James O'Neill's blog

Windows Platform, Virtualization and PowerShell with a little Photography for good measure.

Security, Security, Security.

Security, Security, Security.

  • Comments 5
  • Likes

The story last week that someone had left a secret folder of documents on a train - which were then given to the BBC brought back memories for me. Shortly after my wife and I had moved into our first house, she brought home a brown paper envelope she had found on a train. In it were some legal papers which related to a celebrity (one we didn't like much). There was nothing deeply personal in them but it was an interesting bit of gossip, so I suggested she ring a couple of newspapers and one of them bought the story and ran it the next day. It paid for our patio. I suspect if the traveller got anything for the papers they found it was more than the price of a few dozen paving slabs.

Just through on my News feed, is the story that "A personal computer holding sensitive documents relating to defence and extremism has been stolen from Hazel Blears' constituency office in Salford." I say the same thing to customers over and over again. Computers get lost, they get stolen. Vista makes it easy with Bitlocker. If Vista isn't your plans, then do it with something else. If you don't use full volume protection and you have "secret" data on them you know what is coming. Interestingly whilst this story of a stolen laptop made the news it has a totally different tone because it was encrypted.  It sounds like Hazel Blears' PC was not.

According to the BBC. "The machine contained a combination of constituency and government information which should not have been held on it.". Oh deary, deary me.  I'm not going to venture in opinions of Hazel Blears... except to say I would laugh - a lot -  if the "documents on defence and extremism" led to of her facing court for possessing "a record of information of a kind likely to be useful to a person committing or preparing an act of terrorism". Sadly the Police only have 28 days to hold her while they find out if a charge can be brought.

If I were Hazel I'd stay out of the boss's way for a bit. He was saying only at lunch time that we really didn't need principles like habeas corpus any more and we could trust the government with an ID cards database, Facial recognition CCTV, Automated Number Plate cameras, a DNA database etc etc. ... a state of affairs which a colleague who grew up in the old East Germany called "Beyond the dreams of the Stasi".  No party politics here: no government can be trusted with that data, whether the person in charge is named Erich, Gordon, or Dave.

Comments
  • And they said on the news tonight that the data was secure on the disk - Oh Yea!!!!  So much for security systems that even allow the data out of the secure area in the first place.  Bet is that it was a simple email attachment!!

  • ...I suggested she ring a couple of newspapers and one of them bought the story and ran it the next day...

    Wow - you must be proud of yourself. The morally correct thing to do would have been to turn them over to the owner, or if that were not possible to shed them. This is a perfect illustration of the great moral fibre that many of you Microsofties have.

  • It was 18 years ago, and 10 years before I became a Microsoftie.

    It *was* a Moral dilemma: if I had the level of income I have now I might not have made the suggestion, and if it was highly immoral my wife would have said "NO!". Had it been about the health or finances of the celeb concerned I might have felt differently. I'm not proud nor ashamed of it.

    The document was  a warning to say that the celeb was encouraging fans to congregate outside the building where they lived to the distress of other people and if they didn't stop their lease might be under threat.

    Before criticizing my wife and "Microsofties" in general, you might ask about the newspaper which bought it, and the morals of the people who buy papers every day which source stories in this way. If people thought this sort of thing was morally unacceptable then the papers would be a lot thinner.

  • In response to someone saying that your anecdote doesn't speak well to your "moral fibre", you say:

    > It was 18 years ago, and 10 years before I became a Microsoftie.

    but also

    > I'm not proud nor ashamed of it.

    Had you said that it was 18 years ago and you *were* ashamed of it now, then I think it would be a reasonable to say that no inferences can be made about your present "moral fibre" from your actions of long ago -- it certainly wouldn't be unreasonable to argue that you have more maturity and more moral fibre now than you had then.  But since you do still stand by your actions, you can't really use how long ago it was in an argument in defense of your "moral fibre".

    > Before criticizing my wife and "Microsofties" in general, you might ask about the newspaper which bought it, and the morals of the people who buy papers every day which source stories in this way. If people thought this sort of thing was morally unacceptable then the papers would be a lot thinner.

    This argument is also specious.  It doesn't work for someone buying fresh ivory to say "I didn't kill the elephant, it was already dead and its ivory would have gone to waste, so don't blame me!", nor does it work for the person killing the elephant to say, "Hey, I wouldn't have killed it if I didn't have ready buyers, so don't blame me!".  If you did do something unethical, you aren't off the hook just because other people are complicit.

    Sometimes I'm struck by the notion that the more someone seems to need to justify their actions, the more unjustified they seem.   If you don't think it was morally wrong, unethical, or whatever, I think you'd have done best to have said so as simply as possible with the least possible amount of justification, since that usually seems to be more convincing.  Less is more.

  • I don't feel any need to justify it. It happened. To "stand by it"  would mean presented with the same document today I'd be sure to do the same thing. I don't condemn myself for it either. And it's bogus to extrapolate anything about other people from it. If "someguy" had looked at my surname and said "This is a perfect illustration of the great moral fibre that many of you people of Irish descent have." that would have been outragous. To say "you Microsofties have" is somehow OK ?

    Today I wouldn't share something about someone's health, or about the family of someone who has chosen fame. I can't say for sure if I would have felt that way 20 years ago.

    A couple of times in the last 2 years I have phoned the local radio station with information about stories they have been covering. If you can say *Exactly* where between the details of a blocked road and the medical records of a footballer's wife - then you are doing better than I am.

    This was a document about someone who courted fame, and about the impact their fans' behaviour had on other people, I think it is just on the right side of the line.

    To you elephant analogy; trading in ivory is illegal; trading in found documents is not. But you're right: someone who buys a newspaper is as responsible how stories are sourced as someone who buys ivory is. One should not condemn ONLY the poacher.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment