Tuesday, 4 November 2008

Baird's nonchalence about security

I'm going to weigh in on this too.

Last August, a 131-page document in an envelope marked "Protected B" was found by a passerby on a street in Ottawa's Kanata area and given to the CBC.

The papers provide a risk assessment of an Environment Canada enforcement database that tracks polluters and law-breakers and the steps taken to enforce environmental and wildlife-protection legislation.

At the time, Baird brushed off the lost document saying, "it's neither classified nor secret, and it'll be something that could be available under access to information."

If its not something that is classified or secret it fucking well should be! You don't have a document that in exquisite detail lists security vulnerabilities and how to compromise them, and then make it available to the general public. That's not a security assessment anymore, its a How-To document.

Might as well set up a giant flashing arrow saying "Hack us here!" and stand back and watch the fun.

Either Baird was being a complete idiot or was lying through his teeth. Or both.

I vote for both come to think of it.

No comments: