Security Through Begging
from the even-better-than-security-by-obscurity dept
Last summer, the surprising news came out that Japanese nuclear secrets leaked out, after a contractor was allowed to connect his personal virus-infested computer to the network at a nuclear power plant. The contractor had a file sharing app on his laptop as well, and suddenly nuclear secrets were available to plenty of kids just trying to download the latest hit single. It’s only taken about nine months for the government to come up with its suggestion on how to prevent future leaks of this nature: begging all Japanese citizens not to use file sharing systems — so that the next time this happens, there won’t be anyone on the network to download such documents. Beyond the fact that this is unlikely to have any effect (at all) on file sharing in Japan, it has nothing to do with the actual security breach. It wasn’t the use of a file sharing system that was to blame here, but the security setup that allows an outside contractor to hook up his personal computer to the power plant’s network without doing any kind of security check whatsoever to see if (a) his computer has malware or (b) his computer has file sharing software — while leaving top secret documents available for his computer to access. If this is how government officials react to such leaks (taking forever and completely missing the root cause of the problem, while suggesting a solution that is impossible to implement), it’s almost amazing that such leaks didn’t happen sooner.