Comments on: OPM ignored warnings last year its computers were insecure

By: Edward

Edward — Fri, 19 Jun 2015 02:58:26 +0000

Also from the Congressional hearing:
https://www.youtube.com/watch?v=A9Y6IefNq2Q (4 minutes)
“I wish that you were as strenuous and hard working at keeping information out of the hands of hackers as you are at keeping information out of the hands of Congress.”

Who was it that said the government wasn’t the solution but was the problem? That’s right: Ronald Reagan. Still right, after all these years.

By: pzatchok

pzatchok — Thu, 18 Jun 2015 07:26:36 +0000

Just remember.

The vast majority of government workers are people who could not get jobs in the private sector.
They are mindless drones interested in only putting in their 8 hours and getting home as fast as possible.
They have little to no security on their own personal computers and blame other people when their crap goes tits up.
Do you really think they are going to care more for the computers or systems they have at work?
Hell no.
They think computer security is turning off the monitor at night and locking the doors. Sorry, locking the doors is the custodial staffs business, not theirs.

The weakest link to any security system is the human element. And in a computer environment the first, fastest, and best security for a office network is the IT guy. Next time you go into any office look at the IT guy, does he really look like he is up to a top security task? Or does he look like some young collage geek who it doing the IT work just for a little cash until classes start again? Does he really look like he belongs on a serious security team? Mine has trouble installing a printer the right way. If windows doesn’t do it automatically it can not be done.

By: Brian H

Brian H — Thu, 18 Jun 2015 04:12:38 +0000

Oh this was left un-secured for a reason… so that data could be taken…

By: schwit

schwit — Wed, 17 Jun 2015 23:40:08 +0000

http://arstechnica.com/security/2015/06/encryption-would-not-have-helped-at-opm-says-dhs-official/

Some of the contractors that have helped OPM with managing internal data have had security issues of their own—including potentially giving foreign governments direct access to data long before the recent reported breaches. A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project “was in Argentina and his co-worker was physically located in the [People’s Republic of China]. Both had direct access to every row of data in every database: they were root. Another team that worked with these databases had at its head two team members with PRC passports. I know that because I challenged them personally and revoked their privileges. From my perspective, OPM compromised this information more than three years ago and my take on the current breach is ‘so what’s new?'”