Wednesday, December 03, 2014

(No) Need to Know

Alt title: "We could tell you, but then we'd have to kill you."

The story:

"[O]fficials at the Treasury Inspector General for Tax Administration ... are giving members of the public just enough information about a TIGTA review of IRS security testing to suggest that there might be cause for concern."

That's the take-away from security audits of the site (which many of us have been using of late). Aside from the usual spinning wheels (both visual and metaphorical), there's a heightened sense that the site itself is just a bit, well, creepy: this morning, I met with a client who received a text message on her cell last Friday, admonishing her to complete her enrollment (which we're in the process of doing). But the overarching concern is that the site is unsecure, and the latest dope from DC does little to assuage this:

"TIGTA officials have put the results of their review in a heavily redacted report."

Just how redacted, you ask? Well, here's a sample 1000 words:

[click image to embiggen]

And that's just the highlights. Even the Table of Contents page is edited like that, and it only gets worse. One wonders, not unreasonably, what the folks at HHS and their partners are so concerned about letting us know. After all, their own resident guru thinks we're too stupid to understand it, anyway.

And this statement, intended to make us feel all warm and fuzzy, does nothing to allay that sense of foreboding:

"Our concern is that the expected results should be accurate and complete in order for the testers to fully understand what they are testing and for the testers to be able to adequately compare the actual results to the expected results."

blog comments powered by Disqus