[Info-vax] Bradley Manning and OpenVMS
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Sun Dec 8 08:34:15 EST 2013
On 2013-12-08, Simon Clubley <clubley at remove_me.eisner.decus.org-Earth.UFP> wrote:
> On 2013-12-08, DTL <didier.morandi at gmail.com> wrote:
>> Hi all,
>>
>> Let's assume the system on which these diplomatic telegrams were stored was an OpenVMS system.
>>
>> How could the (Wiki)leak be detected?
>>
>> A Security ACL on the folder(s) access READ
>> A Security ACL on his CD-ROM Drive access WRITE
>> An alarm from both, gathered via a SIEM solution, giving the following alert:
>>
>> "A guy is burning a CD on his computer with a lot of sensitive data"
>>
>
> Without mandatory access controls, he could have just used his administrator
> privileges to turn them off before copying the files.
>
> The irony is that he managed to do this in the organisation which gave
> us SELinux. What was that again about the cobbler's children ? :-)
>
My mistake; I didn't pay enough attention to the specific leaker in the
title (I've just been reading some stuff about Edward Snowden, hence
the mistake).
However, the comments above do apply to Edward Snowden and the real
security lapse with Bradley Manning was that the military didn't implement
any document containment/isolation procedures so everyone got access
to everything (even if they didn't need it).
You have to fix that problem before you can implement any technical
solutions (and BTW, those solutions are also available outside of VMS).
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list