You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
I wrote a post asking @tvlicensing to please secure (https) their website when requesting customer names, emails addresses and bank details - it's not! https://i83.co.uk/why-tvlicensing-co-uk-are-processing-millions-of-customers-data-insecurely/ … #infosec
Our website is secure and security certificates are up to date. Pages where customers enter data are HTTPS. Non HTTPS pages are safe to use despite messages from some browsers (e.g. Chrome) that say they are not.
Here is a screenshot of you collecting bank details over a non HTTPS connection. What you are saying is just not true.pic.twitter.com/THPRVS8Q27
Now look at what you have done. Assume you guys got a pcap or prox logs of HTTP traffic rather than just a page screenshot? Nothing worse than someone claiming a page has no HTTPS purely because of what's in the address bar...pic.twitter.com/30BxOnLbzW
We will soon migrate our entire website to HTTPS. More info on our website’s security: http://tvlicensing.co.uk/faqs/FAQ13 More information on how we keep your data safe: http://www.tvlicensing.co.uk/privacy-security-policies …
"Soon". Why don't you just do it now? You already have a HTTPS version of the site, it just isn't indexed by google, and you guys specifically allow people to NOT use HTTPS, and you set the insecure one as the default. Get it sorted, for the benefit of privacy and security. K?
Can @tvlicensing categorically declare that its site is #PCIDSS Compliant or whatever the UK credit card processing standard is these days ? Comms, processing, storage and business process independently audited. Regular #vulnerability updates. Huge fines for #breaches.
The credit/debit card handling switches to HTTPS, likely as it uses an external supplier. Direct debit details are, unforuntately, as pictured.
Stop, this isn't funny any more @tvlicensing - telling people to ignore security warnings in browsers is, to be frank, a fucking stupid and irresponsible idea.
And taxing people to watch live television isn’t? :D Honestly I don’t expect anything less from this shit-show. At least they aren’t wasting their ill-gotten funds on actually good infrastructure. It all goes on golf resorts like it should!
Scott- this is a social media person responding probably after doing a well intentioned search online for info. Yes better training and awareness is needed but can infosec stop being like this when it isn’t a security@ account?
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
