That feels better

For my sins I'm the Caldicott guardian for my practice which means I have to do loads of ridiculous noddy style learning modules on data security written by our wonderful government.

Isn't there a saying about people in glass houses?

At the end of the module I get to do an assessment where I have to second guess how stupid the person who wrote the assessment was!

Example

Q: Can websites be encrypted?

A: Yes- WRONG. Websites cannot be encrypted.

WTF? Are the suggesting it's completely impossible to encrypt the HD on a server hard disk or that HTTPS is a figment of my imagination?

Tosspots.

Another example:

If you are going to destroy the information on a DVD, what is the best method?

1) Password protect it
2) Recycle it
3) Shred it

Apparantly the correct answer is number 1..... There was me foolishly thinking that putting it through a cross-shredder is going to destroy it better than a Word password But apparantly not....

But happily I guessed how stupid they are so I get a poxy certificate to put in my shredder... sorry, I mean "Caldecott information file". This stuff is worse than health and safety.

what a joke.

Hope this caldicott guardian stuff isn't practised any where important.

a quick check on google and it appears not

quote:

---

Just because a web page you are viewing is secure (that is, using HTTPS), DOES NOT mean that the data you enter into it, will be secure (encrypted) when it leaves your computer and makes it way around the Internet.

---

quote:

---

Originally posted by scottc
what a joke.

Hope this caldicott guardian stuff isn't practised any where important.

---

whippy, the website itself is though

I'm not saying that seeing HTTPS is a guarantee but their question was "can it". To which the answer has to be yes. If they asked "does https guarantee security?" then it'd be no

quote:

---

Originally posted by Mr Whippy
a quick check on google and it appears not

quote:

---

Just because a web page you are viewing is secure (that is, using HTTPS), DOES NOT mean that the data you enter into it, will be secure (encrypted) when it leaves your computer and makes it way around the Internet.

---

linky

[Edited on 20/8/09 by Mr Whippy]

---

I used to work in IT for the RAF. We were rolling out a new network system which required pages and pages of changes to the registry, file permissions, etc. There was also a section on BIOS security which detailed setting passwords, boot devices, etc., but nowhere did it say "padlock the case shut so the reset bios jumper can't be used". Durrrrr.

working on gcsx stuff myself and its mostly kak too

can sympathise

I work for a company specialising in data security/handling/eradication. Dealing with public sector and Governments, it's scary how little people actually know about security aspects and levels surrounding sensitive information!

The only real people who have any idea are the MoD and other high-ranking organisations with protectively marked data (restricted, confidential or secret).

Truth be told, I didn't know too much before I started my current job, but now I'm into the swing of things it really is scary! Shame I can't tell you about some of the things that go on, but my job sort of depends on it!

For 1 it depends how you define website.
The code on the server can be encrypted and so can the transmition between browser and server.

For 2 thats just a crock'o shoite. Give me enough processing power and enough time and I will crack your file. OK in the real world its not going to happen but it is possible in theory.
But a fully shreadded disk (into tiny bits) is not going to be recovered.

quote:

---

Originally posted by fov
For 1 it depends how you define website.
The code on the server can be encrypted and so can the transmition between browser and server.

For 2 thats just a crock'o shoite. Give me enough processing power and enough time and I will crack your file. OK in the real world its not going to happen but it is possible in theory.
But a fully shreadded disk (into tiny bits) is not going to be recovered.

---

quote:

---

Originally posted by vinny1275
I used to work in IT for the RAF. We were rolling out a new network system which required pages and pages of changes to the registry, file permissions, etc. There was also a section on BIOS security which detailed setting passwords, boot devices, etc., but nowhere did it say "padlock the case shut so the reset bios jumper can't be used". Durrrrr.

---