funsec mailing list archives
[Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack]
From: Jon Kibler <Jon.Kibler () aset com>
Date: Thu, 20 Nov 2008 21:19:52 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fox News has just published the most lame article I have seen to date on "Pentagon Cyber Attacks": http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/ Here is some feedback I sent to them regarding the article. (Yeah, its a little over the top, but I had a point to make!). Also, about my "#1" item below... the site, at the time I am writing this, had a broken link on its "Add Comment" item on the article. When will the media EVER get it right? Jon K. - -------- Original Message -------- Subject: RE: Pentagon Hit by Unprecedented Cyber Attack Date: Thu, 20 Nov 2008 21:11:44 -0500 From: Jon Kibler <Jon.Kibler () aset com> Reply-To: Jon.Kibler () aset com Organization: Advanced Systems Engineering Technology, Inc. To: yourcomments () foxnews com, foxnewsonline () foxnews com, politics () foxnews com Two Comments: 1) Your article shows "0 Comments" because you cannot add comments to the article. If you click on "Add Comment" you are taken to the page "http://www.foxnews.com/politics/index.html". I guess that you don't really want comments. 2) About the article: No organization that has ANY interest in security should allow ANY type of removable media on ANY system. No hard drives, no CD/DVD players or burners, no thumb drives, no MP3 players, etc. To allow removable media and/or devices introduces two serious risks: a) data exfiltration, and b) malware infections. The DoD has never allowed removable media on any classified network, and I was under the impression that the same policy applied to unclassified networks as well. Please check your sources. Either the DoD has relaxed common security policies or your sources are flat out wrong in their allegations regarding infection source. If the DoD policy about using removable media on unclassified networks has changed, you REALLY need to find out whose really really really stupid idea it was to implement such a policy! Has 'convenience' replaced 'security' in our defense department? Bottom line: The article is both lame and pure hype in my professional opinion. There is absolutely ZERO that is extraordinary about banning removable media. It is simply good security policy and practice. ANY organization that allows removable media is, by definition, insecure. If Fox thinks such actions are "extraordinary", then you are telling the entire world "Hey y'all Fox News is insecure. Please come hack us!". - From your story, it is clear that if I wanted to take over the entire Fox News data network, I could leave a few DVDs and thumb drives laying around some of your offices, your employees would pick them up and plug them in (if for no other reason, just to see what is on them), infecting your computers and giving me 100% complete control of your network. Whoever wrote this article, clearly has zero knowledge of I.T. Security and clearly has no idea that they are openly inviting attacks against Fox News. "Hack Me, PLEASE!" I always knew you guys were lame, and that you really did not have even a half a clue about real national security issues... and now you have gone and proven it. Congratulations! Sincerely, Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkmGsgACgkQUVxQRc85QlNM3ACfW1uUsgrhICcbGbqzE4c8h4yp wHQAnRmc+bKatj1K4gjm3iVxdwkVrp4/ =2UXP -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] Jon Kibler (Nov 20)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] Rich Kulawiec (Nov 20)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] John Bambenek (Nov 20)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] freed0 (Nov 20)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] Valdis . Kletnieks (Nov 20)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] Jon Kibler (Nov 21)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] Valdis . Kletnieks (Nov 21)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] Jon Kibler (Nov 21)
- Re: [Fwd: RE: Pentagon Hit by Unprecedented Cyber Attack] Rich Kulawiec (Nov 20)