Slashdot Mirror
Security Flaws Could Cripple Defense Network
userexec wrote to mention an FCW.com article about the uninspiring future for the Missile Defense System's software. The developers are apparently very worried about poor information security on the project. From the article: "The report said that neither MDA nor Boeing officials saw the need to install a system to conduct automated log audits on unencrypted communications and monitoring systems. Even though current DOD policies require such automated network monitoring, such a requirement 'was not in the contract.' The network, which was also developed to conform to more than 20-year-old DOD security policies rather than more recent guidelines, lacks a comprehensive user account management process, the report said. Neither MDA nor Boeing conducted required Information Assurance (IA) training for users before they were granted access to the network, the report stated. "
The Missile Defense Agency (MDA) is George W. Bush's name for the Ballistic Missile Defense Organization (BMDO), which was Bill Clinton's name for the Strategic Defense Initiative Organization (SDIO), which was Ronald Reagan's "Star Wars."
You forgot over $8 TRILLION in public debt - $30,000 for EVERY man, woman, and child in the US.
My guess is the MDA was not reading the DOD guidelines on IA http://www.dtic.mil/whs/directives/corres/html/850 02.htm (among many other pubs) which is pretty clear. Being a classified mission critical system used for warfighting, they would fit into the MAC I, confidentiality=high baseline.
Lets hope their contract gets recompeted so my company can head over there!
In your desperate attempt to show how much of a failure the US is, you only highlight how great it is, and how other countries are far, far behind.
NASA- nobody else come close in terms of accomplishments, missions, discoveries, etc. Other countries could only hope for the failures that NASA has come through.
"Collapsing" health care and education system- It's funny how so many other people from around the world come to the US for health care or education.
Outsourcing, elections, blah blah blah- stuff that has been going on for decades, and is not unique to the US.
Question is: Is there eanything really?
Well, the United States is the mightiest, most powerful, productive, influential and richest country in this history of mankind. Is that enough for you?
The movie is called High Score http://www.highscoremovie.com/ it premiered this week at sxswhttp://2006.sxsw.com/
Klatu Brata Nicto
It still availiable as html in google cache;: www.dodig.mil/audit/reports/FY06/06-053.pdf
http://www.google.com/search?q=cache:yNlqZ9eZV3oJ
Having been involved with the Air Force since 1985 and done my shair of IA traing, I can say it is basically worthless and more or less comes down to "Don't give out your password, or run software from home".
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
I used to work for a defense contractor on classified networks. When we stood up a new lab, there was a briefing for all employees with access (AKA need to know). They were told that the SA's (I was one) were the first line. In other words, if we said no, the answer was to be interpreted as "no way in hell". My group, however, was in the minority (we said no more often than we said yes). Every request was checked into using the NISPOM. Every software request was extensively checked. Unfortunately, this was the exception rather than the rule. In other areas, the mentality was "that which is not expressly prohibited is allowed", not the DOD/DSS standard of "that which is not allowed is expressly probibited". I spent 3+ years fighting management over this issue, despite the fact that any "unusual" request to DSS/DOD went through the 3 people (myself included) who had the respect and trust of the officials who were required to approve the request. I also quashed (on one occaision 3x) requests that violated the rules. The rules are there. They make sense. They only work when the people on the ground feel they make sense. I left the environment when the stress of meeting the regulations exceeded the stress of fighting with management. YMMV
And ye shall know the truth, and the truth shall make you free.
John 8:32(King James Version)