Homeland Security Can't Even Configure Its Mailing List Software Correctly?
from the that-makes-me-comfortable dept
Just after the federal gov’t screwed up and shut off ca.gov, we find out that the Department of Homeland Security misconfigured its email list software causing a deluge of annoying emails to over seven thousand government employees. The list, normally used to broadcast news summaries of security news, apparently was set up so that any reply messages automatically were broadcast to all members. What happened next is familiar to lots of folks on mailing lists, where the “reply all” button is misused. The one difference, though, was that this wasn’t a misuse of the reply all button, but on the mailing list automatically sending out anyone’s message to everyone on the list. Many security experts on the list are apparently wondering what that says about Homeland Security’s ability to deal with cybersecurity issues. Perhaps it was just a little configuration error, but you would think that the folks at the DHS would be a bit more careful about those things.
Filed Under: email, homeland security
Comments on “Homeland Security Can't Even Configure Its Mailing List Software Correctly?”
Don't they know how to test things before implemen
Oh wait, this is the government. No they don’t.
Sorry – I should have never asked a stupid question.
HOW DARE YOU INSULT THE MOST MAGNIFICENT GOVERNMENT OF ALL TIME?
TRAITOR!
the government? perfect?
what are you, stupid?
I thought the Iranian Ministry of Defense employee
I thought the Iranian Ministry of Defense employee chatting on the list was the most amusing part
It's not just worrying...
…but terifying that the DHS could let something like this slip. It could (and possibly did) spread some very personal information to alot of people.
If they can’t keep personal info away from people who shouldn’t know it…..?
Government Intelligence
Any good American knows the two words that never go together, Government and Intelligence. I am in a wonderful country, one of the best on this little blue marble we call home. But, some of the decisions made by our government, governmental policy makers and agents/agencies there, are less than admirable.
The best part of all this though… Elections!!!
They can't maintain a no-fly list either!
Should this really surprise anyone?
The no-fly list is a constant joke that never gets fixed.
Out of office
I wonder how many people on the list had out of office autoreply on. Every message would be replied to with an out of office message, which would be forwarded to everyone on the list, many of whom would generate an out of office reply again which would be fowraded to eveyon on the list, repeat ad infinatum.
The most terrifying words in the English language are: I’m from the government and I’m here to help.
Ronald Reagan
It’s a goverment agency, you were expecting less?
Re: You never know
I wouldn’t expect anything from the government. That would be too irresponsible of me to expect something, especially something positive.
out of office replies, i have NEVER seen an out of office reply-all. i am not even sure if you can set it up that way and if someone set up their out of office to reply all they should be fired from their job
Re: OUt of Office
If you had read the story NipseyRussell, you would realise that the problem with the system was the an ‘reply’ was being forwarded to everyone on the global address list. The Out of Office needn’t be configured to some ‘reply all’ status for everyone to get spammed by it. The out of office ‘reply’ (singular) could be duplicated and sent to everyone. That being said, out of office replies to not generate out of office replies. So the initial statement was just as stupid.
Re: Re: OUt of Office
But you have to admit, it was funny.
Two words - Lotus Notes
According to Ars Technica’s article this was a Lotus Notes issue.
http://arstechnica.com/news.ars/post/20071005-dhs-flunks-e-mail-administration-101-causes-mini-ddos.html
Why in the hell are they using Lotus Notes, IBM doesn’t even use that piece of garbage. Great security BTW, grab a user.id file and your in. I know some Lotus fanboy will probably flap that tired diatribe “Notes is Groupware” which sounds good but it doesn’t excuse the EXTREMELY POOR DESIGN of the Notes platform.
The most damning design flaw in Notes is the Address book. “All your eggs in one basket”, hardly conveys the ignorance. More like “All your eggs, chickens, livestock, cash, children, hopes, dreams and then kitchen sick in one basket”
Beside the idiots at DHS should have a static reply to.