Showing posts with label NSA. Show all posts
Showing posts with label NSA. Show all posts

Thursday, 19 May 2011

US NSA (National Security Agency): 'Hardening Tips for Mac OS X 10.6 Snow Leopard'



I believe I mentioned this publication last year. I was reminded of it by a tweet from Dr. Charlie Miller today:
NSA's hardening tips for OS X 10.6 < looks like a good way to make things randomly stop working.
Oh dear. But the brochure has helped me today to finish up my current 6 Rules Of Computing list, which I will post as my next article.


Overall, the NSA's 'tips' are fine and useful. But they go a bit mental over trivial points. Some examples:


A) Their section entitled: "Au Revoir, Bonjour!" is TechTardy from my POV. They suggest using a Terminal command to turn Bonjour off. Ignore it. Bonjour is an innovation I personally love. It has nothing (so far) to do with compromising a Mac's security.


B) Their section entitled "Disable Bluetooth and AirPort Devices" is whacked. I'm all for killing off Bluetooth technology, which I despise as decrepit, low bandwidth, buggy and insecure. But to have the NSA say you need a "certified technician" to remove your Bluetooth hardware is absurd. Equally, their suggestions about disabling AirPort are strange and likely to lead to unnecessary confusion.


C) Their redundant "Disable IPv6 and AirPort when Not Needed" section continues the strange and confusing. There is no reason to disable IPv6 at all. In fact, a year from now we are all going to find IPv6 to be essential when surfing the web.


Etcetera. 


The weak points in the brochure continue to dismay my trust in US government comprehension of contemporary technology. I've railed against NSA technology ignorance before and at this rate I expect I'll be railing on them for years to come.
--
Posted by at No comments:
Labels: , , , , , ,

Thursday, 17 December 2009

Unencrypted Drone Data: More Fun With The NSA

--
NEWSFLASH!
Dateline 2009-12-17.

US MILITARY DRONE DATA FOUND ON CAPTURED IRAQI INSURGENT'S COMPUTER LAPTOP!

How did it get there? No US military computer hacking evident!

REVELATION: Data stream was captured out of the air by the Iraqi insurgents!

PROBLEM: Data streaming to and from US military drones is UNENCRYPTED!

Massive DUH Factor!

Video data only? What if the control code for US drones is now in the hands of insurgents, if not the Taliban and Al Qaeda? IOW what if they can not only watch exactly what any US drone is seeing anywhere in Iraq, Afghanistan or Pakistan, but they also know exactly how to control the drones. Fun for them. Big black eye for the USA, specifically the NSA, the so-called National "Security" Agency.

Hey NSA! Just give away my country! Go on. Hand it over! Who needs Benedict Arnold when the US federal government is being run by a bunch of BLITHERING IDIOTS.

Odd how a security novice like me knows better than to allow unencrypted military data. The mind boggles. Seriously. Could we do worse?

Great to have you protecting our home NSA. Such a good NSA. Sit NSA! Sit! Roll over. Play dead. Cute little NSA! You get a treat. I have a great big bone for you.













For more NSA FAILS, enjoy articles published here: FAIL and FAIL and FAIL and FAIL and FAIL again.

And I thought the Bush League Era was over. Tsk tsk on me.
.
.
.

UPDATE!

THE NSA KNEW ABOUT UNENCRYPTED DRONE DATA PROBLEM IN 1999!

We're living in the Realm of the Surreal.
Our Mission
The NSA/CSS core missions are to protect U.S. national security systems and to produce foreign signals intelligence information.
--
Posted by at No comments:
Labels: , , , , , , , ,

Friday, 20 November 2009

The SANS Institute sez: NSA Helping to Harden Operating Systems

--
I'm kind of surprised to read this blurb from the latest edition of the SANS NewsBites newsletter (Vol. 11 Num 92):
--NSA Helping to Harden Operating Systems

(November 7, 18 & 19, 2009)

In testimony before the Senate Subcommittee on Terrorism and Homeland Security, National Security Agency (NSA) information assurance director Richard Schaeffer said that his agency helped Microsoft harden Windows 7 and that it is also helping Apple, Sun Microsystems, and Red Hat with similar endeavors. The NSA's involvement in the development process has led to speculation that backdoors will be built into the software to allow communications monitoring and interception. The NSA refutes those claims and says it is helping develop security guidelines and checklists. Schaeffer also said that agencies can protect their systems against 80 percent of known cyber attacks by following three steps: implementing best security practices, configuring networks properly, and monitoring networks effectively.

http://www.theregister.co.uk/2009/11/19/nsa_enhanced_windows7_security/

http://www.computerworld.com/s/article/9141105/NSA_helped_with_Windows_7_development

http://www.h-online.com/security/news/item/NSA-helps-Apple-Sun-and-Red-Hat-harden-their-systems-863889.html

http://fcw.com/Articles/2009/11/17/NSA-3-steps--better-cybersecurity.aspx

[Editor's Note (Pescatore): Ah, conspiracy theories. NSA and other government agencies have been involved in developing "gold" configuration definitions for standard software and network hardware products for a long time, along with the IT industry. Hardening in this case means better configuration and minimization of unneeded services.]
You can subscribe to the SANS newsletters HERE.

My concern about this news:

If the NSA is so good at hardening operating system security, and good at protecting their systems from 80% of known cyber attacks, how come the US federal government computer system has been PWNed by China and other countries every year since 1998, including 2009?

Read THIS list from the Center for Strategic & International Studies and have a heart attack. Included on the list are:

February 2009 - US Federal Aviation Administration hacked.

March 2009 - US federal computer containing plans for the new presidential helicopter hacked.

April 2009 - The revelation that the US power grid had been hacked.

May 2009 - US Homeland Security Information Network hacked.

So where was the NSA during all this? And the NSA has what skills to offer Microsoft, Apple, Sun and Red Hat? Just asking.

More likely the NSA is supplying their experiences in security FAILure, such as sharing what hacking methods were successful against federal computers during their watch. Just saying.

You know I'm itching to point out that switching to a proven secure operating system is always helpful. For example, why are the feds still using Windows?! It boggles my mind. Windows is dead last on the list of secure operating systems. The top 3 are still:

- OpenBSD
- FreeBSD
- Mac OS X (which incorporates BSD Unix)

But I'm just some laymen guy with a few science degrees and some decades of computer experience who rants about the ridiculous state of computer security in my country.
(o_0)
--
Posted by at No comments:
Labels: , , , , , , , , , , , ,
Subscribe to: Posts (Atom)

Search