Report: Too Much Cyber Security at CIA

Report: Too Much Cyber Security at CIA
Kevin Poulsen, SecurityFocus 2003-05-28

While other government agencies struggle with their cyber security practices, the Central Intelligence Agency apparently suffers from the opposite problem: too much security -- according to a recent study of the agency's use of information technology.

Colapse all | Post comment

Report: Too Much Cyber Security at CIA 2003-05-29
Anonymous (4 replies)

"Agency e-mail systems are clumsy, and the CIA's search engine is so "primitive" that analysts maintain informal networks of personal contacts within the agency just to track down the information they need to do their job."

Must be using Linux with Sendmail.

Linux = primitive and Sendmail = clu...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-05-30
Anonymous

Ok I'll feed the troll by replying :- ) and saying that if they want to be less secure, then Windows 2003 (NT, 2K, XP, etc) would without a doubt be the way to go.

...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-05-30
Anonymous

they run sendmail on solaris ;]

imho they don't take security seriously enough.. see:

http://www.trustmatta.com/downloads/Matta_Counterintelligence.pdf

...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-05-31
Anonymous

ha and you think that windows2003 is secure? you need to open your eyes

and for your information there is other mail servers out there other than sendmail ...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-06-02
Anonymous

Windows at the CIA? You're kidding right. Maybe they should run all their applications on IIS while they're at it....

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-05-29
Anonymous (1 replies)

I don't know about the rest of you... But I would think when it comes to the security of a "spy network" no breach can be afforded, no matter the monetary cost. I think this binary approach is a good thing. To have "risk levels" one would need an independent network infrastructure for each level.....

[ more ] [ reply ]

Never Too Much Cyber Security at CIA 2003-06-02
Anonymous2

I agree. National security is too important to intoroduce a complex multi-tiered system, with each associated with different levels of risk. Better an arcane binary system with controls, than a multitiered dynamic that can't be effectively managed.

One last point "Internet Access at the Desktop...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-05-29
fruid (1 replies)

ALL the intelligence agencies suffer from the same problems. It's not that they are too secure, they are too cheap to spend actual money on proven systems and security mechanisms. Until recently, the NSA considered filtering routers as "firewalls" and they were generally all that was used to pretect...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-05-30
LumpyGames (at) hotmail (dot) com [email concealed]

This appears to be BS and counter disinformation.JTL...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-06-02
Anonymous

This of course talking about an agency that does things like spend tens of millions every year designing applications with embedded client-sever encryption, multiple hardware-encrypted diverse network paths, two factor authentication at every border (network, host & application), etc., then uses con...

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-06-02
Anonymous

this metodology its ok i think, confidential information got to be isolated, risk management is a could be a risk itself i think....

[ more ] [ reply ]

Report: Too Much Cyber Security at CIA 2003-06-03
Anonymous

Over-zealous countermeasures do create a poor security environment; and Intel agencies suffer great problems in sharing data across systems with different classifications. Traditional approaches such as air-gap separation of systems are no-longer working as the need to share intel more freely incre...

[ more ] [ reply ]