Slashdot Mirror

← Back to Stories (view on slashdot.org)

Information Security On An Olympic Scale

Posted by timothy on from the five-rings-of-fire dept.

jeffy124 writes: "Wired is running a story about the man in charge of securing the computer systems at the Salt Lake City Olympic Games next February. Matt McClung discusses how he's withstanding an 'overhype' in the media on the possibility getting his systems cracked and what he's doing to prevent it in the first place. With 4500 PCs and 550 servers, that shall be a daunting task, especially given the reliability problems at the '96 Atlanta games."

9 of 160 comments (clear)

  1. Is this the right man for the job? by gmhowell · · Score: 4, Insightful
    McClung said the Salt Lake City Olympic computer system, comprised of 4,500 PCs and 550 servers, is the most complex network he's ever seen.


    Urmmm... I work in a small company (50 employees) so I've never seen really big networks. But somehow, 2000 computers doesn't seem like that compares in any way to various military and Fortune 500 networks. By an order or two of magnitude.

    So, is somebody who has never seen (let alone worked with) this many machines the right guy for the job? Sounds like he is in over his head a bit.

    (Now, if this IS an incredibly huge/large network, please bitchslap me)
    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
    1. Re:Is this the right man for the job? by Anonymous Coward · · Score: 1, Insightful

      First, 4500 + 550 != 2000, it equals 5050. As to your main point, I think you're right- big networks are on the scale of 50,000 PCs, not 5000. Still, 5000 is quite a few, and not something to sneer at. IIRC, Google uses somewhere around that number.

    2. Re:Is this the right man for the job? by Anonymous Coward · · Score: 1, Insightful

      This is typical of the way things work in Utah.

      He's only in that position because:

      1. He's related to the person that hires for that position.
      2. He's Mormon.
      3. He's a Mormon "returned missionary."
      4. His parents called and asked for him to get the job. (Yes, it does happen in Utah...all the time.)

  2. Olympic Security in Atlanta was a joke by CokeBear · · Score: 5, Insightful
    Olympic Security in Atlanta was a joke.
    I was a relatively low level voluteer, assigned to a specific area at a single venue. My badge said as much in codes that every security person was supposed to know.

    I was able to access behind the scenes areas, chat with athletes and celebrities, watch events at other venues, all without a single question from a security person. (Most of them were volunteers too). Even when I was out of my uniform, all I had to do was flash my badge and I was never denied access to even the most sensitive areas. Part of it has to do with attitude of course. If you act like you belong, they assume you do, and I consider myself a Master of Social Engineering, but even then, I should have at least been questioned when I walked into the athletes change area. (There were none there).

    I'm pretty sure that Salt Lake City will be more secure, if only because of all the money being poured into it now. But what they need to realize is no matter how many $B you spend on security, you still need people with the balls to say "I'm sorry sir, your badge doesn't allow you in this area" and to stick to it.

    --
    Reality has a liberal bias
  3. Re:Not that hard... by gmhowell · · Score: 3, Insightful

    There is no reason not to serve basic layouts (menubars, graphics, etc.) from thttpd, khttpd, or some of that sort. Let the 'content' be in the form of single stories placed within the framework. Run/served from a different machine.

    I mean, this is hardly rocket science, and it certainly isn't grounbreaking. It's merely applying existing tech and solutions.

    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
  4. Atlanta's problems... by SquierStrat · · Score: 1, Insightful

    Atlanta has issues all of the place due to the city government. Anything they touch is just f*cked up all over the place! Well, they touched the olympics and the olympic computer systems back in '96, and well you saw the results. Just be glad you don't have to live with said government. :-)

    --
    Derek Greene
  5. He didn't say it was the LARGEST... by Tsar · · Score: 3, Insightful

    ...only that it was the most complex network he'd ever seen.

    Personally, I can think of some rather complex topologies for even a twelve-computer network, even ignoring multi-homing possibilities. Depending on how the network structure is designed, as well as how many other networkable devices are involved and how they are connected (I'd assume a rather large contingent of wireless devices as well), this network might well be more complex than anything you or I have seen or even visualized.

  6. Remember Atlanta? by Grelli · · Score: 2, Insightful
    My memory may be fuzzy, but I seem to remember there being a small explosion at the Atlanta games.

    The reason I bring this up is that the article mentions the "great hack of 2000" where it was thought that the Sydney Olympics network would be compromised.

    Given the current state of affairs, current legislation, and this soon to be widely publicised network, are we going to be seeing any "Terrorist Attacks" against these games? Seems that it would be a very convenient situation for the US gov to prove the neccesity of the U.S.A. legislation just recently passed.

  7. obviously you've never dealt with streaming before by Frothy+Walrus · · Score: 1, Insightful

    these are the Olympic websites, which implies that there will be many live video feeds and even more saved clips. your "proposed solution" is very simplistic, failing to take into account the enormous bandwidth requirements (the condition which separates this network from any other generic Big Net).

    for something like this, you need to think about multihoming (Akamai-style), server location, special hosting... sorry, can't just set up a few Linux servers in the phone room and call it quits.