chlod Sep 29, 2025

to apply for a "Philippine National Public Key Infrastructure" certificate, the Department of Information and Communications Technology website sends you to Google Sites before it sends you to the application portal

i'm starting to think that this department doesn't really understand security that well

Show threadchlod Sep 29, 2025

and they have their own Root CA certificate, which means you have to manually install this on your computer and also trust the government to always always always properly verify identities before giving out certificates

"trust the government" when the government has a long track record of not being trusted is quite a big ask

Show threadchlod 

same government wants to put all government documents on a private blockchain, because it'll "increase government transparency"

same government is also currently in an internal crisis due to widespread corruption that has now led to numerous high-ranking officials to be accused of stealing funds from flood control projects, so i don't think "blockchain" is the silver bullet to corruption that they think it'll be

Sep 29, 2025 at 1:54amWeb
Show threadchlod Sep 29, 2025
oh, and also the DICT and eGovPH website has historically been hosted on an IP that traced back to a Singapore AWS datacenter and then a few months back they put everything through Cloudflare, so i can rest assured that not only is my government sensitive PII being stored offshore, it's also being routed through Cloudflare
Show threadchlod Sep 29, 2025

oh and... also this fucking failure

this has become a DICT rant thread and i apologize but also this is a hatred years in the making