[Info-vax] Bradley Manning and OpenVMS
Bill Gunshannon
bill at server3.cs.scranton.edu
Mon Dec 9 10:17:18 EST 2013
In article <l81phj$5bp$2 at dont-email.me>,
Simon Clubley <clubley at remove_me.eisner.decus.org-Earth.UFP> writes:
> On 2013-12-08, DTL <didier.morandi at gmail.com> wrote:
>> Hi all,
>>
>> Let's assume the system on which these diplomatic telegrams were stored was an OpenVMS system.
>>
>> How could the (Wiki)leak be detected?
>>
>> A Security ACL on the folder(s) access READ
>> A Security ACL on his CD-ROM Drive access WRITE
>> An alarm from both, gathered via a SIEM solution, giving the following alert:
>>
>> "A guy is burning a CD on his computer with a lot of sensitive data"
>>
>
> Without mandatory access controls, he could have just used his administrator
> privileges to turn them off before copying the files.
>
> The irony is that he managed to do this in the organisation which gave
> us SELinux. What was that again about the cobbler's children ? :-)
>
Read almost any security white-paper today. Insider threats are much
greater than outsider threats. And much harder to deal with. Not only
do I have ultimate control over all the systems I administer but my user
base doesn't understand my reluctance to use that absolute power. When
I have brought up issues like possiblity of copyrighted materials or
hacking tools in students directories I have often been asked why I don't
just go through all their files looking for them!!
bill
--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999 at cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include <std.disclaimer.h>
More information about the Info-vax
mailing list