antdude Matrix Ant Premium Member join:2001-03-25 US	antdude Premium Member 2013-Feb-12 1:59 pm FCC Botches $10 Million Security Overhaul »FCC Botches $10 Million Security Overhaul "The FCC recently obtained $10 million to upgrade what was fairly awful network security. The result? As Ars Technica notes, an audit of the FCC's effort by the GAO (pdf) found that the $10 million set aside for an "Enhanced Secured Network" was essentially just thrown into a giant black hole. Systems were misconfigured and glaring holes weren't fixed, and the agency's CIO left in January for other work. The news is probably very comforting to those consumers who allow the FCC to collect network data activity from customized third-party routers (though that data is supposed to be anonymous)."
	actions · 2013-Feb-12 1:59 pm ·
jaykaykay 4 Ever Young MVM join:2000-04-13 USA 1 recommendation	jaykaykay MVM 2013-Feb-12 3:10 pm Need I say, so typical of $$$s that are used by our Government in most capacities, overall!
	actions · 2013-Feb-12 3:10 pm ·
Blackbird Built for Speed Premium Member join:2005-01-14 Fort Wayne, IN	Blackbird to antdude Premium Member 2013-Feb-12 3:20 pm to antdude quote: ... Contracts to do the work on ESN were awarded in April of 2012, just two months after plans for the project were submitted to Congress. By June, all of the security hardware and software licenses had been purchased. Implementation was in full swing. But apparently the work was done so quickly that no one bothered to check it. While new security hardware and software was deployed, the GAO found that "FCC did not effectively implement or securely configure key security tools and devices to protect these users and its information against cyber attacks… Certain boundary protection controls were configured in a manner that limited the effectiveness of network monitoring controls." The rush to get things in place also led to some other sloppy work. The GAO's auditors found that passwords to gain access to some of the network monitoring systems "were not always strongly encrypted." And while tools had been put in place to detect malware and block malicious network traffic, the tools had been left only partially configured. ... Contractor-provided checking and configuring were probably a part of the next-higher bidder's quote.
	actions · 2013-Feb-12 3:20 pm ·
HELLFIRE MVM join:2009-11-25 1 recommendation	HELLFIRE to antdude MVM 2013-Feb-12 11:58 pm to antdude Sounds like a complete fuster cluck before they even put pen to paper. quote: It relies heavily on outside help for its IT operations—and on more outside help to figure out how to buy that help. :facepalm: comment right there.... Regards
	actions · 2013-Feb-12 11:58 pm ·
norwegian Premium Member join:2005-02-15 Outback	norwegian to antdude Premium Member 2013-Feb-13 6:55 am to antdude You mean a quote or 2 was sourced, 1 got lucky, but the choice to pick that contract on standards had nothing to do with it. Part of the money also became redirected. Hence a job was done, someone was paid, but logistically not 1 decision was made. It never is about the needs, it's about power and authority - it always takes precedence, so a choice is made and no one says a thing till it's too late.
	actions · 2013-Feb-13 6:55 am ·

Forums → Software and Operating Systems → Security	« Nmap Info? • 11 year-old creating malware to steal game passwords »