Thursday, April 26, 2007

Another Lesson In The Bleedin' Obvious

Top security government phone network in action

One of the major arguments against the National Programme for IT - the NHS Supercomputer - has always been that it would be insecure. All our most intimate personal details would be handily gathered together in one place and readily available to hackers all over the world.

Naturally, the Department of Health and Bliar dismissed the idea- "the system will use the most incredibly sophisticated doobries" etc. Even though many outside computer security experts say that gathering everything into big central databases is the very worst thing you can do: no known configuration of doobries is proof against your determined hacker.

And of course, even the most sophisticated doobries depend on having staff who are capable of operating them. But as we can all see today, the DoH can't even operate the most basic computer housekeeping that the rest of the world takes for granted:

"The intimate personal details of medical students have been made available online. The details include addresses, home phone numbers, and even sexuality.

It appears that the information was downloaded onto Excel files and placed on an unsecured website that could be accessed by anyone through the internet. This is astounding. These kind of personal details could have been kept on a private internal system and it only requires a small file to protect the information using a password."

This is the real world of Big Government. We don't yet know the full facts, but judging from the raft of previous cock-ups, you'd have to guess that reponsibilities for data security were muddled, and the sharp-end staff concerned were demoralised unsupervised low grade temps.

We should never trust government with personal information. Not unless we want it freely available to those Nigerian flim-flam men.

Both the NHS Supercomputer and the crackpot ID cards plan should be abandoned forthwith. Making us both more secure, and £40-70bn richer.

No comments:

Post a Comment