As Twitter attempts to make it service more secure and possibly facing legal action by Kim Dotcom for patent infringement some security experts say 2FA is basically b0rk3d already.

There's more about it in the story linked to above, but I'm wondering where to next if 2FA now can't be trusted?

And here's Mr Dotcom himself, not talking about his 2FA patent.

Kim Dotcom taking the stage at the launch of Mega. Photo: Juha Saarinen

This is how it happens these days. Boya Dee live tweeting the Woolwich murder of a cadet soldier by islamist mad men.

This Tumblr, Dom's laptop is in Iran, did something everyone does at some stage.  it named and shamed those who seemed guilty of something. Long story short: Dom's laptop was stolen and ended up in Iran. Through remote access software, Dom tracked the laptop over the Internet and activated the camera on it. He took pictures of people and published them.

Except, the people in the pictures weren't the ones who had stolen his laptop. In Dom's words:

Further news

The innocent new owners of my laptop have been in touch and are mortified about the story and are keen to return the laptop.

Given the huge error of judgement on my part in sharing the story and failing to respect their privacy I have asked them to keep it by means of an apology.

Hope I'm not doing a Dom by posting this reminder (to me as well) that things aren't always what they seem at first glance.

Other related posts:
Two-factor authentication broken
The problem with naming and shaming
Hitler finds out that Google Reader is being shut down

This guy is serious.

Victor Lewis-Smith applies for a presenter's job at the BBC.

Apparently, there were over 25,000 lightning strikes in just one day.

By Noelia Ramon.

Getting used to Windows 8 means learning new ways of doing familiar things. This is fine, provided there's a benefit to be had but unfortunately, Microsoft has made some mystifying choices in Windows 8 that add complexity and effort to completing tasks, instead of the opposite.

For instance, I like the ability to use keyboard shortcuts and the ability to start typing a program or file name in Windows 8 to locate it instead of playing the find-the-tile horizontal scroll-o-rama game.

The search function in Windows 8 is fast and comprehensive, but defaults to looking in the Apps section. If you look for Windows tools like Device Manager or Windows Update, the search function should have enough smarts to show them in the left-hand side pane, instead of saying "No apps match your search".

Search has in fact found Device Manager but as it's in Settings it won't show up to the left unless you select that area instead of Apps. I have no idea why this is considered the right way to display search results in Windows 8.

Strangely enough, if you search for Control Panel, it shows up all right, but not the applets in it.

While in Control Panel let's say you want to add an Admin user like you would in Windows 7.

That's not how it's done Windows 8: you have to use the Metro-style PC Settings to add users instead.

OK, so you add the user and then discover there's no way to promote the account to Administrator. This is done in the stripped-down Control Panel applet mentioned above which also has other user management functions. I imagine the change is done to discourage the creation of Admin users, for security reasons. Nevertheless, could user management not be done in one single place?

Oh, and futzing around with settings reveals that Windows 8 only seems half-aware of hardware keyboards. You notice this as you get password and other input fields that bring up the large on-screen keyboard even though the hardware one is active at the moment.

Next, I wanted to play the horrendously addictive Wordament game, available from the App store for free. Don't install it, as you won't be able to stop playing it.

Even though I was logged in with my Microsoft account which is tied in with my Xbox one, Wordament said it had to log into the Xbox service. Fine, do that. Except it timed out after a minute or so with a "we're not sure what went wrong" error message and I was told to sign on via the Xbox.com website.

Right, click and the Win8 style version of Internet Explorer starts up and you go to Xbox.com.

Wait. "The site www.xbox.com uses add-ons that require Internet Explorer on the desktop."

At this stage, any normal person would get a bit hot under the collar and mutter some nasty words in Redmond's general direction. Not me though. I fired up Internet Explorer on the desktop and logged in to Xbox.com and finally, I could play Wordament. Having to jump through multiple hoops just to play a game didn't try my patience at all.

The reason this is happening is due to Microsoft being on a mission to make the web a plug-in free zone. Not all parts of the company read the memo though. Microsoft's Office 365 site pops up the same message.

Now, this isn't Microsoft's fault (I think) but Google Chrome on Windows 8 touch-enabled PC doesn't work very well. The device I'm using has a hi-res, 1,920 by 1,080 pixel 11.6" screen so in Desktop mode, things are really small and hard to hit with big fingers. Using the default 125 per cent scaling helps but some things need to be even bigger to work for touch. Unfortunately, scaling to 150 per cent puts screen elements out of whack - and Windows 8 warns you this will happen.

Not being able to scale screen element on hi-res displays isn't as bad as it seems because in IE10 I can pinch-zoom to make things bigger and smaller.

Chrome however doesn't understand that gesture in Desktop or Windows 8 modes yet. Voice chats and hangouts don't seem to work either but Google says it's working on those issues. Muh.

One thing I miss while in Desktop mode is the ability to start typing to search the computer, as you can while in Windows 8/Metro mode. I'd happily trade the Win8 swipe from top of the screen to the bottom method of closing programs, which works badly on big, vertical touch displays, to be able to search by typing in Desktop mode.

I'm not sure why Telecom has decided to slap on a $20 a month email charge for people who aren't their customers but who have an xtra.co.nz address but they have. That's a good chunk of money that you really don't need to hand over to Telecom.

If continuity of email service is important to you, set up your own domain. It's really easy, and not very expensive. Even .nz domains that used to be pricey have come down a lot. Get an ISP to host it and shop around, because the cost varies a lot. Use IMAP to make sure you have a local copy of the mail message store and that's pretty much it. No more being held hostage by your provider.

There are other ways to do it too, including hosting your own domain to have full control of it.

Forget about "email portability" which means you could take your email.address@some.isp.net.nz with you to a new provider. That's solution would be far costlier and complex for you than simply getting your own domain. It wouldn't be fully portable either, because some.isp.net may fold at some point in time, taking the domain with it.

I am really surprised that Telecom didn't consider how the charge would be seen by the public though.

In simple terms, customers trusted Xtra with their communications. Even when they left they didn't cancel their email accounts, but kept them with Xtra. Some do this out of necessity - I've seen Xtra, Clear, and Orcon addresses for instance on stationery, packaging, car livery and in advertisements. Changing all that is a major exercise and inconvenience.

There are two ways for an ISP like Xtra to look at this. First, the harsh, straight up business one: these are customers that use your infrastructure for free. They should either pay or get off the network.

That's fair enough, but consider the trust: maybe this is an opportunity instead, to win back customers who have gone to other ISPs? Offer them a good deal to get them back. Even if they don't come back, you may get some useful feedback that tells you why they left for another ISP.

Xtra has their email addresses after all, and an existing business relationship so it wouldn't be spamming.

Update Am told Telecom did just that, and sent out a message to customers with some offers. Will post the email if and when it arrives.

Update II And here's the email from Xtra:

Account number: xxxxxx

Dear Customer

A recent review of our records shows that you no longer have your broadband service with us on the account number listed.

When you first signed up to Telecom Broadband on account number xxxxxx you automatically received free access to Premium Services such as an Xtra email address, Telecom Security Suite, Flickr Pro, Yahoo! Mail and 10 Free Sub Accounts. As you've now disconnected the broadband connection on this account, you are no longer eligible for these free Premium Services (including the Xtra email address), so we are writing to tell you about the changes to your account.

If you no longer need your Xtra email address and other Premium Services, please ignore this email as you don't need to do anything.

To update your details or to select a new plan please complete our online form.

Your Xtra email address

Unless you contact us your Xtra email account (xxxx@xtra.co.nz), which you received free as part of your Telecom Broadband plan will be suspended on 28 November 2012. This means you will be unable to send or receive emails using your Xtra email address, or access Yahoo! Mail.

Upon suspension you will have 50 days before your email account will be disconnected permanently and you will no longer be able to access any files, folders or services associated with your Xtra email account.

Photos on Flickr

If you use Flickr, then you'll know that your Flickr account is linked to your Xtra email. For that reason your Flickr account will also be suspended on 28 November 2012 so you won't be able to access any photos or albums on your Flickr account. To regain access to your photos you will need to reinstate your Xtra email account within 50 days from the 28 November 2012. After this time your Flickr account will be disconnected permanently and any photos saved on Flickr will be lost.

Security Suite and sub-accounts

Your subscription to Telecom Security Suite will stop once your Xtra email account is disconnected. This means you will no longer receive automatic updates for your suite.

If you have any existing sub-accounts, then these will also be disconnected with your primary Xtra email account.

Your Dial-Up Plan

You may not be aware that you have a backup dial-up plan on this line as part of your fixed broadband connection. With this dial-up plan you were not charged a monthly rental and were only charged $2.50 per hour if or when you used the dial-up service. As you've now disconnected your broadband, the dial-up plan has also been removed.

What happens next?

If our records are incorrect or if you have a Broadband service on another Telecom account, or if you wish to pay a fee to retain the Premium Services (including the Xtra email address) you need to fill out our online form. before 28 November 2012 to avoid having your account suspended.

If we don't hear from you by 28 November 2012, then your Premium Services and Xtra email account will be suspended for 50 days, after which time your Xtra email account and associated Flickr account will be disconnected permanently. So don't delay, for more information about your options simply go to telecom.co.nz/athome

Kind Regards

Simon Winfield

www.telecom.co.nz

"The only extra information which was missing from this e-mail which would be found out if they spoke with a CSR as per the email below is they can transfer their Xtra account to a Mobile Broadband Account if they have one of those.  This option is over and above of moving it to another customer, correcting the information if it's incorrect.  The final option is paying for dialup if they have a Telecom Landline ($10) or if they have no relationship with Telecom ($20)."

A media release from CIT minister Amy Adams arrived earlier today. It states:

Year three ultra-fast broadband deployment plan released

Communications and Information Technology Minister Amy Adams has welcomed the release of Chorus' year three deployment plan for the rollout of the Government's Ultra-Fast Broadband programme.

Chorus today confirmed that work to deploy the UFB network in Feilding, Gisborne, Greymouth, Kapiti, Levin, Pukekohe, Upper Hutt and Waiuku will start between July 2013 and June 2014.

Once work has started in the regions covered in Chorus' year three deployment plan, the UFB rollout will have commenced in 32 towns and cities throughout New Zealand.

Ms Adams says the deployment plan released today shows good progress is being made on a project that will ultimately transform the New Zealand economy.

"The UFB initiative is central to the government's economic growth plan. The Government's broadband policies are a big part of our plans to lift the long-term performance of our economy, create jobs, and boost incomes," Ms Adams says.

"The future of broadband is in fibre, and it will bring significant gains for productivity, innovation and global reach."

The UFB initiative involves Government investment of $1.35 billion - alongside private sector funding - to roll out fibre to schools, hospitals, and 90 per cent of businesses by 2016, and links to homes and remaining businesses completed by 2019.

The Government has a separate $300 million Rural Broadband Initiative to address the specific broadband infrastructure needs of rural New Zealand.

It will bring faster broadband to 86 per cent of rural homes and businesses, with peak speeds of at least 5Mbps.  Before the RBI was launched, about 20 per cent of rural homes and businesses had access to 5Mbps, and about half of the rural community used dial-up.

No mention of Auckland. What's Chorus doing in our biggest city then? I headed over to www.chorus.co.nz/maps and used the err, map there to get an idea of what UFB deployment time line for Auckland might be.

Selecting the UFB Zones Layer on the map shows that all of Auckland will be covered, ditto Waiuku and Pukekohe down south. Eastwards, Beachlands, Maretai and bit further north, parts of Waiheke Island. North, Whangapararoa and Orewa will get UFB too.

Doesn't say when though. The UFB deployment in Auckland has already started on a modest scale, but when will the city have full coverage? To find out, I deselected the general UFB Zones Layer, and selected the Layers for Year 1, 2 and 3. This is what Chorus' Auckland UFB coverage will look like by June 2015 2014:

That's a very different picture, with large swathes of Auckland not being covered by the UFB until well, I don't know when really.

Also, the UFB coverage is really patchy. What gives?

Update For completeness, here's the Chorus Business Fibre layer too for Auckland:

Update II This from Crown Fibre Holdings' fact sheet on the agreement with Chorus:

UFB Marketplace
The population of the new Auckland Super City is estimated at nearly 1,462,000 people.  This
includes more than 24,200 business premises, more than 400 schools and more than 2,500 medical
and other healthcare services, as well as more than 1,300 other, mixed used premises.

Indicative Build Timeframe
August 2011 marks the beginning of an eight and a half year build programme. All health premises
and schools will be covered by December 2015, with ninety percent of businesses complete then
too. 

So, eight-and-a-half years to completion in Auckland.

The most recent CFH progress report I can find is from April 2012, and has this long term deployment charts:

Hard to make out for sure, but it looks like 250,000 premises passed by June next year, just over 400,000 by June 2014, and 600,000 by June 2015. Looks like Chorus' rollout pace is around 100,000 premises passed per year.

A premises by location chart would be useful.