Slashdot Mirror
State Department Hit With Many More Break-Ins
adjust28 writes to tell us CNN is reporting that the US State Department has been dealing with a number of computer break-ins with regards to their headquarters and offices dealing with China and Korea over the past couple of weeks. From the article: "Investigators believe hackers stole sensitive U.S. information and passwords and implanted backdoors in unclassified government computers to allow them to return at will, said U.S. officials familiar with the hacking."
The government seems to have never placed much importance on computer security. I recently read Cliff Stoll's 1989 chronicle of a hacking, The Cuckoo's Egg . Back then the government was slow to respond and pretty unmotivated, and it seems like little has changed today. Yet, once they catch someone, they give him a draconian punishment that ruins his life, just look at Mitnick. The government can't seem to decide it's priorities. It'll punish you more for cracking than for murder, but at the same time it won't secure it's own systems and heed experts.
Ask Slashdot: Why do gov't 'puters have net access?
-Palal
Of course, that's what the bayonet is for!
This could put the State Department ahead of MySpace as the #1 destination site.
It's not offtopic, dumbass. It's orthogonal.
I spent a few months not so long ago tracking down a cracker who had compromised a mail server for an ISP. He'd gotten root, and installed rootkit style stuff that hid directories, etc.
It was a long process to penetrate all his defenses. Finally, I ended up chatting with the cracker a la Yahoo Chat, including video. He was from Romania, and liked diet 7-up.
So, I get all the sources together with which he compromised the server. I had everything, down to IP addresses. I called the FBI and they referred me to some web page that didn't even allow enough upload to report everything I had found.
I submitted what I could. I didn't even gt a "thank you" email. I would have been happy with a "thank you" message. But I got nothing.
My opinion of the dept of Homeland Security as well as the FBI sank immeasurabily as a result.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Maybe they shouldn't have been outsourcing. (that's a joke people)
Philosophy.
Great now they'll get buried in viagra ads. Guys they aren't trying to steal secrets they just wanted your security down so they can sell you dick pills and cheap pirate software. Oh and by the way that nice guy in Nigeria wants to take money out of your account not put it in.
B.
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
I don't want to trigger a Windows/Linux debate, but relevant is this quote from a recently slashdotted interview with McKinnon:
Source here
Even if it is considered right to treat such breakins so seriously: how many times must the horse bolt before the barn door?
Joke answer: because they invented it!
Because they're on the green.
For a bunker shot, they'd use a sand wedge.
(1) The classified servers are physically disconnected from the Internet. They have to be.
(2) Every time I read a headline like this, I remember playing Uplink, and chuckling over the poor bastards when what I did hit the headlines. Somewhere in Korea, someone is chuckling hard.
'If you're flammable and have legs, you are never blocking a fire exit.'
I think not. Just remember the whole fuzz about journalists being bugged so that anyone calling them with secret information can be traced. How can the press then do its job?
If total security is achieved say goodbye to all those leaks and exposes. You will have a system that makes the KGB look like childsplay. Not because they will abuse it but because if they want to they can, without ever being found out. All that would need to happen is for someone to come along who wishes to abuse it. Do you trust any party so much you want to give them complete secrecy?
Democracy and free press are nasty things. They conflict immidiatly with the need to keep things hidden. Even such a simple thing as the skunk works is a direct violation of the principles of free press and accountable goverment. How the hell can we judge our goverment if they can keep what they are doing hidden from us?
The only alternative is to accept a certain level insecurity and just go after the people that go to far. A very strange state of affairs but better then living in a police state.
Mitnick ain't a victim. He is a stupid criminal and deserves everything he is going to get. He was not a journalist seeking the truth, he was just a cracker messing around with computers that were not his.
If I do not lock my door that does not give you the right to enter my house. Neither do I want to live in a world where the goverment is behind closed doors.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
After the State Department break-ins, many employees were instructed to change their passwords.
The root password is now "god" instead of "sex"
The password for the defense department computers in question was 'Joshua'.
If you don't get this your not geek enough, hang your head in shame.
Users... the only thing keeping 1st level support from being the bottom feeders.
I submitted what I could. I didn't even gt a "thank you" email. I would have been happy with a "thank you" message. But I got nothing.
My opinion of the dept of Homeland Security as well as the FBI sank immeasurabily as a result.
Your error was that you failed to realize what the priorities of these agencies are. Report the incident again only this time put the words 'terrorist' and 'activity' in the subject line. Wait an hour and then turn on the TV, switch to a news channel and you should hear reports of massive USAF airstrikes somewhere in Romania. For shorter response times try adding the word 'Osama' to the subject line. Just be careful when using the words 'bin' and 'Laden' since combining those with the other three in one subject line might lead to a tactical nuclear strike.
One has to wonder if this is for real or if this is just another stab at fear-mongering so more propositions to cripple net neutrality / online privacy / ... can be passed.
If they really experienced that much security breaches I doubt CNN would be allowed to publicize this.
OTOH, TFA mentions a lot of scary evil things like North-Korean missiles and Chinese Hackers.
I'm not sure whether I prefer this article to be for real or propaganda, both possibilities imply information warfare on the US people.
Nothing news about this; this is a dupe; there was already an article before of the US being the #1 destination for Internet traffic.
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
Since most state computer security seems to be so laughably weak. UK 'hacker' Gary McKinnon, currently being extradited to the US, got into US Navy logistics computers by just typing in admin and password to login screens for Windows NT for goodness sake. If the most advanced military force on the planet is using an unsupported operating system I dread to think what the state department's systems must be like.
Ask Slashdot: Why do gov't 'puters have net access?
Why shouldn't they? They need to do work and send email to people outside the government like the rest of us. How do you think, for example, all the tax forms show up on IRS.gov? Magic?
Classified computers do not have access to the normal internet, so when you see these break-in stories, no classified information was compromised, unless some dope went out of his way to get info from a class system to an unclass one.
Help me take back Slashdot. When did 'News for Nerds' become 'FUD and Conspiracy Theories for Extremist Nutjobs'?
"said U.S. officials familiar with the hacking"
When did they hire anyone like that? I call their bluff!
Perhaps they hired some first-rate plumbers - they know how to "hack" into tubes.
After the State Department break-ins, many employees were instructed to change their passwords. The department also temporarily disabled a technology known as secure sockets layer, used to transmit encrypted information over the Internet.
Wait a minute, they actually disabled their security after they got hit with an attack??!? Someone tell me if I'm wrong about secure sockets layer being a security measure of sorts.
-1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
Any company or government department that has any internet exposed servers that hold critical or sensitive information must be soo stupid they deserve to be broken into. What ever happened to having separated internet from internal servers etc..
This is a clear case of cracking, not hacking. Please tag this article as such, as if IT experts use the correct tems for activities, maybe the word "hacking" can be saved?
RMS or such other famous nerd: I'm a hacker
Justice, influenced by Fox: Off to Gitmo for you then, hacker means computer terrorist.
Actually, yes we do. As long as we have to trust it with our things, we want it to be able to hold onto those things and not let just anybody see them or use them against us. If the government expects to claim that it's protecting us and our personal information, it has to deliver on that protection.
However, you're conflating security with transparency , when in fact they're both important. Security is the ability to keep the secret things secret against prying eyes. Transparency is the ability to unlock and inspect certain documents on demand to make sure that the government is functioning as it should. And ideally, the minimum amount of information should be classified secret: the smaller the pile of sensitive information is and the less it moves around, the less likely it'll get violated.
The role of the free press is to report. It could be said that the role of the free press in a healthy democracy is to act as watchdog, to report when the system's security breaks so people can be warned and take measures for their own security, or to use the transparency to report problems. And it could be further argued that when transparency breaks down and secrets are kept unnecessarily, the best thing a reporter can do is intentionally break that bad kind of security. When the Pentagon Papers were exposed and the illegal acts of the Nixon administration were revealed, that was the free press's finest hour.
Nowadays, government security and government transparency are both oxymorons, and the "free press" provides spin, runs interference, and distracts people with the missing-blond-girl-du-jour (I'm looking at you, Fox "News"). Oh, and a significant portion of the people are okay with that.
My question is, where do we start the triage? Any one we start to fix will give us trouble from the other three.
You cannot truly appreciate Dilbert until you read it in the original Klingon.
...there are certainly dire consequences -if- the government wants there to be. Just look at the money tracing operations and their exposure: President Bush openly and fiercely attacked those newspapers who have reported on it, stating that they have hurt the U.S.'s cause in tracking down terrorists -and- have done damage to the security of the United States and its citizens. He has done this repeatedly, with the full support of other government officials and branches, and guess what? Recent polls showed that the nation is divided roughly in half on the issue at this time, while when the story was published most people really just didn't care too much -or- were outraged that the U.S. government once again pried in their personal affairs. That is now 50% of people agreeing that they feel less secure now that papers, specifically The New York Times, reported on this secret program, and that they shouldn't have done it and -should- be prohibited from doing so in the future. The U.S. government is doing a great job of making the papers out to be 'the bad guys', and one can only imagine that it's certainly not helping their subscribership.
So yes, they can report whatever they want, but the government can very much make them feel sorry for doing so in financial terms. Thankfully the majority of the papers who have reported it -don't- feel sorry in terms of 'doing the right thing'; as one of the editors said - if they can't report on this, then what's next? Not reporting on Abu Ghraib? Not reporting on 'accidental' bombings of civilians? All in the name of supposed national security.
I can understand - and papers should certainly be wise enough to make this decision for themselves - that papers should -not- publish information regarding specific individuals or programs that would severely compromise those individuals or programs; e.g. operatives abroad who have infiltrated: you don't go publishing their names and photos. Investigations into a terrorist sleeper cell in Hicksville: you don't go publishing that they are under investigation. But for something as broad as "The U.S. government is tracking your international money transfers", there is -no- compromise of the program. If nothing else, sad as it is, most people probably expect that the U.S. government was doing that already, and the U.S. government can happily continue doing so; they can't honestly believe that terrorists will suddenly go "oh dear, I say... they are tracing our money wires.. perhaps we should stop using that.".
Elections must be coming up again soon...
I can sympathise with a desire to see the correct terminology used, but in this instance, I'm not sure I can see the harm.
The trouble is that hacking is, in terms of human society, comparatively new. Everyone understands the times when it is right or wrong to enter someone else's house. The same is not clear for remote computer access.
So, it makes sense to look for an situation analagous to unathorised access and reason from that starting point. A lot of people, myself included, find the housebreaking metaphor apt.
Of course, it remains an analogy, and necessarily inexact, but it does provide a useful frame of reference. I'm not sure it's possible to consdier the issue without one. Is there anything intrinsically good or bad in accessing a computer system? Why should permission alter the scenario? At least if we talk about houses and bolts we make our presumptions clear from the start.
Do you think the analogy is unhelpful? Do you have a better starting point? I can't see how else to approach the problem.
Don't let THEM immanentize the Eschaton!
At least as of five years ago, most State Department computers had a single monitor, keyboard and mouse plugged into a switch that in turn ran to two different CPUs. One CPU, with big red stickers on it, was the classified ("class") machine; the other, with big green stickers on it, was the unclassified ("unclass") machine. The class machine had an ethernet hookup to the State Department intranet, to handle Lotus Notes and access to Cable Express, the computerized version of State's old Telex cable system. That intranet was completely disconnected from the internet. The unclass machine had a connection to the internet.
The hard disk in the class machine had a barrel lock on it. At the end of the working day, you powered down your machine, unlocked and removed the hard drive, and locked the drive in your safe. (The safe is less fancy than it sounds: a standard four-drawer file cabinet with two u-flanges welded onto it; you slid a long steel bar through both flanges and padlocked it into place. Cheap, but pretty effective.) The unclass machine's hard disk remained in place, and those machines were rarely turned off.
As the story mentioned, most of the hacks target unclass machines, for the simple reason that they can't reach class machines. Give State some credit; on the hardware side at least, they did the right thing by building two networks.
The problem with this setup is this: say you're writing a report that will include some classified information but that will also have background research perhaps from the internet. In theory, you should write the report on the class machine. You should do the internet research on the unclass machine, write up whatever you want to add to the report, copy it to a floppy or flash drive, and copy it onto the class machine. The document from the class machine should never appear on the floppy or the flash drive, much less the unclass machine. In practice, as you can imagine, people often put the file on the portable medium so that they can avoid wrangling with version control (most foreign-service officers don't know what version control is, but they know they don't like to wrangle with it). Once you start doing that, it's only a matter of time before classified information ends up on an unclassified machine.
Just for the record, a lot of classified information is, frankly, uninteresting. If an embassy staffer covers a rally in the foreign capital and writes a cable that has six paragraphs of description of the rally and one paragraph of commentary on the rally, he'll often mark his comments confidential; this in turn makes the cable classified. This tendency to classify TOO MANY THINGS only adds to the report-writing problem I mentioned above, since often the necessary reference material is unclassified description within a classified cable.
Frankly, if you can come up with a way to sort out this state of affairs, I think the State Department would be pretty willing to listen to it. At least, based on watching diplomatic security officers tear their hair out at the potential security breaches that their own employees commit, I think they would be.
Right....Classified systems are on a seperate network...until, that is, some network eng. patches them together to make his/her job easier. Have you ever done a audit of a military/government network? I personally have, and found over 60 paths to so called "Secured" networks from a machine which was Internet accessable...Let's stop cherry picking, and call it like it is...totally kludged up, non-functonal, messy security at best.
----- I have bad karma for a reason! -----
This is exactly why I am agianst allowing the government to implement OS level backdoor. They will simply lose the information on the backdoor to hackers and then no computer will be safe!