The IPS plans to order Thales and 3M SPSL to shred the hard disks and back-up tapes holding the personal information on the National Identity Register (NIR), according to a document released through Parliament's library. The document, CWIC-NIR destruction and equipment decommissioning, says that IPS will order shredding, …
So, how long..
..until the hard drives show up on eBay, with all the data intact?
So, how long..
..until the hard drives show up on eBay, with all the data intact and in plaintext?
Just a shame....
we can't get 'em to shred Wacqui Jacqui and Meg "Hitler" as well.....
...to bad rubbish. Never wanted, never needed and thank god it's going.
Sounds good, but...
there's a remarkable gap between announcement and execution. That is a bit of a weak point and indeed that leaves wide open the road to ebay.
Had the government actually deemed NIR data IL5 at the outset, and said so clearly, I think more than a few infosec professsionals might have felt slightly better about the whole misbegotten programme. Except, of course, an IL5 NIR would have been so expensive as to be impossible in the first place...
Probably not IL5
It was probably IL4 for the NIR, but the aggregation rules meant that the backup media was handled as IL5, and hence the IL5-level destruction standards for said media.
Just a guess. But I would not have expected the NIR data to be IL5.
waste of good equipment
how much carbon was used to make and then subsequently destroy all of this equipment? Would it not be more efficient to wipe it and use it for other government databases?!
You comments presuppose that..
..the disks can be 'wiped'. You'd be amazed how easy it is for forensics to recover data from 'wiped' disks (yes, even the us DoD wiped ones).
I once saw an demonstration where data was recovered from a disk that had been wiped multiple times (re-written, wiped, re-written, etc). Fascinating stuff.
Anyway - for this Impact Level (5) you really need to destroy it (shred).
How much carbon was used ?
No one counted it, because no one cares. Seriously, find something meaningful to worry about.
Dear "THINK OF TEH CARBONS!!!" dude
FOAD. Seriously. Just GTFO my internets and DIAF.
This shit is *important* and must die. Properly.
rogering the disks
I used to work at a place where a chap called Roger used to grind all old machine room disks into metallic powder form using a huge grinder-disk-munching machine.
It was a practice known as "Rogering the disks" and is very much part of IT policy.
it should be retained
This data should be retained and put online on thesepeopleareidiots.com
There are so many opportunities to critise a government, here is an occasion they need to be congratulated. Some civil servants should witness the destruction of the data, then this can be consigned to history.
Warning from Scotland
Scotland has been quietly developing the eCare system which makes the NIR look quite tame.
One of the main main justifications for gathering information is that it will protect children.
There is evidence that this set-up may be destined for further roll-out.
Read Kenneth Roy in the Scottish Review:
"'Scotland has quietly led the way in the national data sharing agenda with its innovative eCare programme,' enthuses a journal devoted to the exciting new world of information-sharing. The key word in that sentence is quietly."
RE: Warning from Scotland
Note to the Scots, if you don't like this kind of thing, you could always try not voting for nationalists and socialists. Just a thought.
Hmm, nationalists and socialists
If only there were a convenient, pithy, one-word shorthand to refer to nationalists and socialists...
Oooh, I know - zinas!
Aren't these the same people who are implementing a new internet data collecting database, in which every transaction you make is logged? Why would I congratulate them?
yes, dispose of data
AFTER we have made and distributed multiple copies. Thx, bye
There was a question on Family Fortunes the other day, "Name something often left on a train."
I wonder what the top answer would be if the survey was carried out in 2011?
Front office machines
So the system wasn't even fully live and the staff were already breaking the rules on handling the data?
My dad was connected to this at the passport office in P'boro and will be duly mocked over Sunday dinner.
Recovering deleted data
"I once saw an demonstration where data was recovered from a disk that had been wiped multiple times (re-written, wiped, re-written, etc). Fascinating stuff."
Do you have a source for this? I was under the impression that recovering usable data from a zero-written hard disk was an urban myth, and that even with the best equipment, there was only a 50% bit recovery rate (which would be useless). I'd be very interested to see evidence to the contrary though!
Maybe if they used mid-90's gear..
Data recovery myth
I asked an data recovery expert the same question (no names, but he was an expert witness in the Dr. David Kelly case). He said that no-one offers hardware data recovery commercially in the UK and he was dubious as to whether MI5 or MI6 could do it either. Wipe your data once and it's gone; although you have to beware of bad areas on the disk which have been marked as unusable by the OS and make sure you get any swapfile - so there is a small case for shredding, I'll admit.
Hardware data recovery to find the "ghost image" at the side of the main track was postulated years ago when areal densities were many times lower. Modern disks pack the data so tightly that they have to use probability theory to identify what the bit pattern is.
Some people will view the demise ofthe NIR with a misty eye.
I won't be one of them.
Personally I'd be happy if the *whole* contents of whatever wet brained idiots volunteered for this lunacy to be dumped to the internet (I believe Wikileaks has some spare capacity)
I'd rather bury the collection of meglomanical civil servants and government con-tractors, along with the equally wet brained ministers and junior ministers that were persuaded it was *such* a good thing.
You can bet some of this vermin have been "re-assigned" to whatever the IMP is now being "Re-branded".
Blunkett, Blair, Brown dreams all gone: How they wasted money
To think of all the pounds that will end up in the car crushers!
Government destruction means just that. A squaddy of security types accompany the discarded equipment to a favourite metal shredding outfit, featured on Discovery Channel, where their humongous metal shredder does it's evil to millions of pounds of equipment.
Enough to make a technician cry.
"We have to destroy all this data"
"Are you sure, it cost a lot to collect this and it will take years to do so again"
"well, maybe you are right. We'll make back-ups of the back-ups and then destroy the original back-ups and then all we will have remaining is the back-ups with the data in case we need it again"
"but we have to destroy it"
"we are, all the hardware is going to be trashed. We'll keep the data though"
Laugh... I nearly did.
The only reason that this is going to be discarded is because the information is out of date and the system used for collection is outmoded and out of date.
You can be sure that the police state has got all bases covered.
So we can look forward to this data ending up on a train or a land fill site when the drives were "lost" on their way to the shredder.
It's not often I read about something the government has done and I feel really happy about it, but this is it. Reading this story on the BBC earlier warmed the cockles of my heart and went some way to ... actually let's not get carried away.