On Tue, Apr 04, 2017 at 05:40:54PM -0700, james woodyatt wrote:
On Apr 3, 2017, at 08:26, Rich Kulawiec <rsk(_at_)gsp(_dot_)org> wrote:
- if the data they provide access to will be retained
- if the data protected by the password will be modified or
deleted
- if the software on the protected device will be modified or
deleted
You're absolutely right, those should be on the list. Let me also add
two more. (1) Given the long, steady, depressing history of massive breaches
of various governments' databases, there is no way to know if passwords
acquired and data siphoned off will be adequately protected. (2) There's
also no way to know what any enterprising person will independently
choose to do with this veritable goldmine of saleable information --
doubly so given the lack of checks and balances, audits, controls, etc.
---rsk