On 4/1/12 10:00 PM, Bill Davidsen wrote: > I am doing some work for an agency which has a requirement that they will > have a > recent copy of all passwords stored on any computer accessing their site. > Previously I was able to use an HTML file which did the job, it doesn't work > with recent SM versions. > > This isn't a discussion of whether that's a good idea, it's a policy > requirement, and not worth quitting over, since I got a letter from the legal > department saying I had told them it was a bad idea, and I'm not on the hook > if > there's a compromise. > > It will be done, the question is if there is a way to do it easily and get it > on > dead trees. > > Oh, and a way to conveniently move a limited number from one machine to > another > would be a time saver, as well. If there is such a thing. >
Have the legal department re-examine the issue. Your client wants a copy of all MY passwords if I access its Web site. That is, your client wants a copy of a file on my computer that I do not want to share with anyone. I believe that, in the U.S., this is a criminal offense. Even for a law enforcement agency, this is illegal without a search warrent. I am quite sure that, in the EU, this is definitely a criminal offense. When I was a software engineer, I would definitely have refused to comply with this request. I would have also informed the appropriate law enforcement agency. (If the request originated from a law enforcement agency, I would have informed my Representative and Senator in Congress; however, I never had any law enforcement agency as a client.) -- David E. Ross <http://www.rossde.com/>. Anyone who thinks government owns a monopoly on inefficient, obstructive bureaucracy has obviously never worked for a large corporation. © 1997 by David E. Ross _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
