IRS Leaves Taxpayer Data Largely Unprotected

LogError writes "Two weeks ago, Department of Treasury received a D-minus grade in the Federal Computer Security Report Card for 2005, down from a D-plus grade in 2004. The majority of Treasury systems are those belonging to IRS. The government-wide computer-security grade for 2005 was D-plus, while Homeland Security and Defense both received an F. Grades are based on reports submitted to Congress by the agencies; the reports are required under the Federal Information Security Management Act of 2002.8 The scores are meant to reflect whether departments meet federally mandated security standards."

The IRS is insecure?!?!?

[Anonymous Coward]

No [nwsource.com] shit [zdnet.com] ? [techlawjournal.com]

IRS is in the middle of a change over anyway

[vtechpilot]

I work for a company that creates electronic filing software for the IRS, and I work with them on a regular basis. While Electronic filing has really only been popular the last few years its history goes back a very long time (in computer years). For example, currently to file a form 1040 electronically, it gets formatted in custom text format, attached to a whole bunch of other forms, gets all sorts of headers and summary information tacked on. It gets gzipped, then pushed through a z-modem connection over a telnet session, inside of an SSL connection. Why? Because it evolved that way. There was a time when electronic filing meant putting magnetic media in the mail. So the file formats go way back and are all fucked up because they are constantly updating the forms in respons to legislation. when they stopped with the magnetic media and started using modems, the whole thing was run like a BBS, so ta-da z-modem. When the bbs system was moved to the internet, it became telnet. Then they said oh shit its on the internet, we need encryption, so they moved that into an SSL connection.

Case in point the whole system is fucked up because its doing things it was never designed to do. So now we introduce Modernized E-File. MEF is basically the IRS rebuilding its entire system from the ground up. File formats are getting moved to XML, the network connections are moving to SOAP, and all sorts of other cool stuff.

Given the amound of stuff thats going on right now I would expect them to be scored poorly because basically the existing system is held together with duct tape while the new system is being built, and the new system probably wasn't considered in the score since its not completly up and running yet.

Re:Security, the Gold Standard

[Millenniumman]

A billion can also be 1000000000000, or 10^12 in the long scale which is used in most non-English speaking countries.

Entire report card

[flooey]

For those interested, the entire report card is available here [house.gov].

Re:Careful...

[Elemenope]

The SC has ruled (on more than one occasion) that a person cannot lawfully evade filling out an accurate Tax statement, ergo it is compelled and not volunteered, ergo it is not admissable against you in criminal proceedings not involving tax evasion.

The report card

[OldManAndTheC++]

The full report card [house.gov] is certainly interesting, especially since those agencies that have high profiles in national security matters (Defense, State, Homeland Security) all received an "F". Department of Justice (think FBI, DEA), and the Nuclear Regulatory Commission fared about as poorly with a "D-".

The Social Security Administration scored an "A". As I recall they were also one of the first federal agencies to complete their work on the Y2K project. Score another one for monolithic bureacracies over fragmented bureaucracies :)

Re:Just one more reason to enact the FairTax

[pi_rules]

Also, Walmart would rule the world with this one. Their lower prices would now be significantally lower than the mom and pop shops, since the tax overhead is much higher.

I haven't worked it out yet, but it sounds false to me at first glance. Let's see if this is true.

Let's say I make $100 under the current system. Immediately 30% is lopped off by the Federal government (give or take a little here and there) so I have $70 to buy stuff with.

Let's say state sales tax is 6%

If Wal-Mart has an item for $5 we'll presume the mom-and-pop has it for $6 -- a 20% increase in the overall price. Sound fair?

The final cost at Wal-Mart would be $5.30, or (5.30/70.00) = 7.57% of my take-home income.

The price at the mom-and-pop is $6.36 or (6.36/70.0) = 9.09% of my take-home income.

Now under FairTax the Feds would have a 23% sales tax.

The final price at Wal-Mart (5.00 * 1.06 + 5.00 * 1.23) = $11.45. Then (11.45/100.00) = 11.45% of my take-home income.

At the mom-and-pop: (6.00 * 1.06 + 6.00 * 1.23) = $13.74. Then (13.74/100.00) = 13.74% of my take-home income.

Percentage increase at Wal-Mart is (11.45/7.57) = 151% increase
Percentage incrase at mom-and-pop is (13.74/9.09) = 151% increase.

Nope... not seeing the Wal-Mart advantage here.