my bell, Book and candle?
--
Regards,
Martin Brown
You really couldn't make it up! My fossilised website is still there.
I wish the third party well with all the spam that I left pointing at
nezumi.dcu but wonder if the odd personal contact may have been caught.
--- begin email ----
Important information about
your names.co.uk services
Dear customer,
As per our previous correspondence, use of the sub-domain(s) below has
now expired, meaning no mail or hosting services can be associated with
them. We have, however, identified a risk to any incoming mail
associated to the sub-domain(s) below, between 31st July and 06th August
2020.
nezumi.demon.co.uk
Security risk and impact
Since spring 2020, we have made you aware of the process of
decommissioning the sub-domain(s) above. Unfortunately, for a short
period of time, a manual error arose during the process to stop your
sub-domain(s) receiving emails.
Between 31st July and 06th August 2020, a connection was incorrectly
established with a third party server, meaning that this server
temporarily logged your now de-activated Demon email address(es) and the
email address(es) of anybody who sent email to that address. Please
note, no email content was ever delivered to the third party, as the
server rejected this content.
We have undertaken a full investigation and have obtained a signed,
legally binding undertaking from the operator of the third party server
confirming that no personal data, including email content, was accessed,
forwarded, viewed or stored. Additionally, we have confirmed through our
technical investigations that the logs were never accessed and have been
permanently deleted.
For the sake of clarity, we want to reassure you there is no question of
your names.co.uk account or any other associated services having been
compromised.
How did this happen?
As a result of human error, an incorrect dummy domain name was used to
manage the decommissioning process, and this domain was subsequently
registered by a third party.
What have we done to mitigate the problem?
Once we had identified the manual error, the dummy domain was changed
and records updated. Since this happened, we have begun the process of
analysing how the error could have taken place.
We reported the risk to the Information Commissioner’s Office (ICO) and
traced the third party who had registered the dummy domain. We have
obtained a legally binding undertaking, from the third party, and we are
confident that there had been no intention to cause harm or access or
receive data, information or content.
What next?
We appreciate that communicating this security risk may cause you
concern and that it may leave unanswered questions. However, we want to
reassure you that we have investigated and taken appropriate action to
confirm that your personal data was not accessed.
As always, we recommend that you remain vigilant and act promptly in the
event of any unusual activity on any online platforms or channels that
may have been associated with your old email address.
Please accept our apologies for this error and for the concerns it may
have created. If you have any further questions, please get in touch
directly by calling us, emailing us at d...@names.co.uk or by raising a
ticket in your names.co.uk Online Control Panel.
Kind regards,
Steve Ewart, Commercial Director
names.co.uk
----end email ----
It strikes me as very bad practice to use a dummy domain that you do not
actually have control of in this situation. "Human error" apparently...
Now where did I leave my bell, Book and candle?
--
Regards,
Martin Brown
Tim Lamb
Sep 15, 2020, 2:44:11 PM9/15/20
to
In message <rjqn8e$rf1$1...@gioia.aioe.org>, Martin Brown
<'''newspam'''@nonad.co.uk> writes
I had no new mail to the demon address after July 30th. The actual
renewal date, which they kept pestering me to pay, was September 9th.
--
Tim Lamb
<'''newspam'''@nonad.co.uk> writes
>I was somewhat bemused to get this email today. Has anyone else got one?
>
>You really couldn't make it up! My fossilised website is still there.
>
>I wish the third party well with all the spam that I left pointing at
>nezumi.dcu but wonder if the odd personal contact may have been caught.
>
>--- begin email ----
>
>Important information about
>your names.co.uk services
>
>Dear customer,
>
>As per our previous correspondence, use of the sub-domain(s) below has
>now expired, meaning no mail or hosting services can be associated with
>them. We have, however, identified a risk to any incoming mail
>associated to the sub-domain(s) below, between 31st July and 06th
>August 2020.
Me too!
>
>You really couldn't make it up! My fossilised website is still there.
>
>I wish the third party well with all the spam that I left pointing at
>nezumi.dcu but wonder if the odd personal contact may have been caught.
>
>--- begin email ----
>
>Important information about
>your names.co.uk services
>
>Dear customer,
>
>As per our previous correspondence, use of the sub-domain(s) below has
>now expired, meaning no mail or hosting services can be associated with
>them. We have, however, identified a risk to any incoming mail
>associated to the sub-domain(s) below, between 31st July and 06th
>August 2020.
I had no new mail to the demon address after July 30th. The actual
renewal date, which they kept pestering me to pay, was September 9th.
--
Tim Lamb
Martin Brown
Sep 16, 2020, 3:38:48 AM9/16/20
to
On 15/09/2020 19:28, Tim Lamb wrote:
> In message <rjqn8e$rf1$1...@gioia.aioe.org>, Martin Brown
> <'''newspam'''@nonad.co.uk> writes
>> I was somewhat bemused to get this email today. Has anyone else got one?
>>
>> You really couldn't make it up! My fossilised website is still there.
>>
>> I wish the third party well with all the spam that I left pointing at
>> nezumi.dcu but wonder if the odd personal contact may have been caught.
>>
>> --- begin email ----
>>
>> Important information about
>> your names.co.uk services
>>
>> Dear customer,
>>
>> As per our previous correspondence, use of the sub-domain(s) below has
>> now expired, meaning no mail or hosting services can be associated
>> with them. We have, however, identified a risk to any incoming mail
>> associated to the sub-domain(s) below, between 31st July and 06th
>> August 2020.
I have checked that all the incoming emails that matter were received
> In message <rjqn8e$rf1$1...@gioia.aioe.org>, Martin Brown
> <'''newspam'''@nonad.co.uk> writes
>> I was somewhat bemused to get this email today. Has anyone else got one?
>>
>> You really couldn't make it up! My fossilised website is still there.
>>
>> I wish the third party well with all the spam that I left pointing at
>> nezumi.dcu but wonder if the odd personal contact may have been caught.
>>
>> --- begin email ----
>>
>> Important information about
>> your names.co.uk services
>>
>> Dear customer,
>>
>> As per our previous correspondence, use of the sub-domain(s) below has
>> now expired, meaning no mail or hosting services can be associated
>> with them. We have, however, identified a risk to any incoming mail
>> associated to the sub-domain(s) below, between 31st July and 06th
>> August 2020.
but anyone who ignored my "Vodafone exorcises its Demons" so after a
quarter of a century my email address has changed message may have been
impacted by this. Mostly they will have spam addressed to Ewoks.
Strikes me that the sort of individual who might have noticed this DNS
cock-up and then acted to create the missing domain and add a mail
server into the mix would probably be reading this group.
It was certainly a mischievous exploit of a daft error.
> Me too!
>
> I had no new mail to the demon address after July 30th. The actual
> renewal date, which they kept pestering me to pay, was September 9th.
DNS records. But then they reinstated them pointing elsewhere on the
Monday 3rd August and my website reincarnated as a zombie or vampire.
It was definitely not there over the weekend!
--
Regards,
Martin Brown
Andy
Sep 16, 2020, 6:04:38 AM9/16/20
to
In message <rjsfe5$105$2...@gioia.aioe.org>, Martin Brown
<'''newspam'''@nonad.co.uk> wrote
[]
--
Andy Taylor [President, Treasurer & Editor of the Austrian Philatelic Society].
Visit www dot austrianphilately dot com
<'''newspam'''@nonad.co.uk> wrote
[]
>It was definitely not there over the weekend!
>
Ah, they're working on it...
>
--
Andy Taylor [President, Treasurer & Editor of the Austrian Philatelic Society].
Visit www dot austrianphilately dot com
Rick Hewett
Sep 18, 2020, 2:43:19 PM9/18/20
to
On Tue 15 Sep Martin Brown wrote:
> I was somewhat bemused to get this email today. Has anyone else got one?
>
> You really couldn't make it up! My fossilised website is still there.
>
> I wish the third party well with all the spam that I left pointing at
> nezumi.dcu but wonder if the odd personal contact may have been caught.
El Reg picked up the story...
> I was somewhat bemused to get this email today. Has anyone else got one?
>
> You really couldn't make it up! My fossilised website is still there.
>
> I wish the third party well with all the spam that I left pointing at
> nezumi.dcu but wonder if the odd personal contact may have been caught.
https://www.theregister.com/2020/09/18/demon_decommissioning_oopsie/
I live in hope that my fossilised website will eventually vanish, but as
of just now it's still there in all its 2012 glory...
--
..Rick Hewett http://www.hewett.org/
John Hall
Sep 18, 2020, 3:41:20 PM9/18/20
to
In message <764b.5f64...@chui.private>, Rick Hewett
<ri...@chui.private> writes
From a headline: "Namesco says soz". I assume that "soz" means "sorry".
It's a different language these days!
--
John Hall
You can divide people into two categories:
those who divide people into two categories and those who don't
<ri...@chui.private> writes
It's a different language these days!
--
John Hall
You can divide people into two categories:
those who divide people into two categories and those who don't
J. P. Gilliver (John)
Sep 19, 2020, 3:34:36 AM9/19/20
to
On Fri, 18 Sep 2020 at 20:39:00, John Hall <john_...@jhall.co.uk>
wrote:
since a third party is involved [possibly unintentionally: anyone know
what domain they registered? The voodemon letter and El Reg carefully
don't say], that's a more interesting story). The _website_ continuation
(either as complete working zombie sites, or just fixed URLs that don't
respond) isn't mentioned.
the feeling that Namesco handled it better (far from perfectly, but
better) this time than they did at the point when they switched to
Outlook (and to some extent the original handover). I think Voodemon are
more to blame.
Who actually _handles_ the MX, A, and so on *.dcu records - Namesco,
Voodemon, or some faceless registration agency? In other words, who is
responsible for the websites (where they actually work) or the mappings
_not_ having disappeared?
One of the responses to the Reg article said the domain registration - I
think they meant of just demon.co.uk, I wasn't sure - actually expires
in 2021, May I think was said. Maybe things will finally happen then?
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf
LISTENING means hearing what people are not saying as well as what they're
saying. - @CharlotteAlter 2020-9-4
wrote:
>In message <764b.5f64...@chui.private>, Rick Hewett
><ri...@chui.private> writes
>>On Tue 15 Sep Martin Brown wrote:
>>> I was somewhat bemused to get this email today. Has anyone else got one?
>>>
>>> You really couldn't make it up! My fossilised website is still there.
>>>
>>> I wish the third party well with all the spam that I left pointing at
>>> nezumi.dcu but wonder if the odd personal contact may have been caught.
>>
>>El Reg picked up the story...
>>
>>https://www.theregister.com/2020/09/18/demon_decommissioning_oopsie/
El Reg's article seems to be entirely about the email aspect (I suppose,
><ri...@chui.private> writes
>>On Tue 15 Sep Martin Brown wrote:
>>> I was somewhat bemused to get this email today. Has anyone else got one?
>>>
>>> You really couldn't make it up! My fossilised website is still there.
>>>
>>> I wish the third party well with all the spam that I left pointing at
>>> nezumi.dcu but wonder if the odd personal contact may have been caught.
>>
>>El Reg picked up the story...
>>
>>https://www.theregister.com/2020/09/18/demon_decommissioning_oopsie/
since a third party is involved [possibly unintentionally: anyone know
what domain they registered? The voodemon letter and El Reg carefully
don't say], that's a more interesting story). The _website_ continuation
(either as complete working zombie sites, or just fixed URLs that don't
respond) isn't mentioned.
>>
>>I live in hope that my fossilised website will eventually vanish, but as
>>of just now it's still there in all its 2012 glory...
>>
>
>From a headline: "Namesco says soz". I assume that "soz" means "sorry".
>It's a different language these days!
Yes )-:. Looks like they might get their fingers rapped - though I get
>>I live in hope that my fossilised website will eventually vanish, but as
>>of just now it's still there in all its 2012 glory...
>>
>
>From a headline: "Namesco says soz". I assume that "soz" means "sorry".
>It's a different language these days!
the feeling that Namesco handled it better (far from perfectly, but
better) this time than they did at the point when they switched to
Outlook (and to some extent the original handover). I think Voodemon are
more to blame.
Who actually _handles_ the MX, A, and so on *.dcu records - Namesco,
Voodemon, or some faceless registration agency? In other words, who is
responsible for the websites (where they actually work) or the mappings
_not_ having disappeared?
One of the responses to the Reg article said the domain registration - I
think they meant of just demon.co.uk, I wasn't sure - actually expires
in 2021, May I think was said. Maybe things will finally happen then?
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf
LISTENING means hearing what people are not saying as well as what they're
saying. - @CharlotteAlter 2020-9-4
Martin Brown
Sep 20, 2020, 5:31:42 AM9/20/20
to
Thanks for the heads up. I like the TITSUP backronym!
I wonder if they would pick up on the Zombie websites story if we made a
concerted effort to point it out in their comments section?
Again it is particularly relevant that the more times you have asked to
have it deleted the more likely it is to still be there!
--
Regards,
Martin Brown
0 new messages