The Blind Leading the Blind
Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: The Blind Leading the Blind

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830

    The Blind Leading the Blind

    You probably wouldn't take medical advice from a doctor who was obese and smoked 2 packs a day. You probably wouldn't be inclined to send your kids to school if the teachers couldn't pass their own quizzes. Along those same lines maybe you should be careful how much trust you put in the Department of Homeland Security to protect our networks and critical infrastructure. According to this News.com article , the Department of Homeland Security received a grade of 'F' in this year's government computer security audit. The overall grade for the government as a whole was a 'D'- not something to be proud of.

    See article: Feds get a ‘D’ in computer security

  2. #2
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    LMFAO


    Muhahahahahaha

    now the world wil bow for me, for I am root !!
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Actually, this isn't funny. The DOJ and a number of other Federal agencies have received poor or failing marks. Overall, the U.S. Government received a D when it came to security efforts.

    The only thing that made me feel somewhat good is that the NRC got an A. Nice to know that the nuclear facilities are on the ball.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Hoss: Here's the $64,000 question.......

    What did your department get? You work for one of them right? It'll go a long way to propping up your credibility round here...... <WEG>
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Hoss: Here's the $64,000 question.......

    What did your department get? You work for one of them right? It'll go a long way to propping up your credibility round here...... <WEG>
    Let's just say that if we presented our report card to our parents, we'd be grounded for quite a while...

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Hoss: OUCH!!!!

    Allow me to give you some pointers.......

    1. A firewall is a device that keeps malcontents and spies out of your systems.
    2. Remove the Iranian Embassy and Al-Quaida from the Master Password distribution list.
    3. Documents marked "Top Secret" probably shouldn't be published on your web site.
    4. The camoflaged box in the corner of your office that is connected to the hub next to it is not there for you to keep your mum's picture on..... It's a sniffer.... You should probably disconnect it from the hub.
    5. That arab looking chap that brings the mail and helps you "fix" you computer isn't just a mail chap..... Consider not letting him help "fix" your PC in the future..... Even if it means you can't play CS......

    There, now you should be all ready for an "A" next year...... <snikker>
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    I think the whole thing is pretty sad (no offense theHorse13). They do these audits year after year, and year after year the government as a whole pretty much fails. It is that much worse when you consider that the DHS is supposed to be guiding national security efforts, but got an 'F' themselves.

    Amit Yoran and the DHS recently (October) conducted a mock cyberattack to test the resilience and stability of the critical infrastructure. They released the report as if this was new stuff they discovered- failing to take into account or realize that the Black Ice exercise was done back in like 1988 and found pretty much the same stuff. So basically 5 years have gone by and nothing has been done with the results of the cyberattack tests they performed back then. Hopefully they do something to change it this time.

    Reading books like Black Ice by Dan Verton or The Myth of Homeland Security by Marcus Ranum highlight some of the issues that the government is aware of- or should be- but hasn't really done anything relevant to fix.

  8. #8
    This report doesn't surprise me. Government agencies are no different from any corporation. The agencies are as good as the people that lead them. If those people that lead don't understand the technology or make the appropriate changes to, in this case, set a good example, then I expect those agencies to get failing grades. Is setting a good example part of their agenda, being that they are homeland security, or is it the bottom line?
    - Boyam


  9. #9
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Yes, the problems are certainly visible and can easily be remediated, however, the one thing that exists in Government more so than corporations, is red tape, buerocracy and politics. These things pretty much stop efforts dead in the water.

    Tiger,

    Do mean the nice Arab fellow who offered to monitor my netowrk for me might be lying about his intent?
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  10. #10
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Originally posted here by thehorse13

    Do mean the nice Arab fellow who offered to monitor my netowrk for me might be lying about his intent?
    Gosh... I should hope not. We've had several nice Arab fellows offer to do this for us. We even setup an array of wireless access points so they could do it from their apartments 12 blocks away... hmmm... now that I think about it... I wonder if they have anything to do with the hundreds of thousands of dollars that keep getting wired to the wrong accounts!?

    On a more serious note:

    I wasn't surprised to read the findings... What more can you expect?

    We're talking about the US .gov... they almost always do everything bass ackwards.
    Why start with the 'A' when you can start with the 'F' and work your way up?

    It makes you look like you are actually working.

    If you start with an 'A' and then go down... then it looks like you are slacking.

    If they did something right the first time... we might just start to expect that from them.
    They can't have that happening!
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •