Security Through Begging

from the even-better-than-security-by-obscurity dept

Last summer, the surprising news came out that Japanese nuclear secrets leaked out, after a contractor was allowed to connect his personal virus-infested computer to the network at a nuclear power plant. The contractor had a file sharing app on his laptop as well, and suddenly nuclear secrets were available to plenty of kids just trying to download the latest hit single. It’s only taken about nine months for the government to come up with its suggestion on how to prevent future leaks of this nature: begging all Japanese citizens not to use file sharing systems — so that the next time this happens, there won’t be anyone on the network to download such documents. Beyond the fact that this is unlikely to have any effect (at all) on file sharing in Japan, it has nothing to do with the actual security breach. It wasn’t the use of a file sharing system that was to blame here, but the security setup that allows an outside contractor to hook up his personal computer to the power plant’s network without doing any kind of security check whatsoever to see if (a) his computer has malware or (b) his computer has file sharing software — while leaving top secret documents available for his computer to access. If this is how government officials react to such leaks (taking forever and completely missing the root cause of the problem, while suggesting a solution that is impossible to implement), it’s almost amazing that such leaks didn’t happen sooner.


Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Security Through Begging”

Subscribe: RSS Leave a comment
18 Comments
Kyle Youngblood says:

Were is the IT's at

Just like any Network your have to have someone running it. What is this guy/gal doing to keep these computers from getting on the Network. Does not seem like much other then tell them not to do it, you can see how long that lasted. If your going to implement the idea to not use file sharing, that is going to hard. I see that if they let any computer hook up to the network then they could easy have there system hacked long before this happend. If they are not going to take the time to keep the network system safe then why are they complaning about the leaks. Seem like they need to go there job and not complain about there lack of quaified IT’s

Anonymous Grammer N@zi says:

Re: Were is the IT's at

Just like any Network your have to have someone running it. What is this guy/gal doing to keep these computers from getting on the Network. Does not seem like much other then tell them not to do it, you can see how long that lasted. If your going to implement the idea to not use file sharing, that is going to hard. I see that if they let any computer hook up to the network then they could easy have there system hacked long before this happend. If they are not going to take the time to keep the network system safe then why are they complaning about the leaks. Seem like they need to go there job and not complain about there lack of quaified IT’s

Pleaze sine op four mor C0re 3nglish callouses next simester!

You R an Idiot says:

Re: This is bound to work.

“We spent 20 years asking him to behave, and he did.” Saddam did no such thing. He spent from the day Gulf War I ended, until the day the US invaded in GW II thumbing his nose at the free world violating every sanction that the UN Security Council wrote (BTW, the UN was making billions, while he was at it).

knucklehead says:

Re: Re: Re: This is bound to work.

Nohe wrote: “..failed to detect someone else’s irony.”

Not to get too off topic, but nobody really seems to care what the orginal topic was. Was that irony or sarcasm?

If you’re going to rip on someone, at least rip on them for the right reason. Hey, I guess this is related to the orginal topic after all! A good example of finding the wrong root cause. Boy am I good….

nismoto says:

Re: Re: Re:2 This is bound to work.

“If you’re going to rip on someone, at least rip on them for the right reason.”

I think he/she did. Where did you get your education?

i·ro·ny (ī’rə-nē, ī’ər-) n., pl. -nies.

  1. The use of words to express something different from and often opposite to their literal meaning.
  2. An expression or utterance marked by a deliberate contrast between apparent and intended meaning.
  3. A literary style employing such contrasts for humorous or rhetorical effect.
  4. Sarcasm, by definition, is a form of irony.

Anonymous Coward says:

Re: This is bound to work.

Agreed!

For Internet security, this already exists for traffic which complies with RFC 3514.

Firewalls [CBR03], packet filters, intrusion detection systems, and the like often have difficulty distinguishing between packets that have malicious intent and those that are merely unusual. The problem is that making such determinations is hard. To solve this problem, we define a security flag, known as the “evil” bit, in the IPv4 [RFC791] header. Benign packets have this bit set to 0; those that are used for an attack will have the bit set to 1.

Jason says:

Re: This is bound to work.

You have got to be kidding me! Granted, Saddam did not have weapons of mass destruction, however… to say he behaved shows a complete lack of understanding on your behalf. It was obviously NOT your mom, sisters, girlfriend or wife that was being habitually raped by his men. It was obviously NOT your family that lies in the mass graves that keep turning up. Woe be to America if you teach your children that this kind of thing is acceptable behavior.

Andrew Schmitt (user link) says:

Huawei Isn't Stupid

This is one of many reasons why when you visit Huawei in China (and increasingly, other companies), you are told that no electronic devices can be brought inside, with the exception of customer meeting areas. If you are a tech, and must enter a lab for debug, your laptop ports are literally taped shut with security tape that indicates removal and re-attachment. This is of course, only after you have obtained the 5 signatures required to get your laptop through the door.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »