[Flipside]

http://www.bbc.co.uk/news/world-us-canada-33017310

It seems that millions of Federal workers details have been stolen in a cyber-attack.

Not much info yet, I'm sure more will be forthcoming.

Doesn't bode well for all these data retention laws our Governments keep trying to enforce...

[Klaustrophobia]

As a government worker, I can state first hand that government IT security is abysmal.  Our IT and data security departments aren't qualified professionals, they are everyday workers promoted/transferred from within.  Everyone knows that security is terrible, but the people trying to fix it don't have the slightest clue what they are doing.  Our password requirements get more ridiculous every year.  Almost all of them are retained forever somewhere to make sure you don't re-use.  Some of them you even have to select from a pre-determined list (of about 20).  I'll try to track down one of the actual password requirement lists later. 

[Phantom Hoover]

Almost all of them are retained forever somewhere to make sure you don't re-use.  Some of them you even have to select from a pre-determined list (of about 20).

ahahahaha holy ****

[Klaustrophobia]

Oh, and our government computers run McAfee and Symantec on top of each other, both massively out of date.  You know, so the government can approve any definition updates before they are installed on government systems.

Really about the only thing they do right is the smart card logons.

[Ulala]

Our tax dollars hard at work...paying Symantec and McAfee.

[jr2]

Oh, and our government computers run McAfee and Symantec on top of each other, both massively out of date.  You know, so the government can approve any definition updates before they are installed on government systems.

Really about the only thing they do right is the smart card logons.

Can confirm.

[Dragon]

All this while NSA spends millions of dollars for research on cyberspying, cryptography and bypassing security measures... All these experts should spend some time making sure that their own data can't be stolen and systems compromised. In a much less sophisticated way than what they use, no less.

[Phantom Hoover]

The NSA sabotaged the crypto standards that the US government is mandated to use, so I don't think they care.

[Klaustrophobia]

But don't worry, the Freedom Act gave all our data to telecom corporations to safeguard now.  We're TOTALLY safe.

Well, unless you're a fed employee like me I guess.  Waiting to see if I'm one of the 4 million.  Pretty pissed they decided it was okay to sit on this for more than a month before telling the people affected.  And then not even telling us, we had to find it out from the news.