PL charge City for alleged breaches of financial rules

hammocity said:
You're wrong about the "International Punter", I've posted we've encountered Ajax and Dortmund fans who told us we were "cheats", we straightened them up (in a non violent way) and educated them to the "truth".
Click to expand...
They are 'fans/ultras not punters.

Most fans of our rivals think were cheats.

Most average international punters think were great.
 
decmancity said:
City are growing faster than any other club has in the history of football, on and off the pitch.

We are signing international sponsorship season upon season, beating the "elite" to world class youth talents every summer and signing superstars like Haaland as well as having the current reigning balon d'or winner.
Click to expand...
True so far , the 115/130 is becouse we are growing so fast if we want to continue to be succsessfull and one of the big guys we have to clear out name we have to start using PR , we have to fight back ir we will loose .
 
Cityfan1977 said:
True so far , the 115/130 is becouse we are growing so fast if we want to continue to be succsessfull and one of the big guys we have to clear out name we have to start using PR , we have to fight back ir we will loose
Click to expand...
Believe what you want mate, this conversation is going nowhere. You are wrong.
 
LeonardoDaVnci said:
Password protection on its own is archaic. Any organisation serious about IT security will have VPNs all over, and every employee will have a physical token, bit like a USB stick. No token, no access, go home. Lose your token it gets disabled for ever, you have to beg IT for a replacement. When an employee leaves the company access via their token is auto disabled, the employee should hand it on last day, but even if they don't the token is disabled for ever. Also on the last day of employment all passwords should be disabled for ever. Allowing the dippers access to our scouting network after they left was just negligence by us.
Click to expand...

Never said you don't remove creds/disable access to people who leave so not sure what the point is.
Also I don't disagree on password only based access.I said if they used an existing user's credentials removing the creds of the person who left may be irrelevant because we don't know technically how the system was accessed such as VPN or another approach. We don't know enough about the system in question e.g. was it SaaS based run by a 3rd party accessible from anywhere? So we should avoid assumptions.
 
Cityfan1977 said:
True so far , the 115/130 is becouse we are growing so fast if we want to continue to be succsessfull and one of the big guys we have to clear out name we have to start using PR , we have to fight back ir we will loose .
Click to expand...

Our name will never be cleared regardless of the out come. I think you are giving the British press/media to much credit for the power you think they hold
 
chocovla said:
In this case it was still very bad security procedures. Makes you think how and where these credentials landed at Liverpool. And as alreay has been mentioned MFA should have been put in place, maybe ip-restrictions for logins, user alerting for abormal logins. Standard procedure in more security mature organizations.
Click to expand...

No expert in computer security but it seems to me that, any way you look at it, the security protocols in place must have been dreadful in 2012 and 2018. Password protection is one of the most basic security procedures around. Weren't the employees sharing passwords in 2010/11 and it took a year or so to identify the wrongful access? As for email attachments, surely they should have been scanned by an anti-virus software before being made available to employees? Pretty sure we were doing that when I had a corporate account. Any risk and the attachment wasn't delivered. And that was well before 2018 ....

Interested in the views of any professionals on here.
 
Khaldoon needs to create his own media operation.

Paper
Tv
Report it on the socials.

Soon enough the information would get balanced against the legacy media.

On all seriousness, we need to be spreading our innocence on the socials. The rest no one cares about anymore.
 
halfcenturyup said:
No expert in computer security but it seems to me that, any way you look at it, the security protocols in place must have been dreadful in 2012 and 2018. Password protection is one of the most basic security procedures around. Weren't the employees sharing passwords in 2010/11 and it took a year or so to identify the wrongful access? As for email attachments, surely they should have been scanned by an anti-virus software before being made available to employees? Pretty sure we were doing that when I had a corporate account. Any risk and the attachment wasn't delivered. And that was well before 2018 ....

Interested in the views of any professionals on here.
Click to expand...
You'd be surprised how a lot of companies and government agencies still operate ;-) It has gotten better in the last 5 years, also in part due to more stringent GDPR rules. In the past I've even had to block access to several systems because I noticed one of our contractors using 1 account for all their employees. Every day it's a real slug to convince people to follow more secure procedures and techniques, but it's often seen as overzealous and inconvenient, or this will never happen so we won't implement this. It does still keep me in a job as a security officer mind :-)
 
Cityfan1977 said:
yes I do.

I dont have to explaine the way City are talked about in the UK it is the same in Iceland and scandanavia only worse.

There are football trips advarted all the time , games at Old Trafford, Anfield ,Arsenal, Tottenham even Fulham very few times have I seen add for a City game.

If you go into Sport Direct there are no City shirts only behind all the others, I have even moved the City Shirts to the front , the next day they are gone.

There are many on here who are relax about this. But we have been winning everything so I thing that has forced people to talke about litle City that will not be forever .
You are very naive if you think that PR doesnt matter, without that United and Liverpool would be nothing today.
Click to expand...
Didn't City do a recent trophy tour in Iceland and CFG showing an interest in purchasing a club there and those City shirts in sports direct may have been sold.
 
wolviedinho said:
Khaldoon needs to create his own media operation.

Paper
Tv
Report it on the socials.

Soon enough the information would get balanced against the legacy media.

On all seriousness, we need to be spreading our innocence on the socials. The rest no one cares about anymore.
Click to expand...
boom there you go thats what I am talking about
 
chocovla said:
Which really baffles me. Therefore I think it was part of settlement. In my line of work it's normal operating procedure to always contact the local cybercrime units to report this sort of thing. Even attempted hacks are reported.
Click to expand...
I can only assume the PL pressed us to settle quietly and we agreed. There is a PL rule I think that disputes must be settled between the parties without external involvement but I don't see how that applies to criminal offences. Perhaps, as someone said above, we naively believed it would help us in some way. Perhaps the quid pro quo was that the PL wouldn't take any action over our issues with UEFA over our initial FFP assessment.

Perhaps we even reported it to Merseyside Police! ;-)
 
Last edited:
lancs blue said:
We were also bigger than that rabble in the 1920s and 30s. Most of their "history" stops at WW2.
Click to expand...

Your right,
but that period in the mid-60s to late 70s was the last period we could match up to the rest

Manchester City is steeped in history and stands up to most, But the Swales years at City and being run as a joke club for 40 years was right bang in the United and Skys Premier league years
 
EricBrooksGhost said:
I thought they used an existing users password, if so what exactly is poor about the security procedures?
Other than user education on cyber security, fundamentally it's down to human ineptitude not lax security; you don't change everyone's passwords when one person leaves a company.

Edit: I do agree that we should have more than just password based access i.e. 2FA; but if an existing user's password was used the flaw is with that user
Click to expand...

The culture & training should have warned about sharing passwords, clicking on links. Awareness improves security.
 
chocovla said:
You'd be surprised how a lot of companies and government agencies still operate ;-) It has gotten better in the last 5 years, also in part due to more stringent GDPR rules. In the past I've even had to block access to several systems because I noticed one of our contractors using 1 account for all their employees. Every day it's a real slug to convince people to follow more secure procedures and techniques, but it's often seen as overzealous and inconvenient, or this will never happen so we won't implement this. It does still keep me in a job as a security officer mind :-)
Click to expand...

Fair enough. I would have thought the old maxim "Once bitten twice shy" applies, but what do I know? :)
 
EricBrooksGhost said:
Never said you don't remove creds/disable access to people who leave so not sure what the point is.
Also I don't disagree on password only based access.I said if they used an existing user's credentials removing the creds of the person who left may be irrelevant because we don't know technically how the system was accessed such as VPN or another approach. We don't know enough about the system in question e.g. was it SaaS based run by a 3rd party accessible from anywhere? So we should avoid assumptions.
Click to expand...
It was a third party scouting system.

As far as we know, City contacted them and said X has left, disable his access.

But then X gets to liverpool, logs in and finds he still has access to his dashboard with the city content on.

Did City follow up with the firm and confirm his access was removed?
Did they send an email to the wrong company?
 
halfcenturyup said:
No expert in computer security but it seems to me that, any way you look at it, the security protocols in place must have been dreadful in 2012 and 2018. Password protection is one of the most basic security procedures around. Weren't the employees sharing passwords in 2010/11 and it took a year or so to identify the wrongful access? As for email attachments, surely they should have been scanned by an anti-virus software before being made available to employees? Pretty sure we were doing that when I had a corporate account. Any risk and the attachment wasn't delivered. And that was well before 2018 ....

Interested in the views of any professionals on here.
Click to expand...
I have been in IT my entire career, working at billion dollar companies and in our most recent round of phishing training. The head of IT security got caught out.

Shit happens, nothing is infallible.
 
The fans of other clubs believed we were cheats long before the charges. The media made sure that was the case. The majority of people have a belief system created by the media. The outcome of a tribunal won't change that, the media will continue to manipulate, cajole and ultimately decide the truth.

He who controls the media, controls the minds of the people
N oam Chomsky
 
Cr
decmancity said:
It was a third party scouting system.

As far as we know, City contacted them and said X has left, disable his access.

But then X gets to liverpool, logs in and finds he still has access to his dashboard with the city content on.

Did City follow up with the firm and confirm his access was removed?
Did they send an email to the wrong company?
Click to expand...

But…. That’s not what happened. The Liverpool employee when he left City acquired someone else’s login details and used those - not his old City credentials. Demonstrates clear evidence of wanting to hack the system by using login details never issued to them and Liverpool FC were clearly comfortable accessing and using data that clearly wasn’t theirs.
 
You must log in or register to reply here.
Unread Posts

Don't have an account? Register now and see fewer ads!

SIGN UP
Back
Top