Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Sheriff's Online Database Leaks Info On Informants

Soulskill posted more than 3 years ago | from the second-verse-same-as-the-first dept.

Privacy 185

Tootech writes with this snippet from NPR: "A Colorado sheriff's online database mistakenly revealed the identities of confidential drug informants and listed phone numbers, addresses and Social Security numbers of suspects, victims and others interviewed during criminal investigations, authorities said. The breach potentially affects some 200,000 people, and Mesa County sheriff's deputies have been sifting through the database to determine who, if anyone, is in jeopardy. ... The FBI and Google Inc. are trying to determine who accessed the database, the sheriff said. Their concern: That someone may have copied it and could post it, WikiLeaks-style, on the Internet. 'The truth is, once it's been out there and on the Internet and copied, you're never going to regain total control,' Hilkey said. Thousands of pages of confidential information were vulnerable from April until Nov. 24, when someone notified authorities after finding their name on the Internet. Officials said the database was accessed from within the United States, as well as outside the country, before it was removed from the server."

Sorry! There are no comments related to the filter you selected.

That's what happens to snitches... (1, Funny)

Anonymous Coward | more than 3 years ago | (#34545136)

Now these fools are gonna see what happens to snitches, Vince Foster-style!!!

Donutleaks strikes again! (4, Funny)

assemblerex (1275164) | more than 3 years ago | (#34545144)

Donutleaks is committed to releasing classified documents !

Re:Donutleaks strikes again! (0, Offtopic)

qmaqdk (522323) | more than 3 years ago | (#34545178)

They are terrorists! We should “put out a contract and maybe use a drone or something” [telegraph.co.uk]

Re:Donutleaks strikes again! (1, Informative)

Andy Smith (55346) | more than 3 years ago | (#34545248)

It should be noted that the "maybe use a drone or something" quote is from a _former_ adviser to the Canadian prime minister, so someone whose role in politics is minimal and historical. Also note that the article you linked to was from the 1st of December, before Assange was taken in to custody.

Re:Donutleaks strikes again! (1, Offtopic)

Pojut (1027544) | more than 3 years ago | (#34545334)

Still..."take out a contract"? What is this, the freakin' Sopranos? The guy was one step removed from offering Assange a pair of concrete shoes...

Re:Donutleaks strikes again! (5, Insightful)

mcgrew (92797) | more than 3 years ago | (#34545360)

They are terrorists!

If you're referring to to the informants, IMO they are the terrorists. Most of the societal problems attributed to drugs are, in fact, caused by the laws against them.

It's easier for a teenager to buy pot than it is for an adult. One slashdot wag's sig reads "thanks to the war on drugs, it's easier to buy meth than it is to buy cough syrup."

One would think that alcohol prohibition would have taught us that such laws are incredibly harmful.

The only segment of society that benefits from anti-drug laws are the smugglers and dealers, which tell you who's funding the anti-drug lobby.

Re:Donutleaks strikes again! (5, Insightful)

Pojut (1027544) | more than 3 years ago | (#34545386)

The only segment of society that benefits from anti-drug laws are the smugglers and dealers, which tell you who's funding the anti-drug lobby.

You forget pharmaceutical companies (hemp and marijuana would have a major impact on their bottom line for a lot of old standbys), so-called "rehab centers", and, let's not forget, our privately-owned prisons.

Re:Donutleaks strikes again! (5, Insightful)

Asclepius99 (1527727) | more than 3 years ago | (#34545994)

And don't forget companies that sell alcohol. I mean, why would you let someone take away your government monopoly on legal substance abuse?

Re:Donutleaks strikes again! (3, Insightful)

Just Some Guy (3352) | more than 3 years ago | (#34546678)

I mean, why would you let someone take away your government monopoly on legal substance abuse?

You're making the same mistake as people who gripe about "Big Oil" instead of "Big Energy". Just as Exxon-Mobil will gladly sell you hydrogen or biodiesel or whatever else when we migrate off oil, plenty of companies in the recreational drug industry will cheerfully market pot if it became legal.

Anheuser-Busch isn't in the business of selling you alcohol. Ultimately, they're in the business of getting you high. While they're currently most efficient at doing that by distributing ethanol, you can bet they could sell other stuff, too.

And think of the Super Bowl ads. You think they're funny now?

Re:Donutleaks strikes again! (1)

Jaysyn (203771) | more than 3 years ago | (#34546072)

Mod parent up.

Re:Donutleaks strikes again! (1)

Hognoxious (631665) | more than 3 years ago | (#34546208)

If you're referring to to the informants, IMO they are the terrorists. Most of the societal problems attributed to drugs are, in fact, caused by the laws against them.

While I agree that drug use (where it isn't a danger to people other than the one consuming it) shouldn't be illegal, that doesn't mean drug dealers are some kind of Robin Hood. At best they're profiting from the misery of others, and at worst they're violent thugs.

There's jobs around it, fed/state/county (1)

Anonymous Coward | more than 3 years ago | (#34546690)

One would think that alcohol prohibition would have taught us that such laws are incredibly harmful. by mcgrew (92797) *
on Tuesday December 14, @08:51AM (#34545360)

The only reason it's kept going is because there are millions of jobs around "drug enforcement" and law enforcement. To make drugs legal would do that little gravy train right in, and the "powers that be" (those who are living off of your taxpayer monies paid) can't and won't allow that to happen. In this case, and others like it? All you have to do, is follow the old adage of "follow the money" (you'll get right to the bottom of it, and this is it). All those "crony appointee assistant-to-the-assistant" jobs and all.

Re:Donutleaks strikes again! (2)

Gunkerty Jeb (1950964) | more than 3 years ago | (#34546890)

China was arguably the most sophisticated culture in the world, socially and technologically, but that stopped with the advent of widespread use and legalization of opium. By then end of the Opium Wars, China was a nothing, set back hundreds of years from the developing world. Some drugs should be legal. Many have no constructive use and are, to the contrary, quite detrimental to the functional society.

Re:Donutleaks strikes again! (2)

formfeed (703859) | more than 3 years ago | (#34546910)

If you're referring to to the informants, IMO they are the terrorists.

No, not terrorist. It is a time honored tradition that every witch you catch has to name two other witches.

Re:Donutleaks strikes again! (2)

ShaunC (203807) | more than 3 years ago | (#34546946)

Well, at least someone noticed the sig. :)

Re:Donutleaks strikes again! (3, Insightful)

Aldenissin (976329) | more than 3 years ago | (#34546234)

I wasn't aware that Mike Huckabe was calling for treason and the death penalty. I knew there was something about him I didn't like, but introducing "treason" executions for something that does not call for it so that the people will get desensitized to the idea.. yea he is the one that should be tried for treason.

  Wikileaks style... pshh.. I can't help but think this was done on purpose for that one line. Yes I know it has been out there for awhile, which is why it makes this all the more scary the planning and limits the G men will go to.

  Regardless, this has nothing to do with Wikileaks, and is completely the fault of whoever didn't make sure it was secured. But I bet Mike Huckabee won't call on that person to be brought up on charges of treason, even though they did in fact provably put people at risk.

Re:Donutleaks strikes again! (1, Interesting)

geegel (1587009) | more than 3 years ago | (#34545212)

What I can't fathom is how a database from a county with 120.000 people [wikipedia.org] can affect 200.000 of them.

Am I missing something here?

Re:Donutleaks strikes again! (1)

Anonymous Coward | more than 3 years ago | (#34545244)

Uhh... people are born and die every day? You don't necessarily need to live someplace to commit a crime there? Migratory patterns?

Re:Donutleaks strikes again! (1)

Anonymous Coward | more than 3 years ago | (#34545270)

Well, there's 21 years of data. It seems unlikely that the exact same 120,000 people lived their for that entire time. What's more interesting is that you spent the time to look up the county population on Wikipedia, but didn't spend the time to RTFA.

Re:Donutleaks strikes again! (0)

geegel (1587009) | more than 3 years ago | (#34545328)

I did RTFA but I also like confronting sources especially since NPR is not exactly the most trustworthy one.

Also the data still doesn't quite add up. In 21 years, not many people can enter the database (unless you put infants in it and deceased people are never purged) and there aren't any major urban centers to justify such high migratory patterns.

Re:Donutleaks strikes again! (3, Funny)

Lumpy (12016) | more than 3 years ago | (#34545370)

This is true, What does Fox News have to say on it? They are always 100% accurate!

Re:Donutleaks strikes again! (3, Insightful)

tropicdog (811766) | more than 3 years ago | (#34545906)

Stop looking for some conspiracy.

FTFA:
"Deputies have used the database since 1989 to collect and share intelligence gathered during the course of police work. It contains 200,000 names — Mesa County's population is about 150,000 — and includes investigative files from a local drug task force.

The information included data about Mesa County employees, information from the nearby Fruita and Palisade police departments — and possibly information from the U.S. Drug Enforcement Administration and Grand Junction police."

It wouldn't be very hard to have 200,000 entries in 21 years. Police investigations take in info on friends of friends and acquaintances. The data set likely includes most of the Mexican drug cartel's known players.

Re:Donutleaks strikes again! (3, Insightful)

garcia (6573) | more than 3 years ago | (#34545666)

Because people commit crimes from outside the county but are included in the database. I track the addresses of criminals with complaints in my county and while the majority reside within the boundaries, there are the outliers who hail from all over the State of Minnesota (this is a rolling 30 day picture and is purposefully limited to only the MSP metro area for clarity's sake): http://www.lazylightning.org/dakota-county-criminal-complaints-mapped-again [lazylightning.org]

Re:Donutleaks strikes again! (1)

geegel (1587009) | more than 3 years ago | (#34545726)

Thank you. It all makes much more sense now.

Re:Donutleaks strikes again! (0)

Anonymous Coward | more than 3 years ago | (#34545820)

What I can't fathom is how a database from a county with 120.000 people [wikipedia.org] can affect 200.000 of them.

Am I missing something here?

They must have used the special pot value calculator that is used to determine the value of a drug bust.

Re:Donutleaks strikes again! (1)

Hognoxious (631665) | more than 3 years ago | (#34546370)

If they'd used the RIAA's damages calculator they'd have got twice the population of China.

Re:Donutleaks strikes again! (3, Funny)

mwvdlee (775178) | more than 3 years ago | (#34545374)

Quick, have the sheriff accused of rape in a scandinavian country and let interpol track him down!

What if (5, Insightful)

MrMarkie (1079197) | more than 3 years ago | (#34545146)

What if they didn't put that database on a server facing the internet? Could that be a good idea? Or maybe they should just return all their computers since they can't be trusted to use them securely... Let the flames begin.

Re:What if (0)

Anonymous Coward | more than 3 years ago | (#34545224)

What if they didn't put that database on a server facing the internet? Could that be a good idea?

Yeah, no kidding. If I was a police informant I'd be shitting my pants right about now.

Re:What if (4, Insightful)

AltairDusk (1757788) | more than 3 years ago | (#34545268)

I'd imagine the police in that county are going to have a very tough time getting information out of people now. Informants trust that the police will protect their identities, that trust has now been broken.

Re:What if (1)

Vr6dub (813447) | more than 3 years ago | (#34545640)

I imagine most informants were arrested for something and decided to help rather than go to jail. I think the immediate threat of jail-time outweighs a chance that they may be found out in the future.

Re:What if (1)

SirThe (1927532) | more than 3 years ago | (#34545674)

...the immediate threat of jail-time does not outweigh the certainty that you will get "whacked" for informing on your local drug ring.

Re:What if (5, Interesting)

GaryOlson (737642) | more than 3 years ago | (#34545274)

What if annual security training was mandatory for all the IT staff connected with law enforcement IT equipment -- just like weapons training is mandatory for all law enforcement officers. This includes the CIO [if they have one], the city manager, the systems architect [whichever poor IT technician is erroneously saddled with this responsibility], and all law enforcement officers who access this data. Failure to pass security training and any breach of security by any individual would initiate immediate administrative leave and/or an Internal Affairs or FBI investigation.

Certain data is a lethal weapon and should be treated appropriately.

Re:What if (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#34545368)

If police IT were as responsible about security as police are about weapons, we'd be seeing these sorts of stories a lot more often...

Just law enforcement? (3, Insightful)

Toe, The (545098) | more than 3 years ago | (#34545384)

What if annual security training was mandatory for all the IT staff connected with law enforcement IT equipment...

I don't see why that last phrase is on there, i.e., why the statement should be restricted to law enforcement. IT staff in every internet-connected company which stores data on other people (which is most companies larger than a mom&pop gas station these days) have a responsibility to the people that data pertains to.

Every time I hear about another database getting hacked, I blame the idiots who let it happen. It makes me really leery of doing simple things like buying *anything* from *anywhere* with a credit card, because I am entrusting the seller to keep my data secure. And so many of them demonstrate that they have not earned that trust.

Do you think doctors' offices maintain good data security? Or the local pizza place that has an account for you? It's pretty amazing how open our data is to those who wish to harvest it.

But the sad truth is that in the end IT is seen as a cost center that needs to be minimzed. And security... well, that's like insurance. You don't need it until you need it (at which point of course it is far too late).

Re:Just law enforcement? (1)

Toe, The (545098) | more than 3 years ago | (#34545402)

Sorry, I take that back... mom&pop gas stations probably have internet-connected data on you too.

Re:Just law enforcement? (0)

Anonymous Coward | more than 3 years ago | (#34545468)

How many times do we hear of some company or government office losing a laptop with an unencrypted DB containing sensitive data about tens or hundreds of thousands of people?

Why aren't there laws that make this a crime? I don't understand this. Why do so many people just shrug it off, at least until it happens to them and then they find themselves in ID theft hell for months?

Re:Just law enforcement? (2)

mlts (1038732) | more than 3 years ago | (#34546314)

I can sum it up by a phrase said to me by many PHBs that ignore basic security:

"Security has no ROI".

Until this attitude gets changed by laws with actual teeth, expect to continue to see more of "xxx hacked, millions of people's data exposed" stories.

Two laws are needed: The first is obvious -- follow due diligent security practices or be shut down. A restaurant that doesn't pass health inspections gets shut down. Same with a store in a mall without a sales and use tax permit.

It doesn't take much brainpower to turn on hard disk encryption to protect from theft. BitLocker, TrueCrypt, or PGP are no brainers. All mainstream Linux distros support encryption. AIX supports encryption both in the filesystem, and on the hardware itself. The EMC CLARiiON supports encryption on a LUN basis. Solaris supports encryption in ZFS. Every enterprise backup system has encryption built in, and the latest generation of tape drives have it in hardware. There is no excuse for physical data loss.

Network security isn't that difficult either. It doesn't take many brain cells to have a decent IDS/IPS, use VLANs to isolate machines from each other, so database connections are only accessible by machines that need access,

Web security is doable too. If a Web server only needs a subset of what a database has, create a view and lock the webserver to that view so it can't see anything other than the tables handed to it. If there is really sensitive data, have multiple hosts on separate VLANs, so the juicy stuff is separate from what isn't.

Document security isn't tough, although it limits where documents can be viewed and can be F/OSS hostile. Microsoft's RMS is a decent solution so a Word document that ends up walking off won't be viewable outside the company. Another way to keep documents secure is to use Citrix and keep the critical stuff on a terminal server. This takes care of accidental loss/distribution of documents. Deliberate screenshot snapping, or even people sneaking a camera in is a HR or even a law enforcement issue, not a technical one, and no DRM is going to stop someone dedicated enough unless a business wants to strip search everyone entering and leaving.

Of course, this means a SMB doesn't have to be 100% secure, but they need to at least follow the same precautions as a cafe does when preparing food so their patrons don't come down with a case of food poisoning. There are so many tools and appliances for doing this, it isn't that difficult.

Basic computer security isn't rocket science, but because it doesn't earn businesses money, it ends up being given lip service in a lot of forms and that's it.

The second law is also obvious -- expiration dates on data, and this means expired as in -gone-. Not stored in plaintext on an archive tape in offline storage. Not stored in the cloud where a rogue admin at the cloud site can slurp off the data to sell. The data is expired as in deleted, or cryptographically expired where the key is deleted and the data is rendered inaccessible.

Re:What if (2)

vlm (69642) | more than 3 years ago | (#34545394)

What if annual security training was mandatory for all the IT staff connected with law enforcement IT equipment -- just like weapons training is mandatory for all law enforcement officers. This includes the CIO [if they have one], the city manager, the systems architect [whichever poor IT technician is erroneously saddled with this responsibility], and all law enforcement officers who access this data.

Let me guess, somebody with the proper political connections would make a lot of money by "training", but there would be no improvement in results?

Re:What if (1)

cycleflight (1811074) | more than 3 years ago | (#34545462)

Usually governmental annual security training is distributed in the form of a computer based slide show that can be skipped through without actually reading. At the end there's a test with questions like "If you have a laptop with classified information on it, you can take it on vacation in P.R.C., True/False." The kind of questions where if you know the title of the class, you can guess the right answer. And if you get them all wrong, it's possible to spam answers until it's listed as right.

So, you're right, but I don't think what they'd inherently implement would do what you're hoping.

Re:What if (1)

ultranova (717540) | more than 3 years ago | (#34545538)

What if annual security training was mandatory for all the IT staff connected with law enforcement IT equipment -- just like weapons training is mandatory for all law enforcement officers.

What would that help? If you put data to an Internet-connected machine, there's a risk of it leaking. It doesn't require security training to understand that, simple common sense is sufficient. And no amount of training will help people who refuse to use their common sense because they can use "teh computers are scary" as an excuse to shut down their brains when using them.

Re:What if (0)

Anonymous Coward | more than 3 years ago | (#34545554)

Certain data is a lethal weapon and should be treated appropriately

GTFO. Please stop repeating the "information wants to kill us" line, it only serves as an emotional appeal to justify the upcoming War on Disclosure. If you want to argue sane data protection policies, there is enough fact and knowledge available to use logic to define your position without resorting to political rhetoric.

Yes this is a major screwup. Yes this makes a lot of people afraid or unhappy. But they're not afraid because two metric libraries of congress might come crashing through their phone line any time soon, they're afraid of (re)actions of other people. And rightfully so, considering the nature of the information. Moreover, "accidents" like this seriously undermine the confidence and trust people have in authorities.

It will be interesting to see how this plays out. Whether it will reach mainstream media, and whether people will actually care. If my name was listed in there as an informant, I think I'd start contemplating applying for witness protection.

Re:What if (0)

Anonymous Coward | more than 3 years ago | (#34545582)

A CJIS audit is supposed to be done every two years, but thats typically performed on the law enforcement databases and criminal records, not interview transcripts.

what about paying for new hardware and software (1)

Joe The Dragon (967727) | more than 3 years ago | (#34545824)

what about paying for new hardware and software as well as more IT workers! not cutting staff that makes some IT jobs not get done / get done alot slower.

Re:What if (0)

Anonymous Coward | more than 3 years ago | (#34546288)

Anecdote -- Just a week ago, my institution announced a "serious about privacy" initiative and requires everyone to read the IT security procedures and pass an online course on security training (on a 3rd-party survey site). One of the written security policies is "data uploads must be over secure, encrypted connections". Of course, the 3rd-party training site collects login, email, etc., over non-encrypted HTTP.

Somewhat worried about my job because I'm refusing to access the IT security training which requires me to break IT security policies in order to do so. I'm sure everyone else will click away happily.

Re:What if (1)

geegel (1587009) | more than 3 years ago | (#34545294)

What if they didn't put that database on a server facing the internet? Could that be a good idea? Or maybe they should just return all their computers since they can't be trusted to use them securely...

This is the best argument against the database state. Intentions might be good, but as long as they don't have the know how to secure the data, this type of information should be purged periodically or only kept in traditional archives. The government is not out to get you, but it's incompetent enough to let others harm you.

Re:What if (4, Insightful)

mcgrew (92797) | more than 3 years ago | (#34545606)

The government is not out to get you

It is if you're a pot smoker or Julian Assange.

Re:What if (2)

Lumpy (12016) | more than 3 years ago | (#34545398)

2 reasons.

1 - idiot manager syndrome. There are complete and utter morons in positions of power that make decisions like that. they go against all recommendations and do what they want because they know better! They are the BOSS!

2 - hiring incompetent IT/Web-design because they cant understand why you need to actually pay that position a wage that attracts competent applicants. $12.95 an hour = guy who is handy and knows 'puters.... The position requires $35.00 an hour minimum to attract a competent guy that would have raised red flags all over the place when this was being designed.

Re:What if (3, Interesting)

hairyfeet (841228) | more than 3 years ago | (#34546044)

No they are the POLICE just like in Training Day. I have actually had a cop walk into my shop and ask me to hack into the state's email servers so if he could see if his wife was cheating on him. He actually had the brass balls to say "I'm the police, it's okay" like those are magic words or something.

Sadly if anyone thinks those cops actually give a shit about the lives of snitches after they have served their usefulness you got another thing coming. I bet if it wasn't for the stink the attitude would have been "oh well, too bad so sad". I can't speak for how it is up north but down here in the south the snitches have to worry about the crooked cops as much as their fellow junkies. A cop here in "meth alley" makes a grand total of 35k a year to get shot at and can easily make that in a month and NOT get shot at just by giving the dealers a heads up and looking the other way. I used to be friend's with a dealer's son and she used to get a call from a cop in the dispatchers office before the cops were even given out the assignments so she knew when they were gonna be in the neighborhood before they did.

In the end this kind of crap is just more proof the stupid drug war is just another monumental waste of taxpayer dollars. You would think after the failed booze war we would have learned, but I think a speech I heard years ago from an ultra conservative no less (I think it may have been William F Buckley) made the stupidity of the drug war clear as a bell for even the most clueless I've spoken to: "If I put a bottle on the table with a skull and crossbones on it and say 'This is poison. it will destroy your health, family, marriage, and ultimately kill you' and you push me out of the way and down the bottle? Well then frankly your are too stupid to live. Why should I have to spend billions building a fence around the bottle and cages to put you in, just to keep you from drinking it?"

Re:What if (1)

SirThe (1927532) | more than 3 years ago | (#34545658)

What, do the intelligent thing?! We're talking about the police here man.

This isn't a leak. (5, Insightful)

El Neepo (411885) | more than 3 years ago | (#34545152)

The article makes this situation comparable to the current wikileaks situation, which it isn't.

Some IT person left the data freely accessible on the internet and eventually a crawler found it. They're guessing it was a malicious person but in all odds it is not.

This is just another IT mistake not an act of whistleblowing or terrorism or something else the government wants to make illegal.

Re:This isn't a leak. (1)

houghi (78078) | more than 3 years ago | (#34545214)

This is just another IT mistake not an act of whistleblowing

This 'mistake' could have been on purpose. Also Wikileaks is not the ones who leak it. The crawler is even worse then Wikileaks. Wikileaks itself does not actively look for content. It is handed over to them.

Re:This isn't a leak. (2)

Sockatume (732728) | more than 3 years ago | (#34545238)

The Wikileaks comparison has more to do with the Sheriff's Office's response to the leak, than the nature of the leak itself. They could've run around saying they were going to track down and dismember anybody who has a copy of the file, but instead their comments to the press focus on the nature of the problem, its possible consequences, and what they're doing about those consequences. Compare to the Wikileaks situation where much of the political hot air is about leaning on one group that's disseminating the information, as though eliminating Wikileaks would somehow stop the information getting around by other means.

Re:This isn't a leak. (2)

gpuk (712102) | more than 3 years ago | (#34545390)

The joke of it is, this mistake/negligence probably has a higher risk of leading to someone getting killed than the wikileaks release does.

Yes it is (1)

Sycraft-fu (314770) | more than 3 years ago | (#34545854)

A leak is a leak. Doesn't matter how or why it happened, what matters is the information was leaked out hence a "leak". Doesn't mean it is a good thing, just means it is what it is.

However for that matter in some of the Wikileaks discussion threads there were people advocating total transparency of government information. I pointed out this would include things like names of people in witness protection and so on and they said that was fine, that the government should figure out how to not need to keep that secret. It'll be interesting to see if people espouse that in this discussion regarding this information.

Regardless, when it comes to leaked info the how and why are completely separate from what it is and if it is a good thing or not. If you feel that the information from Wikileaks is good, where good means "Should have been released for public consumption," then it doesn't really matter how it happened. Had it been a virus, or some kind of computer security breach that would in no way make the information any less good. For that matter in the Wikileaks situation you could well support the release of the information, while simultaneously saying that the reason for its initial release were not good ones (that Manning did it out of spite, not out of morals).

In the case of this it was a leak because of a mistake, not any active action, but still a leak.

I'm on the list. (-1)

Anonymous Coward | more than 3 years ago | (#34545168)

This whole place, everything, it's gone. Just gone. There were survivors. Here, there. Nobody even knew who started it. It was the machines. Defense network computers. New... powerful... hooked into everything, trusted to run it all. Decided our fate in a microsecond: extermination.

Re:I'm on the list. (0)

Dunbal (464142) | more than 3 years ago | (#34545278)

Decided our fate in a microsecond: extermination.

      I said it before, and I will say it again. In computer time a microsecond is a very, very, very long time. So please stop thinking that the machines didn't give us time to change our ways...

Re:I'm on the list. (1)

mlts (1038732) | more than 3 years ago | (#34546406)

Depends... if the machine had to do some virtual memory paging, it might be spending time waiting for the data to get under the HDD head as opposed to deciding the fate of humanity.

This is why you always put your Skynet systems on tier 2 or tier 3 storage. Tier 1 flash storage just lets it decide that humanity has to go a lot faster.

Re:I'm on the list. (1)

mcgrew (92797) | more than 3 years ago | (#34546528)

Data: I did consider it for a time.
Picard: Really? For how long?
Data: Ten milliseconds. But that's a long time for an android.

No wonder Marvin was so depressed!

no need for trying to attach it to WL (0)

Anonymous Coward | more than 3 years ago | (#34545172)

Wikileaks wouldn't released this because it definitely WOULD put peoples lives at risk, and it isn't knowledge that would be for the greater good at all.

Redacting names / contact info wouldn't secure it at all, *any* information in it could identify an individual, they would have to redact the whole thing.

It's only value would be to those seeking revenge.

The fact it wasn't properly secured is of interest. the personal details and reports Wikileaks would agree should remain confidential.

Re:no need for trying to attach it to WL (0)

Anonymous Coward | more than 3 years ago | (#34545198)

But Wikileaks... er... terrorism. Look how bad leaks can be. DEATH PENALTY!

Re:no need for trying to attach it to WL (1)

Lumpy (12016) | more than 3 years ago | (#34545544)

Here's a kicker.... all that info is freely available to anyone along with all their financial records. All it takes is a credit card and a search on Nexis-Lexis.

Re:no need for trying to attach it to WL (1)

TaoPhoenix (980487) | more than 3 years ago | (#34545694)

"To check security, confirm the last 4 digits of your SS #."

Then there's the Family Tree Crawler sites for the Ma's Maiden Name.
Facebook chimes in with Favorite Pet/Favorite Teacher.

A concession to reality (3, Insightful)

Sockatume (732728) | more than 3 years ago | (#34545186)

"'The truth is, once it's been out there and on the Internet and copied, you're never going to regain total control"

That's a remarkably pragmatic approach, and portrays the Sherrif's office as focussed and efficient. Public perception matters a lot in these instances, and while they could've threatened to rip off the ears of anyone who shares the files, it would have had no effect on actual information sharing, at a great cost to their public image in at least some quarters.

It's also nice to see that someone understands what "information wants to be free" means: that information tends to be free, and you have to plan for this.

Re:A concession to reality (1)

chemicaldave (1776600) | more than 3 years ago | (#34545260)

and while they could've threatened to rip off the ears of anyone who shares the files, it would have had no effect on actual information sharing, at a great cost to their public image in at least some quarters.

I think that threat still applies.

Re:A concession to reality (1)

luther349 (645380) | more than 3 years ago | (#34545354)

well thats the kind of stuff you don't want leaked out. this isn't bought cover ups or government lies. but informants that will be killed if a drug lord sees there name. the police know that its out there and theirs not much they can do bought it so why cry bought it. even if the list is old i can bet theirs quite a few people willing to take revenge.

sifting through the database (1)

bl8n8r (649187) | more than 3 years ago | (#34545190)

Is cop-speak for damage control.

Good (1)

srussia (884021) | more than 3 years ago | (#34545202)

Maybe this will help end another useless "War".

Not like (2)

betterunixthanunix (980855) | more than 3 years ago | (#34545708)

More likely, if any informants are harmed, it will be used to justify an escalation.

Charges (3, Interesting)

crow_t_robot (528562) | more than 3 years ago | (#34545204)

I hope someone at the Sheriff's office will be charged with felony negligence for this. I know that leaving a weapon where it can be accessed by a child or a felon is against the law so it should be logical that leaving a database of information open to the world that could easily destroy many lives is worth a felony too.

"To Serve And Protect"...

so you want a low level IT guy to take the heat fo (1)

Joe The Dragon (967727) | more than 3 years ago | (#34545860)

so you want a low level IT guy to take the heat for some PHB lack of knowing about IT?

Re:so you want a low level IT guy to take the heat (0)

Anonymous Coward | more than 3 years ago | (#34546076)

What does either of those people have to do with this? Someone put very sensitive on a publicly exposed resource that could destroy a large number of lives. Whoever did it (PHB or low-level IT guy) should face charges for it.

Re:Charges (1)

mcgrew (92797) | more than 3 years ago | (#34546828)

Most informants are informants because they've been caught dealing dope, and snitch for a lighter sentence. So their lives have already been destroyed by the government itself.

200,000 CI's? (4, Interesting)

Organic Brain Damage (863655) | more than 3 years ago | (#34545210)

Deputies have used the database since 1989 to collect and share intelligence gathered during the course of police work. It contains 200,000 names — Mesa County's population is about 150,000 — and includes investigative files from a local drug task force.

Is it just me or does it seem odd to you that they have 200,000 confidential informants in a county with a population of 150,000? What the frack is going on in Mesa County?

Re:200,000 CI's? (1)

Tolkien (664315) | more than 3 years ago | (#34545222)

They're counting the headcrabs too.

Re:200,000 CI's? (1)

ledow (319597) | more than 3 years ago | (#34545232)

Nobody said "unique names". It could be the same person listed 200,000 times, or anything in between.

Re:200,000 CI's? (1)

Dunbal (464142) | more than 3 years ago | (#34545298)

It could be the same person listed 200,000 times, or anything in between.

      I also predict a strong correlation between the number of bullet holes in the bodies, and the number of times their name appears in the database...

Re:200,000 CI's? (0)

Anonymous Coward | more than 3 years ago | (#34546374)

That's still 200,000 "incidents" in a county with a population of 150,000.

Re:200,000 CI's? (0)

Anonymous Coward | more than 3 years ago | (#34545254)

Some informants are being paid triple rates. Them doughnuts are getting expensive, and the price coffee has gone astronomical long ago.

Re:200,000 CI's? (1)

crow_t_robot (528562) | more than 3 years ago | (#34545262)

That number includes persons of interest in past and current drug investigations. Also, portions of Colorado are a first and second-hop hub for a significant portion of the drug traffic that crosses the border.

Re:200,000 CI's? (1)

Anonymous Coward | more than 3 years ago | (#34545388)

"Deputies have used the database since 1989"

It's likely an aggregate, as you just posted. Unless the population is chained to the floor, this would likely be accurate. 21 years of informants would approach that number.

Re:200,000 CI's? (1)

ultranova (717540) | more than 3 years ago | (#34545598)

Is it just me or does it seem odd to you that they have 200,000 confidential informants in a county with a population of 150,000? What the frack is going on in Mesa County?

They used Diebold machines for accounting.

Re:200,000 CI's? (0)

Anonymous Coward | more than 3 years ago | (#34545698)

It's just you. If you took the time to actually read the summary you would see it says informants and "suspects, victims and others interviewed during criminal investigations". But, OK, 200,000 names is still pretty high.

Re:200,000 CI's? (1)

rriven (737681) | more than 3 years ago | (#34546604)

Deputies have used the database since 1989 to collect...

It has been in use since 1989. So yes there has been more reports of crime in 21 years than people currently live there now.
My guess is that is true no matter where you live.

What an incredible waste of time and resources (1)

digitaldc (879047) | more than 3 years ago | (#34545256)

It would be funny if it wasn't so sad.

Let's hope they get him this time. (-1)

Anonymous Coward | more than 3 years ago | (#34545264)

I hope this time the CIA kills Assange when he publishes these documents because there is no doubt in my mind that he will.
Better yet, they should get him NOW, before he gets more Americans killed.

Re:Let's hope they get him this time. (1)

spynode (1377809) | more than 3 years ago | (#34545392)

If Assange isn't CIA he won't and if he is it's Americans killing Americans anyway. But I guess you're just a troll.

We can all help them (3, Funny)

Again (1351325) | more than 3 years ago | (#34545338)

Everyone on Slashdot should download as many copies as they can and then delete them (Shift + Delete only!). That way the world will run out of copies and everyone will be safe.

Shouldn't have been online in the first place. (0)

Anonymous Coward | more than 3 years ago | (#34545366)

-nt

uh, oh (1)

hesaigo999ca (786966) | more than 3 years ago | (#34545438)

>The breach potentially affects some 200,000
Well we can kiss another 200k people good bye, as soon as the list springs on wikileaks, all mafioso will be checking that list twice to make sure their naughty and not nice!

Well, they *were* informants (1)

elrous0 (869638) | more than 3 years ago | (#34545534)

Methinks this might hurt their ability to recruit informants in the future as well.

Not Quite WikiLeaks Style (1)

SgtKeeling (717065) | more than 3 years ago | (#34545574)

Their concern: That someone may have copied it and could post it, WikiLeaks-style, on the Internet.

My understanding of WikiLeaks-style is redacting information which could put individuals in danger before posting it. In this case it seems like almost the entire database would be redacted. So, are they really talking about this being posted WikiLeaks style? I don't think so.

terrorism (0)

ebonum (830686) | more than 3 years ago | (#34545578)

If Assange is charged with terrorist charges, the police should be charged with the same crime because they did the same thing - Released confidential information. It is important to remember ignorance is not a defense. In this country all people get equal treatment - police and Assange.

Re:terrorism (0)

Anonymous Coward | more than 3 years ago | (#34546492)

Ignorance of the law is not a defence. Intent is always an important consideration in criminal cases.

Re:terrorism (1)

GrumblyStuff (870046) | more than 3 years ago | (#34546686)

Exactly! How many times have we heard that lack of knowledge of the law is no excuse for breaking it? ...but then those were usually just small fries who'd be wipe out by lawyer fees in a heartbeat...

WikiLeaks-Style?! (4, Insightful)

miro2 (222748) | more than 3 years ago | (#34545670)

Their concern: That someone may have copied it and could post it, WikiLeaks-style, on the Internet.

Let's hope they post it WikiLeaks-style. That would mean they spend months coordinating with journalists to redact names and other information that might put individuals' lives at risk. Then, they would only release a few select important parts of the material in a completely responsible manner.

Of course, that is not what the editors and poster were trying to convey by 'WikiLeaks' style. Why insert this useless anti-free-speech FUD into the story?

Re:WikiLeaks-Style?! (1)

An Onerous Coward (222037) | more than 3 years ago | (#34546554)

Just remember whose side the media is on, and interpret accordingly.

Snitches get stitches (-1)

Anonymous Coward | more than 3 years ago | (#34546292)

Informers deserve whatever they get.

And fuck all of you who think the drug laws are a good thing.

Note to self. (1)

Tei (520358) | more than 3 years ago | (#34546306)

Maybe database servers (like MySQL) are safer than stuff like access (or sqlite), since is possible and easy to copy a whole database file mistakely put on /www, while is very rare to put /var/mysql/data on /www

Remember this point when defending database server against database files.

confidential online database of informants (0)

Anonymous Coward | more than 3 years ago | (#34546660)

Something wrong with that sentence?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?