funsec mailing list archives
Re: Oops
From: "Daniel H. Renner" <dan () losangelescomputerhelp com>
Date: Mon, 17 Dec 2007 10:57:35 -0800
funsec-request () linuxbox org wrote:
Date: Mon, 17 Dec 2007 14:04:50 -0000 From: "David Harley" <david.a.harley () gmail com> Subject: RE: [funsec] Oops To: <david.a.harley () gmail com>, <funsec () linuxbox org> Message-ID: <004701c840b5$cd5950a0$4101a8c0@DAVID> Content-Type: text/plain; charset="us-ascii" I hazarded a guess in November re the HMRC snafu that:I'd guess that the "public face of government" doesn't know about the quality of the encryption. There are applicable guidelines and standards prescribed by central government, but they won't necessarily even be accessible at junior (or even senior) level in a specific department. The UK government (in the sense of the permanent establishment rather than the prevailing party-in-power) has an entrenched culture of secrecy which often works against it.Today, I read in the Register that: "HMRC restricted details of its security procedures to senior officials, it has emerged, just weeks after the department pilloried a junior official for loading the UK's child benefit database onto CDs which were then lost. The department had a detailed manual covering procedures for handling the benefits database and other sensitive information. However, the manual itself was considered too sensitive to be widely distributed, so it was restricted to civil servants only, The Guardian reports." Sigh... More at http://www.theregister.co.uk/2007/12/17/hmrc_manual/. -- David HarleyAVIEN Administrator: http://www.avien.org http://www.smallblue-greenworld.co.uk
LOL! Biting the hand that feeds you? --- Sincerely, Daniel H. Renner President Los Angeles Computerhelp A division of Computerhelp, Inc. 818-352-8700 http://losangelescomputerhelp.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.