Wednesday, 14 January 2009

Of course, this will never happen here ...

... oh, no:

A New York City Police Department sergeant has admitted he illegally obtained a name contained in an FBI terrorist watchlist and gave it to an acquaintance to use in a child custody case.

According to documents filed in federal court in Manhattan, Khalil lacked the authority to access the information, so he used a fellow cop's username and password to gain entry. Remarkably, the fellow officer left his credentials on a notepad so his co-workers could access the system when he wasn't around.


Easy as that, huh?

The episode is exactly the kind of red meat that feeds critics of government watchlists, who say such databases are rife with potential for abuse. Law enforcement officials say such databases are carefully restricted, but as Khalil's guilty plea demonstrates, the measures can often be easily circumvented.


No shit, Sherlock.

4 comments:

Anonymous said...

Khalil, huh?

Hmmmmm.

Might be a few running our ID card database one day. Unless I'm the DBA, in which case they're fucked.

AntiCitizenOne said...

> Remarkably, the fellow officer left his credentials on a notepad so his co-workers could access the system when he wasn't around.

I think that the "fellow officer" should be sacked first.

Anonymous said...

How suitably fucking careless.

Shug Niggurath said...

I regularly phone other offices in my company and namedrop then ask for username and password for some internal system just to prove the point that it's easy.

In five years not once have I been challenged.

I urge you all to try it.