funsec mailing list archives
Re: Breach of Homeland Security Background Checks Raises Red Flags
From: Rich Kulawiec <rsk () gsp org>
Date: Wed, 27 Aug 2014 16:54:29 -0400
On Tue, Aug 26, 2014 at 11:30:39PM -0400, Jeffrey Walton quoted:
As Dakin sees it, the fact that the agency doesn't know that could be an indication that its networking monitoring -- especially as it relates to data exfiltration -- is lacking.
I see a more fundamental problem: why is this data on an Internet-connected network? Ever? Given that it takes on the order of months for the security clearance process to play out, I have to wonder why data isn't transferred on as-needed basis via encrypted media on sneakernet using couriers with suitable escorts in order to completely alleviate the need to expose it to the Internet. Surely a one or two day delay would be inconsequential in terms of the length of the overall process. ---rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Breach of Homeland Security Background Checks Raises Red Flags Jeffrey Walton (Aug 26)
- Re: Breach of Homeland Security Background Checks Raises Red Flags Rich Kulawiec (Aug 27)