Go Back   Maryland Shooters > Gun Rights and Legislation > Maryland 2A Issues

Notices


Reply
 
Thread Tools Display Modes
Old September 10th, 2013, 09:22 PM #1
occbrian's Avatar
occbrian occbrian is offline
Senior Member
 
Join Date: Jan 2013
Location: in a cave
Posts: 4,791
occbrian occbrian is offline
Senior Member
occbrian's Avatar
 
Join Date: Jan 2013
Location: in a cave
Posts: 4,791
MSI UPDATE

As you are aware, the Maryland State Police have enlisted the help of multiple non-MSP agencies and tasked up to 200 employees with entering Personal Identifying Information (PII) for the MSP in order to reduce the current backlog. In their Press Release, the MSP assured us that the information was secure and that we have nothing to worry about

MSI has spoken to multiple sources within these agencies and confirmed that this is not the case. There are serious concerns and issues that need to be addressed.
Employees are accessing a searchable database of 77R forms.
The web portal to that database is insecure, does not use SSL, has an expired security certificate and is accessible from anywhere on the Internet. It is not contained within Maryland Government networks.
All of the employees were given the same login and password.
The database is searchable. You can search by name and even enter partial searches.

From what we understand, the original 77R’s have been scanned in .TIF format and placed on encrypted disks. The employees are accessing the data from the disk and entering it through the insecure web portal.

However, since they all use the same login, it will be virtually impossible to know who accessed what information and when. It also means that if the login information is shared with an outside source, the MSP would have no way of tracking down the source of the leak and enforcing their “confidentiality agreement.”

This information is accessible from anywhere if you have the login information. You can even access it from a smartphone.

Martin O'Malley and the Maryland General Assembly spoke at length about how they want to make Maryland safer through strict gun control. It is UNFATHOMABLE that people who claim to be proponents of making our state safer could allow such a grievous breach of security. Not only did MSP allow unauthorized persons to view and input this information, they now are allowing it to be transmitted online without any encryption into a database where everyone shares the same account.

Understand in very simple terms: Your recent order with Amazon.com is FAR more secure than your personal identifying information with the Maryland State Police.

As of right now MSI is working with some of our 2A friendly delegates to find out these answers but we believe that you should know exactly what is going on at this moment.

Delegate Mike Smigiel has submitted two PIA requests to the MSP. You can read the requests here. http://delegatemike.com/pia-request/

We will update you with any information as it develops and we appreciate your support. Without you and your support, efforts such as these would not be possible.
occbrian is offline   Reply With Quote
Old September 10th, 2013, 09:26 PM #2
DC-W's Avatar
DC-W DC-W is offline
¯\_(ツ)_/¯
 
Join Date: Jan 2013
Posts: 18,920
DC-W DC-W is offline
¯\_(ツ)_/¯
DC-W's Avatar
 
Join Date: Jan 2013
Posts: 18,920
Ho lee FUK
This is worse than I think anyone could imagine.
DC-W is offline   Reply With Quote
Old September 10th, 2013, 09:26 PM #3
DEX's Avatar
DEX DEX is offline
scruffy-lookin nerfherder
 
Join Date: Aug 2013
Location: Glen Burnie, MD
Posts: 336
DEX DEX is offline
scruffy-lookin nerfherder
DEX's Avatar
 
Join Date: Aug 2013
Location: Glen Burnie, MD
Posts: 336
DEX is offline   Reply With Quote
Old September 10th, 2013, 09:27 PM #4
csanc123 csanc123 is offline
Senior Member
 
Join Date: Aug 2009
Location: Montgomery County
Posts: 3,270
csanc123 csanc123 is offline
Senior Member
 
Join Date: Aug 2009
Location: Montgomery County
Posts: 3,270
Ok...I thought I was pissed before. No words to describe my anger now...that site needs to be shut dafuq down. Please tell me it is not still up and running!!!
csanc123 is offline   Reply With Quote
Old September 10th, 2013, 09:28 PM #5
occbrian's Avatar
occbrian occbrian is offline
Senior Member
 
Join Date: Jan 2013
Location: in a cave
Posts: 4,791
occbrian occbrian is offline
Senior Member
occbrian's Avatar
 
Join Date: Jan 2013
Location: in a cave
Posts: 4,791
Quote:
Originally Posted by csanc123 View Post
Ok...I thought I was pissed before. No words to describe my anger now...that site needs to be shut dafuq down. Please tell me it is not still up and running!!!
It is. We have the URL, but we will not share it given the major security concerns.
occbrian is offline   Reply With Quote
Old September 10th, 2013, 09:30 PM #6
DC-W's Avatar
DC-W DC-W is offline
¯\_(ツ)_/¯
 
Join Date: Jan 2013
Posts: 18,920
DC-W DC-W is offline
¯\_(ツ)_/¯
DC-W's Avatar
 
Join Date: Jan 2013
Posts: 18,920
Well if there weren't blatant grounds for lawsuits...
There are now...
DC-W is offline   Reply With Quote
Old September 10th, 2013, 09:31 PM #7
dfens42's Avatar
dfens42 dfens42 is offline
Publius
 
Join Date: Jun 2012
Location: Free America-WV Province
Posts: 2,333
dfens42 dfens42 is offline
Publius
dfens42's Avatar
 
Join Date: Jun 2012
Location: Free America-WV Province
Posts: 2,333
Wow...as a security professional...this is just inexcusable.

**** me sideways.
__________________
Sons of the American Revolution, Tygart Valley, WV Chapter Member
MSI Member
SAF Member
NRA Member
MD Designated Collector

Si vis pacem, para bellum.

Malo periculosam, libertatem quam quietam servitutem.
dfens42 is offline   Reply With Quote
Old September 10th, 2013, 09:33 PM #8
dlmarion dlmarion is offline
Member
 
Join Date: Feb 2013
Location: Carroll County
Posts: 508
dlmarion dlmarion is offline
Member
 
Join Date: Feb 2013
Location: Carroll County
Posts: 508
Are they obligated by law to safeguard our information?
__________________
U.S. Navy Veteran
NRA Life Member
Baltimore Rifle Club
dlmarion is offline   Reply With Quote
Old September 10th, 2013, 09:33 PM #9
ibang1's Avatar
ibang1 ibang1 is offline
Senior Member
 
Join Date: Jan 2011
Location: Perry Hall
Posts: 1,931
ibang1 ibang1 is offline
Senior Member
ibang1's Avatar
 
Join Date: Jan 2011
Location: Perry Hall
Posts: 1,931
Funny how the place I work have fired people for sharing their computer accounts. Sound like a huge compromise on system access. Maybe it's time to submit a lawsuit.
__________________
Andy Andrews, "The most dangerous thing any nation faces is a citizenry capable of trusting a liar to lead them."
ibang1 is offline   Reply With Quote
Old September 10th, 2013, 09:34 PM #10
DEX's Avatar
DEX DEX is offline
scruffy-lookin nerfherder
 
Join Date: Aug 2013
Location: Glen Burnie, MD
Posts: 336
DEX DEX is offline
scruffy-lookin nerfherder
DEX's Avatar
 
Join Date: Aug 2013
Location: Glen Burnie, MD
Posts: 336
Quote:
Originally Posted by dfens42 View Post
**** me sideways.
Apparently there was more security on that word than our personal info...
DEX is offline   Reply With Quote
Reply

  Home Page > Forum List > Gun Rights and Legislation > Maryland 2A Issues


Currently Active Users Viewing This Thread: 2 (0 members and 2 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 08:00 AM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
© 2017, Congregate Media, LP Privacy Policy Terms of Service