What’s in a Company Name? More Than You Might Have Bargained For…

When it comes to flexing its censorious muscles over what you can and cannot register as a company name in the UK, it appears that Companies House may have fallen behind the times.

The executive agency in charge of incorporating and dissolving registered commercial entities has long been known as a bastion of decorum and decency. Every year, the government body rejects a few dozen applications to set up companies on the grounds that the requested names are potentially offensive.

Back in 2018, a Freedom of Information request from the BBC shed light on this little-publicised aspect of the work Companies House does, securing a list of proposed names that had been knocked back that year. The rogues’ gallery included, among the milder examples, such profane suggestions as Blue Arsed Fly Designs Ltd and Sod It Systems Ltd.

It’s good to know that Companies House is working hard to protect us all from scurrilous entrepreneurs hell-bent on causing moral outrage with the name of their business alone. Yet where it seems the agency is not quite so effective is spotting the registration of names which, if you so much as view them on a computerised device, could execute a piece of malicious code.

All fun and games?

Yes, that’s right - people are actually registering pieces of command script as their company name. If viewed in the right circumstances on an unprotected server, these otherwise random-looking combinations of symbols and letters could trigger something unpleasant. And Companies House has been waving the applications through without a hitch.

So far, it seems as if this has mostly been tried by clever-clogs programmers looking to get a few laughs and a bit of kudos in the tech world. As this guy explains, his decision to register a name that looked like a bit of code for an SQL injection attack - something which could in theory have deleted the entire Companies House database - was all smoke and mirrors, as the script was deliberately written so it wouldn’t work. Still, it got him a lot of attention.

A more recent example flagged up by The Register did involve a ‘live’ script for a cross-scripting (XSS) attack, which would have run a script from the company’s website via the Companies House API. Again, the perpetrator claimed the aim was “to elicit a knowing chuckle from the kind of people we'd be doing business with!” They changed the name when it became apparent there were “non-trivial problems”.

These might have been nothing more than techy jokes, but the concern, of course, is what would happen if someone with genuinely malicious intentions did want to take advantage of the apparent lack of awareness Companies House has about this issue.

And as for amusing company names - call us old fashioned, but we like the classic puns the best. Here’s a list of the funniest shop names, as picked out by smallbusiness.co.uk, if you’re in need of a laugh. For our money, you can’t beat Wright Hassall, solicitors, or Sellfridges, white goods vendor. What’s your favourite?

Image by Markus Winkler from Pixabay

© Safe Collections is a trading name of Safe Collections Limited. Incorporated 1984. Company Number: 01815264. VAT Number: GB407358159. All Rights Reserved.

Please publish modules in offcanvas position.