[vox] what do they pay their staff for?!?

vox@lists.lugod.org vox@lists.lugod.org
Tue, 18 Mar 2003 15:41:46 -0800 

On Tue, Mar 18, 2003 at 03:30:21PM -0800, Samuel Merritt wrote:
>=20
> Any real classified computing facility has people who continuously look
> for connections of any sort between the classified net and the world.
> Got a phone line? No modems allowed on any of your machines. Your hard
> drive might get stored in a safe whenever you're not using it.=20

I'm going to interject; I'm assuming you've never been in the military,
either.  The guys that are responsible for chasing this kind of stuff
down aren't exactly the "best and the brightest" that the world has to
offer, and they tend to miss some pretty damn obvious things that a
hacker isn't likely to.

Second, people are not infallible, especially when dealing with
exceedingly complex systems.  Any network consisting of hundreds of
nodes, each with differing levels of interaction, is going to have more
than one soft point where it can be penetrated.  The question of a
network being broken into is always one of when, never if -- the only
difference between a secure network and an insecure one is that the
sysadmins find the hole before the intruders do.

> If there's any sort of connection at all from a public-facing web server
> to a classified system, then many people are grossly incompetent.=20

This is the military we're talking about, here.

> If it were anything but a military or classified network, I'd be right
> there with you, wondering what damaging stuff they could get out.=20
>=20
> I've worked with people who work on similar networks, though, and
> they're ridiculously paranoid about this stuff. Personally, I'm quite
> confident that the classified networks remain secure at all times.=20

Having known friends with very high security clearances, I could argue
that point quite well.  I *am* one of those ultra-paranoid sysadmins,
mind you, and I know damn well that there is no such thing as a "secure"
network.

*grin*

Just my three yen.

--=20
Don Werve <donw@examen.com> (Unix System Administrator)

Yorn desh born, der ritt de gitt der gue,
Orn desh, dee born desh, de umn bork! bork! bork!