Re: Clinton's Office Says Her Passport Files Also Breached

[Rich Kulawiec <rsk () gsp org>]

On Fri, Mar 21, 2008 at 04:37:21PM +0000, Paul Ferguson wrote:
> For someone with GCIH and CISSP credentials, your cavalier
> attitude towards these sorts of access control failures is kind
> of troubling.

I strongly concur.  No one worthy of the designation "professional" can
fail to be highly alarmed by these developments, 16 years after this
became a widely-publicized problem.  The disclosure of the extensive,
private information of any American by the institutions of government, at
any level, is a serious problem requiring immediate, constant attention
until remedied -- as well as immediate, full reporting of the facts --
AND severe discplinary measures, including prosecution of those responsible.

Such violations are egregious enough when they involve any citizen:
but when they involve possible nominees for the presidency of the United
States, they are catastrophic.  There are many who would seek to use this
information to affect the political process, and unfortunately, there
are a few who might use it to harm the candidates *or their families*.

This matter requires a full, independent investigation.  I am pleased
to see that Secretary of State Rice has already personally apologized:
she darn well should, as she is personally responsible for this, since
it happened on her watch.  It remains to be seen whether there will be
appropriate follow-through -- meticulous, exhaustive, and penetrating
follow-through that answers the many serious questions which remain.
(Such as who? why? what? how? when?)

As an American citizen (who also has a passport file), I don't merely
request this.  I demand it.

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.