×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

IRS Doesn't Check Cyberaudit Logs

samzenpus posted more than 5 years ago | from the check-your-work-twice dept.

Security 78

An anonymous reader writes "The US Internal Revenue Service's IT staff hasn't routinely checked its cybersecurity audit logs, according to a report released this week by the agency's inspector general's office. The report is not exactly flattering for the IRS. The report, with large chunks redacted, recommends the IRS allow independent review of audit logs and establish procedures to save audit logs. It also recommended that the IRS regularly test its Internet gateways for compliance with standard security configurations."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

78 comments

Or better yet (2, Funny)

IceCreamGuy (904648) | more than 5 years ago | (#26158727)

Why don't we test their Internet gateways? Right now! Let's go, crowd, everybody start hammering their GWs! Hooray, we're helping!

You're kidding, right? (2, Insightful)

BenEnglishAtHome (449670) | more than 5 years ago | (#26159255)

You don't really think the "Slashdot effect" would seriously impact the IRS, do you?

Every April, the IRS web presence gets hammered in ways most people can't imagine. It stays available. That speaks volumes about the ability of Treasury to handle traffic.

Re:You're kidding, right? (0)

Anonymous Coward | more than 5 years ago | (#26159607)

Every April, the IRS web presence gets hammered in ways most people can't imagine. It stays available. That speaks volumes about the ability of Treasury to handle traffic.

The IRS branched off of the ATF(Bureau of Alcohol, Tobacco, and Firearms)not the Treasury. You remember the ATF, its the "civilian" police force with tanks, assault rifles, and explosives.

That's an impressive feat (1)

BenEnglishAtHome (449670) | more than 5 years ago | (#26159931)

You've managed to (fail to) make an obtuse (frankly, opaque) point about the BATFE by conflating political history from nearly 100 years ago with present-day network design. That's really impressive.

Are you surprised? (2, Interesting)

Spazztastic (814296) | more than 5 years ago | (#26158729)

I'm not surprised. With how awful the UK has been with keeping a hold on our data, why should the US be any better at it? Just because we're not leaving it on subway cars or recycling computers without shredding the hard drives doesn't mean there isn't a fault somewhere else.

It wasn't a mistake ... (1)

tomhudson (43916) | more than 5 years ago | (#26158737)

In Soviet Amerika, the IRS doesn't audit itself, it audits YOU!

If you're not compliant, no excuses. If they're not compliant, don't complain comrade - they WILL auduit you!

Why redacted? (4, Insightful)

fprintf (82740) | more than 5 years ago | (#26158761)

I cannot understand what needs to be so secret about anything in the IRS that any portion of a report would need to be redacted. I do understand that there might be investigations into white collar crime, but if the summary is correct and "large portions are redacted", what are they worried about us finding out? This is not the FBI or CIA here, it is the IRS, the US government agency charged with collecting taxes.

Once again I think we have a serious issue with power and openness in our government. It has gotten so way out of control it seems ridiculous!

Re:Why redacted? (5, Insightful)

fprintf (82740) | more than 5 years ago | (#26158811)

Never mind. I just figured it out... social security numbers and private information. Once again, that little problem of social security numbers raises its ugly head. If it was just used for social security taxes, and nothing else we'd be fine. But now it is used for all kinds of financial transactions any organization has to guard those 9 numbers better than Fort Knox guards its gold.

Re:Why redacted? (0, Offtopic)

Swizec (978239) | more than 5 years ago | (#26158929)

But now it is used for all kinds of financial transactions any organization has to guard those 9 numbers better than Fort Knox guards its gold.

Fort Knox still has gold!? I thought with how all american money is based on credit they'd have stacks upon stacks of paper specifying just how much imaginary money there is. Guess I was wrong and that gold can just be pumped back into the economy thus saving the day. hooray

Re:Why redacted? (0)

Anonymous Coward | more than 5 years ago | (#26160001)

That gold is already part of the economy.

Re:Why redacted? (1)

morgan_greywolf (835522) | more than 5 years ago | (#26159007)

A security breech of key IRS servers would constitute a national security crisis. Without your tax dollars, all that stuff that the military, FBI, CIA, NSA, etc., do wouldn't happen. Someone's gotta pay for it, and guess what? It's you and me, buddy.

Re:Why redacted? (1)

jcr (53032) | more than 5 years ago | (#26159771)

Without your tax dollars, all that stuff that the military, FBI, CIA, NSA, etc., do wouldn't happen.

Either that, or they'd just have the Federal Reserve edit a number in government account and create all the "money" they could want out of thin air.

The current bailouts have rendered taxation by direct collection pretty much irrelevant. They're taking far more from us by debasing the currency.

-jcr

Re:Why redacted? (0)

Anonymous Coward | more than 5 years ago | (#26160185)

True, but that is a finite enterprise, and the results are not pretty.

Re:Why redacted? (1)

Chris Mattern (191822) | more than 5 years ago | (#26165169)

Either that, or they'd just have the Federal Reserve edit a number in government account and create all the "money" they could want out of thin air.

Speak for yourself, John. I *like* having inflation stay in the single digits.

Re:Why redacted? (1)

jcr (53032) | more than 5 years ago | (#26168891)

. I *like* having inflation stay in the single digits.

Too late. Look up what Bernanke's been doing since he got the job.

-jcr

Re:Why redacted? (1)

morgan_greywolf (835522) | more than 5 years ago | (#26169159)

Lowering interest rates. Which, in the long run, creates inflation.

Re:Why redacted? (1)

jcr (53032) | more than 5 years ago | (#26170307)

Lowering interest rates. Which, in the long run, creates inflation.

Let's be clear on this: inflation is the increase in the money supply. A general rise in prices is the eventual result of inflation. By pretending that increased prices are inflation, the Fed deceives the public and distracts us.

-jcr

Re:Why redacted? (0)

Anonymous Coward | more than 5 years ago | (#26162575)

>A security breech

The word you were looking for is "breach", not "breech".

HTH. HAND.

I just love Inspectors/Auditors (1)

MonsieurCoward (639908) | more than 5 years ago | (#26158793)

"[...] and clock settings on some firewalls and routers did not comply with IRS rules, the report said."

Damn that's some hot stuff !!!!

I don't either... (1)

Jack9 (11421) | more than 5 years ago | (#26158855)

Why would I audit my security logs? I have a shell script running for that.

Re:I don't either... (1)

morgan_greywolf (835522) | more than 5 years ago | (#26159023)

Why would I audit my security logs? I have a shell script running for that.

Have you stopped to think that perhaps automated tools don't always work as expected?

Re:I don't either... (5, Funny)

Anonymous Coward | more than 5 years ago | (#26159061)

Have you stopped to think that perhaps automated tools don't always work as expected?

Frist Post!!1!

Re:I don't either... (1)

profplump (309017) | more than 5 years ago | (#26160183)

What good are your automation tools if they don't work as expected? Didn't you test them before deploying them?

Sure, it's probably good to manually compare the output of the monitoring tools to the verbose logs once in a while, but unless you've got really bad automation that should be nothing more than an infrequent formality on historical data -- the day-to-day monitoring should all by done by tools that don't get bored by the thousands of nominal log entires.

Re:I don't either... (1)

morgan_greywolf (835522) | more than 5 years ago | (#26160395)

Oh, agreed. But that infrequent formality has to happen. And the automated tools should be smart enough to give you useful daily data by analysis and filtering -- that way you'll notice something's amiss if you don't get the expected data.

For example, I have a Python script that. for example, plots graphs of the number of successful vs. unsuccessful authentications. It graphs port connections, and a few other things as well. Another script shows resource utilization graphs. These are all posted on an intranet site that always sits open on my screen, reloading approx. every 5 minutes.

Yet another case for some sort of tax revamping... (2, Insightful)

Notquitecajun (1073646) | more than 5 years ago | (#26158905)

I'm not the biggest "flat tax" proponent, mostly supporting it just to enact some sort of simplification to the tax system....but issues like the IRS audit logs points yet again to the bloated American tax system - imagine what we could do with the economy when we don't have to add all the salaries of accountants and tax people, which add little to no value to a product (if not negative) through a simplification of the tax process. It's one of those self-propogating systems - the more laws we have on taxation, the more that companies have to spend to try and get around them.

Re:Yet another case for some sort of tax revamping (0)

Anonymous Coward | more than 5 years ago | (#26160345)

Just because you go to flat tax doesn't mean you are going to ease up on the accountant. Institutions that pay NO taxes still have accounting needs that go well beyond the abilities of most people.

Re:Yet another case for some sort of tax revamping (1)

Notquitecajun (1073646) | more than 5 years ago | (#26160939)

I understand that, but you won't need as many accountants (or, at least, man-hours) for the general populace outside of regular bookkeeping. A simplified, streamlined process means less work.

Re:Yet another case for some sort of tax revamping (1)

techno-vampire (666512) | more than 5 years ago | (#26167751)

Trust me: if we went to a flat tax, the number of accountants working for the IRS wouldn't drop one bit. Bureaucracies don't work that way. This is explained by The Iron Law of Bureaucracy. [issuepedia.org]

Re:Yet another case for some sort of tax revamping (1)

Notquitecajun (1073646) | more than 5 years ago | (#26173465)

I'm not talking IRS, I'm talking private sector, particularly those huge departments at big businesses. THOSE accountants would be in for an interesting time job-hunting if we went to a more simplified system and they didn't have much to do because the company would need fewer tax experts in-house and just people to more or less keep the books straight.

Re:Yet another case for some sort of tax revamping (1)

techno-vampire (666512) | more than 5 years ago | (#26175207)

I'm not talking IRS, I'm talking private sector, particularly those huge departments at big businesses.

The Iron Law applies just as much to business as it does to government. Think not? Look at all those "reserve" auto workers sitting around all day "Just In Case" they're needed because of union regulations. If you don't think it happens, read up on featherbedding. [wikipedia.org]

Re:Yet another case for some sort of tax revamping (1)

Notquitecajun (1073646) | more than 5 years ago | (#26175357)

Accountants != auto workers. White-collar non-government employees are rarely unionized, and we are seeing a TON of job-cutting lately that more or less stretches across all spectrums. You're almost treating the iron law as an absolute, instead of a general practice in some sectors. If that were the case, we wouldn't be losing so many jobs right now (which, even if we get over about 10%, isn't necessarily a catastrophe).

Re:Yet another case for some sort of tax revamping (1)

techno-vampire (666512) | more than 5 years ago | (#26176097)

Yes, I'm treating it as an absolute; in a bureaucracy. And, such things as accounting departments are bureaucracies. They always get bigger, never smaller. If you disagree, provide a counter-example or be ignored.

Re:Yet another case for some sort of tax revamping (1)

Notquitecajun (1073646) | more than 5 years ago | (#26176607)

There have been almost a half-million jobs lost in the past year or so that more or less prove my point, and they pretty much run the gamut among all industry. Every week we are hearing about layoffs. How does that not prove essentially against what you're talking about?

Re:Yet another case for some sort of tax revamping (1)

techno-vampire (666512) | more than 5 years ago | (#26176753)

Because most of those jobs have been blue-collar workers, not accountants, professionals or middle managers, that's why.

Re:Yet another case for some sort of tax revamping (0)

Anonymous Coward | more than 5 years ago | (#26162621)

News flash, you'll still need accountants, just maybe not as many tax accountants.

Re:Yet another case for some sort of tax revamping (1)

sabt-pestnu (967671) | more than 5 years ago | (#26163117)

You're mistake there is thinking that a simple tax system will catch more money than a complicated one. Why do you think the one we have is so complicated? Because companies pulled crap in the past that was 'within the letter of the law'.

> imagine what we could do with the economy when we don't have to add all the salaries of accountants and tax people,

Accountants and auditing are the punishment companies go through because of past misbehavior. You CAN NOT rely on trust, when you're insisting someone pay you. Ask anyone in Accounts Receivable.

> which add little to no value
Depends on which side you're looking at.

Are you the company? They cost you to hire, they cost you in money you could have hidden. But they reduce the likelihood of getting sued, and every now and then they DO save you money that you would normally have paid in taxes. As well, they can tell YOU where the costs are in your company, so you can reduce your overhead.

Are you a shareholder? They act as an incentive for the company officers to behave, by making it more likely that bad behavior will be discovered.

Are you a government? They save YOU having to start lawsuits. And occasionally save you from having to put people in jail for bad behavior.

I admire the ideal, of a world where you didn't have to bludgeon money out of deadbeats. But it ain't this world. Sorry.

Not just a problem for IRS (3, Insightful)

ACK!! (10229) | more than 5 years ago | (#26158937)

I would bet money a lot of government and I know for a fact a lot of private organizations do NOT audit their general security logs in a timely and in an effective fashion. Of course, its scarier when its the government considering the host of private info they have on us. But keep in mind how many credit card companies have been compromised and how much info they have on us. The problem is of course much bigger than one organization.

Re:Not just a problem for IRS (2, Funny)

pyro_peter_911 (447333) | more than 5 years ago | (#26159245)

I would bet money a lot of government and I know for a fact a lot of private organizations do NOT audit their general security logs in a timely and in an effective fashion.

Don't forget to file your form 1099 after you win that bet.

Peter

Re:Not just a problem for IRS (3, Informative)

IceCreamGuy (904648) | more than 5 years ago | (#26159367)

Alright, so let's start a discussion here; what do you guys do to audit your security logs?

I'm really not sure if I do enough. I have the FW logs all forwarded to both its own DB as well as Splunk. I then analyze the FW logs with Sawmill, but only when something comes up, and about once a month I'll kinda just poke around for anything abnormal. Where I really do most of the work is in Splunk though. I have alerts set up for Router and FW access, too many failed logon attempts from the DCs, excessive errors and all that, and about once a week I go in and just browse the logs (through Splunk). Is this enough? What do you guys do? I'm just a one-man team here and I really just implemented these procedures myself without any real policy outline in place.

Re:Not just a problem for IRS (1)

IceCreamGuy (904648) | more than 5 years ago | (#26159425)

I forgot, we also annually have an outside consultant come in and do intrusion and security testing.

Re:Not just a problem for IRS (0)

Anonymous Coward | more than 5 years ago | (#26160085)

That's exactly what caused this report. Auditors for the Inspector Generals office chose to do an audit on the configuration of specific firewalls in the enterprise. The IG is in effect an outside auditor.

Re:Not just a problem for IRS (1)

profplump (309017) | more than 5 years ago | (#26160261)

Can't you have your log system send you an email every day with all abnormal entries? It's a bit of work to define "normal" initially, but it's generally not complicated -- 95% of your logs are going to be entries about access from authorized users on authorized networks doing a small number of authorized things, and those are pretty easy to filter even with something as simple as awk (and trivial with more advanced tools).

Start with that remaining 5% and whittle it down bit-by-bit until the daily report is small enough to actually read every day. Because if you're not reading your logs on a regular, timely basis they're essentially useless for anything other than post-mortem analysis.

Re:Not just a problem for IRS (1)

mortonda (5175) | more than 5 years ago | (#26161465)

Can't you have your log system send you an email every day with all abnormal entries?

This is what logwatch is for. I glance over it once a day.

Re:Not just a problem for IRS (1)

bill_mcgonigle (4333) | more than 5 years ago | (#26165905)

I'm just a one-man team

Security is a series of trade-offs. Sure, you could "increase your security" by spending all day looking at logs. But it's probably not worth it if you can be increasing your upside instead.

Read the whole report (5, Informative)

BenEnglishAtHome (449670) | more than 5 years ago | (#26159027)

It's linked from the story. [treas.gov] It's short and, like all such reports, its has a proforma organization that makes it easy to read. The synopsis tends to have the spin (and that's what got the attention of PC World and the Slashdot folks) but the actual findings are also clearly stated so that you can draw your own conclusions.

The inspectors made three findings.

1. "Intrusion detection systems were deployed effectively."

2. "Access controls over firewall and router system administrator accounts are operating effectively"

3. "Management of firewall and router audit logs needs to be improved."

Under # 3, they found one high-risk error, the only high-risk error in the report. That finding was "Audit logs were not independently reviewed".

The IRS agreed with all findings and promised to fix things.

My personal opinion? I think a report that says, to paraphrase, "All your stuff works fine. However, you aren't regularly running it all past someone not in the normal administrative chain; that failure is a serious error" is certainly something to be taken seriously but it's unlikely to be a career-killer for anyone. I've seen far, far worse reports on many different subjects from amny different agencies. The IRS, however, is really big and touches everyone so a finding that procedures are suboptimal is far more newsworthy than some of the truly horrific crap that passes for security practice at other agencies. I certainly feel no ill will towards those who are publishing this stuff. When you work for the IRS, you get used to seeing bad news (mostly exaggerated bad news) almost exclusively. Such is life.

the report found more than one high-risk error (0)

Anonymous Coward | more than 5 years ago | (#26159281)

another high-risk error they found (and, in my experience, a higher-risk error than having only non-independent review of logs) is that the IRS "had unnecessary services enabled on routers".

No, it didn't (4, Informative)

BenEnglishAtHome (449670) | more than 5 years ago | (#26159407)

Read the report. Quoting from page 7: "Unnecessary services were enabled on routers (moderate risk)"

Whatever was enabled was judged by the report authors to be of only moderate risk. The paragraph that provides specifics is redacted but that paragraph is quite short. It's clear to me that this wasn't an error on the scale of "They left all the defaults untouched." Rather, the inspectors found a service or two that someone overlooked when configuring a router. It's an error and it needs to be corrected but it was judged to be of only moderate risk, not high risk.

Re:Read the whole report (1)

internic (453511) | more than 5 years ago | (#26160411)

Yes, especially considering the poor grades the DOD and DHS were given on computer security, this doesn't seem too serious.

Re:Read the whole report (0)

Anonymous Coward | more than 5 years ago | (#26162975)

Lets also not forget, a lot of these findings that were operating effectively were probably NOT operating effectively. If the IRS is anything like the agency I work for, as soon as an audit comes up.. they tell us what they are planning to audit. Yes. We KNOW about upcoming audits. The federal directors then light a fire under our ass to cover any possible holes that may appear in the audit result. 2-3 weeks later, here come the FRESH OUT OF COLLEGE auditors. If they have any question about why service A is enabled, we fast talk them about how service B requires it.... even though we don't use service B. They blink with a blank expression and then just agree with us and mark the finding as adequate.

Last year we pulled off an overall good report. The amount of changes I made was mind numbing... and only to the specific handful of servers the auditors pulled out of their ass (which they gave us advance notice of as well). There has been no directive to ensure these changes are made across ALL servers.

I'm willing to bet you can go through the finding report and a thorough audit will find most of the effective solutions not to be effective at all.

I would like to think it's just this agency, but my friend who is contracted by the OIG of a different LARGE agency tells me how his appliance was deployed and subsequently configured to only monitor SPECIFIC areas of their network rather than the ENTIRE network which their appliance was designed for (and no its not a cost, licensing, or sizing issue. they said we don't want it monitoring that part of the network because it's not covered by the 2008 audit).

Quite frankly, our government sucks.

really who cares (0, Troll)

jaimz22 (932159) | more than 5 years ago | (#26159143)

I don't care about the IRS or what it does, The IRS is essentially an illegal operation anyway.

Re:really who cares (1)

profplump (309017) | more than 5 years ago | (#26160291)

While I agree that the IRS is a bad plan, you'll care when someone deletes their record of your tax payments, and they freeze your assets pending (a second) payment of your taxes.

Re:really who cares (0)

Anonymous Coward | more than 5 years ago | (#26161907)

I'll care even more when some deletes my records and they decide they owe me back refunds

Re:really who cares (1)

Hordeking (1237940) | more than 5 years ago | (#26160429)

Why is this listed troll? There is still an active contention that the IRS is illegal under the 16th amendment (and there are also several active movements to repeal the 16th amendment).

Serious answers, even though I doubt you want them (1)

BenEnglishAtHome (449670) | more than 5 years ago | (#26160957)

Why is this listed troll?

Because it is a troll.

There is still an active contention that the IRS is illegal under the 16th amendment

You forgot to add "by wackjobs, flim-flam men, and the self-deluded."

there are also several active movements to repeal the 16th amendment

In all honesty, because I really mean this: Good luck with that. Actually repealing the amendment is the only real, legal way to destroy income taxes and if that's your goal and you can be successful, more power to you. But for the gp to just declare the the IRS is illegal is not just trolling, it's not even smart trolling.

Would it not be sweet revenge... (1)

hesaigo999ca (786966) | more than 5 years ago | (#26159215)

It would be such revenge to see an audit on the IRS with such scrupulous nature as that in itself, that the IFCC stop all communications from happening with the IRS until they took proper precautions, and were again given the stamp of approval.... although they themselves would not see the irony, everyone ever audited would sure think so!!!

You underestimate IRS empathy. Yes, I'm serious. (1)

BenEnglishAtHome (449670) | more than 5 years ago | (#26160387)

At the IRS, we keenly appreciate such irony, especially where audits are concerned. Everyone who works here is audited; it's part of the hiring process. If you're hired right out of college, there's a substantial chance your audit will consist of someone looking at your returns, concluding there's nothing worth looking at, and re-filing them. Thus, some new employees don't even realize they've been audited. But it happens to everyone. When I came aboard, I'd just closed down a Schedule C business with a big loss for the last year of operation. I got the fine-toothed comb treatment.

Everyone at the IRS has empathy for people being audited. That empathy can get a little rusty after years of dealing with bad people. But it's there, nevertheless.

Re:You underestimate IRS empathy. Yes, I'm serious (1)

hesaigo999ca (786966) | more than 5 years ago | (#26161391)

I doubt very much such is the case on a regular basis, you might be the exception to the rule.
The IRS audited my uncle 6 years in a row, everything from his business to personal, he had to hire
a lawyer, because it was harassment. Some noob on the job thought he would eventually find something, but each time nothing was "found out of place". Each year also, they had the balls to ask for the previous years audit info (like they didn't already have it). I am sure you have not had a REAL audit. The one you describe at the start seems pretty flimsy, when you compare having government officials rummaging through your house belongings to try and find stuff that was out of the ordinary.

Each time my uncle delt with it with patience thinking in the end it would pay off, but either red tape, or corporate BS made that he was a target next year. The supposed random selection is not random at all....so this proves. If you consider how much such an investigation costs the tax payers, especially when everything is on the up and up, you wonder who the moron in charge is when these things happen.

Not sure, but this sounds different (1)

BenEnglishAtHome (449670) | more than 5 years ago | (#26162423)

How long ago was this? And were the people doing the work Revenue Agents, Revenue Officers, or Special Agents?

I don't mean to be arcane, but there's a big difference between a tax audit, even an intrusive one, and the kinds of things that require "rummaging through the house." Rummaging through the house == a lot more than an audit. I can think of only a few things that warrant that sort of treatment.

1. Many, many years ago if you wanted to compromise a tax liability, you had to submit a financial statement that was fully verified. Verification included having a Revenue Officer rummage through the house looking for hidden assets. That practice ended decades ago.

2. The collection of taxes by seizing personal property, including going through your house looking for assets, can happen. It requires a judge to grant an entry order and a pre-existing liability. That sort of thing can happen year after year to delinquents for as long as they remain delinquent. But times have changed. A writ of entry to enter a private home (as opposed to the premises of a business) was always incredibly rare; I haven't heard of one being granted in the last decade.

3. Special Agents can rummage through the house in pursuit of a criminal investigation, pursuant to a search warrant. That's about as far from a simple tax audit as you can imagine.

I don't have enough information to make a judgement, but it certainly sounds like your uncle had more going on than just an audit. If he has any old paperwork, take a look at it. If the noob you refer to had the title of "Revenue Agent" then maybe it was an audit and something was happening that I've never heard of. But if said noob bore the title "Revenue Officer" or "Special Agent," then it wasn't an audit.

Re:Not sure, but this sounds different (1)

hesaigo999ca (786966) | more than 5 years ago | (#26162927)

Trust me ,it was an audit, of the biggest kind, necessary to call in his accountant and lawyer in on this, so I am sure it was an audit, whether looking for any means to pull off a quick
blindfold over the eyes is a different story though.

I agree if a government has proof of wrong doing, they can come in and do what they want "for the good of the country". They had no proof, they were looking for it.

Re:Not sure, but this sounds different (0)

Anonymous Coward | more than 5 years ago | (#26168213)

Having been audited several times, and having not needed a lawyer, I suspect you don't know much about what was going on. If a lawyer is involved, somebody has something more serious going on than arguing over a tax treatment or missing receipts. I say this as someone who has a fairly complicated tax portfolio, that involved lawyers and accountants to set up, and who has been audited several times. A tax audit involves you and the IRS discussing specific items and their treatment for tax purposes on your return, and the associated documentation, and does not require the attention of a lawyer unless you are on the fringe of the tax code or the law. It does -not- involve folks from the IRS coming to your home and conducting a search. That sounds like someone is being investigated for tax fraud, which is a very different matter.

Nonsensical claim. (2, Interesting)

Spazmania (174582) | more than 5 years ago | (#26160145)

Nobody with a brain audits the security logs. The worms pound away at a rate of dozens per minute and the unsuccessful hack attempts are not far behind. If you were going to be able to detect a successful breach via the logs, you'd have prevented it at the firewall in the first place. The ratio between taxpayer-paid manpower to improved security would be exceptionally low.

Truth is, the logs are only valuable forensically. After detecting a breach or suspected breach, the logs can tell you more about what actually happened and how far it spread.

Re:Nonsensical claim. (0)

Anonymous Coward | more than 5 years ago | (#26160357)

You're forgetting things like administrator login behavior, and changes to config files. You must watch administrators. You should never let your administrators handle all aspects of a system. The report does not say which logs need to be monitored.

If regulation is BAD then regulation is BAD (1)

gelfling (6534) | more than 5 years ago | (#26160607)

Why should only hedge funds and corporations get the benefit of lax or nonexistent regulation, no enforcement and robber baron capitalism? It's only reasonable and in strict GOP dogmatic compliance that we should get away with everything we can up to and including hacking the IRS to afford ourselves a lower tax bill. And since all taxes are teh evil, I'm sure the Grover Norquists of the world are cheering.

I thank you for yoUr time (-1, Troll)

Anonymous Coward | more than 5 years ago | (#26163233)

halt. EveMn Emacs Bunch of gay negros
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...