Conservative Conversation + Podcasts

Ricochet is the best place on the internet to discuss the issues of the day, either through commenting on posts or writing your own for our active and dynamic community in a fully moderated environment. In addition, the Ricochet Audio Network offers over 50 original podcasts with new episodes released every day.

Join Ricochet for Free Listen to Our Free Podcasts

How to Spot a Spy

Claire Berlinski

February 5, 2016

35 19

Welcome to this week in Federal Times:

It’s not a parody. That’s what I thought, too, but nope: You paid for the production of that video.

For realz.

Published in General

Like this post? Want to comment? Join Ricochet’s community of conservatives and be part of the conversation. Join Ricochet for Free.

There are 35 comments.

Become a member to join the conversation. Or sign in if you're already a member.

Member
lesserson
@LesserSonofBarsham

8:26 AM EST ⋅ Feb 6, 2016

Anuschka:

Sabrdance: they were 30 second spots with a bunch of soldiers sitting around the table, chatting about unclassified stuff, while a Russian spy eavesdrops and fills in a crossword puzzle with clues from the conversation, figuring out that the US is going to deploy a new weapon in the Middle East (which was classified). Been 30 years, I still remember it.

That actually sounds interesting and clever. Why can’t the public university I work for show us scenarios like that? No, we get the eye-rolling videos of the stupid schlubs whose passwords are “password” and “123456789.” I honestly can’t remember what was in my last cyber-security training. I only remember it was obnoxious and the answers were obvious.

The sad part is, it’s the obvious stuff that people do a lot more often than not. That NASA weather drone that was “hacked” a few days ago was gotten into because they used the default password. I agree with you though, for the love of all that’s good at least try to make the reminder videos either funny or interesting and not mind numbingly stupid.
- #31

Inactive
Eric Hines
@EricHines

9:36 AM EST ⋅ Feb 6, 2016

LesserSon of Barsham: That NASA weather drone that was “hacked” a few days ago was gotten into because they used the default password.

This is as much IT’s fault as it is the users’, and both should be hammered hard.

It’s easy enough to require a new password on first default password login, and it’s easy enough to require the password to be changed at intervals while locking out the last number of passwords a user has used.

Eric Hines
- #32

Inactive
Wordcooper
@Wordcooper

11:59 AM EST ⋅ Feb 6, 2016

Eric Hines: It’s easy enough to require a new password on first default password login, and it’s easy enough to require the password to be changed at intervals while locking out the last number of passwords a user has used.

But that has caused people to write down their passwords or just add a number to the end. Eventually, the best solution is two-factor authentication (something you know and something you have). If it is important enough for banks to require it for corporate accounts, it should be important enough for certain levels of government.
- #33

Inactive
Eric Hines
@EricHines

5:03 PM EST ⋅ Feb 6, 2016

Wordcooper:

Eric Hines: It’s easy enough to require a new password on first default password login, and it’s easy enough to require the password to be changed at intervals while locking out the last number of passwords a user has used.

But that has caused people to write down their passwords or just add a number to the end. Eventually, the best solution is two-factor authentication (something you know and something you have). If it is important enough for banks to require it for corporate accounts, it should be important enough for certain levels of government.

It’s not that hard to require a full change to the password, not just add or subtract a character or two.

Still, you’re right that two-factor authentication would be a further improvement. Like most things, though, this is an arms race, and businesses–and government–are going to have to be draconian toward employees who evade the purpose of authentication for their personal convenience.

That’ll take some considerable cultural change, though.

Eric Hines
- #34

Member
lesserson
@LesserSonofBarsham

3:03 PM EST ⋅ Feb 7, 2016

Eric Hines:

LesserSon of Barsham: That NASA weather drone that was “hacked” a few days ago was gotten into because they used the default password.

This is as much IT’s fault as it is the users’, and both should be hammered hard.

It’s easy enough to require a new password on first default password login, and it’s easy enough to require the password to be changed at intervals while locking out the last number of passwords a user has used.

Eric Hines

This is true, the problem is not one that’s user only. Human flaws (or at least limitations) create all kinds of havoc even among the people who should know better.
- #35

Become a member to join the conversation. Or sign in if you're already a member.

Conservative Conversation + Podcasts

There are 35 comments.

@