BT's IPv6 EXPIRED security certificate left to rot on its website

Telecoms giant unaware of 'admin error' for nearly a month


BT may insist that it is committed to a smooth transition to the new interwebs address system – IPv6 – but a quick glance at the company's corporate website last month left some Brits questioning the one-time national telco's promise.

That's because the telecoms giant embarrassingly failed to spot the fact that its security certificate had expired when BT.com was accessed via IPv6.

The blunder remained in plain view for three excruciating weeks, and appears only to have been fixed after The Register got in touch with BT to point out the howler, despite the company being notified about the cockup by a handful of tech types over the course of the past few weeks.

A BT spokeswoman gave us this statement:

The SSL certificate on bt.com expired on Feb 12th 2014 at 00:59. An administrative error resulted in BT not being aware that the certificate was about to expire. Once BT was aware of the issue the certificate was renewed and this was in place on 3rd March 2014.

Just days after BT's own SSL cert over IPv6 expired, the firm's Diamond IP boss Tim Rooney crowed in a blog post about how customers could make block allocation "easy" under the new address plan.

The BT spokeswoman told us that, despite the blunder, the ISP was "fully committed to IPv6 and has exciting plans for IPv6 in 2014, we will share more details with customers in the coming months."

Hat-tip goes to Stefan van der Eijk via Twitter

In the meantime, though, customers seeking information about BT's IPv6 plans are greeted with an out-of-date webpage that states:

We, in BT, continue to manage efficiently our allocation of IPv4 address space and are also taking the necessary steps to manage a transition to IPv6. We are committed to the development and support of IPv6 on our networks and services and have a programme of investment in our network and systems over the next few years.

During 2011 and 2012, we will be working on our plans for full introduction of IPv6 to our Global and UK platforms, including hardware and system upgrades.

So that's all right then! ®

Thanks to Reg reader Jaroslaw for also flagging this up to us.

Similar topics


Other stories you might like

  • India reveals home-grown server that won't worry the leading edge

    And a National Blockchain Strategy that calls for gov to host BaaS

    India's government has revealed a home-grown server design that is unlikely to threaten the pacesetters of high tech, but (it hopes) will attract domestic buyers and manufacturers and help to kickstart the nation's hardware industry.

    The "Rudra" design is a two-socket server that can run Intel's Cascade Lake Xeons. The machines are offered in 1U or 2U form factors, each at half-width. A pair of GPUs can be equipped, as can DDR4 RAM.

    Cascade Lake emerged in 2019 and has since been superseded by the Ice Lake architecture launched in April 2021. Indian authorities know Rudra is off the pace, and said a new design capable of supporting four GPUs is already in the works with a reveal planned for June 2022.

    Continue reading
  • Prisons transcribe private phone calls with inmates using speech-to-text AI

    Plus: A drug designed by machine learning algorithms to treat liver disease reaches human clinical trials and more

    In brief Prisons around the US are installing AI speech-to-text models to automatically transcribe conversations with inmates during their phone calls.

    A series of contracts and emails from eight different states revealed how Verus, an AI application developed by LEO Technologies and based on a speech-to-text system offered by Amazon, was used to eavesdrop on prisoners’ phone calls.

    In a sales pitch, LEO’s CEO James Sexton told officials working for a jail in Cook County, Illinois, that one of its customers in Calhoun County, Alabama, uses the software to protect prisons from getting sued, according to an investigation by the Thomson Reuters Foundation.

    Continue reading
  • Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

    Another terrible launch, but DICE is already working on improvements

    The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

    I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

    The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

    Continue reading

Biting the hand that feeds IT © 1998–2021