Re: U.S. Attorney's office tells employees not to log onto Drudge Report

["Tomas L. Byrnes" <tomb () byrneit net>]

A better understanding of the fundamental problem is that the entire
.gov, and most of the .mil, posture is: "we are in compliance with
standards". The problem is, those standards were developed by a
committee to address threats defined when the committee was formed, and
are thus years out of date.



> -----Original Message-----
> From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
> On Behalf Of Valdis.Kletnieks () vt edu
> Sent: Friday, May 15, 2009 7:51 PM
> To: Larry Seltzer
> Cc: funsec () linuxbox org
> Subject: Re: [funsec] U.S. Attorney's office tells employees not to log
> onto Drudge Report
>
> On Fri, 15 May 2009 20:38:11 EDT, Larry Seltzer said:
>
> > But what really has me concerned here is that the Justice
Department's
> > malware management technique is to tell their users not to surf to a
> > specific web site. That can't be an effective answer. They can't deal
> > with this at the gateway somehow?
>
> You gotta remember that DoJ's computer security stance is probably best
> described as "at least it doesn't suck as hard as Dept of Interior".

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.