[ExI] ExI] are we publishing?
spike at rainier66.com
spike at rainier66.com
Wed May 29 14:07:39 UTC 2019
From: Dave Sill <sparge at gmail.com>
Subject: Re: [ExI] ExI] are we publishing?
On Tue, May 28, 2019 at 3:28 PM <spike at rainier66.com <mailto:spike at rainier66.com> > wrote:
And yet… we still haven’t talked about an area in which plenty of people here have actual expertise: computer systems administration. SysAdmin hipsters please: what blame can reasonably fall on the guy who was in charge of that system that was penetrated with such astonishing consequences?
>…Who knows? Maybe the sysadmins complained about weak password policy/enforcement and were told not to do anything about it…
The system already had weak passwords, which is why some yahoo set his password to Password and somebody got in. However… that would only compromise that account. If several users had weak passwords, that would only compromise their own. But apparently somebody got in at the SysAdmin level. Weak password requirements wouldn’t apply there.
What happens when one is a SysAdmin and somehow the entire server is compromised?
>…It varies. They could be fired, either for not preventing the compromise or as a scapegoat. If the company is public and the damage is severe, the CIO/CTO/CISO could end up taking the hit. -Dave
Ja, that’s the weird part. An outsider, this Australian foreign national did this and that (why that scoundrel!) but seldom do we hear what I have long suspected: the outsider would have needed an insider in cahoots in order to get access to that server at the system level.
With the State Department stuff we know who the insider was: Corporal Manning, but Manning got off with a slap on the wrist, and is free now. We don’t know who the insider was on the other business, but there would have to have been one, if the system had been set up correctly. Of the political stuff Julian published on WikiLeaks, nothing in there was classified, not a word of it.
With all this focus on Julian, he did 1% of what Cpl Manning and the (unknown) DNC insider did, yet the focus is all on Julian. Julian was the one imprisoned for years in an embassy in London and was threatened with murder, while these others go free.
spike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20190529/5c6f3e74/attachment.htm>
More information about the extropy-chat
mailing list