Quake3World

2 CD's should do it. Oops..

http://news.bbc.co.uk/1/hi/uk_politics/7103566.stm

You'd imagine it would be encrypted to a pretty high level so it would be fairly impossible to recover the data (unless they used a weak password)

PhoeniX wrote:You'd imagine it would be encrypted to a pretty high level so it would be fairly impossible to recover the data (unless they used a weak password)

I would have thought so too. But I dunno, aren't there computer whizzkids about that could crack something like that?

He urged the government to "get a grip" and said it was the "final blow for the ambitions of this government to create a national ID database" as "they simply can not be trusted with people's personal information".

damn right

you'd think theyd have a 24 hour disk by now

look what they could charge for it

What the hell kind of auditing organization asks you to send people's personal data to them on a disk in the mail?

R00k wrote:What the hell kind of auditing organization asks you to send people's personal data to them on a disk in the mail?

Exactly the same thing I was wondering

Seems pretty high-tech to me.

DRuM wrote:

PhoeniX wrote:You'd imagine it would be encrypted to a pretty high level so it would be fairly impossible to recover the data (unless they used a weak password)

I would have thought so too. But I dunno, aren't there computer whizzkids about that could crack something like that?

Not if it's done properly.

Chances are it wasn't.

R00k wrote:What the hell kind of auditing organization asks you to send people's personal data to them on a disk in the mail?

if you read the article it was meant to go via TNT special delivery not normal post. some junior dickmonkey fucked up

I'm more interested in the guy who is saying you need to get out of the stone age and use something less ancient than CDs. Like what? HDDVDs? Flash drives? Email? How are any of those going to be more secure than a CD?

I don't see why they can't transfer it over the Internet, a couple of disks wouldn't take long to transfer, and I'll be surprised if they don't have secure VPN tunnels between their offices.

Foo wrote: Not if it's done properly.

Chances are it wasn't.

They interviewed an ex hacker on TV tonight. When he was 13 he hacked into some of the UK's biggest companies. Now he's 18 and reformed. They gave him a passworded CD which he hacked in 4 seconds, suggesting he would have no problem in hacking the missing CD's whatever the encryption level.

seremtan wrote:if you read the article it was meant to go via TNT special delivery not normal post. some junior dickmonkey fucked up

PhoeniX got a little closer to what I was trying to say:

PhoeniX wrote:I don't see why they can't transfer it over the Internet, a couple of disks wouldn't take long to transfer, and I'll be surprised if they don't have secure VPN tunnels between their offices.

There really isn't any reason for companies to be sending personal data on a physical medium through any kind of mail these days. It's much more secure (and most likely efficient as well), to transfer it via an encrypted connection that requires credentials to access than it is to take all the data off a server, burn it to a disk, put it in a box and hand it to a mail carrier.

It doesn't make much sense, and it makes even less sense when it's an auditing organization that requests it this way. They're supposed to know better.

DRuM wrote:

Foo wrote: Not if it's done properly.

Chances are it wasn't.

They interviewed an ex hacker on TV tonight. When he was 13 he hacked into some of the UK's biggest companies. Now he's 18 and reformed. They gave him a passworded CD which he hacked in 4 seconds, suggesting he would have no problem in hacking the missing CD's whatever the encryption level.

If the CDs require, say, matching passcodes on both ends (something like PGP keys), or something similar, then it makes it very difficult. There are other ways to secure data that's stored on removable media as well -- heck, you could require biometrics if you really wanted to.

The problem, as Foo pointed out, is that most places don't have the type of developers on staff that it takes to really do this kind of thing. Unless they buy an expensive software package that does it for them, but again this is government we're talking about.

Much easier to use a secure connection that also encrypts the traffic.

DRuM wrote:

Foo wrote: Not if it's done properly.

Chances are it wasn't.

They interviewed an ex hacker on TV tonight. When he was 13 he hacked into some of the UK's biggest companies. Now he's 18 and reformed. They gave him a passworded CD which he hacked in 4 seconds, suggesting he would have no problem in hacking the missing CD's whatever the encryption level.

Yeah. Watching diluted lowest common denominator scaremonger tv junk will give you dumb impressions like that.

i could crack the encryption while getting a BJ and gun pointed at my head.

worst movie ever

so, when's the torrent coming?

Grandpa Stu wrote:i could crack the encryption while getting a BJ and gun pointed at my head.

Not possible. You could never get a blowjob. Give, no doubt, get, never happen.

DRuM wrote:They interviewed an ex hacker on TV tonight. When he was 13 he hacked into some of the UK's biggest companies. Now he's 18 and reformed. They gave him a passworded CD which he hacked in 4 seconds, suggesting he would have no problem in hacking the missing CD's whatever the encryption level.

*shake head*

4 seconds? Can't even put it in the drive that fast. He must be quite a nerd.

lol civil service.

lol, channel 4 got news on it now, the presenter is just ripping everyone involved. torys have taken a 9 point lead in the polls due to this scandal... labour bye bye?

edit: woa... channel 4 going hardcore pro-tory.... this election is gonna be interesting when it happens