(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for April 7th, 2009

A Shock To The System: House

leave a comment »

So, Kutner is dead by his own hand…. House is obsessing over a puzzle that cannot be solved… And everyone is dealing with the fallout of a completely unforseen suicide.

Man.. Do these guys know how to gut check a script huh?

Now, it remains to be seen if the writers and this show avoid jumping the shark here. I love the show, but, if they jump the shark, its over man.

Still, I appreciate what Kal Penn is doing. If you didn’t know, he is going to work in the White House… NO REALLY! He is! I wish him well…

Written by Krypt3ia

2009/04/07 at 23:37

Posted in Tv, What the???

The Obama Matrix

leave a comment »

A wide-ranging cybersecurity bill introduced in the U.S. Senate this week would give the president unprecedented new powers to disconnect government and private-sector networks from the Internet in the event of security emergencies. But that provision is expected to be a hard sell in Congress.

The proposed bill, formally known as the Cybersecurity Act of 2009, was filed on Wednesday by Sens. Jay Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine). The legislation includes a long list of provisions that would give federal officials significant new authority to set and enforce data security standards for federal agencies, government contractors and key parts of the private sector.

But the provision that is attracting the most attention is buried deep in the 51-page bill, in a section blandly titled “Cybersecurity Responsibility and Authority.” It would give the president broad authority to directly intervene in security matters in both the public and private sectors. For starters, the bill would give the president the power to declare security emergencies and then curtail or shut down Internet traffic to and from any compromised federal or critical infrastructure networks.

The measure would also enable the White House to order individual government or critical private-sector networks to be disconnected from the Internet for reasons of national security. In addition, the president could classify any corporate network as a piece of critical infrastructure.

The presidential-powers provision makes the proposed legislation “a sweeping federal takeover of cybersecurity” responsibilities, said Leslie Harris, president and CEO of the Center for Democracy and Technology, a Washington-based think tank and lobbying group. If the bill is signed into law as written, it would give the executive office “unfettered discretion” to exert control over private-sector networks on national security grounds, Harris claimed.

The rest HERE

Ok, everyone just get their PANTIES out of that bind between the glut’s and calm down. Look, I agree, this bill needs some serious wording changes that lock down this whole idea of the presidency having a “unitary” control over the internet and networks it deems to be “critical” however, I think that unless they do something like this, then we are in for a serious p0wning sometime soon because “we” have no regulation over the networks.

As an information security specialist, I have seen way too much incompetence, laziness, and a general disdain for security measures due to EPIC SLOTH over my years that frankly make me wonder why we haven’t already had our collective clocks cleaned… No.. wait… Oh we HAVE on a regular basis by every script kiddie out there! Never mind the APT (Advanced Persistent Threat) out there who really wants to see us fail in securing our nations infrastructure… And by infrastructure I also do mean “Corporate America” too.

So, all you crazy Alex Jones wanna be screaming mee mee’s can go on shining like crazy diamonds and cry censorship or global conspiracy! But, it will mean nothing in the end, this is something we need to have happen if we really mean to make a change for the better where security is concerned. Of course this then becomes limited by the sheer possible incompetence that the government often displays at managing anything. So, it is entirely possible that this effort will fail utterly.. Sad really.

Yes, the government can tend to fuck everything up and really not make things better, just look at HIPPA for instance. It’s been around all this time, but without any real tooth to enforcement, it has failed to really make our patient records any more secure. Or perhaps we should look at the whole problem of PCI data, which even though there is “legislation” on the books about protecting our PCI data, it seems to keep leaking out by laptop thefts and other mishaps with say WIFI, that make us less and less secure even though we are “protected” by law. Without enforcement with diligence as well as negative impacts for abuses, what good really do these laws put forth?

This of course is a good time to segue to my next topic that is germaine…

Report Says Interior Dept. Failed to Secure Network

Years after the Interior Department was warned that its computer network was dangerously exposed to hackers and was ordered by a federal judge to fix the problem, the vulnerabilities remained, to the point that the department probably could not tell if outsiders had gained access to its data, according to a newly disclosed internal report.

The report was written last spring by Interior’s then-inspector general, Earl A. Devaney, but it became public only Wednesday, when it was filed with a federal appeals court as part of a decade-old, multibillion-dollar lawsuit by Native Americans against the federal government.

“It is unfathomable anyone could give assurance the Department’s network is secure,” Devaney wrote, adding that the department had “persistently failed to meet minimum standards in information security.”

“According to the Department’s own analysis, nearly 70% of the network traffic leaving the Department through a single one of its Internet gateways during the month of January 2008 was bound for known hostile countries and the Department lacked the capability to even determine what the traffic was,” the report reads.

The report by Devaney appears to challenge statements Interior officials made last summer in federal court that the department’s computer network security had been sufficiently improved.

The rest is HERE

Here is an appropriate example of how poorly the government actually handles their security as well as perhaps the last 8 years of old boy shit that was the hallmark of W. I worked with Balaran back in the day and the system was poor. It was reported as such and Balaran as well as Lamberth had the right idea is denying the access to the DOI as well as BIA sites. Its been many years since my time poking the DOI in the eye, and STILL they are so fucked up and incompetent as well as LYING about it to the court and the world!

I truly believe that Balaran and Lamberth were removed from the case because they were doing the right thing and that was causing a pain in the ass to the SLOTHS running the show… But, that is just my opinion… Eh, who am I after all huh? Just another information security specialist who worked on that assessment.

I guess I just think that perhaps people aught to stop all the freaking out and start to be productive in talking about what we should do to secure our nations networks and infrastructure.