Alberta Budget 2010 website – security through obscurity

Tomorrow, Tuesday, is budget day here in Alberta. Like many Albertans, I am curious about what Finance Minister Ted Morton is going to deliver, so I started poking around online. First stop, last year’s budget, available at http://budget2009.alberta.ca/.

Seems logical that the 2010 budget would be at http://budget2010.alberta.ca. So I tried that URL, and was prompted with a login screen. First thing that came to mind was “administrator” and “password”. Voila:

Fortunately for Mr. Morton, the documents don’t appear to have been uploaded yet. You can see all the placeholders though, which is kind of funny. And it seems you can leave feedback.

It does reveal the theme of the budget, Striking the Right Balance. Last year was Building on Our Strength.

This is what is known as “security through obscurity”. It’s not really secure, it’s just hidden. I’d suggest that programmers working at the Government of Alberta invest in Writing Secure Code, a fantastic book on the subject.

I hope this isn’t a reflection of the budget we see tomorrow…cutting corners, etc.

UPDATE: Sometime around 9:45 AM today they changed the password, and I think pointed the virtual directory somewhere else.

UPDATE2: The Journal wrote about this today.

UPDATE3: The site is now officially live with all the budget documents. Enjoy!