http://www.ibtimes.com/bradley-manning-news-transcript-soldiers-personal-statement-pretrial-hearing-1109173
Pensacola Discussion Forum
2seaoat wrote:I guess that is all it takes.....being a homosexual, and getting beat up by a girl. What he did is wrong. The rest is smoke. He will be punished. However, I think he did a great service to his country indirectly. He exposed how easily so much data can be hacked and copied. I think this case alone will close some of the loopholes and make our country far better prepared. I am making no excuse......but his testimony is very convincing. He was angry about the drone strikes and the callous indifference to children being killed. I do not know how I would respond if I saw mistakes being made repeatedly and a callous indifference whether it was Reuters reporters, or children .......you would think we could sensitize those folks in operations to be more careful in both their targets and how they react to killing human beings. I do not thinks I would have done what he did.....I lack the courage, and would be too afraid of the consequences. However, I am not happy where we kill children or innocent reporters and have folks joking about it.......this case will hopefully bring constructive changes.....and yes he must be punished.
2seaoat wrote: You've got a lot to learn about how we safeguard information.
lol......yes I do.......get a 20 year old kid.....give him unlimited access to the database......but do not have a firewall on the database which allows folks to copy the database in its entirety.......you have got to be kidding......this is such an elementary step in the private sector to lock up your databases.....this guy had free access to tables.....he copied them, and he most certainly could have corrupted them......talk to someone who is completely brain dead about how "we" safeguard information.......the local bank has better protocols.......and that is why this is such a big deal.......a poorly designed security system has been exposed.....and Bradley.....a rookie kid........busted this system, and wiki has the database........my friend you are the one who has to understand how a database works, and how access to tables........IS NEVER............able to be copied......but being that you consider yourself part of that "we"..........I cannot argue.......the proof is in the pudding.
2seaoat wrote: You've got a lot to learn about how we safeguard information.
lol......yes I do.......get a 20 year old kid.....give him unlimited access to the database......but do not have a firewall on the database which allows folks to copy the database in its entirety.......you have got to be kidding......this is such an elementary step in the private sector to lock up your databases.....this guy had free access to tables.....he copied them, and he most certainly could have corrupted them......talk to someone who is completely brain dead about how "we" safeguard information.......the local bank has better protocols.......and that is why this is such a big deal.......a poorly designed security system has been exposed.....and Bradley.....a rookie kid........busted this system, and wiki has the database........my friend you are the one who has to understand how a database works, and how access to tables........IS NEVER............able to be copied......but being that you consider yourself part of that "we"..........I cannot argue.......the proof is in the pudding.
2seaoat wrote:I guess I just want to laugh now with the lecture I am getting about how everybody can copy a database.......I will be polite as I try to always be.......there are simple standards on your local banks database which are followed which do not allow a bank officer, or a president of the bank to have access to a database table, let alone any part of the back end.
You want to tell me how you can copy an access database or SQL server database on your computer......and you have obviously no idea of the security protocols which are put in place in every major business. The commodity exchange markets have typically 60 people whose only job is maintaining absolute security on those portals which have high level clearance. It can start with a simple limit on access to the front end by so many attempts in so much time. It involves monitoring of access of the front end by portal. Now if Bradley had been a high level IT guy, I would partially buy into your argument that is why we trained him with skills, but to use the analogy of a commercial environment.....this would be like a really bright commercial loan VP being able to access the back end of the database and transfer the tables. Impossible in a properly designed system......Absolutely impossible. That is even before the portal monitoring takes place by security........but let us assume that Bradley was something other than he was......a low ranking intelligence officer with a portal to the database......let us assume that he is in the Pentagon, at the server location, with back end design clearance..........do you think they allow a backup of their system from a remote portal? Really, I do not know what I am talking about? Really.....is this your argument? Absurd on the face of it. I do not even know if the folks reading Tex's link even understand how utterly exposed the database was to the back end. The reason that this has been a blockbuster case is how utterly exposed this database was.......and how many others are in the same position. The local Macdonald's franchise has a better security protocol than our military has proven it lacks............An analyst in the field in any business or government does not have back end access to a database, or its tables.......a seventh grade class could design in Access and SQL a more secure network than this article exposes.
First, any laptop or desktop in the network must have
2seaoat wrote:Encryption would be analogous to the lock on your front door. As packets are sent through the internet they are exposed. You can create a pipeline which completely isolates that data from others.....encryption protocols start with a vpn, but even that does not go far enough, so the individual packets are encrypted and make it virtually impossible in a normal time frame for somebody to break that front door lock. However, you are mixing apples and oranges. The front door look is easy. It is secure. However, once in the front door, If I walk over to your computer.......even a home computer will have an access code to get to certain files.......No problem....Bradley had the credentials, but the problem is in database design on that network.
A database must have its own separate backdoor lock. When you access a database with a query, you can get data.....you can get reports, but from your portal........YOU SHOULD HAVE NO ACCESS to the backdoor design criteria and tables of that database. A simple access database or SQL used on the typical commerce site or small business or government unit, has the back end locked up tighter than the front door, because more damage can be done with access to those tables, than some kid cracking mom's bank codes and getting money at the ATM.........the back end you own the whole kit and caboodle...........If Bradley's testimony is accurate, our entire database had no backend protection. Bradley makes no admission of needing to steal codes......he makes no admission to breaching a limited access portal........he makes no admission to compromising a vpn........nope he had access to the back end of a national database from any of many access points which he reported........Even more shocking was the utter lack of knowledge by portal and time spent on the database.......mind boggling, and across America when technical people read Bradley's admissions......you begin to question if any of our weapon system databases were protected any better. This story is not about Bradley. This is about fifth grade security protocols on the backdoor of a national database...........it is utterly stunning.
2seaoat wrote:moot.....in what way? Did you read his testimony? There is nothing moot about it..........that would require the issue being considered moot if the military would fully explains this horrible breach of design...they certainly cannot.......if all a nation has to do is get one smart 20 year old kid to get on any secured access point and have the back end of our entire transactional history of operations.......there is nothing about this Bradley matter which is moot. This requires congressional hearings......closed door hearings......because we are in for a ton of hurt.....until I read this link, I never realized how serious this breach was.........mind boggling.
The part that is most important is to not let this become a discussion about a rogue kid.....these are design flaws.....plain and simple. Now this link may be a total fabrication. I have not seen a confirmation or read any of this but here.....so I will hold my judgment until this story is checked out.....but moot......not a chance.
2seaoat wrote:Encryption would be analogous to the lock on your front door. As packets are sent through the internet they are exposed. You can create a pipeline which completely isolates that data from others.....encryption protocols start with a vpn, but even that does not go far enough, so the individual packets are encrypted and make it virtually impossible in a normal time frame for somebody to break that front door lock. However, you are mixing apples and oranges. The front door look is easy. It is secure. However, once in the front door, If I walk over to your computer.......even a home computer will have an access code to get to certain files.......No problem....Bradley had the credentials, but the problem is in database design on that network.
A database must have its own separate backdoor lock. When you access a database with a query, you can get data.....you can get reports, but from your portal........YOU SHOULD HAVE NO ACCESS to the backdoor design criteria and tables of that database. A simple access database or SQL used on the typical commerce site or small business or government unit, has the back end locked up tighter than the front door, because more damage can be done with access to those tables, than some kid cracking mom's bank codes and getting money at the ATM.........the back end you own the whole kit and caboodle...........If Bradley's testimony is accurate, our entire database had no backend protection. Bradley makes no admission of needing to steal codes......he makes no admission to breaching a limited access portal........he makes no admission to compromising a vpn........nope he had access to the back end of a national database from any of many access points which he reported........Even more shocking was the utter lack of knowledge by portal and time spent on the database.......mind boggling, and across America when technical people read Bradley's admissions......you begin to question if any of our weapon system databases were protected any better. This story is not about Bradley. This is about fifth grade security protocols on the backdoor of a national database...........it is utterly stunning.
2seaoat wrote:This has little to do with "trust". Do you remember what Ronald Reagan used to say.........Trust.....yes, but verify. Do you understand that the security protocols as testified by Dweasle, had no verifications......allowed access to the back end of this critical database from any portal without any verification as to where those folks were going. Do you understand how ass backward this system was? It is shockingly vulnerable. You want to make this about the analyst.....yet with this poor system design, hell, there are probably at least two or three foreign agents who are working in our military who have already accessed this wide open system to copy information, and God help us if the design and security of our weapon databases are as vulnerable as this transactional database was. Do you understand that folks are actively trying to compromise our secure information.....the Russians, Chinese, Israelis, Koreans, Iranians, and others are every day seeking to compromise our information, and as the debate of our nation focus on cyber vulnerability, you want to act like one analyst went haywired......nope......we have a problem Houston.
Ghost_Rider1 wrote:2seaoat wrote:This has little to do with "trust". Do you remember what Ronald Reagan used to say.........Trust.....yes, but verify. Do you understand that the security protocols as testified by Dweasle, had no verifications......allowed access to the back end of this critical database from any portal without any verification as to where those folks were going. Do you understand how ass backward this system was? It is shockingly vulnerable. You want to make this about the analyst.....yet with this poor system design, hell, there are probably at least two or three foreign agents who are working in our military who have already accessed this wide open system to copy information, and God help us if the design and security of our weapon databases are as vulnerable as this transactional database was. Do you understand that folks are actively trying to compromise our secure information.....the Russians, Chinese, Israelis, Koreans, Iranians, and others are every day seeking to compromise our information, and as the debate of our nation focus on cyber vulnerability, you want to act like one analyst went haywired......nope......we have a problem Houston.
Regardless, it is about the analyst. Just because Manning had access to a vulnerability does not give him Carte Blanche to exploit it. If anything he should have brought this vulnerability(if in fact there was one) to those in charge and not publish it to Wikileaks.How may other analysts has access to the same information as he, but chose to do the honorable thing and not abuse it. Manning is a traitor, pure and simple and IMHO should be executed. It is about one and only one analyst regardless of what you think, Just because he had the information does not mean he should use it.
2seaoat wrote:Some concerns about drones and the crews operating them seem to have contributed a great deal to his decision to release this information. T has provided a great deal of concern, and Manning saw the worst behavior.
Permissions in this forum:
You cannot reply to topics in this forum