Tech lay communication: "IDS", "Patch," "Legislativermin" (TEALE)
Major Variola (ret)
mv at cdc.gov
Thu Jun 6 13:34:33 PDT 2002
Intercepted a live broadcast of a CA state board on privacy reviewing
some breaching of a state comptroller's servers which manage
state deductions. The "Teale Data Center" incident alluded to at
http://www.privacy.ca.gov/stateemployee.htm
and at the gnarly URL:
http://www.ca.gov/state/govsite/gov_htmldisplay.jsp?BV_SessionID=@@@@1917707281.1023395486@@@@&BV_EngineID=cadceffmidlibemgcfkmchchi.0&sFilePath=%2fgovsite%2fpress_release%2f2002_05%2f20020531_PR02323_teale.html&sCatTitle=Press+Release&iOID=33866&sTitle=Press%2bRelease+++
One of the clueless legislativermin just couldn't understand how an IDS
can tell that a system's been probed ("700,000 times a month") if it
wasn't breached. And the
hapless bureaucratechs failed to explain the simple explanation:
that to probe, the system must
be contacted via the network, and that contact is logged. Maybe they
should have simply said "doorknob-checks" vs. "breakins".
The same legislator had serious cognitive difficulty with the concept
of a software patch. The more clueful failed to explain its like
letting an author
have another pass over a book. They can fix little things, or rip
and replace chapters; the risk (and reason patches aren't instantly,
blindly installed)
being this can break the ways you've relied on the book.
It was so tragic it was comic.
-------
Give away the backplane, sell the blades
More information about the cypherpunks-legacy
mailing list