openLangley

3 Responses to “Cyber alert”

1. 1 Melissa (Dorsey) McDowell November 26, 2008 at 3:18 pm

   There was a fascinating security assay done for a
   credit union that used a trojan exploit specially written to be invasive but harmless, it emailed the security contractor with the user’s information so they would know who had given in to temptation and put an unknown device into their computers.

   The USB drived proved to be the easiest ever way for these guys to compromise a network. These fellows are White Hats, they use their powers Only For Good, but still. The vulnerability is staggering.

   I understand the government’s concerns, but I doubt any policy will stop people using these devices.
2. 2 Robert Bryant December 5, 2008 at 10:35 am

   I read this and I just have to wonder why our draconian IT policies are counterproductive to human factors. Who is driving this train anyway? Surely there is someone out there with enough intelligence to work out issues that both increase security while allowing the users to use the system, not the system to abuse the users. How many passwords did you get today?
3. 3 Mike F December 5, 2008 at 10:44 am

   I’m still trying to get a new WebTADS password that will work. There is a lot out there about how requiring long passwords that people can’t remember, and then requiring them to change them constantly, and not being able to provide a universal or enduring password, actually increases the security risks that they are trying to prevent because folks write down passwords and stick them to their computers, and every time you interface to change a password it is a security risk. So it leads to folks going outside the firewall (like here), using gmail instead of NOMAD, etc. … in other words, workarounds.

Leave a Reply