Air Force Emails Sensitive Information to Tourism Site 242
Khuffie writes "The US Air Force has been sending sensitive information, including flight plans for Air Force One, to a website promoting the town of Mildenhall in Suffolk. When told of the error by the site's owner, the Air Force did not attempt to fix it at first. When reminded at a later time, instead of fixing the issue, they advised the owner to 'block unrecognizable addresses from his domain and have an auto-reply sent reminding people of the official Mildenhall domain and blocked his website from access on base.'"
Wait a minute. (Score:5, Interesting)
Re:The Airforce... (Score:5, Interesting)
Military spending is a huge contributor to the US's debt problems, and anything that reduces the efficiency of the military contributes to the problem. Consider how expensive the air force is to maintain -- when it comes time to curtail the military budget, the air force has a lot of low-hanging fruit.
Security breaches and awareness of systemic ineptitude will just increase the likelihood that the air force will be targeted with more cuts.
Never mind the fact the a security breach, if taken advantage of by the wrong people, could be *very* expensive.
Re:The Airforce and no IS Security (Score:5, Interesting)
BBC... (Score:5, Interesting)
Re:I have call this one BS (Score:5, Interesting)
Re:The Airforce... (Score:2, Interesting)
No one even crashed a plane into a building with that, or shot down a plane...they just brought a rifle to a political event, aimed and fired. I think many Americans would be happy to watch him die, as a clear enough separation has been made between his personal incredible stupidity and the honor and distinction of the office itself during his terms in office.
I personally, think that no one should 'die' for their stupidity, the loss of human life regardless of it's intelligence (or lack thereof) is bad, but when you're in a position like that of the President of The United States of America...there is a level of accountability that should be enforced both during, and after your time in office. Legislation is deliberately being delayed when it comes to keeping up with the developments of investigative techniques involving IT and politics.
Re:I have call this one BS (Score:5, Interesting)
When I fist got the domain I had all email to invalid addresses forwarded to my mail box. I quickly found that I was getting the orders of the day for Pendleton Marine Corp base. I replied to the email and was immediately removed from the list. Over the years I got all sorts of official and private email sent to and from the base. But, as far as I can tell *none of it was classified*. Any time I replied and pointed out the problem I got a swift apology and never got an email from that source again. The most fun I had with it was when I accidentally got on a mailing list for retired SIGINT officers. Talk about a great group of highly intelligent and creative people! I am so glad they are our side.
I figured out the the rewriting rules used by a lot of email systems would generate pendleton.com from many misspellings of pendleton.usmc.mil and there was nothing I could do about the problem. So, at first I lived with it.
I finally set up my mail to bounce invalid addresses. I did it because email was becoming more popular I started getting a lot of very private communications meant for Marines and I didn't feel right about invading peoples privacy that way. I have always had a deep respect for the US military and the Marine in particular.
I have to say that the US military can misaddress email as easily as anyone else. So, I believe that part of the story. But, I never saw anything that was even vaguely sensitive (even the SIGINT guys didn't talk about anything sensitive) in the several years I was getting email from the base. I do not believe that part of the story. The Marines were always courteous and on the ball. The kind of people where you can believe that if you looked on heavens scenes, you would find the streets are guarded by United States Marines.
Stonewolf
Mildenhall Village (Score:3, Interesting)
When I lived in the small Wiltshire village of Mildenhall, we often had convoys of military vehicles being misdelivered.
"Where's the air base?" the lead driver would ask.
"150 miles North East of here!" we'd all reply.
US Air Force is Not the First (Score:5, Interesting)
Did you expect the Air Force to be 100% efficient? (Score:3, Interesting)
Re:Did you expect the Air Force to be 100% efficie (Score:3, Interesting)
It's no reflection on the quality or caliber of people and projects in the AF.
When your goal is to pick fruit from a tree, the low-hanging ones are the easiest to reach and thus the first to get picked.
When your goal is to cut costs, the low-hanging fruit are the ones that are easy to cut because they are 1) big-ticket items where a small reduction in qty yields a large cost-savings and 2) there is little direct elimination of jobs.
Naval yards, for example, fulfill item 1 but not item 2. Orders for new aircraft, however, fulfill both -- though there is indirect job loss.
Re:The Airforce... (Score:-1, Interesting)
Re:The Airforce... (Score:-1, Interesting)
Re:Military intelligence, it would seem.. (Score:3, Interesting)
At every single Air Force base I was stationed, the network staff was entirely comprised of should-be retirees who had been working for the federal government since the stone ages and weren't knowledgeable about the systems they managed beyond whatever they had to cram for in order to keep their MCSE certificate current. Network outages several times a week were the norm. The security policies were effective at keeping Airmen from doing their work at the same time that they practically begged hackers to have a nice comfy visit.
One admin was so inept that he refused to install virus-scanning software on the Exchange server because "all packages that [he] tested caught false positives." So his Plan B was to forward every single email virus hoax message that he got to every single person in the wing. Each message of course carried the stern warning, "anyone who opens an email with the subject 'a postcard for you' will lose network privileges." Once in awhile I'd send him a link to a website disproving one of his forwarded hoaxes, but never got any replies.
Another time I stopped by the NOC office to have them repair a laptop that wouldn't boot because of some Windows driver issue. I could have fixed it myself, but mind you, this is the military and I wasn't "trained" to do that. The guy who worked on the machine seemed nice enough, so I mentioned jokingly that he should put Linux on it and it would work fine. Bad move: he didn't take it as a joke. I got to listen for a 45 minutes about how Linux wasn't a real OS and was developed by (or for) hackers for infiltrating classified networks, and about how Microsoft single-handedly invented computers, and about how they didn't even have punch-cards back in his day, etc, etc.