Computer Security Lacking at Homeland Security

peter303 writes "The New York Times (reg. required) reports that computer backup procedures are woefully inadequate at 19 centers of the Department of Homeland Security. Should this agency strive to be good example for the rest of the country and protect against extreme hackers? " From the article: "Adequate backups were lacking for networks that screen airline passengers, that inspect goods moving across borders and that communicate with department employees and outside officials. Those same agencies, the auditors found, have in most cases failed to prepare sufficiently written disaster recovery plans that would guide operations if a main office or computer system was knocked out."

And this matters how???

[shoppa]

What difference does it make whether you have backup hardware/network/software ready when the primary doesn't even do the desired job? The government as a whole spends billions every year to attempt to refine ill-defined requirements into working productive systems that fill real needs. The DHS has never succeeded in producing such a system.

It's easy to pick holes in the lack of backup of a system, but it's pointless when the system has no utility to begin with.

What do backups have to do with security?

[MythoBeast]

Since when does failing to back up your hard drive make your system easier to hack into? If you're talking about them having poor data integrity that's one thing, but this doesn't seem to point to poor computer security.

Re:It's all an Illusion

[Tackhead]

> I have the feeling that nobody's really trying hard enough to protect us. We stand an hour longer in the security line just so that people can bring explosives through in their shoes? Now they make us take our shoes off. What if someone brings explosives through in their pants?

...then evolutionary pressures start to select in favor of people like the Goatse Guy?

Seriously - that was the biggest disappointment about the shoe-bomber case. If he'd only smuggled the bomb up his ass, the simple act of getting in line at the airport would be a lot more fun.

Imagine hearing stuff like "Excuse me, ma'am, I think you're kinda cute, and since I'm kinda average, and since the guy front of me is obviously better-looking than me, and since the guy standing behind you is obviously gay, I think that three out of the four of us would be happier if you and I switched places. How 'bout it?"

Everybody wins!

It's not just America

[CHESTER+COPPERPOT]

Your friends in the war on terror over here in Australia plainly don't care about security either. In the last few weeks we've found dodgy baggage handlers in the airports, a chinese diplomat who is trying to defect and says that Australia is infested with chinese spies and threats against foreign countries embassies within our own soil.

Governments are hopeless at dealing with security. They are slow, lack innovative thinking and care more for their own careers than for their constituents. What matters most is whether or not you can protect yourself, your assets and your family when (if) the time comes. Then you can rid your mind of all the political and media led one-upmanship that comes along with security and the war on terrorism and get more important things done in life.

Backup != Security

" What do backups have to do with security? (Score:3, Insightful) by MythoBeast (54294) on Thursday June 09, @12:28PM (#12770125) (http://www.mythologicalbeast.org/ | Last Journal: Monday September 08, @02:27PM) Since when does failing to back up your hard drive make your system easier to hack into? If you're talking about them having poor data integrity that's one thing, but this doesn't seem to point to poor computer security."

No kidding. Backups in one hand, security in the other. I'm sure /. is full of enough computer literate people to know that. Please explain to me how not making a backup makes one more suspectible to a hack. Okay, so if you did get hacked, you risk losing everything when you don't have a backup. But if you store that backup on another network drive you are MORE susceptible because you have more data spread out and available to hack.

Sounds like an excuse to bring up other arguments, which it seems most on here have chosen to do.

"As a rather well-known cyber-security consultant (you'd know my $450/hr name, I guarantee it) at Foundstone, I can tell you what the problem is - the lack of a comprehensive, rehearsed disaster recovery plan. It really isn't that hard, to implement it correctly, I always recommend this (clients are always amazed by its brilliance and simplicity) - every night, copy all of your company's critical data to a CD, and have EACH EMPLOYEE TAKE HOME A COPY."

You've got to be kidding. This wouldn't even work for a business. So you are going to give EVERY employee access to everything in the business, trade secrets and all? And how are you going to ensure that the disc doesn't leave the employees possesion, and that old discs get destoryed? Plus, even the relatively small business that I work for has 20gig or more of things that should be backed up. How are you going to send that home? DVDs? Or an external backup drive for each employee?

And the key point that everyone seems to be missing is that the point of all this extra spending is to make Americans, on average, FEEL safer. Doesn't really have to be safer. It's all part of the media/government spin on the truth. The war has a lot to do with terrorism because without terrorism there wouldn't be a lot of support for what the gov wants to get done. It's all politics. Look, if 9/11 never happened, do you think anybody would really support the actions we are taking across seas? It was a perfect time for the gov to expand their control and finish the job on Iraq. Whether the gov did this "primetime for action" tactic on purpose or they truthfully believed in what they were reporting to the public is up for debate. I'm dissapointed and scared to see so many of my fellow citizens willfully give up many rights for "safety" from perceived threats. Reminds me of the mob and extortion money: "We'll provide you safety for this price".

Without politics, there would be a lot less crime. Why, you ask? Because there are a lot of measures that could be taken to drastically reduce crime that are poltically-incorrect or unpopular. Same goes for economic policy. There are times when a temporary tax hike would benefit the country immensely, yet no politician would want to back that platform.

It will be interesting to see what happens in the next few years. A lot of universities have adopted programs for computer security due to the increase in demand for KNOWLEDGABLE staff. Seems to me a lot of these guys were raised on networking and know little about security and forensics, at least compared to what they would be expected to know.

Re:It's all an Illusion

[Bios_Hakr]

Something I've wondered is when the terrorists will actually have the explosives INSIDE them. Fuck, if you are gonna die anyway, just pull out a kidney or pack some explosives inside a lung.

The main problem will be to get the guy so drugged he won't care about the stitches/pain yet will still be able to physically board the plane.

It'd be even better to use a post-partum woman. She'd already have a lot of room and wouldn't really require surgery to implant the explosives. It'd be hard to get a woman recruited into their little cult, but if they kidnap a baby and promise to release the child if the woman goes with their plan, I'm sure they'd get a few willing moms.

Just remember: The next thing will be something we don't expect. Kinda like the Inquisition.