Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Intelligence Agencies and Server Choices

  • Subject: Re: Intelligence Agencies and Server Choices
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Mon, 17 Oct 2005 02:35:51 +0100
  • Newsgroups: comp.os.linux.advocacy
  • Organization: schestowitz.com / MCC / Manchester University
  • References: <077b23-mi9.ln1@dog.did.it> <1uhcm14kuhu5k$.dlg@funkenbusch.com>
  • Reply-to: newsgroups@xxxxxxxxxxxxxxx
  • User-agent: KNode/0.7.2
__/ [Erik Funkenbusch] on Monday 17 October 2005 02:10 \__

> On Mon, 17 Oct 2005 02:18:08 +0200, Roy Culley wrote:
> 
>> http://slashdot.org/articles/05/10/16/2040216.shtml?tid=95&tid=99
>> 
>> What's this got to do with Linux I hear you say. Well, according
>> to netcraft they are running Apache on Linux:
>> 
>> http://uptime.netcraft.com/up/graph?site=www.mi6.gov.uk
>> 
>>     http://www.mi6.gov.uk was running Apache-AdvancedExtranetServer on
>>     Linux when last queried at 13-Oct-2005 01:40:28 GMT
>> 
>> Now we know just how much HMG sucks up to Dubya and MS but when
>> security really matters OSS and Linux win the day.
> 
> I think it's pretty damned unlikely that the site is anything more than a
> "brochure" site.  In other words, only containing public relations
> information, nothing critical or sensitive.
> 
> As such, the choice of Linux (or Windows for that matter) has nothing to
> do with when "security really matters".

Read my post which is bound to the parent, then go to:

http://www.fbi.gov/congress/congress05/bald092105.htm

Down the page under the heading "Dissemination":

<snip>

Products up to and including the Secret level are disseminated throughout
the FBI via the FBI Intranet.

Information sharing with other government agencies at the SECRET level
requires access to the DOD Secret Internet Protocol Router Network
(SIPRNET). SIPRNET provides the communications backbone for INTELINK-S, the
Secret intelligence Intranet. INTELINK-S contains classified information
from more than 200 Web servers supporting the intelligence, homeland
security, military, counterintelligence, and law enforcement communities.

</snip>

   Now, I admit it took me a while to chase this reference... I had
   the British hacker in mind all along...

<snips>

   All essential, sensitive, and mission  critical  information  is
   handled via SIPRNET

   For starters, how are we calculating damages, and how  confident
   should the American public feel if one guy in his late  thirties
   can break into the "most secure  computers  at the Pentagon  and
   NASA" by scanning "tens of thousands of computers on US military
   networks from his  home  PC, looking  for machines that might be
   exposed due to flaws in the Windows operating system". (emphasis
   mine) Later in the article, "Many of the computers he broke into
   were protected by easy-to-guess passwords, investigators said."

</snips>

I once read somewhere else (nearer the time of the trial) that Gary McKinnon
simply exploited user stupidity in a *NIX environment. The admins did not
bother to CHANGE THE DEFAULT ROOT PASSWORD.

Now, put two and two together.

Roy

-- 
Roy S. Schestowitz      |    make install -not war
http://Schestowitz.com  |    SuSE Linux    |     PGP-Key: 74572E8E
  2:25am  up 52 days 14:39,  5 users,  load average: 0.43, 0.47, 0.57
      http://iuron.com - next generation of search paradigms

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index