Personal Data Security

[ai_Droid]

Cambon is right, you have said that the data will get QUOTE(ai_Droid @ Dec 4 2007, 01:14 PM)

Publicly debate what? That data gets stolen? Of course it f*cking does!

 

THAT IS THE POINT!!!!!

 

A central database with ALL your details is a perfect target, whereas a lot of different computers means that you have to hack them all to get the data. The central database because so many people will want access to data will get bombarded with requests and access will end up being compromised. The other possibility is crashing the system or putting in worms or viruses.

 

Thanks for confirming what we have been saying, very elequently as well

 

Thanks for demonstrating your conspiracy nutter ability of making incorrect conclusions from very little. I said 'data gets stolen', I didn't say anything else. Most data gets stolen from the data source, not from central databases.

 

You've not answered my points about risk either I notice..

 

I've said this already, but you seem to be hard of understanding, so I'll repeate it. Lots of different systems with the same data which is what the govenment effectively has currently, makes the data more vulnerable, because you only have to have an exposure to one of them to get the data. That makes the same data spread accross different systems more vulnerable than a central system that's easier to control. There's no argument here, thats simply the way it is.

 

But lets be straight here, nobody really gives a fuck about name and address data, or even back account details. The data we're talking about simply isn't that valuable. The personal data targets for online criminals is credit cards, pins, online banking logins, ebay logins, passwords and email addresses to scam. But you don't seem to care about this far more dangerous data being in the hands of pretty much every tin pot website in the world. Why not?

 

And finally, if government systems holding personal data are so easy to hack, why don't you show me a recent example of it?

[Albert Tatlock]

And finally, if government systems holding personal data are so easy to hack, why don't you show me a recent example of it?

Just google - "government computer system" hacked - and see for yourself.

[ai_Droid]

And finally, if government systems holding personal data are so easy to hack, why don't you show me a recent example of it?

Just google - "government computer system" hacked - and see for yourself.

 

I did of course, before I made the request. There's lots of defaced government websites, breaches in US Pentagon email system, attempts at MI5 which are reported as mostly internal attacks, but not any mention of theft of personal data though hacking.

[Cambon]

I did of course, before I made the request. There's lots of defaced government websites, breaches in US Pentagon email system, attempts at MI5 which are reported as mostly internal attacks, but not any mention of theft of personal data though hacking.

 

 

So if as in the case of MI5 it is all internal, are you not saying that they are also rotten to the core but we should trust them?

[Dodger]

And finally, if government systems holding personal data are so easy to hack, why don't you show me a recent example of it?

Just google - "government computer system" hacked - and see for yourself.

 

I did of course, before I made the request. There's lots of defaced government websites, breaches in US Pentagon email system, attempts at MI5 which are reported as mostly internal attacks, but not any mention of theft of personal data though hacking.

 

Hacking isn't the only way to have data stolen! 25 million people lost theirs because a person made a series of mistakes. The data is still lost and could be used to steal your identity which is always in the news.

 

A central system would allow for a concerted attack by a third party, China has declared for example that they will use internet based espionage against other jurisdictions and Estonia had to get NATO help to combat the attack as ALL their government is internet based!

 

The other point that you make about people not being concerned about loosing their bank account details - WHAT A LOAD OF BULLS*!T Would you be happy with loosing yours, nothing happens for a few months and then small amounts start to get transfered out until you are wiped out, especially if it is a savings account which you don't check too often!

 

Even as someone who works in IT, you must accept data is lost as you have stated this earlier in the tread. Even you can't protect the data from going, therefore where is the confidence for the government to hold all your data in a central system? There are those who are a lot less techy who would blindly expect the government to do the right thing?! There is also the probelm that the government are not asking for your details to be stored they are telling you that they will be storing them and passing them on to third parties to verify your identity.

 

The other point to remember is that as we go online with our details and they can have requests for the data from all around the world, therefore you have to protect the online systems from Global attacks!

[ai_Droid]

So if as in the case of MI5 it is all internal, are you not saying that they are also rotten to the core but we should trust them?

 

No, I'm saying its not attacks on personal data.

[ai_Droid]

A central system would allow for a concerted attack by a third party, China has declared for example that they will use internet based espionage against other jurisdictions and Estonia had to get NATO help to combat the attack as ALL their government is internet based!

 

That's military and industrial espionage, what does that have to do with this discussion?

 

The other point that you make about people not being concerned about loosing their bank account details - WHAT A LOAD OF BULLS*!T Would you be happy with loosing yours, nothing happens for a few months and then small amounts start to get transfered out until you are wiped out, especially if it is a savings account which you don't check too often!

 

Your bank account details are practically public domain. It's on every cheque you write, its on your bank card that you use everwhere all day long. Businesses display their account numbers on their letterheads and websites. Most sensible people don't give a fuck about their bank account number.

 

Even as someone who works in IT, you must accept data is lost as you have stated this earlier in the tread. Even you can't protect the data from going, therefore where is the confidence for the government to hold all your data in a central system? There are those who are a lot less techy who would blindly expect the government to do the right thing?! There is also the probelm that the government are not asking for your details to be stored they are telling you that they will be storing them and passing them on to third parties to verify your identity.

 

The other point to remember is that as we go online with our details and they can have requests for the data from all around the world, therefore you have to protect the online systems from Global attacks!

 

I've never said I work in IT. I accept data is lost, I don't accept you can't protect data, and have never said that.

 

You've ignored a bunch of my points again. Why are you happy for private business to hold your most crucially sensitive data and not Government?

[Cambon]

Why are you happy for private business to hold your most crucially sensitive data and not Government?

 

The answer to that is simple. Most people in private business are honest and trustworthy. Their livelyhood depends on their honesty. They will generally do their best to protect their client's and customer's information in the hopes of repeat business.

 

You cannot say that about the Government.

[ai_Droid]

The answer to that is simple. Most people in private business are honest and trustworthy. Their livelyhood depends on their honesty. They will generally do their best to protect their client's and customer's information in the hopes of repeat business.

 

You cannot say that about the Government.

 

Rot. We're talking about employees here, private business or government, the risk is the employees. Same pool of people in both. The difference is most small private businesses aren't audited, have to best practices, you're basically blindly trusting them. The government at least has risk mitigation systems in place.

[Cambon]

Rot. We're talking about employees here, private business or government, the risk is the employees. Same pool of people in both. The difference is most small private businesses aren't audited, have to best practices, you're basically blindly trusting them. The government at least has risk mitigation systems in place.

 

If a business was the cause of your identity being stolen, would you shop with them again? More than likely not. You would tell everyone what happened and name the people involved (if you knew). You could potentially sue the company. It would or could devastate the business. That is why businesses are very careful indeed.

 

When the government lose 25,000,000 people's data, it takes 2 months for them to admit it, then they dumb down the media and say "oh, we're sorry if you lose any money contact your back because we no longer see this type of theft as a crime".

 

You are miles off the mark!!!

[ai_Droid]

If a business was the cause of your identity being stolen, would you shop with them again? More than likely not. You would tell everyone what happened and name the people involved (if you knew). You could potentially sue the company. It would or could devastate the business. That is why businesses are very careful indeed.

 

How would you know which business is to blame. I estimate I've used my credit card with roughly 30 different organisations over the last few weeks in the run up to xmas. If one of them had a dodgy employee who was cloning cards, I wouldn't know which one it was.

 

You're talking rot I'm afraid, data is stolen from private business daily, to a tune of around £100 million a year in this country. Credit card 'customer not present' fraud is on the rise, particularly after the installation of chip and pin at retail. A move specifically made to counter dodgy employees in private business.

 

When the government lose 25,000,000 people's data, it takes 2 months for them to admit it, then they dumb down the media and say "oh, we're sorry if you lose any money contact your back because we no longer see this type of theft as a crime".

 

You are miles off the mark!!!

 

They lost it, it wasn't stolen. And none of it was particularly sensitive data. The hoo-ha is simply because it's the government and it was a stupid fuckup, it's not the big risk everyones making it out to be though, most of that data, names addresses and bank account numbers, is public anyway.

[Dodger]

If a business was the cause of your identity being stolen, would you shop with them again? More than likely not. You would tell everyone what happened and name the people involved (if you knew). You could potentially sue the company. It would or could devastate the business. That is why businesses are very careful indeed.

 

How would you know which business is to blame. I estimate I've used my credit card with roughly 30 different organisations over the last few weeks in the run up to xmas. If one of them had a dodgy employee who was cloning cards, I wouldn't know which one it was.

 

You're talking rot I'm afraid, data is stolen from private business daily, to a tune of around £100 million a year in this country. Credit card 'customer not present' fraud is on the rise, particularly after the installation of chip and pin at retail. A move specifically made to counter dodgy employees in private business.

 

When the government lose 25,000,000 people's data, it takes 2 months for them to admit it, then they dumb down the media and say "oh, we're sorry if you lose any money contact your back because we no longer see this type of theft as a crime".

 

You are miles off the mark!!!

 

They lost it, it wasn't stolen. And none of it was particularly sensitive data. The hoo-ha is simply because it's the government and it was a stupid fuckup, it's not the big risk everyones making it out to be though, most of that data, names addresses and bank account numbers, is public anyway.

 

Irrespective of whether it was intentional or not it has been lost! Identity theft is big business! Having your bank account number on your cheque book is not quite the same as having it on the WWW?!

 

Credit card's are also abused, there is a scam going on at present where your 3 digit pin is requested to verify who you are!

 

I have had a letter recently stating that my details have been accidentally sold to a third party and they have advised that I contact a credit reference agency! Our details are not safe and can be abused, at least this company informed me and paid for my credit check. The UK government has just said not to worry, but to keep an eye on their account. Seems pointless if your bank account details are public knowledge anyway.........

 

[ai_Droid]

Irrespective of whether it was intentional or not it has been lost! Identity theft is big business! Having your bank account number on your cheque book is not quite the same as having it on the WWW?!

 

Credit card's are also abused, there is a scam going on at present where your 3 digit pin is requested to verify who you are!

 

I have had a letter recently stating that my details have been accidentally sold to a third party and they have advised that I contact a credit reference agency! Our details are not safe and can be abused, at least this company informed me and paid for my credit check. The UK government has just said not to worry, but to keep an eye on their account. Seems pointless if your bank account details are public knowledge anyway.........

 

 

 

Yet again, what's your point? You've just basically agreed with me that there's risks with all forms of modern data. Are you actually suggest we stop using any form of data from this point on because of these risks?

 

What was your argument about the path at Peel School again?

[Cambon]

How would you know which business is to blame. I estimate I've used my credit card with roughly 30 different organisations over the last few weeks in the run up to xmas. If one of them had a dodgy employee who was cloning cards, I wouldn't know which one it was.

 

You're talking rot I'm afraid, data is stolen from private business daily, to a tune of around £100 million a year in this country. Credit card 'customer not present' fraud is on the rise, particularly after the installation of chip and pin at retail. A move specifically made to counter dodgy employees in private business.

 

chip and pin was brought in to protect banks not customers. Who stole your information can be traced quite easily but they tend not to bother.

 

They lost it, it wasn't stolen. And none of it was particularly sensitive data. The hoo-ha is simply because it's the government and it was a stupid fuckup, it's not the big risk everyones making it out to be though, most of that data, names addresses and bank account numbers, is public anyway.

 

They lost it, they hope it is not in the wrong hands, but they don't know. The fact that the information (in your opinion) is not particularly sensitive is irrelevant. Besides, how do you know? Because it was in The Times? The Sun? The fact that they took 2 months to tell anyone is enough evidence to me of a cover up. If you are naive enough to believe that the government who cannot even be straight up about their party funding would not lie to you about this then I actually feel sorry for you.

[Dodger]

Irrespective of whether it was intentional or not it has been lost! Identity theft is big business! Having your bank account number on your cheque book is not quite the same as having it on the WWW?!

 

Credit card's are also abused, there is a scam going on at present where your 3 digit pin is requested to verify who you are!

 

I have had a letter recently stating that my details have been accidentally sold to a third party and they have advised that I contact a credit reference agency! Our details are not safe and can be abused, at least this company informed me and paid for my credit check. The UK government has just said not to worry, but to keep an eye on their account. Seems pointless if your bank account details are public knowledge anyway.........

 

 

 

Yet again, what's your point? You've just basically agreed with me that there's risks with all forms of modern data. Are you actually suggest we stop using any form of data from this point on because of these risks?

 

What was your argument about the path at Peel School again?

 

You are going off subject with Peel Clothworkers, I never mentioned anything about paths?! Fingerprinting, yes, shool banning football as too dangerous - yes, reporting the school for health and safety violations - yes What is your point?

 

I have always said there are risks with holding data electronically, this is why I started this particular thread on data security. The concern is that the government wants to hold more details on you electronically and use it internationally to verify who you are for cross border checks, bank accounts, access to services etc. Data is lost all the time, storing more of it and all in one place makes it a target.

 

Do you feel sure in that your details are secure for the rest of your life?

How will this data be accessed?

By whom?

What will you do if/when your details get misused?

Who is to blame?

Who should pay back any money stolen?

What about compensation?

Can you remember who you have given details to online?

How many times have you given out your bank account number online?

How many times have you given out your passport number online?

How many times have you confirmed your biometrics online, signature, photo, fingerprint or iris scan?

How many times have you given out your national insurance number online?

 

I don't feel that any government should store all your details in one system, where it can be compromised. Linked via internet and remote access granted. There are enough people locally who could misuse your data without it being accessable worldwide. There also isn't international law protecting those who have had their data compromised. How would you get compensation from someone in China, USA, Canada?