Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Reminder: Avoid posting 'sensitive' data

by Masem (Monsignor)
on Nov 16, 2001 at 22:48 UTC ( #125888=monkdiscuss: print w/ replies, xml ) Need Help??

Today there was a case where someone posted a question using real data; certainly not a problem in of itself as we encourage folks to post as much as they can give us about their problems in order to solve them. However, this real data has real names and real email addresses and real physical addresses. Becuase of concerns of privacy, I took editing action and munged the names and addresses to nonsense ones, just to protect those people that were actually named, but keeping the question and data format untouched. I don't blame the person that posted the original question, only because it's easy to forget to 'protect the innocent' when you post a question.

I'm only posting this to remind people that when they post code or data, they should take all steps to make sure that no personal or security information is given away, at least beyond those items that are your own. (Eg., I control my email address, but no one else does). This is not only important when you post data, but also when you post code; particularly if, for example, you have your code establish a user/pass connection to a DB; if you leave your username and password in place in the code, that's definitely not secure. Similarly, it's probably a good idea to munge server names and file locations that are special and not public as with a combination of either, a malicious hacker can wreck havoc on your system.

-----------------------------------------------------
Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain
"I can see my house from here!"
It's not what you know, but knowing how to find it if you don't know that's important

Comment on Reminder: Avoid posting 'sensitive' data
Re: Reminder: Avoid posting 'sensitive' data
by Washizu (Scribe) on Nov 19, 2001 at 20:25 UTC

    I agree with you that posting someone's information without their permission is immoral especially since it can so easily be worked around when posting your code, but how did you know the author of the question was using real data?

    -----------------------------------
    Washizu
    The best offense is a good offense.

      The names and addresses that were used look more like real names than names like "John Smith", "Joe Sixpack", or "John Q Public". When you've seen enough code and both real and 'munged' data, you can easily tell the difference.

      -----------------------------------------------------
      Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain
      "I can see my house from here!"
      It's not what you know, but knowing how to find it if you don't know that's important

Data Protection Act
by Ea (Friar) on Nov 20, 2001 at 16:40 UTC
    Britain's Data Protection Act, whose latest features went into force Oct 24th 2001, hands out heavy-duty penalties for anyone responsible for private information who allows it, by ommission or design, into the public domain. It also places the onus on keepers of data to maintain updated and accurate data. This applies to paper records as well.

    Ea :wq

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: monkdiscuss [id://125888]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (7)
As of 2014-11-27 22:01 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My preferred Perl binaries come from:














    Results (188 votes), past polls