Slashdot Mirror

← Back to Stories (view on slashdot.org)

Information Security On An Olympic Scale

Posted by timothy on from the five-rings-of-fire dept.

jeffy124 writes: "Wired is running a story about the man in charge of securing the computer systems at the Salt Lake City Olympic Games next February. Matt McClung discusses how he's withstanding an 'overhype' in the media on the possibility getting his systems cracked and what he's doing to prevent it in the first place. With 4500 PCs and 550 servers, that shall be a daunting task, especially given the reliability problems at the '96 Atlanta games."

5 of 160 comments (clear)

  1. Not that hard... by RollingThunder · · Score: 5, Interesting

    just don't hook one single system up to the Internet. Establish a private network (not VPN - actually private) for the entire thing.

    Use dedicated hosting boxes, with ALL DYNAMIC FUNCTIONS OFF, that run NOTHING but the http server on the public interface. The secure FTP server runs on a dialup connection that only connects to the private network, with hardware authentication of the modems to each other.

    Choose a bare-bones http server, with no bells and whistles. Both IIS and Apache are out. Maybe thttpd? Not familiar enough with it, to be honest.

    Yes, you're going to have to work around not having dynamic portions or ubiquitous connectivity, but you're having to choose, flexibility or security.

    Would this make for an enjoyable online olympics? Probably not, but that wasn't really what the story addressed. :)

  2. Olympic Security in Atlanta was a joke by CokeBear · · Score: 5, Insightful
    Olympic Security in Atlanta was a joke.
    I was a relatively low level voluteer, assigned to a specific area at a single venue. My badge said as much in codes that every security person was supposed to know.

    I was able to access behind the scenes areas, chat with athletes and celebrities, watch events at other venues, all without a single question from a security person. (Most of them were volunteers too). Even when I was out of my uniform, all I had to do was flash my badge and I was never denied access to even the most sensitive areas. Part of it has to do with attitude of course. If you act like you belong, they assume you do, and I consider myself a Master of Social Engineering, but even then, I should have at least been questioned when I walked into the athletes change area. (There were none there).

    I'm pretty sure that Salt Lake City will be more secure, if only because of all the money being poured into it now. But what they need to realize is no matter how many $B you spend on security, you still need people with the balls to say "I'm sorry sir, your badge doesn't allow you in this area" and to stick to it.

    --
    Reality has a liberal bias
  3. IBM passed on the job by Lumpish+Scholar · · Score: 5, Interesting

    ... because they wanted to control it all, including everything on the Olympics.com Web site.

    http://www.forbes.com/2000/08/23/feat.html

    --
    Stupid job ads, weird spam, occasional insight at
  4. A chance to win... by Swannie · · Score: 5, Funny

    Hmm... with a little hacking, and I could be the first person in my family to win a gold medal for figure skating.

    Swannie

    --
    :q!
  5. The Test by Rolo+Tomasi · · Score: 5, Funny
    OK, after they've got all rigged up and ready to go, they're ready for

    The Ultimate Test

    Fill the servers up with pr0n and serve it to the public, for free! If it withstands that, the Olympics will be a piece of cake.

    Hey, I'm serious ...

    --
    Did you know you can fertilize your lawn with used motor oil?