no comment! LOL :p
]]>If they ask about it, tell if you don’t do it the scientologists will be able to control your mind.
]]>Badtux, there are so many products and devices available these days that will protect a system, that not protecting one is simply stupid.
This is the same set of problems that arises with electronic voting software – there is no serious attempt at securing the system. It’s not like they don’t have an entire group at NSA who do nothing but harden government systems, but apparently no one knows they exist, although it is one of the stated purposes of the Agency on its non-classified mission statement, and has been for decades.
These people don’t really care or understand about security. They don’t seem to care or understand that the information they are making available is quite valuable to “terrorists”. What could better than having a faked passport that has all of the real information of another person on it.
]]>Anywho… our customers were adamant about privacy issues. We assigned our own student ID’s rather than using social security numbers as student ID’s, for example. We had to have social security numbers in the system in order to match up with the federal free lunch database so we could report the proper number of free lunch students to get the Title 1 funding for those students, but those social security numbers lived in an obscured field that you needed a special access code to change or view, and were not used on any reports produced by the system. And so on and so forth. We weren’t perfect, but mostly because the computer hardware and database software of the day just didn’t support the kinds of things like encryption that we take for granted today, I mean we were running an entire school district off of a 66mhz machine with 4MB of RAM and an 80GB hard drive for cryin’ out loud! The upside is that the data was decidedly less portable then, the actual computer lived in a secured area and all that you could do to access it was come in through a dumb terminal over a serial line. If you managed to escape from our menu system and found a Unix shell, there was no way to ship the data out en masse — there was no development environment, no network, no modem software to dial out on the modem, etc. The modem would answer calls but only allow the central office ID to come in to retrieve data via UUCP protocol (the nightly updates of the central office computer from the individual school computers). You couldn’t just grab a laptop and head out the door. The closest you could do to that would be to grab a QIC-80 tape and head out the door… not much to be done about that other than exhort the school secretaries to secure those when they did the weekly tape rotation, and folks able to read QIC-format tapes probably numbered in the low thousands.
Ah yes, the good old days. Hard to believe that was only 15 years ago! Now look at where we are. Everything’s on the Internet. Everything’s hacked and trojan’ed and root-kitted to a fare-thee-well. Nothing’s secure. And nobody seems to have a clue as to how to secure it. Ah yes, “progress”.
– Badtux the “If that’s progress…” Penguin
]]>[although i understand it’s illegal]
]]>They require a passport for more and more places and don’t have the people available to process the claims. They hire Joe’s Septic Tank Service and Passport Processing Company to fill in the gap, and they don’t do background checks on anyone. They still don’t have the final design for the ID cards for ports, much left have a system in place.
They are just totally incompetent, and so are the contractors they hire.
]]>Well, maybe some kind of case can be made that the fed gov should have some relatively small number of employees to keep track of but beyond that, nope.
Not only can they not secure the data the opportunity for misuse is exceedingly large.
]]>If I were still flying around and lost my passport, I’d just order another one from Hong Kong. It would probably have higher quality materials, and they would already have the data needed.
]]>