Nasa hacker exploits known media vulnerabilities

Date: August 03, 2008
Source: blogs.guardian.co.uk


A lot of security issues in network and computer security can filed under the category of "PEBKAC" - problem exists between the keyboard and chair. Kevin Mitnick compromised more systems by knowing the foibles of human nature than the intricacies of the networks that he was breaking into. (Though Mitnick was good on the intricacies too.) Likewise, Gary McKinnon is exploiting some known vulnerabilities - but in this instance, in media coverage.

The main vulnerability he's exploited is that most journalists are generalists and don't know enough to challenge him on the claims that he has made, whether they are about his exploits or the US justice system. His statements about the case have gone largely unchallenged, no matter how outlandish.

First off, it is oft-repeated that he broke into 'top-secret' systems. No, he broke into unclassified systems, which doesn't mean that they are unimportant to the daily operations of the US military and Nasa, but it's wrong to say that they were top-secret. Classified - 'top-secret' - networks are almost isolated in both virtual and many times physical ways from the public internet. From Darpa, one of the agencies that McKinnon tried to hack, there is a description of the US Department of Defence networks:
The Global DoD Enterprise Network forms the backbone of the DoD Global Information Grid (GIG). It consists of satellite-based networks, an optical core network, optical edge networks, and land-based fixed wireless networks, all with strong connectivity to tactical wireless networks. Incidentally, all this is virtually separate from the public internet, but, today shares some of its resources.


Original article

---

Add comment  Email to a Friend