Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So, to summarise - burning it to CD is actually fine, but they should have used an in-house courier.


Please don't be uncharitable in HN comments; i.e. please don't choose a weak interpretation of what someone said in order to make it look bad.

We detached this subthread from https://news.ycombinator.com/item?id=12128662 and marked it off-topic.


Not Danish so I don't know their laws, but in the US not encrypting the disk would be a violation of HIPAA. In-house courier would work but isn't necessary. FedEx at least, I am sure the others do too, provide services for transporting secure information. Though you have to make use of them, you don't just drop it off with the regular shipping as seems to have been done here.


No, not really, and I said as much.


How much effort is it to encrypt the contents first, virtually none. Items get dropped, go missing, etc. - given the importance of the data then they should have both encrypted (one-time pad, used a secure side-channel to pass the key at the point when it was required) and used a trusted delivery system.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: