Chalk One Up For The Armchair Economists >>

<< Yes, We Knew Tech IPOs Were Coming, But We...

Thu, Oct 4th 2007 8:06pm

Filed Under:
email, homeland security

Homeland Security Can't Even Configure Its Mailing List Software Correctly?

from the that-makes-me-comfortable dept

Just after the federal gov't screwed up and shut off ca.gov, we find out that the Department of Homeland Security misconfigured its email list software causing a deluge of annoying emails to over seven thousand government employees. The list, normally used to broadcast news summaries of security news, apparently was set up so that any reply messages automatically were broadcast to all members. What happened next is familiar to lots of folks on mailing lists, where the "reply all" button is misused. The one difference, though, was that this wasn't a misuse of the reply all button, but on the mailing list automatically sending out anyone's message to everyone on the list. Many security experts on the list are apparently wondering what that says about Homeland Security's ability to deal with cybersecurity issues. Perhaps it was just a little configuration error, but you would think that the folks at the DHS would be a bit more careful about those things.

15 Comments | Leave a Comment

If you liked this post, you may also be interested in...

Reader Comments (rss)

(Flattened / Threaded)

The Swiss Cheese Monster, Oct 4th, 2007 @ 9:14pm

Don't they know how to test things before implemen
Oh wait, this is the government. No they don't.

Sorry - I should have never asked a stupid question.

[ reply to this | link to this | view in thread ]
HERATICK!, Oct 4th, 2007 @ 10:12pm

HOW DARE YOU INSULT THE MOST MAGNIFICENT GOVERNMENT OF ALL TIME?

TRAITOR!

[ reply to this | link to this | view in thread ]
???, Oct 4th, 2007 @ 10:14pm

the government? perfect?
what are you, stupid?

[ reply to this | link to this | view in thread ]
rattran, Oct 4th, 2007 @ 10:29pm

I thought the Iranian Ministry of Defense employee
I thought the Iranian Ministry of Defense employee chatting on the list was the most amusing part

[ reply to this | link to this | view in thread ]
Mike F.M, Oct 5th, 2007 @ 12:21am

It's not just worrying...
...but terifying that the DHS could let something like this slip. It could (and possibly did) spread some very personal information to alot of people.

If they can't keep personal info away from people who shouldn't know it.....?

[ reply to this | link to this | view in thread ]
Forest Johnson, Oct 5th, 2007 @ 2:20am

Government Intelligence
Any good American knows the two words that never go together, Government and Intelligence. I am in a wonderful country, one of the best on this little blue marble we call home. But, some of the decisions made by our government, governmental policy makers and agents/agencies there, are less than admirable.

The best part of all this though... Elections!!!

[ reply to this | link to this | view in thread ]
Paul Reid, Oct 5th, 2007 @ 4:20am

They can't maintain a no-fly list either!
Should this really surprise anyone?

The no-fly list is a constant joke that never gets fixed.

[ reply to this | link to this | view in thread ]
Ben Robinson, Oct 5th, 2007 @ 5:03am

Out of office
I wonder how many people on the list had out of office autoreply on. Every message would be replied to with an out of office message, which would be forwarded to everyone on the list, many of whom would generate an out of office reply again which would be fowraded to eveyon on the list, repeat ad infinatum.

[ reply to this | link to this | view in thread ]
Overcast, Oct 5th, 2007 @ 6:28am

The most terrifying words in the English language are: I'm from the government and I'm here to help.
Ronald Reagan

[ reply to this | link to this | view in thread ]
You never know, Oct 5th, 2007 @ 7:11am

It's a goverment agency, you were expecting less?

[ reply to this | link to this | view in thread ]
CW, Oct 5th, 2007 @ 8:12am

Re: You never know
I wouldn't expect anything from the government. That would be too irresponsible of me to expect something, especially something positive.

[ reply to this | link to this | view in thread ]
nipseyrussell, Oct 5th, 2007 @ 8:54am

out of office replies, i have NEVER seen an out of office reply-all. i am not even sure if you can set it up that way and if someone set up their out of office to reply all they should be fired from their job

[ reply to this | link to this | view in thread ]
Jiminy, Oct 5th, 2007 @ 9:34am

Re: OUt of Office
If you had read the story NipseyRussell, you would realise that the problem with the system was the an 'reply' was being forwarded to everyone on the global address list. The Out of Office needn't be configured to some 'reply all' status for everyone to get spammed by it. The out of office 'reply' (singular) could be duplicated and sent to everyone. That being said, out of office replies to not generate out of office replies. So the initial statement was just as stupid.

[ reply to this | link to this | view in thread ]
Mischa, Oct 5th, 2007 @ 10:34am

Re: Re: OUt of Office
But you have to admit, it was funny.

[ reply to this | link to this | view in thread ]
Clueby4, Oct 5th, 2007 @ 9:41pm

Two words - Lotus Notes
According to Ars Technica's article this was a Lotus Notes issue.

http://arstechnica.com/news.ars/post/20071005-dhs-flunks-e-mail-administration-101-causes- mini-ddos.html

Why in the hell are they using Lotus Notes, IBM doesn't even use that piece of garbage. Great security BTW, grab a user.id file and your in. I know some Lotus fanboy will probably flap that tired diatribe "Notes is Groupware" which sounds good but it doesn't excuse the EXTREMELY POOR DESIGN of the Notes platform.

The most damning design flaw in Notes is the Address book. "All your eggs in one basket", hardly conveys the ignorance. More like "All your eggs, chickens, livestock, cash, children, hopes, dreams and then kitchen sick in one basket"

Beside the idiots at DHS should have a static reply to.

[ reply to this | link to this | view in thread ]

Add Your Comment

Chalk One Up For The Armchair Economists >>

<< Yes, We Knew Tech IPOs Were Coming, But We...

Follow Techdirt

A word from our Sponsors...

Hot Topics

New To Techdirt?

Explore some core concepts:

read all »

Techdirt Reading List

Amazon.com Widgets

Techdirt Insider Chat

Rikuo: about the Xbox One reveal - there were quite a few people watching the reveal live on their Xbox 360's, with their Kinect 1.0's attached...and everytime the Microsoft exec demonstrated a feature by saying "Xbox, TV" or whatever

the viewer's Kinect 1.0 would pick up the voice command and respond accordingly...by pausing or stopping the stream and going to the TV mode. I find that hilarious

I also find the concept of Kinect 2.0 hilarious. So if you've got a bunch of people on the couch watching a movie...don't move a muscle. Stare blankly. Don't move your arms at all or say anything, or the Kinect 2.0 will think you're giving it a command.

If you move your arm back to point to the liquor cabinet to tell the wife to pour you a shot of whiskey, the Xbox One will think you're swiping

silverscarcat: *Spies something interesting in the Crystal Ball* Well, that's interesting. I'm not sure what to think. Honestly, I'm not a big fan of the guy, but considering what the gov't did, I support him in that endeavor, but this... Seems to go too far.

dennis deems: http://www.dailykos.com/story/2013/05/22/1210687/-Obama-s-leak-freakout Best political cartoon ever? Top 10, surely

Hey the green bars are back!

Jay: Hmmm... Gonna have to hack my PSP...

silverscarcat: I need a new battery for my PSP. :(

It keeps shutting off if it's unplugged for more than 2-3 minutes, even on a full charge.

Mike Masnick: green bars are back, and hopefully functioning better than before. :)

silverscarcat: Oh look, AJ's having a cow and the internet tough guy is trying to be a stereotypical high school bully. *Rolls eyes* Hey, Mike, I know it's not in your nature to ban someone, but, damn, something needs to be done about this sometimes I think.

Rikuo: unfortunately, nothing can be done. IP address block? Useless since either AJ is on a dynamic IP or he's on a static but using someone else's equipment. Username block? That would only add fuel to the "CENSORSHP" fire

silverscarcat: Well, I think I'm going to leave for the day. That troll that plays the internet tough guy really should get laid, I think. It might help him think straight.

Rikuo: holy fucking shit...I want to be this man

http://arstechnica.com/information-technology/2013/05/fios-customer-discovers-the-limits-of-unlimited-data-77-tb-in-month/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29

Warning - Home Server pornz on that link

BentFranklin: in that article, where it describes his rack, what does 1u, 2u, 4u etc mean?

Jeff: @Bent - 1U, 2U, 4U are units of measurement for server racks. http://en.wikipedia.org/wiki/Rack_unit

Dark Helmet: Hell, I"m just a silly tech services sales guy and I knew that...

Get the Insider Chat!

A word from our Sponsors...

Have a Techdirt Account? Sign in now. Want one? Register here
Name
Email	Get Techdirt’s Daily Email
URL
Subject
Comment	this is for spambots, do not use this
Options	Save me a cookie

Have a Techdirt Account? Sign in now. Want one? Register here
Name
Email	Get Techdirt’s Daily Email
URL
Subject
Comment	this is for spambots, do not use this
Options	Save me a cookie

Thursday
8:19pm:	District Attorney And Major TV Network Sued Over Stupid Reality Show (3)
5:00pm:	DailyDirt: Tuition Debt Is For Chumps? (15)
4:01pm:	Adam Savage On Why Copyright And Trademark Holders Need To Get Over Their Obsession With 'Control' (13)
3:01pm:	Partisanship Over Spying On Journalists Is Stupid: Spying On Journalists Is Bad, Period (19)
2:00pm:	Magic Hat Brewery Sues West Sixth Brewing, Claiming 6 Looks Too Much Like 9 (34)
1:01pm:	Filmmaker Behind The Pirate Bay Documentary Says Bogus DMCA Takedowns Take Away His Free Speech (73)
12:04pm:	Vermont Declares War On Patent Trolls; Passes New Law And Sues Notorious Patent Troll (7)
11:05am:	Prenda Lawyer Says Georgia Court Should Ignore Judge Wright's Order Because... Look! Hackers! (38)
10:01am:	Chicago School System On FOIA Requests: Stonewalling, Obfuscation, & Paper-Shredding (20)
8:57am:	VOD Service Acetrax Shutting Down, Forcing Customers Through DRM Hoops To Retain Their Purchased Movies (32)

Homeland Security Can't Even Configure Its Mailing List Software Correctly?

from the that-makes-me-comfortable dept

Reader Comments (rss)

Don't they know how to test things before implemen

I thought the Iranian Ministry of Defense employee

It's not just worrying...

Government Intelligence

They can't maintain a no-fly list either!

Out of office

Re: You never know

Re: OUt of Office

Re: Re: OUt of Office

Two words - Lotus Notes

Add Your Comment

Techdirt RSS

Techdirt's Daily Email Newsletter

I have an idea...

I have a business...

I’m looking for policy...

Hot Topics

New To Techdirt?

Thursday

More

Company

Contact

Tools & Services

More