Government computers hacked!

Page 1 of 2 [ 17 posts ] Go to page 1, 2 Next

Joined: 8 Aug 2007
Age: 35
Gender: Male
Posts: 12,518
Location: Room 101

22 Apr 2009, 2:08 am

http://news.bbc.co.uk/2/hi/technology/8010729.stm
Government computers have become part of botnets.

The government really should not ever be running Windows, especially not in critical areas where there is potentially sensitive information. The emphasis in government applications should always be almost exclusively on security and stability over everything else. Thus, RHEL or OpenBSD should be preferred platforms. Everything should definitely be encrypted, and the computers with critical information should probably not have an internet connection- just intranet for government computers.

_________________
WAR IS PEACE
FREEDOM IS SLAVERY
IGNORANCE IS STRENGTH

Keith
Veteran
Veteran

Joined: 12 Aug 2008
Age: 41
Gender: Male
Posts: 2,321
Location: East Sussex, UK

22 Apr 2009, 4:20 am

Windows - Live without walls... Uh, yes. Those walls keep people OUT - :lol: I pissed myself laughing when I heard that ...

Dussel
Veteran
Veteran

Joined: 19 Jan 2009
Age: 61
Gender: Male
Posts: 1,788
Location: London (UK)

22 Apr 2009, 8:33 am

Here the original report:

http://www.finjan.com/Pressrelease.aspx ... 2139&lan=3

kxmode
Supporting Member

Joined: 14 Oct 2007
Gender: Male
Posts: 2,613
Location: In your neighborhood, knocking on your door. :)

22 Apr 2009, 9:45 pm

Epic fail government. Thank you for showing me that my money is used wisely.

_________________
A Proud Witness of Jehovah God (JW.org)
Revelation 21:4 "And [God] will wipe out every tear from their eyes,
and death will be no more, neither will mourning nor outcry nor pain be anymore.
The former things have passed away."

androo4salez
Snowy Owl

Joined: 14 Apr 2009
Age: 34
Gender: Male
Posts: 126
Location: Utah (USA)

23 Apr 2009, 1:30 am

You mean to say my network is more secure than the government's?

Oh my....

_________________
Androo is an NT, treat him as you would any other human. Kthx.

"All things new are fought against, even thought their time has come. Stretch and reach to conscious mind. Seek defeat in those who fear."
- Henrik Ohlsson

Ichinin
Veteran
Veteran

Joined: 3 Apr 2009
Gender: Male
Posts: 3,653
Location: A cold place with lots of blondes.

23 Apr 2009, 9:54 am

Running a special type of Operating system is not a garantee to remain uncompromised. And encryption does not solve anything if someone get some valid credentials to access the system.

The best thing they could do is to start firing stupid people who do not care about following security protocols/policies.

_________________
"It is far better to grasp the Universe as it really is than to persist in delusion, however satisfying and reassuring" (Carl Sagan)

Dussel
Veteran
Veteran

Joined: 19 Jan 2009
Age: 61
Gender: Male
Posts: 1,788
Location: London (UK)

23 Apr 2009, 10:24 am

Ichinin wrote:

Running a special type of Operating system is not a garantee to remain uncompromised. And encryption does not solve anything if someone get some valid credentials to access the system..

Yes, but running windows opens automatically so many doors which needs to get closed. There are security issues with Linux. UNIX and others, but to a much lesser extent.

Aspie_Chav
Veteran
Veteran

Joined: 6 Feb 2006
Age: 52
Gender: Male
Posts: 2,931
Location: Croydon

23 Apr 2009, 11:42 am

Free BSD is good

Ichinin
Veteran
Veteran

Joined: 3 Apr 2009
Gender: Male
Posts: 3,653
Location: A cold place with lots of blondes.

23 Apr 2009, 11:47 am

Dussel wrote:

Yes, but running windows opens automatically so many doors which needs to get closed. There are security issues with Linux. UNIX and others, but to a much lesser extent.

The biggest problem with Windows clients is that most "standalone-users" (Home and small business) run the system as admin, even some Unix/Linux users do that too and may end up getting compromised. And more recent Windows systems have been "more secure" right out of the box. MS has finally gotten the point after years of "15 seconds after plugging in the network cable and you're infected" articles.

And while it is true that there is more mallicious code available "out there" for the windows platform, it does not make other systems less likely to get compromised. All it takes is one vulnerability and its over.

A properly configured network and properly isolated systems with locked down privileged can withstand a compromise very well. Unfortunately, people tend to not bother with hardening their systems and buy anti-virus software and expect it to do magic tricks with bunnies and everything.

Then - there is the user side of it. While most new Linux/Unix operating systems have a decent GUI, most users are trained in the Windows world. These (l)users have a hard time working if you just move an icon to the left 5 pixels which make them scream and pull their hair and have to attend a course in MS Word version x.y just because of this tiny little change.

How are these people expected to be able to work in a Linux/Unix GUI?

End users are one of the big reasons why it is not just a case of "just changing the OS".

_________________
"It is far better to grasp the Universe as it really is than to persist in delusion, however satisfying and reassuring" (Carl Sagan)

Orwell
Veteran
Veteran

Joined: 8 Aug 2007
Age: 35
Gender: Male
Posts: 12,518
Location: Room 101

23 Apr 2009, 11:52 am

Ichinin wrote:

Running a special type of Operating system is not a garantee to remain uncompromised. And encryption does not solve anything if someone get some valid credentials to access the system.

No, there are no guarantees. The point is that some are better than others at keeping decent security practices. There have been a grand total of two (2) known remote exploits in the OpenBSD default installation over its entire history, though, neither of which are currently outstanding, so it is certainly better than Windows. Is UNIX or GNU/Linux or Mac OS X automatically immune to all security vulnerabilities? No, of course not! But you'd be delusional to claim that there is no difference in security between Windows and BSD. And several GNU/Linux distros, such as Fedora and RHEL, focus on strengthening security. Windows is insecure for two main reasons: (1) Crappy engineering and poorly implemented security, and (2) It's a giant target because of being the most popular operating system. OS X has not really implemented much at all in the way of security, but it still is not a big target. A GNU/Linux distro with SELinux and GPG is going to be significantly more secure than Windows.

Quote:

The best thing they could do is to start firing stupid people who do not care about following security protocols/policies.

Agreed.

_________________
WAR IS PEACE
FREEDOM IS SLAVERY
IGNORANCE IS STRENGTH

Dussel
Veteran
Veteran

Joined: 19 Jan 2009
Age: 61
Gender: Male
Posts: 1,788
Location: London (UK)

23 Apr 2009, 12:09 pm

Ichinin wrote:

Dussel wrote:

Yes, but running windows opens automatically so many doors which needs to get closed. There are security issues with Linux. UNIX and others, but to a much lesser extent.

The biggest problem with Windows clients is that most "standalone-users" (Home and small business) run the system as admin, even some Unix/Linux users do that too and may end up getting compromised.

One Problem of long List of Problems: An other one is the uniformity. The most windows-boxes have a similar set-up and the most users run Outlook and IE, The writers of male-ware do not have to take care about different variations.

Ichinin wrote:

And while it is true that there is more mallicious code available "out there" for the windows platform, it does not make other systems less likely to get compromised. All it takes is one vulnerability and its over.

The vulnerability are within server-prg. running on Linux/Unix-Boxes and with browsers. The first is less a problem for home-users (I don't see the point of running a ftp-server at home ... I have, but I am special). With browsers there is a problem, less with the browsers on it self, but more with pulgins.

Ichinin
Veteran
Veteran

Joined: 3 Apr 2009
Gender: Male
Posts: 3,653
Location: A cold place with lots of blondes.

23 Apr 2009, 3:00 pm

Orwell wrote:

There have been a grand total of two (2) known remote exploits in the OpenBSD default installation over its entire history, though, neither of which are currently outstanding, so it is certainly better than Windows.

In that perspective, yes. But any system will fall down if the authentication process is compromised, i.e. someone thinks it is a good idea to post their login/password combo on a forum.

The OS-flavour is just one link in the chain, and that is why i downplay it and do not see the OS as a major problem - it is just one problem in an ocean of problems.

Orwell wrote:

Windows is insecure for two main reasons: (1) Crappy engineering and poorly implemented security,

Well, windows have lots of security problems because they have 472136236236 programmers from "so and so" many corporations. They do not have a community that scrutinize eachothers code.

(And i do not think that closed vs open source have any real significance to security either, it all comes down to how passionate the "open sourcers" are vs how well paid the "closed sourcers" are).

I remember reading about a cryptographic bug they had early this decade and later on - voila' - they got the same problem later on in another part of windows. If they have had the same coders/coding practices that would never have happened.

And Dussel, ofcourse there is a need to run serversoftware at home, i could not survive without Web and SMTP services.

_________________
"It is far better to grasp the Universe as it really is than to persist in delusion, however satisfying and reassuring" (Carl Sagan)

Orwell
Veteran
Veteran

Joined: 8 Aug 2007
Age: 35
Gender: Male
Posts: 12,518
Location: Room 101

23 Apr 2009, 6:32 pm

Ichinin wrote:

Orwell wrote:

If people don't secure their passwords, there's nothing that can be done to keep their computers secure. But all else equal, GNU/Linux and BSD are more secure than Windows.

_________________
WAR IS PEACE
FREEDOM IS SLAVERY
IGNORANCE IS STRENGTH

Dussel
Veteran
Veteran

Joined: 19 Jan 2009
Age: 61
Gender: Male
Posts: 1,788
Location: London (UK)

23 Apr 2009, 10:42 pm

Ichinin wrote:

And Dussel, ofcourse there is a need to run serversoftware at home, i could not survive without Web and SMTP services.

If you you are not testing webpages at home with php or other scripts you really have no reason to run a webserver (e.g. apache) at home; you also have hardly a reason to run a mail-server, except you have an internal mailing-system.

Fuzzy
Veteran
Veteran

Joined: 30 Mar 2006
Age: 52
Gender: Male
Posts: 5,223
Location: Alberta Canada

23 Apr 2009, 11:31 pm

Orwell wrote:

Ichinin wrote:

Orwell wrote:

If people don't secure their passwords, there's nothing that can be done to keep their computers secure. But all else equal, GNU/Linux and BSD are more secure than Windows.

There is also the issue of physical access to a computer. That renders any passwords moot. I suspect that there are many government machines with less than ideal protection against public access. Someone could get a minute alone in an office and slip a keylogger/transmitter between the keyboard and computer. A security authorized tech would come, log in and the criminal is in there like swimwear.

_________________
davidred wrote...
I installed Ubuntu once and it completely destroyed my paying relationship with Microsoft.

Ichinin
Veteran
Veteran

Joined: 3 Apr 2009
Gender: Male
Posts: 3,653
Location: A cold place with lots of blondes.

24 Apr 2009, 6:02 am

Dussel wrote:

Ichinin wrote:

And Dussel, ofcourse there is a need to run serversoftware at home, i could not survive without Web and SMTP services.

Well, i do have these reasons since i have beenworking professionally since 1994 with development in different languages, and with personal coding since 1983. And i have the necessity to registry on dubious sites with no privacy policy that can end up with a spam-flood to my ordinary mail account. But now we are OT.

_________________
"It is far better to grasp the Universe as it really is than to persist in delusion, however satisfying and reassuring" (Carl Sagan)

Page 1 of 2 [ 17 posts ] Go to page 1, 2 Next

Jump to:

Government computers hacked! Post Reply New Topic

Government computers hacked!