There is no greater threat then having our nuclear designs and secrets out into the public. That's why when I read about the lax security in place at Los Alamo's National Labs it pisses me off. A woman was caught with thousands of pages worth of classified documents in her house. However, it does appear that she was merely getting behind in her work and took the documents home (she copied them) to work on them.
While I can appreciate someone getting behind and wanting to work on them at home, there is NO excuse when you're working with some of the most sensitive documents in America.
She would save highly-classified documents onto a "thumb drive" and then take the material home to work on after hours, she has said. The practice of inserting thumb drives was specifically forbidden by then DOE secretary Bill Richardson in 1999, but was apparently not uncommon at Los Alamos. Using thumb drives, and at least one wireless (WIFI) device that was improperly in the secure area, it would have been possible to transfer secret material from classified computers to non-classifed computers, a process known as "migration" . Since the discovery of Quintana's breach last fall, computer ports have been plugged with glue to prevent thumb drives being inserted.
While that's a permanent way of dealing with the "thumb drives" issue, there's a lot more, less destructive ways of doing it.
My network is much more secure then the Los Alamos National Labs?? We don't run wireless AT ALL. I don't care if they use revolving 1024 bit encryption keys that change every 2 seconds, if you can see it, you can crack it. Thumb drives are limited to a select few people and everything is logged including who copied what to what drive. EVERY FILE. So if something were to happen, I know who did what when. But then again, my work isn't with sensitive, classified materials like this.
The Los Alamos IT staff really need to get on the ball here. None of my critical servers run Windows. They are all automatically updated nightly, including every available security patch. I get daily reports on the various activities that are ran on the server, and anything out of the ordinary is thoroughly investigated. Regular penetration tests are ran with the latest and greatest tools.
If they have problems or questions, I'd be happy to help out. Network security is one of my forte's. Plus, they could let me have a nuclear bomb casing as payment (without all the innards of course). I might use it as a deterrent against those pesky neighbors of mine.
Travis
travis@rightwinglunatic.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment