-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: Which is the most hair-raising South African mountain pass you've driven?
eNatis inherits security breach
- Thread starter rpm
- Start date
Pathetic, really.
Have they not heard that security by obscurity doesn't work? Have they not read any of the debates around releasing potential software vulnerabilities?
Security is difficult to get right. But to know how you should do it, but fail to do it properly, is different to not even knowing that it should be done in the first place. How do people so clueless end up designing such a huge and important system?
Although I guess we shouldn't be surprised... if they can't make it work at a reasonable speed under reasonable load, what are the odds they'd be able to make it secure?
Have they not heard that security by obscurity doesn't work? Have they not read any of the debates around releasing potential software vulnerabilities?
Security is difficult to get right. But to know how you should do it, but fail to do it properly, is different to not even knowing that it should be done in the first place. How do people so clueless end up designing such a huge and important system?
Although I guess we shouldn't be surprised... if they can't make it work at a reasonable speed under reasonable load, what are the odds they'd be able to make it secure?
Frikkenator
Expert Member
True, but for R460mil they should bloody well find out how!
Basically the system does not work in the first place, and now we find out that when it occationally does work it has no security... Makes you wonder what they've actually done for the R460mil....
The fact that there are security issues, is probably the only 'good' thing about this system. This means that the average man on the street can go to.... any IT professional, and outsource their application, on which the IT professional can delve into the system, and adjust accordingly. Criminals could do the same however....
How do the banks do it??
I know that new or revised system implimentations in the banks can be a real headache. I also know it should be an exspensive trip. With such happenings there are hardly any lasting effect to the client and to the banks business. I also notice when attending to the enquiries desk at Standard bank, the bank staff having to key in their password or swipe their card all the time.......... And how many branches and transactions gets done in a day?
Maybe one can not compare the eNatis situation with the banks or, maybe one can? What can be said however is that things can be done properly and work and make money. And as far as we know the security and audit trails are good and kept. The banks however are far better than the the government with keeping things underwraps!
Yes, yes the whole matter of private versus parastatal etc is in the picture. However the co that did the job is private?? not so?
The chaos that this whole eNatis system caused and are still causing is costing an uncalculatable amount of Rands.
Someone said somewhere here that a bad system that is computerized is still a bad system. Example: To make a appointment for a drivers test:
Stand in a 40min que
Talk to the info counter
stand in a 20 min que
Get an eyetest done
stand in 2 hour que
pay money
stand in 1 minute que
make appointment
Enuff said
I know that new or revised system implimentations in the banks can be a real headache. I also know it should be an exspensive trip. With such happenings there are hardly any lasting effect to the client and to the banks business. I also notice when attending to the enquiries desk at Standard bank, the bank staff having to key in their password or swipe their card all the time.......... And how many branches and transactions gets done in a day?
Maybe one can not compare the eNatis situation with the banks or, maybe one can? What can be said however is that things can be done properly and work and make money. And as far as we know the security and audit trails are good and kept. The banks however are far better than the the government with keeping things underwraps!
Yes, yes the whole matter of private versus parastatal etc is in the picture. However the co that did the job is private?? not so?
The chaos that this whole eNatis system caused and are still causing is costing an uncalculatable amount of Rands.
Someone said somewhere here that a bad system that is computerized is still a bad system. Example: To make a appointment for a drivers test:
Stand in a 40min que
Talk to the info counter
stand in a 20 min que
Get an eyetest done
stand in 2 hour que
pay money
stand in 1 minute que
make appointment
Enuff said
incompetent idiots who drives this country into ground and enrich only themselves in the process.Get rid of them and let people who actually can work do the work.
Whatever this system cost surely they could have/should have a good security!?
Whatever this system cost surely they could have/should have a good security!?
The_Unbeliever
Honorary Master
ebbeh