What is Digg?54 Comments
- skipdog172, on 07/21/2008, -0/+30Must have some ***** IT/training. I would never let any sort of important or sensitive file reside in any location besides our server which gets backed up daily...
How they could possibly let folks store "sensitive" data on the LOCAL drives is astounding. - rpi22, on 07/22/2008, -0/+15and why the ***** don´t they use encryption?!
- manstein01, on 07/22/2008, -0/+9I agree, but keep in mind in too many organizations that the IT department does not set the IT security policy. Where I am currently working I have to propose everything to management, who approves or disapproves certain policies. Americans are more hard wired to efficiency than security.
- MTessa, on 07/21/2008, -0/+9Why are they taking it with them in the first place? Shouldn't it be on the servers and if they use it for modeling or whatever it be encrypted?
- jeremyduffy, on 07/22/2008, -0/+7Cost and training. Nothing in government is done quickly or efficiently. Remember there are some people who've managed to run to government jobs to hide from the "real world" and they still haven't figured out the whole "Intar-web thang".
- jeremyduffy, on 07/22/2008, -4/+11Perhaps this is a clue...
"During wartime, one of America's most solemn duties..." - greenroom628, on 07/21/2008, -1/+8aren't there laptop lowjacks that the gov't can use?
- LiquidShield, on 07/22/2008, -0/+4Amen man.
People would rather have no security at all and risk losing millions of dollar worth of information, because of the convince of the data being readily available then to spend thousands of dollars to protect that data. The average use isn't the type to sit in a training session for 20-30 mins and listen to a security professional tell them about complex passwords, data encryption, because to them if they cant just click on it and open it. Its nothing more then a waste of time. Sometimes management doesn't allow for good thorough end user training... - sputza, on 07/22/2008, -0/+4This is why VPN with RSA SecurID is a must for Gov and major corporations so the user does not need to store files locally.
- geekchic, on 07/21/2008, -8/+11Can people please clarify which government they are talking about when posting on Digg - there are quite a few of them around after all.
Thanks - sliksta, on 07/22/2008, -0/+3Are you sure about that? I don't know of any restrictions on the use of cryptography, besides exporting or aiding in a crime. At least never heard about restrictions on key bit length.
- AlanJV, on 07/22/2008, -0/+3This doesn't surprise me. When it comes to anything important the government finds a way to screw up. And they actually want us to trust them with all of our personal information...
- swordedge, on 07/22/2008, -0/+2And yet, there are some VERY VERY good and easy solutions to securing the data. You can buy hard drives that once setup, require a password be entered just to boot. Without this password, the drive is useless garbage. While that encrypts the information on the drive, it is also possible to use something like truecrypt to do a software encryption. This stuff is EASY to do. So... Why don't they????
- honesttussey, on 07/22/2008, -0/+2I assume most of these latptops are running Win XP. Doesn't XP have sort of encryption feature akin to Mac OS X's file vault?
It basically encrypts everything in your home folder unless provided with the password. Would it really be that hard for the government to use it? - DisturbedOne, on 07/22/2008, -0/+2That kind of thing happened to me a few years ago as well. They gave an INTERN out of all people a CD with sensitive info on it and it got stolen out of his car. The guy didn't even lock his damn car, the person who stole it, just walked up, opened the door and took it. We had to register on some Identity protection site. They really need to do something about these kinds of cases and protect that kind of info one hell of alot better.
- Eezyville, on 07/22/2008, -0/+2That would definitely backfire on the American citizens if weapons information goes to our enemies and they decide to make it first and strike first.
- jxs2151, on 07/22/2008, -1/+3Why pretend you actually care for veterans? Buried for intellectually dishonesty.
- ripejuice, on 12/15/2008, -0/+1every senstive data must be encryted and should be transferred only via secure modes
http://letmehide.com - Coffeedemon, on 07/22/2008, -1/+2Then there are people like me with a Masters and two relevant Bachelors degrees actually doing the work behind the scenes. Sure I'm in Canada but its the same story. General ***** gets bad government service and proceeds to tar every government employee as an overpaid/underworked peon with less education, less "real world" smarts and more attitude than themselves. Those people you describe rarely get issued laptops for performing their tasks (which is the issue at hand here). If you're so clever why not escalate the issue with a supervisor? Afterall you obviously have it all figured out.
- TheMachine1, on 07/24/2008, -0/+1Galawyn if any agency in the government could use military grade encryption it would mean the FBI/CIA/NSA could not spy on them.
- rearlgrant, on 07/22/2008, -0/+1You're doin' a heckuva job there Peake.
- ErikHK, on 07/22/2008, -1/+2oh, so it's Canada? Or Panama? Or Bolivia? Or Brazil? Hmm...
- schroeder, on 07/22/2008, -0/+1There are many strong open source encryption algorithms such as AES, Rijndael, Twofish, Serpent. There is very secure cryptography available for use by anyone if you know what you're looking for.
- rjc1187, on 07/23/2008, -0/+1I pity the fool who don't encrypt sensitive information on a government issued laptop.
- Eezyville, on 07/22/2008, -0/+1I take it you've never worked for the government. No one knows what exactly is going on, no one. IT guys don't set security procedures the security guys do. And its not like comunication is always constant.
- Wargalas, on 07/22/2008, -0/+1Which is one thing I wonder: Why doesn't governments use Truecrypt?
I used to use tape backups, but found out the hard way that they weren't reliable, so I moved to plain jane external hard drive backups. I encrypt them with Truecrypt, and I take them home with me. I also TAKE THEM INSIDE.
However, if for some reason, I leave them in the car, the most the thief will have is a $150 external hard drive.
It's not difficult people. You just have to have intelligent policies and be willing to change them if the need arises. - inactive, on 04/03/2009, -0/+1If government workers were forced to replace the laptops out of their own pockets, I bet they'd be a little more careful with them.
- TheMachine1, on 07/22/2008, -1/+2Strong encryption is likely illegal for most government agencies. How else could the NSA and the FBI spy on them?
- cgeier, on 07/29/2008, -0/+1never ceases to amaze me that people can let this happen. There are so many ways to protect and prevent
- chedabob, on 07/22/2008, -0/+11 word: TrueCrypt.
- dougle, on 07/22/2008, -0/+1This is so clumsy of the government i'm a little bit suspicious, it's a little bit too stupid i don't believe it happened by accident.
I'm watching you Mr Brown. - ThetaDot, on 07/22/2008, -0/+1I actually got a letter 2 weeks ago from the government saying they lost a laptop with my social security number in it. (was only military members, not civilians) I'm not too worried about it but it is annoying.
- waluum, on 07/22/2008, -0/+1This laptop will self destruct in 5, 4, 3...
- Stemp, on 07/22/2008, -0/+1@hamdevguru : last time I checked England was in Europe, not in America !
- XxtraLarGe, on 07/22/2008, -1/+2You know, if the government was a lot smaller, they wouldn't need to keep so much "sensitive" data...
- arjie, on 07/22/2008, -0/+1Precisely what I thought! I didn't know LoJack had become generic though.
As a matter of fact, companies like Dell offer you a Computrace Lojack subscription right there on their website, you can mass order right from there with the damn Lojack subscription. And it's what? $100 for an individual, I'm sure the government would get it at less.
And even otherwise, it's the damn government, if it's really important they can just get some actual RF Lojack installation done. - DestroyFascism, on 07/22/2008, -1/+1Sounds like J MacCant...
- TheMachine1, on 07/22/2008, -2/+2Two kinds of encryption are available in the US: legal and weak,
highly restricted availability and strong. - Eezyville, on 07/22/2008, -1/+1@ Wargalas
The government really doesn't approve of any open source software because of the fact thats its open source. That means that anyone can access and alter the source code. This can lead to security leaks since the source code is not controlled, the government has no one to blame if certain information gets leaked by some rouge programmer. They really don't wanna waste time and money developing or altering the code either because then they have to maintain it. That is why we use Microsoft products. Its maintained by M$, only M$ has the source code, and if any leaks happen then M$ has to fix it or be blamed for the damages. We still use linux but thats because we absolutely need it for certain applications. We go through Red Hat because they will maintain it and provide security updates. And We won't use Apple's stuff because yes it my have less holes than Windows but at least we know what those holes are in Windows, we have no clue how to deal with it in OSX.
Hope this helps. - Stemp, on 07/22/2008, -1/+1@ErikHK : it's in english so it must be Canada, USA, Belize or Guyana.
- inactive, on 07/22/2008, -2/+2They should make them gaming laptops, I wouldn't lose those (just ordered a Q9450 with SLIed 9800GTs.. in a laptop, I'm definitely not losing that).
- inactive, on 07/22/2008, -1/+1i believe our govt is already playing crysis
- alexsteed, on 07/22/2008, -0/+0"Portable computers have raised the risk. About one in five of the cases registered by the Identity Theft Resource Center so far this year involves a stolen or lost laptop." -This is terrifying. My laptop was lost or stolen on the Metro North a few months back and I keep wondering when I am going to suffer at the hands of that loss.
- Galawyn, on 07/23/2008, -0/+0file vault, like windows vista bitencription, could be cracked (some scientist done it this week)
they could use strong-key (much more than we legally could) asymmetric cryptography. with the minimal passkey caching possible (without losing performance). with bluetooth-like (or rfid) activation system... so if the agent stay more than 1 meter from notebook all of the caching passkeys or open file will be close.
maybe, connected on some health analyzer... if agent die or sick, all open file must be close and re encrypted. (stress level too, for avoid torture or so on. the activation system must be in some protected position... below skin or other)
they could bring in "local" only the needed file, only for the needed time, else only on servers with some high security policy. obviously if the vpn-like connection don't create risk to the agent (localisation) - Galawyn, on 07/23/2008, -0/+0and so? do you think that top secret file, can't be crypted with "for-us-illegal" (for us, but not for them) crypto-algorithm?
- hamdevguru, on 07/22/2008, -1/+1@Stemp: Sure, because ENGLAND doesn't speak English.
- neamerjell, on 07/23/2008, -0/+0My big question is this, WTF is super sensitive info doing stored on a laptop anyway!!!!????? Would it not make more sense to store the really sensitive stuff on a main server with 6.02*10^23 bit encryption at the login?
- wexmajor, on 07/22/2008, -2/+1To be honest I hope that the government loses every laptop with "sensitive info". I don't want these ***** keeping any more secrets from us than they already have gotten away with.
-
Show 51 - 55 of 55 discussions
Check out the new & improved 
© Digg Inc. 2009
— Content created and posted by Digg users is