(government, national security, sweet jesus — )
4 Oct. 2007
I got a little flak from the AoIR listserv members (well, okay, just 1 or 2 of them) who didn't think my concern over the US Intelligence community's social networking practices was warranted. But I have to say, oddly enough this article on the SANS website today detailing how 1) the Homeland Security notification mailing list is not locked and is thus open to a pseudo-DDOS or malicious code or phishing and, more to the point, 2) that its subscribers are responding with identifiable personal and employment information to a black box list of anonymous recipients whom they do not know doesn't really seem to lessen my concerns. Neither does the fact that they can't accurately follow instructions on how to unsubscribe to a mailing list, but that is more of a secondary concern....I think.....Okay, not really - that part scares me, too.
Comments (0)
(government, hacks, national security, social networking, sweet jesus — )
12 Sep. 2007
Er....okay, sometimes I scare myself when I get bored at work and decide to type in random search phrases. For instance, I would just like to know if anyone else finds it as disturbing as I do that U.S. intelligence analysts announce their names, what they do, every position they have ever worked in, and a list of all their associates to a public audience on LinkedIn?*
* Please note that it is possible to get names and positions from the example search I link to above; however, more creative searching turns up further details. For instance, try the name of any agency (i.e. NRO or DIA) to get past work histories, thus turning up the names of further agencies to try, as well as associates and coworkers. A person could easily automate this process and have virtually the entire intel community mapped out in one hour.
Comments (0)