Jump to content
Be the first to know! Get our Daily Newsletter! ×

Your secrets are safe with us, says Phuket Immigration

snoop1130

By snoop1130
in Phuket News

Recommended Posts

snoop1130 Legendary Member

snoop1130

Posted
Posted

Your secrets are safe with us, says Phuket Immigration
The Phuket News

post-249866-0-76789400-1459340334_thumb.

The database used by Phuket Immigration is not linked to the one breached on Sunday, the Phuket Immigration Chief has assured.

PHUKET: -- The Chief of the Phuket Immigration Office in Phuket Town today said that private information of expats and tourists on the island remains safe and secure.

The assurance by Phuket Immigration Superintendent Col Sunchai Chokkajaykij follows the immigration data breach on Sunday (Mar 27) that saw personal details of thousands of foreign nationals living in Southern Thailand leaked online.

The breach revealed passport details of foreigners in the South, and even maps pinpointing where foreigners lived, with flags representing the foreigners’ nationalities. (See story here.)

“Our database is secure,” Col Sunchai told The Phuket News today.

Full Story: http://www.thephuketnews.com/your-secrets-are-safe-with-us-says-phuket-immigration-56840.php

tpn.jpg
-- Phuket News 2016-03-30

Link to comment
Share on other sites
eisfeld Gold Member

eisfeld

Posted
Posted

Is that the same immigration buro who used to recycle previously submitted paperwork for forms so you could see other peoples private data on the back? Nah, I must be dreaming.

When someone who isn't trained in IT security tells you that a database is secure, think how trusting you want to be. It's like the sales girl of a car dealership telling you that your engine is fine even though it makes funny noises.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Is that the same immigration buro who used to recycle previously submitted paperwork for forms so you could see other peoples private data on the back? Nah, I must be dreaming.

When someone who isn't trained in IT security tells you that a database is secure, think how trusting you want to be. It's like the sales girl of a car dealership telling you that your engine is fine even though it makes funny noises.

When the data is in digital form, it's so much easier to analyse it and for some people to abuse it. The data was available for anybody who accessed the site.

That is the reason why this leakage of 2000+ persons data was so much more severe than some random pages, which one person receives. That also is bad itself, but in a different magnitude.

It's also fortunate, that not all of the data fields were used.

Link to comment
Share on other sites
pinkpanther99 Silver Member

pinkpanther99

Posted
Posted

Well this is great news.

I for one am 100% reassured.

What a relief.

Edit to add - post above is spot on.

Them reusing pieces of paper with details on the reverse is bad enough. However, as the post above says, this data leak is a huge issue, and about as bad as it could get.

Just think about the amount of confidential information we leave in the hands of immigration every single day.

Anywhere else this would warrant a serious investigation but that aint going to happen here.

Link to comment
Share on other sites
eisfeld Gold Member

eisfeld

Posted
Posted

Is that the same immigration buro who used to recycle previously submitted paperwork for forms so you could see other peoples private data on the back? Nah, I must be dreaming.

When someone who isn't trained in IT security tells you that a database is secure, think how trusting you want to be. It's like the sales girl of a car dealership telling you that your engine is fine even though it makes funny noises.

When the data is in digital form, it's so much easier to analyse it and for some people to abuse it. The data was available for anybody who accessed the site.

That is the reason why this leakage of 2000+ persons data was so much more severe than some random pages, which one person receives. That also is bad itself, but in a different magnitude.

It's also fortunate, that not all of the data fields were used.

I agree that this leak was much more severe. Though my point was that the Phuket immigration office has previously shown a low respect for private data and handled things without care. And the person responsible for this is now claiming their IT infrastructure is secure even though he pretty sure is not very knowledgable of these things. I highly doubt they had an audit performed by a reputable computer security company.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

I agree that this leak was much more severe. Though my point was that the Phuket immigration office has previously shown a low respect for private data and handled things without care. And the person responsible for this is now claiming their IT infrastructure is secure even though he pretty sure is not very knowledgable of these things. I highly doubt they had an audit performed by a reputable computer security company.

This leak has nothing to do with the Phuket immigration officers. Absolutely nothing.

The responsibilities lay on the immigration officers, above the Phuket officers, who allowed a web developer to get this data, while it was unmasked to protect the people.

Then the unprofessional web dev company placed the data to the public internet. That was the mistake number two.

Mistake number three was that they got a DNS name, which others could understand.

Only after all of these moronic mistakes, which allowed the data to be accessed by anyone on the internet, the result of the mistakes was relieved to the public.

I saw the website, when it was released and there were hundreds of people from Phuket shown in the map.

Link to comment
Share on other sites
eisfeld Gold Member

eisfeld

Posted
Posted

oilinki: I know that specific leak isn't directly connected to the Phuket immigration office apart from like you said showing data from people who are living in Phuket. And they wouldn't tell if and how much data from Phuket residents was in that database.

But again my point is that the Phuket immigration office is claiming their system is secure while they have shown little competence when it comes to data security and don't have the skill to assess these systems. So how can they claim this?

Link to comment
Share on other sites
gandalf12 Silver Member

gandalf12

Posted
Posted

Our data base is secure.

He probably said it with a straight face.

Immigration offices recycle papers with other peoples details on the back.

So nothing is secure.

With the low level of IT competence in the country they probably believe what they are told and repeat that publicly. Truth is they just have no idea

Link to comment
Share on other sites
Pinot Gold Member

Pinot

Posted
Posted

Do you ever wonder where the mountain of Immigration paperwork ends up? In 7 years just my stuff could fill a room.

Is there even a database? It's third world smoke and mirrors. There isn't even a database of driver's licenses. I doubt once you get that stamp on your passport that any paperwork could ever be found again.

Link to comment
Share on other sites
gandalf12 Silver Member

gandalf12

Posted
Posted

Do you ever wonder where the mountain of Immigration paperwork ends up? In 7 years just my stuff could fill a room.

Is there even a database? It's third world smoke and mirrors. There isn't even a database of driver's licenses. I doubt once you get that stamp on your passport that any paperwork could ever be found again.

Rest assured it is in safe hands. Must be the scammers say it is

Link to comment
Share on other sites
gandalf12 Silver Member

gandalf12

Posted
Posted

Do you ever wonder where the mountain of Immigration paperwork ends up? In 7 years just my stuff could fill a room.

Is there even a database? It's third world smoke and mirrors. There isn't even a database of driver's licenses. I doubt once you get that stamp on your passport that any paperwork could ever be found again.

Rest assured it is in safe hands. Must be the scammers say it is

Link to comment
Share on other sites
Soupdragon Silver Member

Soupdragon

Posted
Posted

Do you ever wonder where the mountain of Immigration paperwork ends up? In 7 years just my stuff could fill a room.

Is there even a database? It's third world smoke and mirrors. There isn't even a database of driver's licenses. I doubt once you get that stamp on your passport that any paperwork could ever be found again.

I just renewed my visa and for the first time they took my picture to be stored on computer the same they do at the airport. Maybe a start to compile a database ?

Link to comment
Share on other sites
LivinginKata Star Member

LivinginKata

Posted
Posted

Do you ever wonder where the mountain of Immigration paperwork ends up? In 7 years just my stuff could fill a room.

Is there even a database? It's third world smoke and mirrors. There isn't even a database of driver's licenses. I doubt once you get that stamp on your passport that any paperwork could ever be found again.

We all know where the photocopies end up ... recycled with forms on the back side.

Yes there is a database .... I can access limited information that our company entered into the database. Basically can search for our guests previous entry into the database.

Link to comment
Share on other sites
gandalf12 Silver Member

gandalf12

Posted
Posted

I agree that this leak was much more severe. Though my point was that the Phuket immigration office has previously shown a low respect for private data and handled things without care. And the person responsible for this is now claiming their IT infrastructure is secure even though he pretty sure is not very knowledgable of these things. I highly doubt they had an audit performed by a reputable computer security company.

This leak has nothing to do with the Phuket immigration officers. Absolutely nothing.

The responsibilities lay on the immigration officers, above the Phuket officers, who allowed a web developer to get this data, while it was unmasked to protect the people.

Then the unprofessional web dev company placed the data to the public internet. That was the mistake number two.

Mistake number three was that they got a DNS name, which others could understand.

Only after all of these moronic mistakes, which allowed the data to be accessed by anyone on the internet, the result of the mistakes was relieved to the public.

I saw the website, when it was released and there were hundreds of people from Phuket shown in the map.

I wonder if they ever thought of approaching a professional software company for a database?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.




×
×
  • Create New...