Don't get excited, it's not another British data scandal, this time it's the Canadians'. Remember how our Government had the junior doctor application website that with simple changes to the URL in the browser could mean accessing other people's information? Well the Canadian Passport Application website appears to have had exactly the same type of flaw.
All a user has to do is change a character in the URL and they are presented with other people's passport applications including social insurance numbers, driver's license numbers, addresses, phone numbers, federal ID card numbers and even details of someone firearms license if they have a gun.
Wednesday, December 05, 2007
Personal data exposed on Passport application website
Subscribe to:
Post Comments (Atom)
Search Dizzy Thinks
Dizzy reads
- Ben Brogan
- Big Brother Watch
- Boulton & Co
- Coffee House
- Conservative Home
- Dan Hannan
- Donal Blaney
- Douglas Carswell MP
- FT Westminster
- Guido Fawkes
- Hoby Cartoons
- Iain Dale
- Keep Thinking Butch
- Nadine Dorries
- Nothing British
- Old Holborn
- Paul Waugh
- Political Betting
- Politics Home
- Quizzicalgaze
- Red Box
- Shane Greer
- Sky.com/News Blog
- Tory Radio
Not Lefties
Blog Archive
-
►
2011
(140)
- November (2)
- October (3)
- August (1)
- July (3)
- June (2)
- May (14)
- April (5)
- March (43)
- February (25)
- January (42)
-
►
2010
(658)
- December (50)
- November (56)
- October (21)
- September (34)
- August (32)
- July (44)
- June (51)
- May (69)
- April (87)
- March (92)
- February (62)
- January (60)
-
►
2009
(1050)
- December (60)
- November (60)
- October (65)
- September (78)
- August (85)
- July (85)
- June (96)
- May (119)
- April (104)
- March (115)
- February (86)
- January (97)
-
►
2008
(1023)
- December (71)
- November (106)
- October (72)
- September (109)
- August (68)
- July (76)
- June (51)
- May (102)
- April (83)
- March (87)
- February (101)
- January (97)
2 comments:
Dizzy,
Doing the job you do, I was wondering if you sometimes feel like a piano player in a brothel, as it were?
My A-Level computing project, shit though it was, managed to avoid such a vulnerability. What sort of retards do governments hire for this stuff? I'm not exactly super-programmer here.
Post a Comment