Archive

Archive for April, 2008

Bank Of Ireland’s lost laptop ‘addendum’.

April 28th, 2008
No comments

This story just gets worse – now BOI admit they have lost over 31k records. BOI need to answer a few more hard questions openly and honestly in order to stop me from closing my last remaining account with them:

  • Is/was it routine for bank employees to bring laptops containing unencrypted data off bank property? Can you guarantee me that your employees never copied data off your laptops onto another machine at home or emailed it via SMTP servers in unencrypted email messages? I don’t really care what official bank policy (meaningless) is, I just want to know if your employees technically could do this.
  • If the above is routine, how do they know that only 31k records were lost? After all, you don’t actually have the laptops so how would you know what is on them? Right now trust is gone out the window and you don’t have to give so much information that you would potentially compromise the security of live systems. Technical details on the auditing capabilities of your laptop/mainframe data synchronization tools would be great – just to give me that warm fuzzy feeling.
  • If the above is routine, how many of your employees recently sold, dumped or gave away PCs that they might, at one stage, have been editing bank data on while working at home?
  • When was the last group hardware audit completed and are any other laptops unaccounted for? Not necessary stolen, just not where they are supposed to be

Lastly, and this question stands, even if I do close that last account. According to the above referenced news story

In the unlikely event of a fraud arising as a direct result of the theft of these laptops, the customer will be fully compensated.

(also stated here though I can’t find an official statement)

What will BOI do if my credit history is destroyed by someone who steals my identity via the data you so kindly made available to them? What if that person is never caught and therefore I can never prove that their data source was the hard drives in those laptops? What was that? Did you say ‘nothing’ or was that ‘prove it’? I thought so.

Data is such a genie in a bottle isn’t it.

aehso boi, data, identity, ireland, irish, theft

History

April 13th, 2008
No comments

Weirdly, that does look about right

Johns-MacBook-Pro:~ joshea$ history | awk ‘{ print $2 }’ | sort | uniq -c | sort -rn | head
100 ./client.rb
82 svn
65 ./script/backgroundrb
61 cd
57 cap
32 ssh
20 ./script/server
18 mate
17 telnet
15 pwd

aehso dev, misc, osx