miiJob at miiCard

9th May 2012

Ah a post about the illusive job mentioned in the last post!

So I’m moving to Edinburgh, perhaps as soon as tomorrow.  In fact, I have actually been working in Edinburgh since Monday and thus far have spend £84 in just three days travel thanks to Britain’s extortionate train fares but let’s get into what you’re interested in, miiCard.

I woke up a couple of months ago to a rather terrifying email in my university inbox which in my student life was at the crack of dawn (so about 10AM) and certainly woke me up.  It featured some poor soul desperately trying to break free from the clutches of a zombie horde and underneath this was written, “break free from coding hell.”

Break free from coding hell

Allow me to clarify, at this time of year, we receive dozens of job adverts at the School of Computing every week, some of them of interest, none of them exciting.  I normally glazed over them hoping that perhaps one of them would do something special like whisk me off to New York (don’t ask why, it’s my dream not yours).  This one, got my attention.  If you take a look at my CV on this site, you can see that I’m not the most formal of people.  What you see is exactly what you get when I’m applying for a job, complete with that fine Andy Barratt branding down the left hand side (hell, that’s even on my business cards!).  I don’t do dull, I just can’t be arsed.

And as this was evidently not a company to always do things formally, I decided I wanted to find out who they were, after a quick scroll through their website, I sent a rather unconventional email, in the way that I do, and a copy of my CV as a PDF because what I saw on the site impressed me, miiCard is actually something exciting!

Well come on then, tell us what miiCard is!

miiCard is a personal security company… now doesn’t that sound dull?  Keep reading.  What miiCard does is create an online version of a passport.  They give you an online ID card and they check it against your online banking to prove, to money laundering standards, that you are who you say you are.  Why?  So that you can prove it faster to everyone else!

What if I told you that 70% of bank applications online fail.  Can you hazard a guess why? Well you apply for a bank account but then the final step is “please come into your branch and show us your proof of address and your proof of ID.”  Well so much for that, I’m a lazy bastard like the rest of the world and I just can’t be bothered to walk to the bank.  I’ll survive with my current bank account.

Oh but imagine this, you apply online and it says, “do you have a miiCard?  No?  Sign up for one in 5 minutes and then we’ll give you your bank account.”  Well then, thank you very much, I can spend the rest of my day watching NetFlix!

How about this one?  You’re looking for a flat to rent (can’t imagine how I got this one in my head), and you find one online, you take a virtual tour and it’s awesome, only, you have to travel far across the land to make an application and prove who you are before you can even sign the lease many days later!  How tiresome!  I may as well just commute for the first wee while.  Oh but wait!  I can apply for this flat with my miiCard and allow the letting agent to do the rest!  Awesome!

How about dating online?  How often have you heard of grotty little people preying on the vulnerable in dating sites?  They chat, they get on fine, he says he’s the same age and she loves his sense of humour, he has a Facebook with loads of photos so she knows he looks cute.  So how come now she’s standing by a pier and a creepy guy who’s 20 years older than her and he is not taking no for an answer?!  If the dating site had people register with miiCard, people would know that who they’re talking to is who they say they are!

Why has no one done this before?!  Identity theft is one of the biggest threats to our security online and being able to prove who you are is not always so easy, to be able to do it so quickly like this is brilliant.  I was hooked in and the day after my initial email, I got an email from CEO James Varga inviting me for an interview, which I of course attended the next day and was offered the job less than a week later.  Because of my dazzling looks I do not doubt…

I remember that the vacancy as advertised online described the position as “being part of something big” and thinking how much I agreed with that statement.  If miiCard takes off, I think the term miiCard will be as well known as the name PayPal.  Almost everyday I think of a new reason why a miiCard would come in handy.

And that’s how I shall leave you, with this question and the video after it, how many ideas pop into your head where proving your identity instantly online would save you time?

lulz security logoAt 00:03 (BST), 26 June 2011, Lulz Security has claimed to be shutting down. With a statement saying that their 50 day voyage is over, they have announced that they no longer plan to continue.

This claim to have planned only to run for 50 days is rubbish. Hell, their claim that they’re just wanting to get on with their lives now, is rubbish.

The fact is, Lulz Security is/was just a group of six people, probably kids, that performed hacks that are not new. They likely used freely available software to any high school child with a fetish for hacking. Under no circumstance should they be seen as hacking master minds. They only wanted the fame that comes from knocking out a few high profile sites.

So what’s really caused them to close down. Well, to use Lul’z favoured nautical puns, that’s simple, they got into water that was too deep. With rival hacking groups out to expose them and law enforcement agencies the world over desperate to get their hands on them, they realise that they simply do not have the know how to hide themselves much longer.

I think a reaction from the public has assisted too. I doubt I’m the only one who questions Lulz motives, as I did in this previous blog. No, I think Lulz will have seen that people do not support a hacking group that’s just out for the fun of it, just out for the fame. People who support hacktivist groups like Anonymous don’t want fun or a new set of celebrities, they want the world to be a better place.

Here’s Lulz Security’s statement.

Friends around the globe,

We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us.

For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It’s what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.

While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you. Even Hitler and Osama Bin Laden had these unique variations and style, and isn’t that interesting to know? The mediocre painter turned supervillain liked cats more than we did.

Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we’ve gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don’t stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.

So with those last thoughts, it’s time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind – we hope – inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.

Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.

Let it flow…

Lulz Security – our crew of six wishes you a happy 2011, and a shout-out to all of our battlefleet members and supporters across the globe

——————————————————————————————————

Our mayhem: http://lulzsecurity.com/releases/
Our chaos: http://thepiratebay.org/user/LulzSec/
Our final release: http://thepiratebay.org/torrent/6495523/50_Days_of_Lulz

Please make mirrors of material on the website, because we’re not renewing the hosting. Goodbye. <3

lulz security logoSome of you may have heard that over the summer I’ve got an Internship with Tayside Police as part of my degree, helping to improve their online presence not just on their website but through Social Networking sites such as Facebook and Twitter to better engage with the community. With that said, I’d like to point out that like always, my views expressed here may not necessarily reflect those of any group whether it be corporation, public sector body or educational institute or indeed anyone. These are my personal ramblings as an individual and a computer scientist.

In recent weeks, a small hacking group has come to light known as Lulz Security. They have gained fame in hacking major internet based companies and releasing information to the public with the aim to highlight, what Lulz Security see as, their flawed security systems.

With hacktivist group Anonymous making headlines on a daily basis, Lulz Security’s attacks are not a new phenomenon however, I do believe their motives should not be seen in the same light.

While I have struggled to agree with some of the hacks that Anonymous have performed, I do agree that they are performing attacks based on a moral objective and I have to say, I have found myself agreeing to some of their recent targets. Anonymous have made great attempts to fraught the work of state run operations to censor and remove the human rights of people around the world, like in Tunisia where the people are being oppressed and are calling for freedom.

“We will not forgive corruption, we will not forget injustice, we will not tollerate the denial of our freedoms and we will not be silenced.” Anonymous Press Release

While I may not agree with every single action that Anonymous take, I do very much agree with what they stand for. I can not say the same for Lulz Security.

There are many suggesting that Anonymous has joined hands with Lulz in what they are calling operation AntiSec however I do not believe this to be entirely true. What we must remember is that Anonymous doesn’t have a leader, really, Anonymous could be anybody and everybody so while many who consider themselves to be part of Anonymous may support AntiSec, it is not my belief that the majority of them do.

Lulz Security is not following a moral purpose, they are not fighting organisations that seek to oppress and while they may be seeking to expose companies with poor security, I believe their targets may be poorly chosen.

Yesterday, the website of the Serious Organised Crimes Agency in Britain had to be taken down after receiving a massive Distributed Denial of Service (DDoS) attack by Lulz Security and government organisation like our police forces have been left worrying about attacks on our own services.

However, while Lulz succeeded in attacking SOCA’s website, what did they really achieve? They achieved the feat of taking down a page that does not hold secure data but rather only offers information to us, the public. If anything, they succeeded in censoring information made available to all of us. Isn’t that the opposite of what Anonymous is aiming for?

Yes Lulz Security showed that this site was susceptible to being overloaded with requests but as someone working on a similar site, I’d be confident in assuming that most public websites of law enforcement agencies are just as susceptible as, in this economic climate in which tax payers money is to be spent sparingly, such protection is afforded only for mission critical systems.

Most websites run by police forces are not on expensive web servers like those of Facebook and Google but in fact, quite ordinary servers, not much different to those used by small businesses as they do not require major processing power to run and they do not hold secure data. They hold data that is online for the general public, to raise awareness of their missions to help the public.

I think Lulz Security, while they may believe what they’re doing is right, has become arrogant and have in recent weeks shifted away from aiming to be a force for good, but have instead moved to only work for fame through their ability to show off as they attack companies, showing “flaws” that are frankly, unimportant when greater issues exist else where in the world and online.

My name is Andrew Paul Barratt, I’m a student of Applied Computing at The University of Dundee and on the 21st of May 2011, I tweeted the identity of a man who has a super-injunction to hide the fact that he had an affair as Ryan Giggs.

Tweet: -cough cough- Imogen Thomas -cough cough- affair -cough cough- Ryan Giggs -cough cough- Screw your injunction! -cough cough splutter-

There exists a paradox in the campaigns for internet freedom, the campaign to protect the privacy of ourselves and others online and the campaign to be able to say anything about what we want, who we want and how we want. I say this to show that we recognise that respect for privacy is of great importance however, the use of this to put limits of our freedom of speech is a place where the line must be drawn.

In the United Kingdom, an injunction can be sought after by those wishing to keep matters of their personal life private by denying the press from publishing details of said matters. A super-injunction is much the same but goes one step further in that it denies the press from making public the fact that an injunction even exists.

Recently, Ryan Giggs, a footballer who has played for Wales and been honoured as an Officer of the British Empire (OBE), claimed a super-injunction to hide the fact that he had an affair with ex Big Brother Housemate, Imogen Thomas.

After his name, previously known only as CBT, was leaked on Twitter, calls for prosecution were made, igniting a rampage of rebellion with thousands of people, including myself, tweeting and retweeting Giggs’ name again and again.

On the 23rd of May, at least 75,000 had published his name and Member of Parliament (MP) John Hemming stood in the house during discussion on privacy orders and named the footballer, thus using his parliamentary privilege to break the court order. It’s worth noting that parliament is always broadcast live on dedicated national television channel, BBC Parliament.

Mr Hemming asked whether it was right to carry on supporting injunctions that it was clear that the population of the United Kingdom had no support for, referring to them as “a law that clearly does not have public consent.”

And so the key point was addressed, in a democratic country, where the government that makes the laws is chosen by its people, how can a law that goes against our freedom of speech have ever been allowed to exist? I for one, will not support it.

Today, the 25th of May 2011, Twitter’s European boss, Tony Wang announced that they would hand over the names of all those who had revealed Ryan Giggs’ affair and that all of them would be on their own to defend themselves, “whether that is a motion to quash the order or to oppose it or do a number of other things to defend themselves.”

Well my decision is to oppose it. I will not delete what I tweeted and I will not be made silent. It is our freedom of speech and it is my right to defend it. Injunctions that deny our right to say what we like are, in my opinion, illegal and I will campaign to see an end to them.