Another Leak, the worst so far... (humor)

[security curmudgeon <jericho () attrition org>]

http://precision-blogging.blogspot.com/2009/12/another-leak-worst-so-far.html

Saturday, December 19, 2009

Another Leak, the worst so far:

You're probably talking about this terrible security disaster already: the 
largest database leak ever. Arweena, a spokes-elf for Santa Claus, 
admitted a few hours ago that the database posted at WikiLeaks yesterday 
is indeed the comprehensive 2009 list of which kids have been naughty, and 
which were nice. The source of the leak is unclear. It may have come from 
a renegade reindeer, or it could be the work of a clever programmer in the 
Ukraine. Either way, it's a terrible black eye for Santa. Arweena promised 
that in the future, access to this database would be restricted on a need 
to know basis. And you know who that means!

The size of this database is astounding; it's not just for Christians. Abu 
Dhabi and India have registered official protests over the inclusion of 
their children in the comprehensive worldwide listings; And there have 
been howls of outrage everywhere about the inclusion of sixteen and 
seventeen year-olds. Santa's list is an inexcusable invasion of privacy 
for teenagers everywhere.

The myriad of inaccuracies (see Cory Doctorow's critique at Boing Boing) 
makes matters much worse. The majority of the children are accurately 
identified by their age, addresses, birthdates and (where possible) 
national identification numbers. All United States kids with Social 
Security numbers are now sharing their identities with the whole world. 
But in some cases, and for a few countries, the kids are identified by 
name alone. Aristotle Makektikutis, a thirteen year old Athenian, insists 
he is not the Aristotle Makektikutis in Santa's Greek records whose 
naughty deed is listed as pollution. His parents have issued a statement 
that their son does not even know how to pollute.

But it gets worse. In fact, this reporter thinks that any sober assessment 
of Santa's database can come to only one conclusion: it never should have 
been, and it should never be again. The mistakes! Jane Doe (actual name 
withheld), who is fully identified in the database and stands accused of 
weak morals is actually twenty-six, not eleven as shown in Santa's data 
record. Jane Doe has had to disappear into the FBI witness protection 
program to hide from the crowd of men seeking her company. Frequent age 
errors in the database mean that grown men and women who used their social 
security numbers as banking passwords are now losing their life savings. 
This outrage cannot go on.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php