A NASA laptop stolen last year had not been encrypted, despite containing codes used to control and command the International Space Station, the agency's inspector general told a US House committee.*Headdesk*
Technology isn't the problem. Measure with a micrometer, mark with chalk, cut with an axe.
Via email from ASM826.
The Human factor is the biggest hole in all computer security. In my work, we see people all the time purposefully screw up things like passwords, encryption, physical security, etc... and we are called to solve the problem.
ReplyDeleteYep. All those theories and best practices sound great until some end user screws things up.
Lamenting that a chain is only as strong as its weakest link is senseless if you are trying to tow your car with a gold necklace.
ReplyDeleteHey, it's NASA. It's not like they're working for the DoD. If they did they'd have procedures for keelhauling the offender.
ReplyDeleteI've yet to find a way to engineer around humans. Every day I make progress, but it Sysiphus had better odds of success.
ReplyDeleteGood old social engineering will bypass any security system.
ReplyDeleteThe codes the article refers to are fairly useless unless you connected to the ISS C&C MDMs.
ReplyDelete