SoylentNews is people
SoylentNews
Amongst other news outlets, CIO reports on a hacker attack on the German parliament (Bundestag) that occured four weeks ago and is still ongoing:
Trojans introduced to the Bundestag network are still working and are still sending data from the internal network to an unknown destination, several anonymous parliament sources told German publication Der Spiegel.[German]
All software and hardware in the German parliamentary network might need to be replaced[1]. More than four weeks after a cyberattack, the government hasn't managed to erase spyware from the system, according to a news report.
Some MPs have concerns to call experts from the foreign intelligence service, the Bundesnachrichtendienst, for help, because the agency would gain access to the legislative process, a possible violation of the principles of Separation of Powers.
[1] Apparently about 20.000 machines are affected
(Score: 2) by No Respect on Saturday June 13 2015, @08:58AM
I seem to remember some governmental orgs in Germany made a big thing of switching to Linux a few years ago. Maybe it was only a city or two. Munich, maybe? In any case, with incidents such as this, the recent US "attacks from China", and every other intrusion attempt (whether successful or not) I put the blame squarely on whoever owns and/or controls the systems. Period. Make them legally liable and watch this shit get cleaned up real fast. That goes for banks and other financial organizations, too.
Maybe I'm approaching get-off-my-lawn territory, but I'm not really interested in even debating the subject anymore. Someone breaks into your system? YOU are responsible and nobody else.
(Score: 0) by Anonymous Coward on Saturday June 13 2015, @09:07AM
not saying you don't raise an interesting point, but your position is as controversial as blaming a female rape victim for being raped because she wore a miniskirt; it may be argued that the miniskirt helped make her a target, but if you take blame away from the perpetrators, the number of incidents would skyrocket.
nobody is a computer security expert, and those that think they are are the most insecure of all. the only exception to this is bruce schneier for obvious reasons :p
security is a process, not an end goal
(Score: -1, Troll) by Anonymous Coward on Saturday June 13 2015, @09:19AM
"I totally disagree with everything you said, but I still want to be modded up for sucking your juicy fat cock."
(Score: -1, Troll) by Anonymous Coward on Saturday June 13 2015, @11:34AM
where's the part in the original post that implied disagreement?
chicks that walk around in miniskirts are begging to be raped
faggot
(Score: 5, Informative) by No Respect on Saturday June 13 2015, @09:36AM
Fuck no it's not the same. Not even remotely. I'm talking about legal and ethical responsibility and assignment of blame for a technological, business and financial fuckup where people who should know better don't give a fuck and then lash out when their own fuckups result in damage. You just want to take that and project that that sentiment is equivalent to blaming the victim. Ha! Fuck you, no. Equating business loss and liability to personal, human suffering and violence is fucking wrong, dude.
You are the problem. Look in the mirror the next time someone asks why this country is so fucked up. You are why all the other countries hate us.
(Score: 0) by Anonymous Coward on Saturday June 13 2015, @11:53AM
you can try to secure systems all you want, but if they contain something of sufficient value there will be hackers who invest plenty of effort into breaking them (and will in all likelihood succeed if the prize is worth it).
Under your dictatorship, businesses would go broke due to the costs of endless spending on security. In reality, businesses will always do the absolute minimum to cover their asses, and no more. For anything they miss there is liability insurance. If customers aren't happy with the level of security provided, they go elsewhere, which is why when security is paramount there is a market incentive to improve (such as banking). Forcing companies to be held liable for breaches is fine if such breach would cause grievous harm to others (such as security of weapons), but otherwise it will just pointlessly hurt small businesses who can't afford to have the best security or defend themselves in court.
What would work much better than your bureaucratic bullshit is for your big government cronies to get out of the way and let failing corporations go bankrupt. If the market decides that a company has fucked up their security, it will abandon it to rot. If the government then comes in and bails it out, what the fuck good is that gunna do? It's just going to make the problem worse. It's called 'moral hazard' for you Keynesian imbeciles.
Dipshit democrats like you are why businesses are so wrapped up in red tape they eventually get chased offshore.
(Score: 1, Insightful) by Anonymous Coward on Saturday June 13 2015, @05:12PM
Sounds like natural selection where only the best and most competent prevail.
(Score: 1) by KGIII on Sunday June 14 2015, @08:50AM
Equating business loss and liability to personal, human suffering and violence is fucking wrong, dude.
But you want to put the people who are victims of attacks into prison. That is, you know, equating business loss and liability to personal, human suffering and violence... And, it is fucking wrong, dude. Seriously? Did you seriously type that or was that a joke?
Anyhow, if the penalty for failure is that high nobody will do the job and you can not force someone to do the job.
"So long and thanks for all the fish."
(Score: 2) by urza9814 on Monday June 15 2015, @04:59PM
You guys are arguing the wrong point entirely. The victims of hacking attempts are not the operators of the networks which are hacked; the victims are the *users* of these networks. The owners of the networks are often co-conspirators in the crime. If they weren't aware you could say it's negligence rather than malice, but often they certainly *are* aware. "Securing against threat X will cost $Y" "That's too expensive; let the users get hacked."
(Score: 2) by c0lo on Saturday June 13 2015, @11:58AM
bruce schneier is beyond exception: he rules.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Sunday June 14 2015, @02:05PM
It would be far more similar to say a bank that had a pile of your gold with information on where to get more of your gold locked up in a store room with a deadbolt. They will say they had someone come and make sure it was locked up, but it doesn't mean it was adequate. You need to have an actual safe to protect your valuable information adequately and it's the banks fault if they don't not yours. At a certain point, you have to trust those with your information to do the right thing, because you can't possibly know everything.
(Score: 1, Insightful) by Anonymous Coward on Saturday June 13 2015, @09:12AM
Because Linux malware DOES NOT EXIST. It simply doesn't. There's no such thing as a Linux virus, Linux rootkit, or malicious Linux kernel module. These things are NOT EVEN POSSIBLE. And I personally did not see Linux malware in the wild as early as FIFTEEN YEARS AGO. That did NOT HAPPEN.
Seriously, Linux dude, go fuck yourself.
(Score: 2) by No Respect on Saturday June 13 2015, @09:46AM
Do they run Linux in Germany or don't they? I was asking a question, not trying to throw shade at Linux. Blame the fuckers who can't set up a decently secure system? Sure, absolutely. Blame it on Linux? I don't believe I ever said that.
I mean, I know for a fact they run Linux in Germany. Most of IBM's Linux work is based there. So that was a rhetorical question, too, in case anyone didn't notice.
(Score: 2) by bradley13 on Saturday June 13 2015, @01:34PM
IIRC, that was only a couple of cities. Certainly not the whole government.
Everyone is somebody else's weirdo.
(Score: 1) by KGIII on Sunday June 14 2015, @08:54AM
That does not mean that there are no exploits nor does it mean that it is secure. The rant was nice, though.
"So long and thanks for all the fish."
(Score: 0) by Anonymous Coward on Sunday June 14 2015, @02:15PM
gnu/inux has significantly less vulnerabilities by design. You can easily make it less secure and it has bugs and exploits like everything else, but it's still a safer system than most other OSes that focus on usability first. Generally the linux bugs you see tend to be far less impactful as well, a few in the past year notwithstanding, and there's exploits that get attached to linux that don't have anything to do with linux. The upside and downside of open sourced software is higher visibility. I'm quite sure that there have been some horrendous closed sourced vulnerabilities we never even knew about because they didn't tell anyone, and didn't have to tell anyone. If you knew about linux, then you knew about this.
On top of all this, you read into the question something that wasn't said so...
Seriously hyperbolic or purposefully ignorant dude, go fuck yourself.
(Score: 3, Interesting) by maxwell demon on Saturday June 13 2015, @09:23AM
And if someone breaks into your house, I guess he's not to blame either, because it was you who didn't secure your house properly, right?
Yes, those who didn't properly secure their systems deserve a part of the blame. But that doesn't let those who attacked off the hook.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by No Respect on Saturday June 13 2015, @09:39AM
Correct. 100% absolutely correct. Next?