Slashdot Mirror
Hack the Army, Brag About it, Get Raided
SunCrushr was one of many who submitted this. A security company called ForensicTec decided to explore the U.S. government's computer systems, with particular emphasis on the Army. They talked to the press and had their fifteen minutes of fame. And surprise surprise, they immediately got raided by the FBI. What did they expect?
If they were serious about what they were doing, they should have contacted the people who have influence over the systems they compromised. Making their findings public may achieve the same effect in the way of getting the systems fixed, but the end result is a lot of unpleasantness all around. In short, it was a wholly unprofessional way to act.
Common sense is what tells you the world is flat.
The story clearly stated that these people are newbs in the security field. Not someone I want protecting the security of computers belonging to the armed forces.
Additionally, they went about this the wrong way. The right way would have been to contact a responsible party and professionally report the issues they found, not grab a bunch of stuff and call a news team. I know that based on their actions, I wouldn't hire them.
That's just me. I choose to work with professionals.
Somebody at Fort Hood and elsewhere should be cooling their heels in a stockade.
Classified documents are NOT supposed to be on machines exposed to the Internet- PERIOD. Machines of that nature are not considered to be at a trust level sufficient for those sorts of things. Forget the security of the machines; the security of classified documents is supposed to be much higher than this appears to have been handled.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas