It’s written to make you breathless, but in the end you find out you are in a vacuum.

Each brief was only several pages long, so Kean could read through months of them in a stretch of a few hours.

And he found himself terrified by what he was reading, really terrified. Here were the digests of the most important secrets that were gathered by the CIA and the nation’s other spy agencies at a cost of tens of billions of dollars a year.

And there was almost nothing in them.

“They were garbage,” Kean said. “There really was nothing there – nothing, nothing.”

If students back at Drew turned in term papers this badly researched, “I would have given them an F,” he said.

Kean pointed that out to one of his White House minders who accompanied him to the reading room. “I’ve read all this,” he told the minder in astonishment. A lot of the information in the briefings and other supposedly top secret intelligence reports had already been revealed by the nation’s big news organisations. “I already knew this.”

“Oh, but you’re missing the point,” the minder replied. “Now you know it’s true.” It occurred to Kean that this might be the commission’s most frightening discovery of all: The emperors of espionage had no clothes. Perhaps the reason the White House had fought so hard to block the commission’s access to the briefings was that they revealed how ignorant the Government was of the threats it faced before September 11. Kean could understand their fear. Imagine the consequences if al-Qaeda and its terrorist allies knew how little the US really knew about them.

To be reviewed by whom.

The assumption by the turd is that the network in question needed his services. That it lacked the security his 4 month long contract was ‘staffed’ to provide. That he is the epitome of data security experience in the United States of America.

Well, maybe the security on that network far exceded the capabilities of his corporate white gear – eh…

Well, maybe the equipment in that network might have been unfamiliar to him – eh…

There are a lot of reasons not to invite him in.

Important, very important.

Self important.

http://blog.wired.com/27bstroke6/2008/03/whistleblower-f.html

You have to read the thread just for the laughs.

Those tinfoil kids on what is supposed to be a techie oriented site and the editors who allowed this thing to get out to start with make you wonder if they just figured out how to publish press releases from hardware manufactures, because they sure botched the job on the technical weakness of this story.

Again for scale. DS-3 45 meg in the story

Common Hi Speed DSL 6 meg
Common Cable Modem 10 meg
Verizon FIOS connection 50 meg

My connection here at the house for Day Trading

Linksys RV-016 16 port router with 7 of the ports configured as wide area network inputs from the web. That is the maximum the particular router supports

INPUTS
3 DSL 6 meg lines from Provider A
2 DSL 6 meg lines from Provider B
1 Cable Modem 10 meg line from Provider C
1 VSAT 45 meg satellite connection
The first 6 lines are a round robin shared total bandwidth setup the last is a fallback if 3 or more of the others fail.

Bottom line my place kicks this feed right out of the room. I also have completely separate business feeds here with multiple redundant OC-12 lines.

All this for a single stock trader to have 24/7 access to exchanges around the world with direct data feeds from the exchanges running into a disk farm via network grade routers and processed by multiple IBM Z9 mainframe computers.

That little DS-3 line wouldn’t be enough to service the internet cafe on base at Quantico in a decent manner. You could end up stalling that line just from having a bunch of guys surfing and steaming Youtube videos at the same time.

As to that other setup from San Francisco in the earlier EFF lawsuit, it is very likely this is part of the access required for warranted use of the system of the CALEA legislation to tap the net for authorized use.

This connection goes to a wireless provider, not a net backbone site.

Even at that take the entire network traffic through that place in one day if it is a hub and the DS-3 would be like trying to bail out the ocean with a teaspoon.

No access control would tend to mean that it is interconnecting two networks of same security levels. It implies that everyone on one network has free access to the other. Sort of like two offices of the same department might have or two offices of the same company.

The “any any” rule the guy is talking about is probably something like:

permit ip any any log

which would be a router rule that allows all traffic but logs it. The problem with a rule like this is that if there is no real need for it, it uses up CPU resources to log these traffic flows, if they are logged to a remote machine someplace it uses up network and storage resources to keep this data archived, if they are not saved remotely the logs are quickly overwritten in memory making them useless and if they are saved they must then be safeguarded because the data they contain is now a potential security hazard as it will show who had access to what when. It could very well be that no record of this was wanted to be kept for very good reason. Data you don’t have can’t be stolen by China. If the two networks are of equal security access, there is no need to keep a record of it.

http://hotair.com/archives/2008/03/08/obama-adviser-obama-naive-knee-jerk-on-telecom-immunity/