Of interest to may I'm sure. ---------- Forwarded message ---------- Date: Sat, 24 Jan 2004 12:34:57 -0500 From: Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net> To: nanog@merit.edu Cc: brunner@nic-naa.net, triballaw@wabanaki.abenaki.net Subject: System security data about to be made public (Cobell v Norton) The background is probably not of interest to many on NANOG, but the operational art of the Department of the Interior's network operators and security staff, and the host managers of the Indian Trust systems, which has been rated the worst in the Federal Goverment, is about to enter the public record, minus host and subnet identifiers, and any bits that "might jeopardize the security of individual Indian Trust Data". The text of the order is at this URL: http://www.indiantrust.com/_pdfs/20040121FileSMITReportsinRecord.pdf In a nutshell, its an Iraq-sized pile of thousands of individual trust accounts -- a major regional bank -- with no known audit trail, and an open access policy until quite recently. If I get the doc-u-boxen, I'll be happy to share with other NANOGers, as the DOI appears unable to move its operational art from an "F" to a "D" without assistance. Eric P.S. Triballaw list cc'd.