Forwarded From: <anonymous as requested> > WASHINGTON (AP) -- [5.9.98] Agents from the National Security > Agency will try to break into NASA's computers to determine > whether the space agency can fend off cyber-intruders who > could threaten launch-control and other critical operations, > the trade publication Defense Week reports. This notice is very late in coming. Over 30 days ago, all routing information on NASA centers suddenly changed. What once routed through mci.net was changed to mae-east at Ames Research Center near San Jose (which is, of course, a military installation). I suspected something was up; maybe NSA involvement at that time, but kept it to myself solely to avoid appearing paranoid. > The "penetration study" of the National Aeronautics and Space > Administration's unclassified computer networks is an effort > to learn how easily troublemakers can get to sensitive data > and what NASA's doing about it. They didn't need the NSA to demonstrate that. Countless numbers among us have more than readily demonstrated it, and at no charge to the government. What NASA has done is effectively given the fox the keys to the henhouse. > Teams from the intelligence agency will soon try to penetrate > NASA networks in up to eight states, said the newsletter in > the edition to be published Monday. They've already started. They've been monitoring NASA since March. They announced it officially in April. And the press release comes out in May. Modus Operandi. > Last June, NSA "hackers" showed they could cripple Pacific > Command battle-management computers and U.S. electric > power grids. Ph34r. > The NASA "penetration study," which will be run under the > auspices of the General Accounting Office, stands out because > it involves a U.S. civilian agency, and such operations are > barred by the 1952 law that created NSA, the newsletter said. This isn't the first stupid thing the GAO has done. Bets around NASA are that each center will see about 12 firings per section at each center as a result of this "penetration study." In overview, this is more than a "penetration study"; it's a shakedown: a thinly cloaked "loyalty test." Everyone has been informed that they have no assurance of privacy and that all keystroke activity is monitored on their computers. That's right: NO PRIVACY and ALL ACTIVITY MONITORED. So if they find any hint that you dared to question the wisdom of Herr Goldin, you had better be prepared to be investigated by NASA Internal Security and the Office of the Inspector General. > John Pike of the Federation of American Scientists, a veteran > observer of both NASA and the intelligence community, told the > newsletter that the NASA test breaks new ground and bears > close watching. And how will we criticize, audit or rebuke an agency that gets away with intercepting and reading telegrams *from* Americans overseas *to* Americans at home? How will we rebuke an agency that intentionally backdoored the Clipper chip for their own benefit? How will we rebuke an agency thats very budget is CLASSIFIED? We can't. And, more importantly, they won't. Not one among them wants to piss off an agency that makes its living off collecting information that others prefer to keep secret? There are plenty of skeletons in the collective NASA closet when it comes to screwups. Most folks only know about the very public ones. (Challenger, Mars Observer and a few others come to mind.) > "This is the next big step in NSA's expanding role in domestic > information security," he said. "It's certainly the first > reported major initiative of this sort with respect to a > non-military agency. While a number of safeguards are in > place, there are concerns about the potential for abuse of > this type of activity." The NSA is not interested in "domestic information security." They are only interested in making certain that anything closely approximating "security" will be readily breakable by them. That's all they care about. Period. If they really cared about security, then why do they work so hard to get their hands in on meaningful crypto? Hm? > But Charles Redmond, the space agency's manager of > information-technology security, said the test was > "not an invasion of privacy." War is peace. Freedom is slavery. Ignorance is policy. NASA has already made it clear that no one can expect privacy. Thus they think they can make claims that it's "not an invasion of privacy" because they've already told us that WE HAVE NO PRIVACY. Convenient, is it not? > NASA preferred to have the intelligence agency do the tests > because it wanted to protect security and proprietary data > and to avoid any conflict of interest, Redmond said. Two words: bull shit. If they really wanted to protect security and proprietary data, they would *PAY* admins to just be admins instead of working so hard to outsource and underpay them! And NASA would also let the admins implement cryptography if they really wanted security!! NASA right now demands that no cryptography be used and that it not be institutionally supported when used! Anyone who does crypto at NASA does so without NASA's blessing. > The tests will determine how easy it is to access sensitive > sites and whether they can be accessed through the Internet. I can think of a dozen people who would gladly give a demonstration at no charge. Ya, I'm fscking disgusted. Aren't you? -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:53:02 PDT