U.S. Interior Dept. Unplugged... Again
IO ERROR writes "The U.S. District Court ordered the Department of Interior to take all its systems offline for the third time, saying that its systems were too insecure to be left open. Among the systems to go offline are those that process payments owed to American Indians and Internet access in schools on Indian reservations. DOI employees cannot use the Web or send or receive e-mail."
Is their continuing failure to secure their system due to lack of will/lack of money/what they're using or some combo of the three?
"The Interior Department said the order "is a new frontier in this court's efforts to run the operations of executive branch agencies."
//
"We are working closely with the Department of Justice to quickly respond to this order in the appropriate legal venue," the agency said in a faxed statement.
It's a political thing. Probably not much of a technical problem here at all. Somebody's making a move for power somewhere and now all of this BS. They are punishing the Interior by taking down links with schools on them rather than just blocking traffic via access lists and firewalls.
If they really had a problem with some of the services being provided as insecure they could have either firewalled those services or just blocked them at the router. Since, they did not take a rational approach to solving the problem, the problem is likely a political one from one greybearded idiot to another.
Been a consultant for the government. Seen it. I once went almost 4 months doing nothing but earning good money while waiting for the Chicago Tollway to resolve some political infighting. 4 months of sitting at home, watching TV and basically chilling out on Illinois tax dollars.
It was lovely.
...a good 40% of retailers use the INTERNET to connect to the bank...
it's even worse than that. i know a guy who works at a credit union. his job is to do end-of-day, end-of-month, etc processing. one of his jobs, is to ftp the transactions to/from visa everynight. it's not sftp or any other encrypted connection. just plan text ftp right over the internet. no one at the place will listen to him about how insecure that is! and just think, if visa is doing that for this credit union, i imagine that they're doing it for all the banks/retailers they deal with.
Which is why secured government facilities are required to shred all classified documents. And as for Mr. Feynman's legendary escapades, Los Alamos was recently severely upbraided by the DOE for its lax security.
Most government facilities have the lowest level of classified information ("Secret"). Very few have "Top Secret" or higher. And even with Secret, there are very extensive procedures in place in terms of document storage, personnel access, etc.; you're not going to be able to get in with a penknife, leastways not when the document is in a 2-ton graphite safe with 70-point rotary dial behind an armed guard gate.
And as for the guy who found a 10-Base T hub? Dude. That's nothing. We throw old junk away all the time. I just threw 5 Betacam SP decks, worth about $6000 each, in the trash last week. Remember, the agencies can't sell equipment; only the GSA sells surplus, and that's at auction. And it's not like the agencies get credit for turning stuff in. So there is no financial incentive for the agencies to save old equipment, and the paperwork is far too much of a hassle to deal with, just to get it transferred off the books to surplus. (You have to verify condition and certify it, blah blah blah.) So we just get it written off as damaged beyond repair, and toss it.
Believe me, I'd take the stuff home if I could, but then I'd technically be stealing. It has to be officially thrown away first.
God Bless America.