Slashdot Mirror
Air Force Emails Sensitive Information to Tourism Site
Khuffie writes "The US Air Force has been sending sensitive information, including flight plans for Air Force One, to a website promoting the town of Mildenhall in Suffolk. When told of the error by the site's owner, the Air Force did not attempt to fix it at first. When reminded at a later time, instead of fixing the issue, they advised the owner to 'block unrecognizable addresses from his domain and have an auto-reply sent reminding people of the official Mildenhall domain and blocked his website from access on base.'"
Why didn't somebody just buy his domain off him, let him keep the website, and route the email to a bit shredder for all but the admin addresses, like "webmaster"?
I see from TFA that the owner finally took his site off-line because of the problem. So the USAF probably considers the problem solved. Another triumph for American diplomacy.
It was only after sensitive information had leaked that anything was done about it.
init 11 - for when you need that edge.
This from the mighty mighty Air Force which banned blogs, which accidentally flew nukes cross-country, which wants to start a "Cyber-Command." Not trying to flame, but why do they insult their own intelligence by banning the viewing of blogs while allowing this sort of crap to happen?
If the Air Force is sending that info over unencrypted e-mail, they have bigger problems than just the e-mail going to the wrong domain.
This kind of makes me suspicious that he article might just be hyperbole.
If you read the article you would know that sensitive information, including flight plans for the president and military tactics were received. So with that information it may not be such a challenge.
I wonder if taking down the website will stop the emails from coming?
Nope, I dont think so.
'block unrecognizable addresses from his domain'
isn't it more effective if air force domain names are removed from world wide dns ?
The world belongs to those who get up early. - I'm far from being the king of Earth then
"The military intelligence
Two words combined that can't make sense" -Megadeth, Hangar 18
"It is the business of the future to be dangerous" -Alfred North Whitehead
I don't. Killing people turns them in to martyrs.
for the last time people, I am "frodo from middle eaRTH", not "middle eaST".
I most certainly don't. Unless they can take out Cheney at the same time.
You know why the democrats haven't had Bush impeached? Because they'd rather have him than President Evil.
You seriously think that we "walked over Iraq"? Perhaps it escaped your attention but we are still fighting there, and we have not won yet. I suggest you read more newspapers.
I think that this may have to do with bravado, but more likely it has to do with plain old ignorance. I seriously doubt the Airforce has good IT personnel. Maybe I'm being an IT snob, but from what I've heard from family members that work in government and other civil service (one is pretty highly ranked) is that (as we all know) woefully behind the times. I suspect that an email about data being sent to a public URL may have been seen as cryptic to whatever administrator ended up with the information. On a different thread I was talking about identify theft and how the government is one of the largest areas where proprietary data is stolen from. I think that it's just another symptom of a much more systemic problem within government agencies in the US.
--cally
--Cally
I suspect it was birdshot rather than buckshot.
If the latter, the poor dude wouldn't have had any face left, and Cheney might well have been sent down for manslaughter.....
I'll leave drawing any conclusions as to if this would have been a *very* good thing as an excercise for the reader
Y'all have to look past the rhetoric coming from both sides of the political aisle and see the situation for what it is: fubar'd.
My blog
The real question is what is sensitive information like that doing being sent over email without encryption. If they're sending things like flight plans and military tactics via plain email, it should be considered a security breach no matter who the recipient is. Anyone could easily read it on the way between the two servers, it might get forwarded to someone who shouldn't see it, it can be changed by servers en-route or bogus data inserted etc etc. I imagine most security services would find it easy to infiltrate an ISP here and there and watch traffic as it goes through, and no one would be any the wiser.
How I wish that were true, but you miss a fundamental difference between private industry and the government... When a private company has such efficiency problems, it goes out of business, but when a government agency has trouble, the trouble is presented as "evidence" that "the problem is bigger than we thought" and that more money needs to be allocated to correct the problem. Of course, the fundamental problem which is ignored is the leadership of the organization wasting the money, so the problem never gets fixed, but budgets get bigger and bigger.. At least in the Military's case, their function is one which can be justified by the Constitution - Most of the other government waste is in programs that the government has no right to be spending a dime on in the first place...
-Steve Tired of voting for the "lesser of two evils?" Come talk about it on www.bothsidesarewrong.com
he should simply autoforward those mails to wikileaks
Rich
That's not only ignorant, it is also blatantly incorrect. Regardless of the feelings for the man in the office, the office itself is symbolic of the United States. Just think of how long we've spent after the destruction of symbols of US capitalism, the World Trade Center Towers. Multiply that by 1000, and you'd have the reaction if someone were to take out the President of the United States.
Who among us would be happy to have Dick Cheney as president?
UK: "Hi arabs, we need your help!"
Arabs: "Hmm? What for?"
UK: "Well, you don't like those greedy turks running your land do you..."
Arabs: "Hmm.... no. No, no we don't."
UK: "Ok, listen up. We can help each other. You help us overthrow this empire, and you can have your land back, since all we care about are the germans really!!"
Arabs: "Wow, really?"
UK: "PROMISE!"
Arabs: "OK!"
-- Ottoman falls, Britain takes what it wants in the middle east, negotiates with France for the rest --
UK: "SURPRISE! ISRAEL!"
Jews: "pwn3d"
Arabs: "WTF!?!?"
I think the scenario is more of a territorial dispute with religious/cultural differences as the accenting side dish.
I'm god, but it's a bit of a drag really...
I think it's sad that so many people are driven by hatred.
Gamingmuseum.com: Give your 3D accelerator a rest.
All DOD domains end in .mil not .com.
What's this then?
http://www.airforce.com/
Looks real to me - is it fake?
Yeah - nothing against you, but come on. Bill Clinton got caught with an extra-marital affair, and was put up for impeachment for lying under oath about it. The current president lied, manipulated people in positions of authority and created an environment where his business allies could earn billions off of the war and he is not even being investigated. *accountability* Give me a break. Pres Bush Jr is the one who finally showed me the futile light of our current governmental/business systems.
The current president has done more damage to our future than any other force, person or organization in the US's history. There really is a price to pay for the incredible amount of debt we have and the debacles in Iraq and Afghanistan. It creates instability in the regions, the world, the markets and it weakens our governments ability to deal with a real crisis when it occurs (and they do occur). Saddam was evil, but not a crisis and through GW's actions, we have given fundamentalism another strong foothold in the Middle East. We can not afford (financially) to stick around long enough in Iraq to fix the problems that are there now.
He has made thousands of people incredibly wealthy (not just wealthy) with his politics. If there has been a President in history who needs to be investigated for the well being of our national future, if not only for the strong potential for serious criminal conduct, it is President Bush Jr.
Accountability is only possible with transparency and memory. People have to be able to see and then want to remember what they have seen. As we have neither in sufficient quantity, we do not have accountability. I think Bush will walk away from this a wealthy man with no fear of being prosecuted for what he has done.
InnerWeb
Freud might say that Intelligent Design is religion's ID.
Besides, these emails should have been going over SIPR (secret military VPN), not NIPR (public Internet). The SIPR machines can't route email to NIPR networks, so the problem never would've happened in the first place if proper OPSEC had been followed. Someone needs an Article 15 for this.
(I'm a former IT1 in the Navy, and worked with Air Force guys in Operation Northern Watch, and I can state that all of the Air Force personnel I worked with in the comms section were highly skilled professionals, so this is not a slam on Air Force-types in general.)
God invented whiskey so the Irish would not rule the world.
China,India, and Russia though would. Any fight with either is just stupid. We walked over Iraq, and afganistan because they didn't have weapon support from russia or China. Actualyy, I think you couldn't even attack Iran right now, because you wasted all the high-tech weapons in Afghanistan and Iraq. How many Tomahawks does the US have left?
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
I think it's sadder that so many are driven by blind obedience, stubbornness, and willful ignorance.