If The Trade Press Can't Get This Right..... >>

<< Bill Gates Working Hard To Prove His Own...

Thu, Mar 16th 2006 12:53am

Security Through Begging

from the even-better-than-security-by-obscurity dept

Last summer, the surprising news came out that Japanese nuclear secrets leaked out, after a contractor was allowed to connect his personal virus-infested computer to the network at a nuclear power plant. The contractor had a file sharing app on his laptop as well, and suddenly nuclear secrets were available to plenty of kids just trying to download the latest hit single. It's only taken about nine months for the government to come up with its suggestion on how to prevent future leaks of this nature: begging all Japanese citizens not to use file sharing systems -- so that the next time this happens, there won't be anyone on the network to download such documents. Beyond the fact that this is unlikely to have any effect (at all) on file sharing in Japan, it has nothing to do with the actual security breach. It wasn't the use of a file sharing system that was to blame here, but the security setup that allows an outside contractor to hook up his personal computer to the power plant's network without doing any kind of security check whatsoever to see if (a) his computer has malware or (b) his computer has file sharing software -- while leaving top secret documents available for his computer to access. If this is how government officials react to such leaks (taking forever and completely missing the root cause of the problem, while suggesting a solution that is impossible to implement), it's almost amazing that such leaks didn't happen sooner.

18 Comments | Leave a Comment

If you liked this post, you may also be interested in...

Reader Comments (rss)

(Flattened / Threaded)

Kyle Youngblood, Mar 16th, 2006 @ 4:10am

Were is the IT's at
Just like any Network your have to have someone running it. What is this guy/gal doing to keep these computers from getting on the Network. Does not seem like much other then tell them not to do it, you can see how long that lasted. If your going to implement the idea to not use file sharing, that is going to hard. I see that if they let any computer hook up to the network then they could easy have there system hacked long before this happend. If they are not going to take the time to keep the network system safe then why are they complaning about the leaks. Seem like they need to go there job and not complain about there lack of quaified IT's

[ reply to this | link to this | view in chronology ]

Anonymous Grammer N@zi, Mar 16th, 2006 @ 6:34am

Re: Were is the IT's at
Just like any Network your have to have someone running it. What is this guy/gal doing to keep these computers from getting on the Network. Does not seem like much other then tell them not to do it, you can see how long that lasted. If your going to implement the idea to not use file sharing, that is going to hard. I see that if they let any computer hook up to the network then they could easy have there system hacked long before this happend. If they are not going to take the time to keep the network system safe then why are they complaning about the leaks. Seem like they need to go there job and not complain about there lack of quaified IT's

Pleaze sine op four mor C0re 3nglish callouses next simester!

[ reply to this | link to this | view in chronology ]

?, Mar 16th, 2006 @ 4:19am

This is bound to work.
Everybody knows that people will not do bad things if you just ask. Just look at Sadam! We spent 20 years asking him to behave, and he did. That is why our war in Iraq is completely unjustified.

[ reply to this | link to this | view in chronology ]

You R an Idiot, Mar 16th, 2006 @ 5:05am

Re: This is bound to work.
"We spent 20 years asking him to behave, and he did." Saddam did no such thing. He spent from the day Gulf War I ended, until the day the US invaded in GW II thumbing his nose at the free world violating every sanction that the UN Security Council wrote (BTW, the UN was making billions, while he was at it).

[ reply to this | link to this | view in chronology ]

Nohe Isnot, Mar 16th, 2006 @ 5:12am

Re: Re: This is bound to work.
Ummm... I think someone failed to detect someone else's irony.

[ reply to this | link to this | view in chronology ]

knucklehead, Mar 16th, 2006 @ 6:24am

Re: Re: Re: This is bound to work.
Nohe wrote: "..failed to detect someone else's irony."

Not to get too off topic, but nobody really seems to care what the orginal topic was. Was that irony or sarcasm?

If you're going to rip on someone, at least rip on them for the right reason. Hey, I guess this is related to the orginal topic after all! A good example of finding the wrong root cause. Boy am I good....

[ reply to this | link to this | view in chronology ]

nismoto, Mar 16th, 2006 @ 8:33am

Re: Re: Re: Re: This is bound to work.
"If you're going to rip on someone, at least rip on them for the right reason."
I think he/she did. Where did you get your education?

i·ro·ny (ī'rə-nē, ī'ər-) n., pl. -nies.
1. The use of words to express something different from and often opposite to their literal meaning.
2. An expression or utterance marked by a deliberate contrast between apparent and intended meaning.
3. A literary style employing such contrasts for humorous or rhetorical effect.
[ reply to this | link to this | view in chronology ]

annoyed at you, Apr 17th, 2006 @ 3:38am

Re: Re: This is bound to work.
you missed the sarcasm. This person wasn't serious. If you've already made up your mind that everyone else is an idiot then you will often jump to the wrong conclusion and hence end up looking like one yourself.

[ reply to this | link to this | view in chronology ]

Anonymous Coward, Mar 16th, 2006 @ 6:41am

Re: This is bound to work.
Agreed!

For Internet security, this already exists for traffic which complies with RFC 3514.

Firewalls [CBR03], packet filters, intrusion detection systems, and the like often have difficulty distinguishing between packets that have malicious intent and those that are merely unusual. The problem is that making such determinations is hard. To solve this problem, we define a security flag, known as the "evil" bit, in the IPv4 [RFC791] header. Benign packets have this bit set to 0; those that are used for an attack will have the bit set to 1.

[ reply to this | link to this | view in chronology ]
Jason, Mar 16th, 2006 @ 9:13am

Re: This is bound to work.
You have got to be kidding me! Granted, Saddam did not have weapons of mass destruction, however... to say he behaved shows a complete lack of understanding on your behalf. It was obviously NOT your mom, sisters, girlfriend or wife that was being habitually raped by his men. It was obviously NOT your family that lies in the mass graves that keep turning up. Woe be to America if you teach your children that this kind of thing is acceptable behavior.

[ reply to this | link to this | view in chronology ]

tinasmit, Mar 16th, 2006 @ 9:20am

Re: Re: This is bound to work.
and how do you know that the american soldiers over there aren't doing the same thing?

basically, i don't fully believe anything unless i see it firsthand.

the media is not exactly a trustworthy source of information, to put it delicately.

[ reply to this | link to this | view in chronology ]

Clueless, Mar 16th, 2006 @ 9:57am

Re: Re: Re: This is bound to work.
I believe it after I see it on the internet ... there is no false information on the internet....

[ reply to this | link to this | view in chronology ]

Anonymous Coward, Mar 17th, 2006 @ 1:06am

Re: This is bound to work.

[ reply to this | link to this | view in chronology ]

Khurt Williams, Mar 16th, 2006 @ 5:10am

Incompetent
It never ceases to amaze me that despite all the sage advice of security professionals that it is the poeple in power to implement the recommendations who completely miss the point.

[ reply to this | link to this | view in chronology ]
Rikko, Mar 16th, 2006 @ 10:28am

We're arguing about Iraq now?
Wow, out comes the Techdirt lowest common denominator.

[ reply to this | link to this | view in chronology ]
Ironaq, Mar 16th, 2006 @ 12:43pm

Next up, NAZIS~
....end of thread...

[ reply to this | link to this | view in chronology ]
cdb, Mar 16th, 2006 @ 2:59pm

job
It's "Dad I need a job. Can you get me in as IT manager at the plant ?" "Sure son. What did you go to college for ?"

[ reply to this | link to this | view in chronology ]
Andrew Schmitt, Mar 16th, 2006 @ 6:08pm

Huawei Isn't Stupid
This is one of many reasons why when you visit Huawei in China (and increasingly, other companies), you are told that no electronic devices can be brought inside, with the exception of customer meeting areas. If you are a tech, and must enter a lab for debug, your laptop ports are literally taped shut with security tape that indicates removal and re-attachment. This is of course, only after you have obtained the 5 signatures required to get your laptop through the door.

[ reply to this | link to this | view in chronology ]

Add Your Comment

If The Trade Press Can't Get This Right..... >>

<< Bill Gates Working Hard To Prove His Own...

Follow Techdirt

A word from our Sponsors...

Hot Topics

New To Techdirt?

Explore some core concepts:

read all »

Techdirt Reading List

Amazon.com Widgets

Techdirt Insider Chat

Rikuo: about the Xbox One reveal - there were quite a few people watching the reveal live on their Xbox 360's, with their Kinect 1.0's attached...and everytime the Microsoft exec demonstrated a feature by saying "Xbox, TV" or whatever

the viewer's Kinect 1.0 would pick up the voice command and respond accordingly...by pausing or stopping the stream and going to the TV mode. I find that hilarious

I also find the concept of Kinect 2.0 hilarious. So if you've got a bunch of people on the couch watching a movie...don't move a muscle. Stare blankly. Don't move your arms at all or say anything, or the Kinect 2.0 will think you're giving it a command.

If you move your arm back to point to the liquor cabinet to tell the wife to pour you a shot of whiskey, the Xbox One will think you're swiping

silverscarcat: *Spies something interesting in the Crystal Ball* Well, that's interesting. I'm not sure what to think. Honestly, I'm not a big fan of the guy, but considering what the gov't did, I support him in that endeavor, but this... Seems to go too far.

dennis deems: http://www.dailykos.com/story/2013/05/22/1210687/-Obama-s-leak-freakout Best political cartoon ever? Top 10, surely

Hey the green bars are back!

Jay: Hmmm... Gonna have to hack my PSP...

silverscarcat: I need a new battery for my PSP. :(

It keeps shutting off if it's unplugged for more than 2-3 minutes, even on a full charge.

Mike Masnick: green bars are back, and hopefully functioning better than before. :)

silverscarcat: Oh look, AJ's having a cow and the internet tough guy is trying to be a stereotypical high school bully. *Rolls eyes* Hey, Mike, I know it's not in your nature to ban someone, but, damn, something needs to be done about this sometimes I think.

Rikuo: unfortunately, nothing can be done. IP address block? Useless since either AJ is on a dynamic IP or he's on a static but using someone else's equipment. Username block? That would only add fuel to the "CENSORSHP" fire

silverscarcat: Well, I think I'm going to leave for the day. That troll that plays the internet tough guy really should get laid, I think. It might help him think straight.

Rikuo: holy fucking shit...I want to be this man

http://arstechnica.com/information-technology/2013/05/fios-customer-discovers-the-limits-of-unlimited-data-77-tb-in-month/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29

Warning - Home Server pornz on that link

BentFranklin: in that article, where it describes his rack, what does 1u, 2u, 4u etc mean?

Jeff: @Bent - 1U, 2U, 4U are units of measurement for server racks. http://en.wikipedia.org/wiki/Rack_unit

Dark Helmet: Hell, I"m just a silly tech services sales guy and I knew that...

Get the Insider Chat!

A word from our Sponsors...

Have a Techdirt Account? Sign in now. Want one? Register here
Name
Email	Get Techdirt’s Daily Email
URL
Subject
Comment	this is for spambots, do not use this
Options	Save me a cookie

Have a Techdirt Account? Sign in now. Want one? Register here
Name
Email	Get Techdirt’s Daily Email
URL
Subject
Comment	this is for spambots, do not use this
Options	Save me a cookie

Thursday
11:20pm:	Yet Another Anti-Patent Troll Bill Introduced In Congress (1)
8:19pm:	District Attorney And Major TV Network Sued Over Stupid Reality Show (5)
5:00pm:	DailyDirt: Tuition Debt Is For Chumps? (15)
4:01pm:	Adam Savage On Why Copyright And Trademark Holders Need To Get Over Their Obsession With 'Control' (17)
3:01pm:	Partisanship Over Spying On Journalists Is Stupid: Spying On Journalists Is Bad, Period (20)
2:00pm:	Magic Hat Brewery Sues West Sixth Brewing, Claiming 6 Looks Too Much Like 9 (37)
1:01pm:	Filmmaker Behind The Pirate Bay Documentary Says Bogus DMCA Takedowns Take Away His Free Speech (80)
12:04pm:	Vermont Declares War On Patent Trolls; Passes New Law And Sues Notorious Patent Troll (7)
11:05am:	Prenda Lawyer Says Georgia Court Should Ignore Judge Wright's Order Because... Look! Hackers! (39)
10:01am:	Chicago School System On FOIA Requests: Stonewalling, Obfuscation, & Paper-Shredding (21)

Security Through Begging

from the even-better-than-security-by-obscurity dept

Reader Comments (rss)

Were is the IT's at

Re: Were is the IT's at

This is bound to work.

Re: This is bound to work.

Re: Re: This is bound to work.

Re: Re: Re: This is bound to work.

Re: Re: Re: Re: This is bound to work.

Re: Re: This is bound to work.

Re: This is bound to work.

Re: This is bound to work.

Re: Re: This is bound to work.

Re: Re: Re: This is bound to work.

Re: This is bound to work.

Incompetent

We're arguing about Iraq now?

Next up, NAZIS~

job

Huawei Isn't Stupid

Add Your Comment

Techdirt RSS

Techdirt's Daily Email Newsletter

I have an idea...

I’m looking for policy...

I have an app...

Hot Topics

New To Techdirt?

Thursday

More

Company

Contact

Tools & Services

More