|
|
|
|
|
|
by mike-cardwell
5472 days ago
|
|
|
Agreed. Any submitted data should have been immediately encrypted with a public key who's companion private key was stored offline. It should have then been immediately transferred to a secondary box which was setup with a single function of accepting and storing the data. Ie a box which you can't query over the network for data. As soon as the census closed, the relevant boxes should have been taken offline. The data moved to a "secure" location, and the original boxes wiped and destroyed. Considering the data that was being collected, I don't think this is overkill. |
|
|