DHS: Preserving our Freedoms, Protecting America, Sharing Files

21 October 2008 » Music, Politics, Potpourri

I saw this interesting entry in my Web server logs today. It looks like the folks at the Department of Homeland Security may have some time on their hands to share their iTunes libraries among coworkers.

While it’s nice to see they have the spare hardware and bandwidth to set up an enjoyable working environment at the bureau, I worry about the threat posed by a malicious audio file introduced to their internal network.

Lets have a look at something United States Secretary of Homeland Security Michael B. Chertoff said last week, on the occasion National Cyber Security Awareness month:

Question: I just want to ask you what DHS has done to protect the information that the private sector is supplying to DHS through online systems. I am asking this because I am interested in the information that high-risk chemical facilities have submitted to you through your online system and how do we know that that information is secure.

Secretary Chertoff: Generally, we do pay a lot of attention to securing our own systems. I am happy to say a grade that government — I hate it when they grade you, I figured I was done with this in elementary school. It is worse in Washington because people that grade you are often — it is like the parent of your competitor. We do get graded on our security systems and I do think a few years ago we were getting a low grade, two years ago we got a D, last year we got a B+, this year our internal security systems are going to be better than last year’s.

I think we are getting our own house in order, but in a larger sense by reducing the number of entry points to the domains and by putting in a more robust set of protections for detections and prevention, that is going to protect our data.

Of course, this all assumes that the rogue Googler was intending to find instructions on how to set up a system at work, as opposed to doing some personal research for his network at home, but it raises questions nonetheless.

Oh well, at least according to my logs they have their own secure build of Internet Explorer 6…


2 Responses to 'DHS: Preserving our Freedoms, Protecting America, Sharing Files'

Subscribe to comments with RSS

  1. Chris Snyder said,

    22 October 2008 at 9:29 am

    Can a malicious audio file compromise a linux iTunes server?

    Pretty sure the use of IE6 is much worse than anything they can get by listening to Pink Floyd and Journey at work.

    But how great would it be to find the Rudy Ray Moore track that can bring the whole department to its knees?

  2. Daniel Krook said,

    22 October 2008 at 9:34 am

    Ha, I’m less paranoid about it today than I was yesterday, but I think I spent too much time recently digitizing all of my wife’s early 90s CDs to think that every audio file is completely harmless, technically or mentally.

Leave a Reply