[GLLUG] Am I over-reacting to this?

John Edwards john at cornerstonelinux.co.uk
Tue Jan 14 16:59:12 UTC 2014

B1;3201;0cOn Tue, Jan 14, 2014 at 04:34:52PM +0000, Bernard Peek wrote:
> On 14/01/14 14:10, John Winters wrote:
>> I nearly fell off my chair when I discovered this.  Am I over-reacting?
> No. And the fact that the ISP hides the fact that they have opened
> the interface takes this into territory covered under the Computer
> Misuse Act 1990. Whoever authorised this could get 6 months
> porridge.

Unlikely, as that covers "unauthorised" access and I would expect the
ISP to argue they their access is authorised as part of the ongoing

It is quite clearly bad practice and would also violate the PCI DSS
requirement for a secure network and not using vendor defaults for
system security. The Data Protection Act 1998 also talks about the
need to prevent unauthorised access to personal data.

|    John Edwards   Email: john at cornerstonelinux.co.uk    |

More information about the GLLUG mailing list