Slashdot Mirror

← Back to Stories (view on slashdot.org)

Feds Now Allowed To Use Internet

Posted by samzenpus on from the welcome-to-the-web dept.

fast66 writes "Nextgov reports that a new court order allows the Department of the Interior to connect to the Internet, six years after the federal agency was ordered to disconnect. District Judge James Robertson wrote in his ruling, 'I find that the consent order is of no further use and must be vacated.' 'The ... disconnected offices and bureaus may be connected.' He added that his ruling was based not on evidence but 'on a legal conclusion that it is not my role to weigh IT security risks.'"

14 of 113 comments (clear)

  1. No internet connectivity since 2001? by Coopjust · · Score: 4, Interesting

    I wonder if they'll update the machines beforehand. Anyone remember how long it takes for a Pre-SP2 copy of Windows without a good AV and firewall takes to get a worm? Minutes?

    In all seriousness, I hope that they take some precautionary steps before plugging in the LAN cables...

    1. Re:No internet connectivity since 2001? by Tenebrousedge · · Score: 4, Interesting

      I think this is usually a game played at security/hacker conferences. Hook up unpatched windows box, time it until it gets an infection. From what I remember reading it generally takes less than a minute. As of 2005, one company's estimate was twelve minutes to infection. The last time I booted windows (box connected directly to the net without a router) I had the firewall in verbose mode and it registered an average of two intrusion attempts per minute.

      Generally speaking, there's a reason that windows machines come with AV and firewalls these days. I'm sure the most conservative estimates of time-to-pwn would be less than the time it would take to download updates.

      --
      Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
    2. Re:No internet connectivity since 2001? by AdamPee · · Score: 2, Interesting

      I can tell you for a fact that an unupdated XP machine can get a virus before I could download a copy of Avast, much less official updates.

  2. Re:That was silly.. by geekoid · · Score: 2, Interesting

    "Even the most "uber secure" area c..."

    haha, hack the ICBM com network, I dare you.

    Yes, lets not let people have access to their government, lets keep everything paper based and in some dusty book and the bottom of some building where the public can 'access' it.

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  3. How many? by NigelBeamenIII · · Score: 2, Interesting

    As a current DOI employee, I actually wasn't even aware of this (probably because I can access the great and powerful Internet where I work). Does anyone know how many employees were even affected by this? The DOI isn't exactly the largest Department in the US government (just ~71,000 employees) so the fraction of that which deals with Indian records can't be that large.

    1. Re:How many? by Anonymous Coward · · Score: 2, Interesting

      Every single one of us....

      I am also a DOI employee, and was stuck at a snowy contamination site in Minnesota when it happenned (November or December 2001). The judge cut off all email, server access, and public web pages, even though very few of the DOI agencies have anything to do with the Indians. We had to petition office by office and prove that we did not have any critical Indian data, and that obviously took a while.

      I ended up setting up several free Netscape accounts on the public computer at the Days Inn to email ~50 MB of data (back when that was a lot of data) to our cooperators.

  4. Re:The switch has not yet been flipped by ewhac · · Score: 3, Interesting
    My vague understanding -- and please fact-check me on this -- is that the Bureau of Indian Affairs is supposedly in arrears on payments to Native American nations on land leases, which are believed to total in the billions of dollars. Various lawsuits have been filed to try and get the actual accounting data and come up with an accurate number.

    One of the problems was, apparently, that even if you ignored the sloppy accounting, the non-existent security on their networks basically made any figures coming out of the bureau highly suspect. So the judge ordered the entire network off the Internet so that only local malfeasance would further affect the numbers.

    It is further alleged that criminal lobbyist Jack Abramoff had a hand in this mess...

    Schwab

    --
    Editor, A1-AAA AmeriCaptions
  5. Re:That was silly.. by nbert · · Score: 2, Interesting

    I was working for an insurance company around '99 which only granted internet access to those dual-booting. You had your normal NT domain to log on to or if you really needed to get online you could restart your box on whatever system you would prefer. I thought it was kind of silly back then (if one OS is infected it's pretty pointless to assume that the other system is safe if it's running on the same hardware). However, the idea to separate systems isn't wrong at all. If the job is that crucial it might be a good idea to provide two PCs on different networks and a monitor which accepts 2 signals. It's simple solution to a very complex problem.

    --
    I don't read replies by ACs.
  6. Re:Tomorrow's news: by antek9 · · Score: 4, Interesting

    That's what I was wondering: Imagine they had indeed strictly obeyed that order for six years now, and would just 'finally' re-plug their > six year old PCs and laptops, having missed security and virus signature updates for such a long time: That would be like they say, when the cat's away...

    Watch out for new torrents of sensible data from the same evening on. But of course, that's just my little hysterical hyperbole, they wouldn't have taken that order by the word, now, would they? They cannot, no, can they?

    --
    A World in a Grain of Sand / Heaven in a Wild Flower,
    Infinity in the Palm of your Hand / And Eternity in an Hour.
  7. Re:That was silly.. by TubeSteak · · Score: 4, Interesting

    How is the Bureau of Indian Affairs in need of security in excess of the Defense Department, Congress, the IRS, and the Nuclear Regulatory Commission? Well, you could argue that the Bureau of Indian Affairs (BIA) should have security equal to that of the State Dept., Treasury Dept., and IRS.

    The BIA is all those things for Native American tribes, each one being Sovereign.

    What the BIA used to have was the online equivalent of a safe, with the combination 12345, holding Native Americans' money.
    --
    [Fuck Beta]
    o0t!
  8. Re:Tomorrow's news: by Anonymous Coward · · Score: 5, Interesting

    Um, you do realize that you can set up an internal WSUS server and manually sync it with an external WSUS server and keep computers on a disconnected network up to date, right?

    Good, because that's what I did when we first got kicked off. I haven't worked there for a few years so I don't know if they kept it up, but it's not hard to do - and certainly not hard to do in preparation of re-connection.

    I guarantee you, the Trust Bureau's probably have networks secure then most military networks. The scrutiny on them from the courts and plantiff's is huge and they know it.

    Funny how the person who started the lawsuit also happens to own a bank and wants the trust fund moved to her bank for administration. Funny how that never comes up - it's always just the "evil government". No, there could never be any other ulterior motives here.

    Puhleeze....

  9. Re:That was silly.. by Anonymous Coward · · Score: 1, Interesting

    The BIA also has this little thing called Indian Preference...

    Government isn't a magical entity that exists in and of itself - there are actually people who make up government agencies. In the case of the BIA, Native American's get higher preferences for hiring then even Veterans - so guess, historically, who 95%+ of the employee's of the BIA have been?

    So who screwed who here?

    Frankly I think the government should just concede and turn it all over to the tribes, and then wash their hands of it. The trust fund would implode in less then 5 years due to administration costs alone that they currently get for free (never mind graft and mismanagement - they think the BIA did a bad job under the feds? I would love to see how some tribes would squander their shares).

  10. Re:Well he's right by overunderunderdone · · Score: 2, Interesting

    But, of course, to you right-wing pukes, it's the government, it's a judge, and so it's good that this decision was made to let some dumbass agency back onto the web.
    I agree with the substance of your comments. But, I don't understand the "right-wing pukes" dig. What exactly is "right-wing" about comments applauding this decision? It doesn't seem like an issue that cuts neatly into a left/right conflict. Judicial overreach in the initial decision maybe? But, the defendant is a government bureaucracy getting it's comeuppance for incompetence... not a lot of sympathy from the right there. The comments applauding this latest decision don't seem so much right-wing as arrogant-geek: "Internet good!" , "Judges not smart enough to understand technology". Insofar as your comment focusses on bureaucratic incompetence it's probably the closest to a right-wing comment to this point. It's almost Reaganesque: "government is not the solution to our problem; government IS the problem."
  11. Re:and this is important... WHY? by AHuxley · · Score: 2, Interesting

    They play for real and send you the $6792 bill.
    http://timesunion.com/AspStories/storyprint.asp?StoryID=668451&normal

    --
    Domestic spying is now "Benign Information Gathering"