May 28th, 2006, 05:06 PM
Public and corporate policy both play signficant roles in data security, and indeed some of the largest breaches of data integrety that have taken place in recenty history weren't due to architectural issues, but rather SOP related ones.
Originally posted here by ZomBieMann77
Shouldn't this be in cosomos? Its not a security discusion. Its a politcal rant.
Need I mention the recent loss of millions of private records from the US Department of Veteran Affairs as an example? With all of their security, the data ended up being lost because an employee took the files home to his apartment to work on. While they publicly claimed it was against policy to do so, it appears that such incidents were part of an informal SOP of the agency.
Cosmos was designed for vague philosophical and political discussions that aren't specific to the topic of security. Why do I know this? Maybe because I'm the one that originally set it up, at the request of one of the members of this site that went by the name "Terr". If I felt that this post had belonged there, I would have posted it there.
Perhaps you should contribute something to the conversation at hand if you have something intelligent to say, rather than trying to play the role of hall monitor? Thanks.
May 28th, 2006, 05:19 PM
Not trying to be the hall monitor here, but it was me who requested Cosmos... Terr requested Addicts
Cosmos was designed for vague philosophical and political discussions that aren't specific to the topic of security. Why do I know this? Maybe because I'm the one that originally set it up, at the request of one of the members of this site that went by the name "Terr".
May 28th, 2006, 05:21 PM
AH you're right! I remember now, it was you. I'm getting old, so my memory is starting to fade quickly, ha.........
Originally posted here by Negative
Not trying to be the hall monitor here, but it was me who requested Cosmos... Terr requested Addicts
And, you're still alive? How's things?
May 28th, 2006, 05:33 PM
I'm doing very well, thank you - I'm still winning all AO popularity contests
What have you been up to?
Oh, and on topic: at least with this government we know that we're being monitored, we know that the law is of lesser importance than the nation's "security". Big Brother may be watching, but at least we can feel him breathing down our necks - it's not easy to camouflage a behemoth. In that regard, the Big Brother-ness of this government is as effective and subtle as all its other policies - a lot of barking, but no biting.
May 28th, 2006, 06:49 PM
Actually, a better title for this would be, Zero Day Exploits. The Latest Political Hot Topic in Data Security.
The fact is, zero day exploits are not new and have been doing tons of damage for years now. Take a look at the botnet armies formed because of zero days.
How long have you gotten SPAM before the politicians cared? I'll tell you the exact moment they cared. When they were effected. Same goes for this.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
May 28th, 2006, 09:38 PM
The original post was going along just fine until JP, as is his want, used the word "Bush"... At that point it became obvious that rather than be objective about the issue he was raising you chose to make it a silly political debate. JP, wake up! This has nothing to do with republicans or democrats. It has nothing to do with the christian right or the athiest liberals... (be careful before you tell me where I stand). People who go into politics go into it because of the power they can gain. There's no real limit to what they will do to increase that power... and that's the same for _all_ of them and you are naive if you think differently.
The point you tried to bring up before you slung your childish hissy fit about Bush is valid but for a reason you don't seem to have yet grasped. It really doesn't matter what the government can see... It really doesn't matter who in the government chose to use what they see in a fashion they shouldn't - because they get caught doing it in the end - because they are generally stupid. The real danger is the fact that they are stupid and have no clue as to computer security and security in general. That's when our data gets lost by the government to those that do have brains.
The fact that they have access to our data isn't the problem... It's the fact they have no clue as to how to protect it from others that is our problem and that's why they should be stopped from collecting anything but specifically targeted information.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
May 28th, 2006, 09:53 PM
This seems to be a rather confused political diatribe, with a misleading title.
The basic facts, as I see them are:
1. Politicians legislate on matters they do not understand. They have done this since the occupation was invented, and they will continue to do so no matter what party is in power.
2. Politicians are control freaks, and care little about the mechanisms. The illusion is the important factor.
3. The situation described is not restricted to the USA. It is pretty common throughout the World and affects democracies and dictatorships alike.
4. The issue is not one of data it is one of information , which is much more far reaching.
5. Similarly, the issue is not one of simple information protection, it also encompasses personal privacy, which is more far reaching.
Now, the basic problems we face are that:
1. Most of the population has no idea about IT, nor do they understand IT terminology.
2. These are the majority of the people who vote in the legislation and approve the activities mentioned earlier.
3. It is obvious to me that if you showed the original post to the majority of people who elect our leaders, they would not understand, and their eyes would glaze over.
4. We are a very small minority and are not considered "opinion leaders" in society..........does the term "geek" ring any bells?
Actually, no, you need not, as it is totally irrelevant to the original premises. That was a case of having an adequate security policy, and allowing it to be overriden by people who just did not have the authority (obviously they had the POWER). This is very similar to the problems revealed in the Japanese authorities a few months back.
Need I mention the recent loss of millions of private records from the US Department of Veteran Affairs as an example?
Fine having electronic security policies, but if you do not enforce their physical counterparts you are just wasting your time.
So what can we do about all this? well, sadly, the realistic answer is: "nothing". Unless you can get yourself elected to a prominent political position.
It would be a start, however, if we were to use understandable terminology and concepts when talking to the majority who elect our governments. They understand "personal" and "confidential" information
They do not understand "zero day" and "data"........................that is just computer jibberish to them.
May 28th, 2006, 11:17 PM
Internet monitoring is nothing new, nor is it soley a "Republican" thing as others have been saying. Clinton had already planted the seeds of Internet usage monitoring long before Bush did. Check out Executive Order 13133 that Clinton signed, as well as FIDnet.
While FIDnet claimed is was only for protecting federal systems, there was some indication it would eventually spread to private sectors.
from this article.
A draft copy of the FIDnet proposal states that the intrusion detection networks would cover critical government and eventually private-sector information systems
I'm trully getting tired of uneducated Bush & Republican bashing. Like the jackasses whom blame Bush for outsourcing. Nevermind that Clinton advocated outsourcing and increased funding for the OPIC (Let's not forget about NAFTA, the WTO, and Fast Track Legislation). It also wasn't too long ago that I remember Clinton saying the same things about Iraq and ordering military strikes against Iraq. "Saddam (Hussein) must not be allowed to threaten his neighbors or the world with nuclear arms, poison gas or biological weapons," Clinton said.
"The best way to end that threat once and for all is with a new Iraqi government -- a government ready to live in peace with its neighbors, a government that respects the rights of its people," Clinton said. this article.
Sound familiar? It's funny how quickly Bush bashers forget events that occured long before Bush ever took office.
The object of war is not to die for your country but to make the other bastard die for his - George Patton
May 29th, 2006, 12:12 AM
Not only is the US Government seeking "total information awareness" of all that we say and do in the evolving digital realm, they also seek to censor communications that they deem inappropriate. The Republican controlled US Government has been proposing and enacting legislation that contains language like "indecency" and "obscenity", in effect criminalizing thoughts and ideas that they feel "inappropriate" for society.
Along with big brother monitoring individual communications that take place world-wide, he seeks to imprison those that are communicating concepts that he arbitrarily deems unfit based on vague religious principals.
Could you give some specifics here? What specific "communications" are they "seek[ing] to censor"? What "thoughts and ideas" are they "criminalizing"?
For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
(Romans 6:23, WEB)
May 29th, 2006, 03:51 AM
Re: Zero Day - The New Number One Threat To Data Security
What a crock of ****, lets face it here. You don't know programming, this site is a tetament to that, you don't know security or your posts would have content and value, and you don't know buisness or your other get-rich-quick schemes would have worked.
Originally posted here by JP
I was working diligently with the FBI and Pentagon to develop ways to profile and track down the individual hacker and groups that were attacking site after site, breaching both individual privacy, and national security, interrupting e-commerce and destroying consumer confidence in online transactions, along with putting matters of national interest at risk.
So, that leaves me with one possible reason for this kind of statement, you want recognition, something you'v probably never had.
I'm going to stop the analysis there before I start heading out on things that might incite a riot.
With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!
Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.