Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Computer Security Lacking at Homeland Security

Zonk posted more than 9 years ago | from the security-is-in-the-name dept.

Security 158

peter303 writes "The New York Times (reg. required) reports that computer backup procedures are woefully inadequate at 19 centers of the Department of Homeland Security. Should this agency strive to be good example for the rest of the country and protect against extreme hackers? " From the article: "Adequate backups were lacking for networks that screen airline passengers, that inspect goods moving across borders and that communicate with department employees and outside officials. Those same agencies, the auditors found, have in most cases failed to prepare sufficiently written disaster recovery plans that would guide operations if a main office or computer system was knocked out."

Sorry! There are no comments related to the filter you selected.

HA! (2, Funny)

uberjoe (726765) | more than 9 years ago | (#12769972)

Oh what a delicious irony. Insecurity and the Dept of Security.

Re:HA! (2, Funny)

JamesD_UK (721413) | more than 9 years ago | (#12770165)

My computer homeland security appears to perfectly adequate. Just try hacking me [127.0.0.1] !

Re:HA! (0)

Anonymous Coward | more than 9 years ago | (#12770323)

that's getting really fucking old. oh, and congratulations, you live in the UNITED KINGDOM!!!111! how about you just try hacking me [192.168.1.100] HAHAH HAHAHAHA HAAHA I AM T3H FUNNAY man, there goes my positive karma though... nah, fuck it i'm going anonymous. don't want to loose my mod modpoints

Re:HA! (1)

Rei (128717) | more than 9 years ago | (#12770540)

It's a lot more effective when you create a DNS entry that maps to 127.0.0.1. Then, even a person who knows very well that 127.0.0.1 is local loopback might not notice, and start issuing commands to scan and attack based on the DNS instead of the IP.

Biggest Threat To Security and Peace: +1, Heroic (0)

Anonymous Coward | more than 9 years ago | (#12770173)

are the http://www.whitehouse.org/ [anonymouse.ws] ">felons-in-command.

More http://www.cursor.org/ [anonymouse.ws] ">dirt on the felons-in-command.

Put that in your bong and inhale.

Thanks for nothing.

Patriotically as always,
Kilgore Trout, CEO

Re:HA! (3, Funny)

Rei (128717) | more than 9 years ago | (#12770196)

Hey now, don't try and pressure them to reform. You know very well that if the Department of Homeland Security is forced to spend the resources to make its network more secure, the terrorists win [affbrainwash.com] . Do you really want the terrorists to win? Why do you hate America [blogspot.com] so much?

Re:You haven't seen the half of it! (0)

Anonymous Coward | more than 9 years ago | (#12770360)

DoD and DoHS have many unsecured wireless hotspots where it was discovered that there are people who use to break in their networks and pirate internet usage...

These guys really need to start getting their acts together >.

Re:HA! (2, Funny)

dodobh (65811) | more than 9 years ago | (#12770984)

The ministry of peace.
The ministry of truth.
The department of homeland security.

duh (0)

Anonymous Coward | more than 9 years ago | (#12769978)

no shit sherlock

And this is... (0)

Anonymous Coward | more than 9 years ago | (#12769980)

somehow surprising to people?

Re:And this is... (2, Insightful)

rovingeyes (575063) | more than 9 years ago | (#12770146)

Yes, and if not it should be. There is so much fuss made by the goverment about the "security" that "Homeland Security" is going to provide this country and we even had to sacrifice a lot for that elusive "security". If that department is itself going to be a network like my home then I should be surprised.

If general public especially computer nerds say "eh whats new" then no one else is going to bother, coz the general public doesn't even realize they have to bother.

I know I am going in to a ramble mode but for gods sake their only job is security and they fuck it up royally and blame terrorists.

And for those of us who don't want to register.... (2, Informative)

DotNM (737979) | more than 9 years ago | (#12769985)

... for every little thing we want to read.... User ID: slashdotreader Password: slashdot

Re:And for those of us who don't want to register. (0)

Anonymous Coward | more than 9 years ago | (#12770255)

the U/L doesn't work... phooey T-T

Re:And for those of us who don't want to register. (1)

rovingeyes (575063) | more than 9 years ago | (#12770256)

while you are at it why don't you provide us with some usable SSN too? You know I don't wanna be registered ;)

Re:And for those of us who don't want to register. (1)

justforaday (560408) | more than 9 years ago | (#12770286)

Here, you can use mine. I figure since social security will be gone soon it doesn't matter if anyone/everyone has my number anymore...Anyways, enjoy!

078-05-1120

Re:And for those of us who don't want to register. (1)

MarkGriz (520778) | more than 9 years ago | (#12770862)

Dear,

The Social Security Administration is reviewing our records and it appears you information for SS# 078-05-1120 is out of date.
Please reply to update with your correct date of birth and home address.

Sinceerly

Social Secureity Dept.

Re:And for those of us who don't want to register. (1)

ndansmith (582590) | more than 9 years ago | (#12770657)

Apparently someone at the New York Times reads Slashdot and killed that username . . .

. . . or some punk hijacked the password!

Re:And for those of us who don't want to register. (0)

Anonymous Coward | more than 9 years ago | (#12771154)

Bug Me Not [roachfiend.com] , for all your registration bypassing needs.

I'm torn... (3, Insightful)

bluGill (862) | more than 9 years ago | (#12769995)

It is wrong that they don't have backups. However a lot of this data is stuff that I want to be on a server that crashes hard, without backups. Preferably in such a way that even disaster recovery places can't get the data back.

Re:I'm torn... (1)

ImaLamer (260199) | more than 9 years ago | (#12770308)

What scares me is that this new agency is losing its records. Data loss is a security issue always, but now when we are paying people to do a job on our behalf.

If another 9/11 happens do you want them to be able to look at their records? What if they are fsck'n the system on our dime?

Just store them on a backup machine nicknamed "Deep Throat".

Re:I'm torn... (1)

Stanistani (808333) | more than 9 years ago | (#12770357)

No backups... disaster for DHS... added protection for the people who are listed on their servers... most of the identity information that's 'gone missing' lately has been from mislaid backup tapes.

Re:I'm torn... (0, Flamebait)

ScentCone (795499) | more than 9 years ago | (#12770436)

However a lot of this data is stuff that I want to be on a server that crashes hard, without backups. Preferably in such a way that even disaster recovery places can't get the data back.

Um... because you'd rather that security is handled by systems that can mine for threats in real time, all the time, so they don't have to worry about it? Or, because you're really not worried about the foreign national who's overstayed his visa, but who took pilot lessons, just spent a couple of months touring the scenic mountains of northern Pakistan, doesn't file taxes but spends a lot on wholesale chemicals and used dental xray equipment, and wires a lot of money to Hamas? Definately we don't want that info available, even in profile/status form, when he's booking a seat on a flight back into Dulles, or trying to get a license to drive 18-wheelers tankers for his new job at the fuel delivery company or signing up at the railyard where they load chlorine by the megaliter.

Re:I'm torn... (1)

gstoddart (321705) | more than 9 years ago | (#12771206)

It is wrong that they don't have backups. However a lot of this data is stuff that I want to be on a server that crashes hard, without backups. Preferably in such a way that even disaster recovery places can't get the data back.

As much as they're functioning as an evil entity ....

If they are going to gather information which will be used to imprison people, strip them of their rights, or all of the other things they are doing, it behooves them to have accurate records.

Otherwise, what happens when they 'lose' the data that got you held under a special ticket that says nobody gets to know where you are, but keep the data that indicates you're still evil.

Is tha internal check going to say "anyone whose incriminating data has been lost is freed"??? No, they're going to say the reasons are still friggin' classified and that this person really does need to be secluded without a lawyer for even longer.

They've been given powers whcich seem well outside the usual rule of law. If they're incapable of going to extra-ordinary lengths to preserve data integrity, then as an organization, they don't deserve such far reaching powers.

Who needs good security on homeland computers? (2, Funny)

CrazyJim1 (809850) | more than 9 years ago | (#12769998)

If they can trace down who's hacking them, they deserve a stiff jail time. Any one who attempts to hack homeland security computers knows that they're going to get serious jail time. Basically the only people who want to hack homeland security computers would be terrorists.

Re:Who needs good security on homeland computers? (0)

Anonymous Coward | more than 9 years ago | (#12770074)

"Basically the only people who want to hack homeland security computers would be terrorists."

I'm not American, but I always thought the very reason the Department for Homeland Security got established, was because there were threats from terrorist, so what's your point exactly?

Further, how do you expect the same guys that seem to be unable to do a decent backup, to be able to track down a cracker who really knows his stuff?

Finally, do you really think, oh, but they will be punished so hard (if we ever even notice something bad has gone on) is a good strategy for an Agency that calls itself Department of Homeland Security?

Dry humor (1)

benhocking (724439) | more than 9 years ago | (#12770091)

I'm assuming that there will be a lot of people who won't realize you're kidding.

Re:Who needs good security on homeland computers? (3, Insightful)

I confirm I'm not a (720413) | more than 9 years ago | (#12770105)

Basically the only people who want to hack homeland security computers would be terrorists.

...and UFO researchers [slashdot.org] . Don't forget UFO researchers.

;-)

Seriously, though, I'd tend to blame "hacking" like this on the intelligence and security services of foreign powers (and their domestic servants, etc) before I blamed terrorists. Terrorists tend to prefer, well, terror, preferably against a multitude of frightened civilians.

Re:Who needs good security on homeland computers? (1)

Shrapn3l (888384) | more than 9 years ago | (#12770117)

Basically the only people who want to hack homeland security computers would be terrorists.

Perhaps. But we cannot just point the finger immediately as soon as a computer does get cracked. And the fact that crackers can use anonymous proxies and the like to carry out their attacks doesn't necessarily mean that they'll get caught right off the bat. And we all need good security in any case, really. No one wants a systemwide failure period. That motivation at least should be enough to upgrade Homeland Security Computer Security.

Re:Who needs good security on homeland computers? (1)

Urania (874567) | more than 9 years ago | (#12770120)

What, so we shouldn't bother with strong security at Ft. Knox because anyone who tried to stage a robbery there would be locked up for eons, and would be a large-scale criminal anyway?

Unfortunately, I think that quite a few people who aren't "terrorists" per se would be more than happy to try to hack into homeland security computers. Why? I'd imagine it's quite an accomplishment to claim, from certain points of view. Plus, there are certain people who are anti-government but not exactly anti-American-people enough to go around bombing places or whatever; this would seem a "harmless" target that would hurt the infrastructure but not kill anyone.

That's misleading logic, though, since having to track/do damage control after someone wreaked havoc here would take energy and resources away from Homeland Security's real mission, and in doing so possibly endanger the country. Even if I'm rather skeptical of the agency's structure and initiatives (which I am), I still think it could be detrimental to gum its gears like that.

Re:Who needs good security on homeland computers? (1)

aurelian (551052) | more than 9 years ago | (#12770175)

Basically the only people who want to hack homeland security computers would be terrorists.

So is it fair to say that someone who has a problem with the US Dept of Homeland Security is a terrorist sympathizer? Or even has terrorist tendencies?

Re:Who needs good security on homeland computers? (0)

Anonymous Coward | more than 9 years ago | (#12770245)

Adding your friends to the no fly list makes you a terrorist?

I'm screwed!

It's all an Illusion (5, Insightful)

ilyanep (823855) | more than 9 years ago | (#12769999)

Don't take this as flamebait but I have the feeling that nobody's really trying hard enough to protect us. We stand an hour longer in the security line just so that people can bring explosives through in their shoes? Now they make us take our shoes off. What if someone brings explosives through in their pants?

Same here...they pretend to try to catch terorists when in reality the next power failiure could knock the whole list out.

Re:It's all an Illusion (1)

Conspiracy_Of_Doves (236787) | more than 9 years ago | (#12770079)

Well of course. I thought that everyone knew that the government doesn't really give a damn about the people. It just needs to put on a good show so that the unintelligent majority can sit back and watch thier sitcoms and never actually think about anything.

Re:It's all an Illusion (1)

idontgno (624372) | more than 9 years ago | (#12770102)

It's a sick sad world when I can't tell if you're being sarcastic or sincere. Sigh.

Re:It's all an Illusion (1)

Conspiracy_Of_Doves (236787) | more than 9 years ago | (#12770384)

You think that's bad? I'm not even sure.

Re:It's all an Illusion (0)

Anonymous Coward | more than 9 years ago | (#12770104)

That is because the U.S. system is hamstrung by political correctness. We can't possibly offend anyone and profile.

Re:It's all an Illusion (0)

Anonymous Coward | more than 9 years ago | (#12770192)

That is because the U.S. system is hamstrung by political correctness. We can't possibly offend anyone and profile.

Ted Kaczynski - white guy
Jeffrey Dahlmer - white guy
Terry Nichols, Tim McVeigh - white guys
Dave Koresh - white guy
The IRA - bunch of white guys
The KKK - bunch of white guys in hoods.

It's not about security, only the perception of it (4, Insightful)

khasim (1285) | more than 9 years ago | (#12770215)

Don't take this as flamebait but I have the feeling that nobody's really trying hard enough to protect us.
Hey, I agree with you on that.
We stand an hour longer in the security line just so that people can bring explosives through in their shoes? Now they make us take our shoes off. What if someone brings explosives through in their pants?
Yep. That's because no one is looking at the systems and processes with the intent of actually improving them.

Instead, we have knee-jerk reactions from people who do NOT understand security who attempt to compensate for previous attacks with new rules/regs.
Same here...they pretend to try to catch terorists when in reality the next power failiure could knock the whole list out.

And the "pretend" is the problem. That's exactly what they're doing. And they're hoping that the public will accept that as them actually doing something about the problem.

It's all about the public perception of the issue.

The same as it is in all aspects of politics.

As long as there isn't a power outage, they're doing a "good" job, as far as the public is concerned.

If there is a power outage, then it comes down to whom they can blame.

It's a lot easier and far more cost effective for the politicians to be re-active rather than pro-active.

Which is why security is NOT something that ANYONE should allow a politician to be involved in.

Re:It's all an Illusion (2, Interesting)

Tackhead (54550) | more than 9 years ago | (#12770236)

> I have the feeling that nobody's really trying hard enough to protect us. We stand an hour longer in the security line just so that people can bring explosives through in their shoes? Now they make us take our shoes off. What if someone brings explosives through in their pants?

...then evolutionary pressures start to select in favor of people like the Goatse Guy?

Seriously - that was the biggest disappointment about the shoe-bomber case. If he'd only smuggled the bomb up his ass, the simple act of getting in line at the airport would be a lot more fun.

Imagine hearing stuff like "Excuse me, ma'am, I think you're kinda cute, and since I'm kinda average, and since the guy front of me is obviously better-looking than me, and since the guy standing behind you is obviously gay, I think that three out of the four of us would be happier if you and I switched places. How 'bout it?"

Everybody wins!

It's not just America (2, Interesting)

CHESTER COPPERPOT (864371) | more than 9 years ago | (#12770299)

Your friends in the war on terror over here in Australia plainly don't care about security either. In the last few weeks we've found dodgy baggage handlers [chinabroadcast.cn] in the airports, a chinese diplomat [abc.net.au] who is trying to defect and says that Australia is infested with chinese spies and threats against foreign countries embassies [nzherald.co.nz] within our own soil.

Governments are hopeless at dealing with security. They are slow, lack innovative thinking and care more for their own careers than for their constituents. What matters most is whether or not you can protect yourself, your assets and your family when (if) the time comes. Then you can rid your mind of all the political and media led one-upmanship that comes along with security and the war on terrorism and get more important things done in life.

Re:It's all an Illusion (1)

pointbeing (701902) | more than 9 years ago | (#12770915)

Don't take this as flamebait but I have the feeling that nobody's really trying hard enough to protect us. We stand an hour longer in the security line just so that people can bring explosives through in their shoes? Now they make us take our shoes off. What if someone brings explosives through in their pants?

Considering that IMO probably 98% of all the people in the world should never be seen naked I'd vote for gouging my eyes out, I think.

On a happier note, it's also my opinion that the remaining 2% of the population should be prohibited from wearing clothing at any time.

Why does the word "homeland" (0)

Anonymous Coward | more than 9 years ago | (#12770019)


remind me of 1940's Germany ?

Re:Why does the word "homeland" (0)

Anonymous Coward | more than 9 years ago | (#12770141)

Being German and studying history, I can't for the life of me figure out why it does?

Really, there is no special significance to the word "homeland", or Heimatland when it comes to Nazi Germany.

So, you beat me on that, but maybe you can enlighten us, why it does.

Re:Why does the word "homeland" (1)

not_a_product_id (604278) | more than 9 years ago | (#12770574)

nah, that was "Fatherland" and Soviet's shoved loads of folk off to the gulags for the sake of the "Motherland". I'm sure "Homeland" has nooooooooo connections. ;-)

And this matters how??? (2, Interesting)

shoppa (464619) | more than 9 years ago | (#12770031)

What difference does it make whether you have backup hardware/network/software ready when the primary doesn't even do the desired job? The government as a whole spends billions every year to attempt to refine ill-defined requirements into working productive systems that fill real needs. The DHS has never succeeded in producing such a system.

It's easy to pick holes in the lack of backup of a system, but it's pointless when the system has no utility to begin with.

Moderators, please mod parent up. (1)

nietsch (112711) | more than 9 years ago | (#12770415)

I haven't got mod points for years, maybe because i like to ridicule those silly yanks. But assuming the parent is a USian, this one shows some severe signs of intelligence. No if the rest of them...

omg!!11! (1)

RetroRichie (259581) | more than 9 years ago | (#12770055)

Something is lacking at Homeland Security???

Say it ain't so!

Careful What You Wish For (1)

Doc Ruby (173196) | more than 9 years ago | (#12770057)

When are people in Washington going to wake up? It's probably going to take a Pearl Harbor style disaster for them to do something...

Re:Careful What You Wish For (0)

Anonymous Coward | more than 9 years ago | (#12770138)

It's probably going to take a Pearl Harbor style disaster for them to do something...

lets hope so, some children wont learn something is bad until they are spanked, and the next time USA is spanked the rest of the world will just say "oh dear thats a shame"

Re:Careful What You Wish For (1)

plopez (54068) | more than 9 years ago | (#12770249)

I thought 9/11 WAS Pearl Harbor.

But wait! After Pearl Harbor Roosevelt didn't say 'Let's go shopping!'. Which is precisely what Bush Cheney said after 9/11 so maybe you are right....

Re:Careful What You Wish For (1)

99BottlesOfBeerInMyF (813746) | more than 9 years ago | (#12770828)

It's probably going to take a Pearl Harbor style disaster for them to do something...

They are doing something. They're taking a pile of your tax dollars and using it to collect information on you while simultaneously giving huge amounts of money to all sorts of ex-cons and ex-govt officials in a variety of security industries. Or did you mean you wish they would do something about improving their computer security or inconveniencing terrorists. Fat chance of that.

They did wake up! (1)

Teun (17872) | more than 9 years ago | (#12771059)

And are now protecrted by things like the Patriot act that disallows you to share their information and other laws that make cracking illegal in the first place.

They only have to post his information on their servers and the hackers will stay away.

If you don't know how to do it... (2, Insightful)

shoppa (464619) | more than 9 years ago | (#12770076)

As a follow-up to my previous comment:
If you don't know how to do it, YOU DON'T KNOW HOW TO DO IT ON A COMPUTER

DHS has computer problems, sure, but the agency as a whole is a misguided waste of resources. It's probably better that it's computer systems don't work, otherwise they'd figure out a way to stop Ted Kennedy from driving or using an elevator in addition to not flying.

Re:If you don't know how to do it... (1)

ignorant_coward (883188) | more than 9 years ago | (#12771041)


Add that the only agencies that could ever hope to get funding to do a computer system properly are not under DHS. The CIA, NSA, somewhere deep in the DoD, etc., they probably get the resources they need, but DHS is a cost for Congress to budget without immediate intelligence or defense benefits like spy satellites or cruise missiles.

Probably the biggest challenge for DHS is not computers, either, as it is probably raw man power. Thousands of miles of borders, compounded by interdependent economies, isn't an easy thing to deal with, for example.

Well, duh! (0)

Anonymous Coward | more than 9 years ago | (#12770077)

It's the Department of Homeland Security, not the Department of Computer Security. What do you expect?

This could really suck... (5, Insightful)

idontgno (624372) | more than 9 years ago | (#12770081)

Adequate backups were lacking for networks that screen airline passengers...

"I'm sorry, Sir, you can't board. Our screening system is down."

"I've got a ticket. I've shown you my papers. You (and every RFID hacker within 50 feet of my entire path through this airport) have scrutinized my RFID passport. I've given my decilitre of blood for biometric screening. The plane is about to close door and push off. I'm returning home after 18 months dodging RPGs and Kalashnikov fire in Bagdhad, and I'm still in uniform. And you're telling me I can't board because you can't be sure I'm actually not bin Laden in extremely clever disguise?"

"No, Sir, I'm telling you that you can't board. Our screening system is down."

"This is unacceptable. Who is your supervisor?"

"That is classified. Please wait here. [whispers into radio: "Got another Gitmo client for ya."]

Could? (was Re:This could really suck...) (1)

ArielMT (757715) | more than 9 years ago | (#12770429)

And this is the reason why I won't ever fly commercial again. Everything I've ever hated about flying has only gotten worse since That Day.

This really tweaks me... (1)

Akardam (186995) | more than 9 years ago | (#12770844)

*rant mode: enable*

The above scenario really pisses me off, and it is a scenario that I see has a real probability of happening, all the more so because of the moronic alarmist intimidating position that the powers that be have taken about this whole national security thing. (Something similar, though not necessarily technology related happened during the "war" in Afghanistan when a wounded army Lt. was told he could not bring the wire clippers, that he could use to cut the wire holding his wounded jaw shut in case he started to choke, on the plane).

As a reservist, the scenario gets me going even more because I could see it happening to a fellow reservist. Not only do you have a brave young man or woman who has, regardless of whether you think it right or wrong, been dodging bullets and rockets in humvee's with barely improvised armour, but who has also made the sacrifice as a reservist, by being away from their family and their chosen life in the line of duty. To me, if one of my shipmates who'd been on a year's deployment over there had this happen to them, it would be the ultimate smack in the face. "Thanks for serving, here's what we think of you!"

I think by and large that most people, regardless of how they feel about the greater agenda, wouldn't hesitate to give a helping hand to that single instance of a citizen soldier. Except, of couse, for those big wigs who make policy, and to whom every man woman and child is guilty until proven innocent in the name of "homeland security".

*rant mode: disable*

Re:This really tweaks me... (0)

Anonymous Coward | more than 9 years ago | (#12770986)

I have nothing against our men and women in uniform and wish them nothing more than a quick and safe trip home.

However, if members of the military were given special treatment at the border, it would create a rather obvious security hole.

Not that there aren't plenty of others. Not that there's any real indication that anyone is planning another 9/11-scale attack. I don't think it's a good thing to hassle members of the military on the way home, but if we're truly interested in securing the borders, it's necessary. Sometimes life makes no sense. Ah, if only we hadn't started that damnfool war in the first place...

But George said it was OK! (2, Insightful)

Yonkeltron (720465) | more than 9 years ago | (#12770086)

This is very interesting news after Bush just got done saying how great the new patriot act is. It looks to me that our own security got lost while we were busy questioning the integrity of others. Between the roving wire-taps and the judge-less warrants, I think I deserve to know that the people taking away my information can keep it safe from others who would want to take it away.

Re:But George said it was OK! (0)

Anonymous Coward | more than 9 years ago | (#12770404)

It is OK. But unless they leave themselves vulnerable they can't be hacked and then George can't use it as an excuse to demand passage of Patriot Act III. Expect the postal service to get anthrax spored again at that time (just in case anyone wants to write to their congressman). Hey it worked once, why change a winning strategy?

Thank god they don't have backups! (0)

Anonymous Coward | more than 9 years ago | (#12770118)

I'm sure most of them would have been lost in transit via USPS by now.

Re:Thank god they don't have backups! (0)

Anonymous Coward | more than 9 years ago | (#12770301)

You do realize that was UPS [ups.com] , not USPS [usps.com] that lost the tapes [citigroup.com] , don't you?

What do backups have to do with security? (2, Interesting)

MythoBeast (54294) | more than 9 years ago | (#12770125)

Since when does failing to back up your hard drive make your system easier to hack into? If you're talking about them having poor data integrity that's one thing, but this doesn't seem to point to poor computer security.

Anyone Surprised? (1)

1967mustangman (883255) | more than 9 years ago | (#12770127)

Is anyone seriously surpised about this? I mean this department was cobbled together soooooo quickly its a wonder they can even function. I mean look at all the other departments of gov out their that have a barely functioning website. I don't know about you, but I have always found the most annoying websites to be government sites.

"Extreme Hackers"? (3, Funny)

Shaper_pmp (825142) | more than 9 years ago | (#12770135)

WTF are "Extreme hackers"?

People who crack Windows boxen while bungee jumping? Releasing IIS worms from a wi-fi enabled handheld in a canoe half-way down some whitewater rapids?

Or, y'know, just yet another pathetic attempt to make something fundamentally known and understood sound suddenly somehow exciting and dangerous?

Oh, and for reference? The "Extreme Hacker" your link's about was a 37 year-old script kiddie who Haxx0red Us government machines direct from his own home connection.

You couldn't get stupider (and less '1ee7) if you tried...

Re:"Extreme Hackers"? (0)

Anonymous Coward | more than 9 years ago | (#12770352)

they drink mountain dew while doing ollies over crocodile pits.

Re:"Extreme Hackers"? (0)

Anonymous Coward | more than 9 years ago | (#12771173)

You couldn't get stupider (and less '1ee7) if you tried...

You could be so stupid you couldn't even spell "1337" correctly but that is uncommon.

Look (2, Insightful)

blair1q (305137) | more than 9 years ago | (#12770149)

Come on.

Is anyone really surprised that the Bush administration has done nothing significant right in the War on Terror?

The agencies still can't communicate, they're security holes in themselves, our resources are diverted to a fanatical war in Iraq that has nothing to do with terror in America, and we find that the greatest threat to the safety of Americans today is the lies the President told or ordered to be told in order to get 1500 kids killed in a place he admits we had no pressing reason to attack.

This isn't a troll. It's a list of the facts. Anyone disagreeing can disagree, but will be fighting the truth. Consider that before posting political dogma.

Re:Look (2, Insightful)

twiddlingbits (707452) | more than 9 years ago | (#12770325)

It IS Flamebait and you know it!

. You don't have a clue about the facts. The Agencies DO co-operate (as indicated in the way some of the terrorists wannabes and funding sources have been rooted out here in the States), but they don't co-operate as well as they could. Do you really expect to change 25 yrs of Civil Servant attitudes in less than 4 yrs?

The War in Iraq has a LOT to do with terrorism. Saddam and his Baath party provided sanctuary, training camps and funding for Al-Queda. To deny that is to deny FACTS, hard evidence and the statements of terrorists themselves. He would have provided WMDs when he got his programs back together when the UN got tired to looking and went back home.

As long as Gov't agencies use Windoze there will be holes. As long as they employ humans mistakes will be made in either policy or implementation that cause holes. The issue is are they FINDING and closing the holes which I would say they are.

Typical liberal distortion of the facts, thinking no one remembers what the truth is within a few days.

You are the one distorting the facts (0, Insightful)

Anonymous Coward | more than 9 years ago | (#12770462)

"Do you really expect to change 25 yrs of Civil Servant attitudes in less than 4 yrs?"

After 9/11, yes. Or did that NOT change everything as the president keeps reminding us?

"The War in Iraq has a LOT to do with terrorism."

It had very little to do with it, and was far down the list of hot spots that needed attention. For one thing, they might have finished the job in Afghanistan, instead of allowing most of the country to fall back under the control of war lords and Taliban.

"Saddam and his Baath party provided sanctuary, training camps and funding for Al-Queda. To deny that is to deny FACTS, hard evidence and the statements of terrorists themselves."

He funded Palestinian terrorist activities, but had no connect to al Qaeda, except perhaps as a friend of a friend of a friend sort of thing. Bin Laden considered Saddam an enemy, after all.

"He would have provided WMDs when he got his programs back together when the UN got tired to looking and went back home."

The UN showed no inclination to go home, but was chased out of the country before they could get the job done by Bush in his rush to war. Think of all the American lives who could have been saved if Bush had just allowed the inspections to find out what we now all know: No WMDs.

Re:Look (1)

stinkykitten (531841) | more than 9 years ago | (#12770727)

Go back to watching your sitcoms Jesus-Land boy and leave reality to those who have opinions that aren't dictated by what they see on CNN.

Re:Look (1)

WarPresident (754535) | more than 9 years ago | (#12770364)

s anyone really surprised that the Bush administration has done nothing significant right in the War on Terror?

Filthy liar! Here's just one thing [lessig.org] that the Department of Homeland Security has done to protect the homeland from terrorist threats. And you can bet that there are a million more stories just like that one!

Re:Look (0)

Anonymous Coward | more than 9 years ago | (#12770479)

This isn't a troll. It's a list of the facts. Anyone disagreeing can disagree, but will be fighting the truth. Consider that before posting political dogma.

Buddy, you need to eat those words. You're spouting nothing but "political dogma".

Isn't a troll my ass.

what a surprise (1)

phoenix42 (263805) | more than 9 years ago | (#12770150)

what a huge surprise that an enormous government agency would be totally unprepared to deal with many of the contigencies it was created to handle. No government agency will ever be as secure or prepared as it should be. Have you seen these morons holding up walls at the airport? I don't see them doing anything but standing there. They've got 47 employees per machine, but only 3 of them actually doing anything. The beauty of bureacracy is that 33 people can do what it would take one private sector employee to do.

Set an example? (1)

AtlanticGiraffe (749719) | more than 9 years ago | (#12770168)

"Should this agency strive to be good example for the rest of the country and protect against extreme hackers?"

No. It's not their job. If the institution has to exist, it should outsource the IT stuff.

When they founded the US government, they weren't trying to make a good example about computer security. They were trying to protect human rights. Let's stick to that. Everything else should be up to free enterprise.

Re:Set an example? (1)

cosinezero (833532) | more than 9 years ago | (#12770228)

You mean like they outsourced electronic voting? Don't be fooled. All the IT in government is outsourced to companies run by republicans.

my opinion (0, Troll)

BigHungryJoe (737554) | more than 9 years ago | (#12770176)

As a rather well-known cyber-security consultant (you'd know my $450/hr name, I guarantee it) at Foundstone, I can tell you what the problem is - the lack of a comprehensive, rehearsed disaster recovery plan. It really isn't that hard, to implement it correctly, I always recommend this (clients are always amazed by its brilliance and simplicity) - every night, copy all of your company's critical data to a CD, and have EACH EMPLOYEE TAKE HOME A COPY.

Bam - that pops, it sizzles, as we say in the consulting biz. Simple yet EXTREMELY effective.

Now, if you want anymore advice, its gonna cost ya - ($450/hr)

Re:my opinion (1)

NewWazoo (2508) | more than 9 years ago | (#12770280)

And here's my $14.72/hr advice:

You're an idiot if you let your thousands of underlings each take home their own personal copy of the classified data that they work on.

B

Re:my opinion (0)

Anonymous Coward | more than 9 years ago | (#12770553)

Yea really. Anybody who cares enough about their
data to hire this guy would care about it enough to
manage who has access to it.

I hope he is kidding

Re:my opinion (1)

pandrijeczko (588093) | more than 9 years ago | (#12770466)

Erm, these "clients" that hire you for $450/hr...

They're not generally females in the 20-40 age range are they?

They don't by chance, ask you to come round to their houses at certain times, do they?

When you get there, there's not a whole bunch of happy kids sat around a table and a big iced cake?

You're not, by chance, asked to put on a big red nose, a pair of big shoes and make animals from balloons, are you?

Just wondered - sounds like you'd be good at it.

Re:my opinion (0)

Anonymous Coward | more than 9 years ago | (#12770752)

coughBULLSHITcough.

Gee, you're right. We could easily burn our critical apps & databases onto a few thousand CDs every evening.

Two Words: Plausible Deniability (1)

Shadow Wrought (586631) | more than 9 years ago | (#12770204)

That way, when a hacker trying to find a UFO cover-up stumbles across the treasure trove of smoking guns, the DHS can simply wipe their servers and say, "Due to lack of funding we were unable to afford back-ups. That's why, if you want to be safe, you need to give us more money." Thereby shifting the debate safely away from UFOs and back onto funding.

Ideally they would be able to do a trade with those shifty HUD bastards whereby they trade funding for storage of embarrising documents;-)

This reminds me of a story... (4, Funny)

Foolomon (855512) | more than 9 years ago | (#12770205)

This reminds me of a story. I once worked for a company that specialized in tape backup software, name withheld. (I worked on Long Island then, not the on the plains of CHEYENNE, so don't try to guess the name of the company.) A few months after I stopped working there, I received a phone call from my ex-manager that went something like this:

Mgr: So how's it going? Blah blah blah...

Me: It's fine. Blah blah blah...

Mgr: So..um..did you ever "borrow" a copy of the source code to the Disaster Recovery solution that you single-handedly wrote? You know, for "posterity" reasons?

Me: Of course I didn't. That wouldn't be ethical for sure and probably would be illegal. Why do you ask?

Mgr: Well, it seems that the hard drive that your machine used crashed and we don't have a backup.

WTF? Backups and DR equate to 'security?' (4, Insightful)

Mille Mots (865955) | more than 9 years ago | (#12770233)

From the title: Computer Security Lacking at Homeland Security

From the summary (no, I'm not going to RTFA when the subject and summary are so far out of whack):

Adequate backups were lacking for networks that ... in most cases failed to prepare sufficiently written disaster recovery plans that would ..."

So, if I have valid backups of all the patient data here, I guess those HIPAA security requirements are met, eh? Or do I have to have valid backups and a DR plan to achieve 'computer security' nirvana?

Now, if the issue were that their backup tapes were going offsite, unsecured and unencrypted, then the subject might make sense. But, this is silliness. Almost as silly as the DHS itself (hint: The Department of Homeland Security isn't supposed to keep the people safe from terrorists, it's supposed to keep the government safe...think about that one), but...whatever. (sigh)

Re:WTF? Backups and DR equate to 'security?' (2, Informative)

fuzzybunny (112938) | more than 9 years ago | (#12770750)

Backups are part of an overall security strategy, comprising, to use a well-worn phrase, confidentiality, integrity and availability. In a broad sense, you can apply this to DHS' "mission" (such as it is) as well. And yes, a DR plan, especially for an organization which is supposedly so "critical" to the nation's safety, is part of the whole shebang.

What's this have to do with HIPAA?

Re:WTF? Backups and DR equate to 'security?' (1)

nharmon (97591) | more than 9 years ago | (#12770836)

Disaster Recovery and Backups are parts of an overall security plan, but are not the only parts.

DHS: (1)

ohzero (525786) | more than 9 years ago | (#12770315)

1. The entire DHS electronic infrastructure buildout was outsourced to a private defense contractor at a fixed budget cost. Pretty clearly, when money runs out, compromises need to be made. Obviously, backups were one of those compromises. I can also guarantee you that you don't have top industry minds in the SOC at DHS, and this organization is going to need serious help over the next few years to remediate all the things that they're breaking "out of the gate." 2. The title "the world's best hacker" could only be made up by someone as lame as the British media. I'm sure that ass clown was way to busy writing exploits to ever post meaningful or useful information to anywhere frequented by actual, knowledgable network security people. In short, what i'm saying is that he's a script kiddie who can code shell. /rant

DHS backup plan (1)

It doesn't come easy (695416) | more than 9 years ago | (#12770331)

Don't worry about it. As soon as any data appears on a DHS computer, someone will hack into it and copy the data to an offsite location...

FUD. Check out SOLDIER or NOT.com (1)

agent (7471) | more than 9 years ago | (#12770345)

I am collecting images for my new web site.

http://pix2.hotornot.com/pics/HR/HY/NR/NM/BQBMKSOF BHJN.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HR/KE/KQ/OQNSESRP EUMC.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HR/HU/HZ/OQOEK8GE ERAY.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/H8/HL/OQALEQRK YCWP.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HL/HU/HS/KE/OQRQG8HE VXLQ.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HL/KS/NM/HM/OQSZHSES NTTR.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HQ/NS/HE/OLNYNUKM UKRA.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HY/KM/OLG8SEEU MPNY.jpg [hotornot.com]
http://pix4.hotornot.com/pics/HL/HU/NS/KM/OLAZNLEP UUSQ.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HL/HE/KE/KE/OLRYGZKE GRMP.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HS/H8/HR/ORH8O8KA ARJL.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HR/NU/KU/ORELBMOM PEBT.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HS/KU/ORSEKLRT QNFK.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HU/HQ/O8HMHMON WFHD.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/H8/KQ/O8KROUKS SFVQ.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HL/HE/HZ/HL/O8KUOQSA RFNV.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HL/HE/KU/KM/O8OZNYNX USFJ.bmp [hotornot.com]
http://pix2.hotornot.com/pics/HL/KM/HU/KL/O8BMKMEV JPWY.jpg [hotornot.com]
http://pix4.hotornot.com/pics/HL/HE/NS/KQ/O8RLEUOR JTKM.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HR/NU/K8/OEHURZBG GRXP.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HL/HE/GM/KM/OENYS8OK CXKB.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HE/NQ/OEGSRUBS KWLP.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HL/GM/NS/OEAZBZGK MASH.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/H8/HQ/OZHYBERT GDME.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HE/KL/OZNSOQED ECPG.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HZ/HU/OZEYSERD NTBW.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HL/KS/NM/BYHEKZOU MPLG.jpg [hotornot.com]
http://pix4.hotornot.com/pics/HR/HU/HZ/HY/BYGQOREJ XRAL.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HL/KY/HZ/NM/BYGQR8OA HQXW.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HL/KY/HZ/KU/BYGSGEHC TBHV.tiff [hotornot.com]
http://pix2.hotornot.com/pics/HR/HR/KE/KZ/BYEMHZKM LFRQ.bmp [hotornot.com]
http://pix2.hotornot.com/pics/HL/KY/NS/HZ/BYRLNLGT LFNX.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HE/KR/BYSZBQOS EBPY.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HZ/HU/BSHRKRRL MYKV.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HR/NZ/HU/BSHEOZNH BLKD.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HR/NZ/HR/BSBZSMSX DUVM.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HU/KS/BSASHYAA WCGV.jpg [hotornot.com]
http://pix2.hotornot.com/pics/HR/HS/KY/KZ/BSSYOYKF EUFB.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HQ/HQ/KU/BQBYKQGJ QQRW.JPG [hotornot.com]
http://pix2.hotornot.com/pics/HR/HU/HE/NY/BQEYKSNP LRMU.bmp [hotornot.com]

Re:FUD. Check out SOLDIER or NOT.com (0)

Anonymous Coward | more than 9 years ago | (#12770438)

hey buddy I think you got the wrong forum. Here people look for nerds not faggets.

Natalie Portman is 24 today (0)

Anonymous Coward | more than 9 years ago | (#12770349)

that is all :)

Re:Natalie Portman is 24 today (0)

Anonymous Coward | more than 9 years ago | (#12770499)

May she enjoy a large bowl of Hot Grits!

Re:Natalie Portman is 24 today (0)

Anonymous Coward | more than 9 years ago | (#12770607)

And covered in hot grits!!! w00t baby!!!!!

They shunned OpenBSD over war comments (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#12770368)

What a bunch of idiots, now they have no security, OpenBSD is the most secure OS out there!

Internet Security threats and OS Guerilla warfare (1)

CHESTER COPPERPOT (864371) | more than 9 years ago | (#12770392)

An interesting link [typepad.com] .

Summarization of Events (1)

A beautiful mind (821714) | more than 9 years ago | (#12770497)

Consider this flamebait if you wish, but that is how i see events from an european perspective.

Since 9/11, the goverment of USA has been granted extra money, extra legal rights, extra measures and lives to defend against the 'terrorist threat'. I find it extremely ironic, let me tell you why.

First, what did the government do in the last years to improve security? A lot of in-depth reports and analysis say that the results can be barely registered as an improvement, meanwhile being a major annoyance to the ordinary person. The terrorist threat will not be stopped by technology. Humans drive technological advancement and can defeat technology just the same way (if you consider humans to be an advanced piece of engineering, it can be seen clearly). The only way is to convince people, so basically through political and demographical measures, in which areas the USA managed to alienate a sizable chunk of the world after 9/11.

So what do you managed to do in 4 years? The threat level increased in your country by your own actions, working technological measures could have been taken to decrease that risk, but instead the government ended up scaring people to give them more rights and tools. My post is not only related to this particular article, since i try to paint the bigger picture. Placing this particular article in the context of the proposed extension of the Patriot act, the increase in government buerocracy, the laws which you cannot know about but are subject to, the discrimination of muslim people (at customs, and generally in the us administration), the questionable state of DMCA and associated measures, etc. indicates that people need to question the government's actions. To sum it up what i find extremely ironic is that the government promised security and an indefinite fight against a concept (terrorism) and in the process you ended up with less security and less rights.

Re:Summarization of Events (3, Insightful)

Baron von Blapp (767958) | more than 9 years ago | (#12770955)

More Government and More Laws (not to be confused with Moore's Law) never protected or "secured" anyone. Ever. Just look at Europe for example.

No matter what the government (any government) does, it will not be to protect you, it will be to protect the government. Why do they ban firearms, yet the government has firearms.... is the government somehow more responsible than the individual? No.

As a matter of fact the governments of the world have laws that make them exempt from being responsible for anything.

From a global perspective, law abiding and responsible humans are screwed. As Geryon would say "I think the end of the world must be getting near. Hell is getting full."

Typical (1)

spurious cowherd (104353) | more than 9 years ago | (#12770653)

A standard example of the 3 biggest lies in the world.

3. I promise not to come in your mouth
2. The check is in the mail
1. We're from the Government & we're here to help you

computer security? (1)

cccpkgb (793118) | more than 9 years ago | (#12771029)

I'd say the DHS has much bigger problems [bbc.co.uk] on their hands.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?