Quote:
Originally Posted by AndrewJ
Gday Marc
True enough, but its much easier if some clown makes it all available on an unprotected plate.
And i'm not so much concerned re a central repository, just the stated aims of using this data so it can be shared with other depts at a "person level", which wasnt allowed before.
|
Point taken.
Quote:
Originally Posted by AndrewJ
Whilst slack processe by humans is always bad, I always think of the recent debacles on how it was the links between systems that allow the hack, vs the repository. ( Tho that is the fault of the programmer )
eg "Smart lightbulbs" that allowed hackers to simply read out the password of the controlling wifi system, and hence gain backdoor access.
or better still the attack on the BOM, that exposed the interlinks into aviation, defence etc
Andrew
And lets face it, the statistics arent used to do any "useful" planning
as projects are now done based on how close the seat is held
by those in power.
|
Well designed distributed systems work very well. The problem is that in large organisations the right hand often doesn't know what the left hand is doing. It comes down to middle management (or insert pollies here) accountability and there are indeed a lot of clowns in that layer. Low level developers don't usually get too "creative" about security. They know what they're doing given the parameters to work with. Or just told what to do. The problem is communication between dpt. I've seen it times and times again. It makes you want to
As far as the use of the data collected, of course, it usually goes to the highest bidder but let's not kid ourselves here, that's the name of the game. Transacting with people data is and has always been big business. The ATO, Councils do it freely. The internet just allowed for larger volume of people to get sucked in and much faster than ever before, but nothing's really new on that front.