Slashdot Mirror
U.S. Department of Interior Ordered Offline
The whole of the U.S. Department of Interior has been forced off of the internet as a result of a court case Cobell v. Babbit. This was the result of compromises with the Microsoft Windows servers. A judge decided to take the whole of the organization down. Should this judge have this much power? Info here on the
indian trust web site. This includes the BLM, USGS and the Park Service. Staggering, really. CD: Hold off on the blaming of MS, it's still not clear.
I'm not trying to troll... do you have another source that says MS Windows was the problem? It doesn't even say what the problem was... it could have been a bunch of passwords set to "password" for all we know.
so a judge cut off a computer network because it housed sensitive data important to particular individuals which was not secure.
whats the problem here? i wish this would happen more often.
*That's* what I call abuse of power. This strikes me more as steps to help ensure that the carelessness of a dimwitted government agency doesn't end up hurting anyone unnecessarily.
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
it might be helpful if the person who posts the story actually provides some background info or a link to it. guess i have to go to google myself...
Lots of information is available at the Indian Trust: Cobell v. Norton web site. Press releases plus offical court documents.
Of particular interest is this document, which more fully explains why the judge ordered all Internet access to the Department of Interior. Apparently, court investigators were able to break in and modify lots of important information without any response from the DoI.
Seems like this sets a legal precendence for locking down an entire business, organization, or corporation involved in a legal situation. If it can be demonstrated that it would be possible for an outside entity to modify data crucial to the proceeding of the case (such data would be subpeonaed), the judge can order all external access to that data cut off.
Since simply running a some Microsoft software makes it possible for a large number of outside entities to modify such data without difficulty, and to know that doing so is possible without having to figure it out, I could see this becoming a problem for businesses and organizations that run said Microsoft software.
However, it also means that lax UNIX administrators could have their systems' access cut off if court investigators demonstrate that they are able to get in. Sounds like Mac OS 9 is the best protection against this now.
Mentioned in the article posted before this one, many sections of this network was not protected by either firewall or password, and in many cases very simple passwords were used that online tools could easily guess. Also mentioned is that a common password was "passwd." That's not a Microsoft default.
Here is the article.
sweeping action with far-reaching but unclear ramifications
Okay, the dept of interior has leaky systems. That is bad. Very bad. Maybe forcing all their systems offline is the right answer. I don't know.
A judge becoming your CTO at the behest of people making claims against you smells pretty stinky. From what I read, the complainants' investigators claimed to have edited trust records through the Internet. The interior department denied this happened. Who is right?
From now on if a group claims that their personal information is at risk that organization can be forced go entirely offline?
Scary because most judges are not technically competent nore do they have advisors technically competent enough to know who is making sense and who is just talking slick.
--- -- - -
Give me LIBERTY, or give me a check.
So you're saying judges should not be able to send people to jail?!? If not a judge, who then?
I'm sympathetic to the Indians. That accounting system has never been fully functional. And a lot of suspicious things, like fires that have destroyed records, have occured over the years to the Indian Trust. I'm heartended to see some positive progress behing made on correcting that horrible situation. The Indians already have it bad enough without this debacle making their plight worse.
However, the judge has done more harm than good by shutting the entire Interior's network access. As you pointed out, the USGS makes available the largest and most comprehensive repositories of geospatial data in the nation, and perhaps the world. Much of this data is free. And many universities, government organizations, and companies use that data; e.g., where do you think Rand-McNally gets its data to make maps?
Though I'm not as familiar with the other DOI departments and bureaus, I know that they, too, provide valuable public services that a number of people need to do their jobs.
Another angle is the impact on DOI employees. I can tell you I witnessed a number of people standing around the halls looking mystified at the USGS' headquarters in Reston this afternoon. We all depend on network access in some capacity to get our work done. In my case, it's crucial as I work with folks at the Mid-Continent Mapping Center in Rolla, Missouri. I was logged into one of their suns debugging some errant code when the plug was pulled. Most aggrivating.
(Initially I had thought that the network was down because of the Goner virus since the USGS has a history of shutting its network down when the system gets swamped by propogating virii and worms.)
MAC | A polar bear is a cartesian bear after a coordinate transform.
This is pretty funny
"BadTimes will make you fall in love with a penguin" - Laika
Actually, that McDonald's case you're so quick to dismiss is exactly like this. McDonald's *knew* that their coffee was far hotter than any competitor's, it knew that it had seriously harmed others, and it knew that the plantiff had originally only asked for her medical expenses to be covered. She was sitting in a car, sure, but it was stationary and she was a passenger, and I think others who were scalded were sitting at tables inside the restaurant.
It was the jury that decided that McDonald's needed to get a strong signal that its ongoing indifference to the harm caused by its actions would no longer be tolerated, and that huge punitive award (which was automatically capped by law, and further reduced on appeal) was an estimate of McDonald's profit on coffee sales for two days. That is hardly a burdensome amount - enough to get your attention, but probably something like $20-$50 for us. On appeal, the award was comparable to the change we can find in our seat cushions.
As for the DoI case, the court is pissed because one of the primary responsibilities of the court and its agents (which include every member of the bar, specifically including the Secretary of the Interior and her legal team) is to preserve evidence. You might get away with hiding evidence, but the fastest way for a lawyer to get disbarred is to get caught disposing of evidence. The government has clearly deliberately destroyed pertinent records in the past, but they've been claiming that's all ancient history that no current employee was involved with. Now we see strong evidence that the government, is indifferent at best, and deliberately trying to facilitate at worst, the destruction of additional records *today* which are required to determine the correct distribution of hundreds of millions or billions of dollars in royalty payments. Of course the judge is pissed -- and if the DoI drags their feet I would expect to see some of the lawyers hauled before disciplinary boards.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
None of which changes the fact that her lawyer is apparently a total weenie.
And the brethren went away edified.
This is interesting because the college debate topic for NDT/CEDA this year deals with increasing federal control over Indian Country, and these people research voraciously. I suspect a lot of future lawyers will begin to learn about how ridiculous Microsoft is as a result of this, and to think about the ways that policy and software interact (Lessig anyone?)
We'll see.
microsoftword.mp3 - it doesn't care that they're not words...
using homefair.com salary calculator, that $56k a year in New Jersey is $37k a year in Iowa. also the teachers mentioned were all fairly senior, which leads me to believe that only the ones who could afford it were striking. and in that case probably the most experienced, many of which would have their Masters degree. Do you have your Masters degree?
The "misuse of power" here is that of the executive branch's (i.e, the DOI) total breach of its fiduciary duty to manage, account, and safekeep native american trust funds. This litigation has been going on for years, in both democrat and republican administrations. It goes way beyond mere tech issues; in fact, I recall that entire warehouses of paper documents were basically destroyed and/or quarantined because they were infested with rat droppings and pathogens. Do some googling on this and you'll see that the DOI has nobody but itself to blame and that the executive branch has often left the judicial branch no alternative but to take actions such as this. You'll find many specific instances of neglect by the DOI that are just mind-boggling. Here's a copy of the hearing transcript for starters: http://www.indianz.com/docs/12062001/computeracces s.txt
This isn't about a judge not understanding technology; this is about the DOI failing to uphold its statutory obligations so egregiously that thousands of people have been harmed.
Exactly. Anyone who's heard anything about the case knows the goverment has been screwing the Indians out of billions of dollars (er, actually we don't know how much $$$ because of the ulta super crappy record keeping). The white man is still sticking it to 'em. It is an extreme disgrace.
OK, so Microsoft has a practice of hiring freshly graduated CS majors so they can begin brainwashing them early about what working at a software company is like. Fine. That drains the young'uns of real world programming experience, where inventing five new opaque binary file formats with every program is not OK, nor is obsessing over making Solitaire's shuffling algorithm O(N) instead of O(log(N)) worthy of a semester project for a team of six.
However, Microsoft's insular cluelessness aside, do you really think that the gub-mint Windows sysadmins languishing in some mildewy room in the basement of a federal ofice building are going to know what they're doing? Have you seen government salaries lately? These are the people who convert several 700yd runs of bare-pair phone cable to Ethernet using only a crimper, and wonder why they can't seem to get sustained 10MBps throughput across it. The lucky ones learn on Uncle Sam's dime and move on to a Real Job making Real Money eventually. Others just fester there forever, making technical decisions so horrible that others refuse to believe you when you describe them.
I worked for the government very early in my career. I was definitely clueless, and more importantly, we were insanely understaffed. Microsoft is huge and has "R&D" teams working on stupid crap like vibrating joysticks and general-purpose speech recognition - ever notice that EVERYBODY in your office wears headphones? Now wait until you have to yell at your computer all day just to get work done - meanwhile the government is busily trying to roll out Win95 to the last few field offices that still have 66Mhz Pentiums.
In case you are unclear, I'm saying that monopoly-funded hordes of inexperienced but smart and college-educated Microsofties are more likely to get a code something properly than an overextended handful of unmotivated, underpaid, self-taught recent help-desk graduates are to install it properly.
I remember about a year and a half ago, being called in to do some networking work in a department of a nearby county's office.
I found that the system I was in front of was primarily used to process permits for construction and the like within that county. It was open to the Internet (I did a full, nasty, in-your-face port scan and nobody blinked) and the hard drive was shared - to the world!
I was able to connect to the HD via SAMBA, from my HOME WORKSTATION! I bitched, complained, sent letters. They paid a consultant company something in the 6 figure range to do a "security survey" - and they recommended replacing the POP3 servers with MS Exchange!
I gave up, having other profitable ventures to go for.
But, do you think this doesn't happen like ALL THE TIME?!?!?
People, this is GOVORNMENT!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
This doesn't surprise anybody who's worked with the DOI, and especially the BIA, before.
I used to run an ISP for an indian tribe, and at one point the local BIA office asked us if they could run an Ethernet connection to our hub and use our link.
We made it clear to them that we were providing a link, not security, both before and after the fact, but they nevertheless didn't install any kind of firewall. Their servers had active Guest accounts that could access pretty much all data, and literally EVERY one of their desktops had C: drives shared with no passwords.
Oh, and BTW; they were the folks we were supposed to call if we got hacked and wanted it investigated for prosecution, since the FBI didn't have jurisdiction until brought in by BIA.