MTAS and other NHS websites

[PeteM]

vickyvicky@egypt.com wrote:
> Quoting Peter Tomlinson <pwt@iosis.co.uk>:
>>
>> Putting it another way, if Channel4 was simply given a URL and nothing
>> else, could they access the data during its window of availability?
>>
>> PeterT
> 
> To the best of my knowledge, the file was placed in the /info folder, so 
> anyone knowing the filename could have downloaded it. They probably 
> could have viewed the filename in the directory listing too.


In last night's Ch4 item, they said a doctor only had to change two 
digits of the URL that pointed to his own data, to get a valid URL for 
data referring to another doctor. (I think it was two.)

-- 
Pete Mitchell