Slashdot Mirror

← Back to Stories (view on slashdot.org)

Obama Helicopter Security Breached By File Sharing

Posted by Soulskill on from the we're-getting-lazy-without-a-cold-war dept.

Hugh Pickens writes "A company that monitors peer-to-peer file-sharing networks has discovered a potentially serious security breach involving President Barack Obama's helicopter. 'We found a file containing entire blueprints and avionics package for Marine One, which is the president's helicopter,' says Bob Boback, CEO of Tiversa, a security company that specializes in peer-to-peer technology. Tiversa was able to track the file, discovered at an IP address in Tehran, Iran, back to its original source. 'What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One,' says Boback, adding that someone from the company most likely downloaded a file-sharing program, typically used to exchange music, without realizing the potential problems. 'I'm sure that person is embarrassed and may even lose their job, but we know where it came from and we know where it went.' Iran is not the only country that appears to be accessing this type of information through file-sharing programs. 'We've noticed it out of Pakistan, Yemen, Qatar and China. They are actively searching for information that is disclosed in this fashion because it is a great source of intelligence.'"

1 of 408 comments (clear)

  1. The solution.. by bjourne · · Score: 5, Interesting
    This is not a new problem, for years it has been trivial to search for passwords.txt and find hundreds of email passwords, credit card numbers and other sensitive information. Even if this is a PEBKAC issue, there are still several things that could be done to mitigate or cure the problem:
    • Special NIC:s that drops non-VPN traffic.
    • Hardware firewalls that drop all outgoing traffic except for HTTP and SMTP.
    • P2P software that disallows sharing of files less than say 1mb in size. Or disallow sharing of plain text files or other documents. Usually, people are sharing media or archived software. If a .ppt file is shared, then in 99 cases out of 100, it wasn't supposed to be shared.

    None of these ideas are foolproof, someone dumb enough would eventually screw up anyway. But that is not the point, the point is that there are simple engineering steps that can be taken to reduce the amount of inadvertantly shared data.

    --
    Football Odds