Thursday 28 July 2011

Your Data, Safe In Their…

…oh, I just can’t keep a straight face any more:
Details of police informants stored on a computer memory stick have been stolen in a burglary at the home of a Greater Manchester Police officer.
/facepalm

Still, at least the thieves will have to crack the sooper-dooper top secret government encoding, won’t they?
The stick, which is not thought to be password protected, was taken from the house in Oldham on 17 July.
/doublefacepalm

Why would a government-issued memory stick not have any security?

A spokesman said the matter had been referred to the Independent Police Complaints Commission (IPCC) and the Information Commissioner.

Police said the stick does not belong to Greater Manchester Police but does contain sensitive information relating to the force.
Ahhh. Perhaps it wasn’t a government-issued data stick after all?

Methinks chummy has some explaining to do…

16 comments:

john b said...

When I worked for an accounting firm four years ago, our computers ran software preventing us from writing to our own external drives or USB sticks - only company-issued, password-protected USBs could be used.

Still, it's not as if the information the fucking police hold on their computers is in any sense 'important' or 'secret', is it? Oh.

SBC said...

"/doublefacepalm"

When 'DUH!!!' just isn't enough...and it isn't in this case.


"but does contain sensitive information relating to the force"

ie how much they spend on IT security training.

Floppy said...

In the days of yore when memory sticks and USB didn't exist, my son worked at a place where the simple (but highly effective) security on the company's PCs was to jam a piece of wood in the floppy drive port.

No one could steal info, or put programs on the machines, without a chisel to painstakingly chip the security away.

Captain Haddock said...

"but does contain sensitive information relating to the force ..

ie how much they spend on IT security training" ...



Or who, married Senior Officers are knobbing & when ...

SBC said...

"security on the company's PCs was to jam a piece of wood in the floppy drive port."

LOL. I like it but...

I still have a serial port External Hard Drive kicking around somewhere...(with a whole 4 MB of memory if I recall aright).

Don't get me wrong, LO-TECH solutions to IT security are often the most effective but even welding up the floppy isn't much good if you had to have a live serial port for the office printer....and how many firms didn't realize you can store data on a printer too...and the ONLY security on a printer was designed to stop the cleaning woman nicking.

microdave said...

With examples like this of the woeful level of IT knowledge "our" police have, it's little wonder that Norfolk Plod still haven't found the "mole" wot sprung Phil Jones's emails nearly 2 years ago...

Lord T said...

It looks like being a snitch has become even more risky.

I bet they are glad their data is not kept on the PNC now.

Anonymous said...

Where's EV and MTG? Only a matter of time...........yawn
Jaded

ivan said...

As SBC says, the modern office printer has a hard disk in it that records each document it prints. When companies dump their old printers that information goes with it.

I once sent a set of docs, to a company that had off loaded some old printers on to the SH market, with a covering note about security. It was fun watching them trying to get the printers back.

blueknight said...

Can't believe they only stole the memory stick, -they must have stolen the(lap top?)as well? If he she has been taking work home for a while, I wonder what else was on that

MTG said...

As serious as this matter is, I winced when I saw an investigation was to be undertaken by IPCC.

Its all very well for us to criticise police from the comfort of our Shackleton highchairs but for some poor uniform, an IPCC outcome may be so severe as to prejudice Sunday overtime for a month. Would you want that for your worst enemy?

In any event, it was probably no worse a caper than PC Bent peddling personal data to meet the payments on the Bentley but needing a chav cover story in a hurry.

microdave said...

Depends which IPCC you're referring to. If it was the crooked railway engineers mob, I don't think chummy would have anything to fear. After all, it's only one little mistake...

David Gillies said...

A mate of mine did some IT consultancy for Plod a few years back. He said their technical prowess was somewhere in between that of a chimp and a bucket full of pigshit.

You can very easily set up an encrypted partition on a USB stick with TrueCrypt on Windows, MacOS X or Linux. Not doing so with sensitive data should be a sacking offence. And was Mr Flatfoot authorised to have that data in his personal possession? I think the Data Protection Registrar might look askance at that.

Anonymous said...

OT For NDS
http://www.independent.co.uk/life-style/health-and-families/health-news/cataracts-hips-knees-and-tonsils-nhs-begins-rationing-operations-2327268.html

AC1 (Google FUBARed my blogger account)

JuliaM said...

"...our computers ran software preventing us from writing to our own external drives or USB sticks..."

I'm told, following the HMRC 'lost disc' debacle, a lot of civil service departments did the exact same thing. A very sensible data security measure.

"...the simple (but highly effective) security on the company's PCs was to jam a piece of wood in the floppy drive port."

:D

"...but even welding up the floppy isn't much good if you had to have a live serial port for the office printer....and how many firms didn't realize you can store data on a printer too..."

Good point!

"Can't believe they only stole the memory stick, -they must have stolen the(lap top?)as well? "

Maybe the laptop wasn't there?

JuliaM said...

"He said their technical prowess was somewhere in between that of a chimp and a bucket full of pigshit."

I doubt they are alone in that, among the public sector. Hell, among the general population!

"OT For NDS "

*sigh* It had to come eventually, didn't it?