Richard M. Smith wrote: > Anybody looked into this alleged P2P problem? It should be easy enough to > do searches for documents files and see what pops up.
What "P2P problem"? This is a "users are, in general, morons" problem _combined with_ a "sysadmins are, in general, morons" problem. WTF should any "federal employee" be able to install and/or configure an appplication that trivially allows them to expose "sensitive or classified documents" with the rest of the planet? > http://news.com.com/Congress+P2P+networks+harm+national+security/2100-1029_3 > -6198585.html?tag=nefd.lede > > > > WASHINGTON--Politicians charged on Tuesday that peer-to-peer networks can > pose a "national security threat" because they enable federal employees to > share sensitive or classified documents accidentally from their computers. > > At <http://oversight.house.gov/story.asp?ID=1424> a hearing on the topic, > Government Reform Committee Chairman Henry Waxman (D-Calif.) said, without > offering details, that he is considering new laws aimed at addressing the > problem. He said he was troubled by the possibility that foreign > governments, terrorists or organized crime could gain access to documents > that reveal national secrets. Excellent idea! While he's at it though, if he's going to be at all thorough in this, he had better make sure these new laws outright ban the use of FTP, SMB, HTTP, SMTP, NNTP, ICMP and all other network protocols that are currently used to exfiltrate an awful lot more "sensitive or classified documents" from federal computers... I think before advancing these plans too far Henry Waxman should sit down and get a lesson about how the Int-duh-net works from, ooooh, say Sen. Ted Stevens [need I say more than "tubes"??]. This won't actually _help_ Waxman, but at least while he and Stevens are chatting, he'll only be wasting his own time and effort... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
