@GossiTheDog
For advice they should have listened to, see the UK ICO guidelines on disclosing data safely. Describes most of the ways to fail as well as what to do.
@GossiTheDog in case you're not aware of it, The NHS thinks Excel is a database package, and regularly send patient data in ",XLSx" format perhaps with a password.
If you recall the problem with COVID reports was the numbers were too big.... So the list exceeded the number allowed in a spreadsheet....
It's actually MS fault, they claim it can be used as a database package.
Time the NHS went fully open source and stopped paying extortionate licence fees for unsuitable packages....
@GossiTheDog <head-slap> You're shitting me, right? Actually clients do this to me all the damned time. I normally export a spreadsheet to tab-sep for ease of processing, and they 'hide' all kinds of shit that way which is then entirely visible.
@GossiTheDog@thomasfuchs it made me laugh earlier on R4 when they stated that the chief constable is bringing cyber experts in to find out what went wrong.
My first lesson on spreadsheets came before I ever used one myself. A colleague back in the early 90s printed off a set of figures in columns with cross casts and column totals.
I was supposed to sign it off and put it in the post to another department.
But I checked the additions with a calculator and they didn't add up.
@GossiTheDog With the exception of the Met and maybe GMP, our police forces can't afford to hire and retain cyber security specialists, or even a security management programme beyond train and blame. All of this is the inevitable consequences of 13 years of deliberate underfunding.
@GossiTheDog
'They said the data would not have been "immediately obvious" and anyone who had received the FOI response would have "needed to know how to access the information".'
So anyone who knows anything beyond the absolute basics about Excel and can unhide columns or sheets? Cool cool cool cool cool cool cool.
I assume that was a procedural step to ensure effective redaction and avoid the sort of leak you get from releasing digitally redacted documents (as the police attempted here, incredibly badly).
@GossiTheDog a few years ago in Belgium a TV crew went filming in a police control room for a feature about ANPR cameras. They accidentally caught on video a computer screen with the username and password taped to it. All the subsequent articles about how stupid this is and how the police should know better hadimages of the computer screen but the password blurred out mainly because no one really trusted that the police had bothered to change the password.
Add comment