US Defense Contractor left Sensitive Files on Amazon Server Without Password

[vorticalbox]

http://thehackernews.com/2017/05/us-defense-contractor.html

 

Quote

Sensitive files linked to the United States intelligence agency were reportedly left on a public Amazon server by one of the nation's top intelligence contractor without a password, according to a new report.

 

UpGuard cyber risk analyst Chris Vickery discovered a cache of 60,000 documents from a US military project for the National Geospatial-Intelligence Agency (NGA) left unsecured on Amazon cloud storage server for anyone to access.
 

 

Quote

Roughly 28GB of exposed documents included the private Secure Shell (SSH) keys of a Booz Allen employee, and a half dozen plain text passwords belonging to government contractors with Top Secret Facility Clearance, Gizmodo reports.

 

What's more? The exposed data even contained master credentials granting administrative access to a highly-protected Pentagon system.

 

The sensitive files have since been secured and were likely hidden from those who didn't know where to look for them, but anyone, like Vickery, who knew where to look could have downloaded those sensitive files, potentially allowing access to both highly classified Pentagon material and Booz Allen information.

it's great to see people keeping data secure ? one day, a hacker will take out massive infrastructure and then maybe the world will take notice. 

 

[themctipers]

unsecured

 

no password

 

government information 

 

 

how are you that dumb? 

[WereCat]

3 minutes ago, themctipers said:

 

no password

 

Actually, there were 6 passwords

[AlwaysFSX]

9 minutes ago, themctipers said:

unsecured

 

no password

 

government information 

 

 

how are you that dumb? 

You would be thoroughly surprised how dumb government employees are.

[mr moose]

And people think the government are up to some major conspiracy with private companies,  Tell me when they can actually keep data secret and I'll start worrying then.

[LAwLz]

Oh look, more evidence that letting government agencies have backdoors into products is a very risky and stupid move, because those backdoors could be leaked and the effects would be devastating (WannaCry-tier, or worse).

Please remember this the next time someone says that we should be OK with government backdoors in software.

 

5 minutes ago, mr moose said:

And people think the government are up to some major conspiracy with private companies,  Tell me when they can actually keep data secret and I'll start worrying then.

It's not a conspiracy when it has been confirmed, such as Microsoft working with the NSA. 

[mr moose]

2 minutes ago, AlwaysFSX said:

I guess there's still some Borgia influence there.

Oh, renaissance period is to classy for me to pass comment on.  I think I'll just stick to the ineptitude of government employees leaving secret data out in the open for everyone to see.  You know, the stuff they are supposed to be really good at hiding, but can't.

[AlwaysFSX]

Just now, mr moose said:

Oh, renaissance period is to classy for me to pass comment on.  I think I'll just stick to the ineptitude of government employees leaving secret data out in the open for everyone to see.  You know, the stuff they are supposed to be really good at hiding, but can't.

Just think, both of our countries have too slow of internet to really do anything bad on. Takes too long to steal files.

[mr moose]

Last time I tried to hack the NSA I got a connection timed out message.  It told me to call my admin for help.  So I did and He wasn't too sure he could help hack the NSA and suggest I try amazon servers instead. 

[captain_to_fire]

21 minutes ago, AlwaysFSX said:

Joel Osteen is at it again.

Spoiler

 

Joel Osteen:

 

God is my ATM, prayer is my PIN. 

 

 

26 minutes ago, LAwLz said:

It's not a conspiracy when it has been confirmed, such as Microsoft working with the NSA. 

You mean it's not just a conspiracy theory. The word "conspiracy" actually means to plot things together. ?

[leadeater]

Thread cleaned, keep it on topic please.

[TidaLWaveZ]

1 hour ago, LAwLz said:

It's not a conspiracy when it has been confirmed, such as Microsoft working with the NSA. 

You mean,

"It's not a theory when it has been confirmed, such as Microsoft working with the NSA.",

and I agree.

 

I only bring this up to bring you in on my efforts as a resident tin foil hatter to correct the widespread use of the word "conspiracy" in place of "conspiracy theory". It's becoming a serious pet peeve of mine, and only YOU can prevent forest fires!

1 hour ago, mr moose said:

And people think the government are up to some major conspiracy with private companies,  Tell me when they can actually keep data secret and I'll start worrying then.

1 hour ago, mr moose said:

I heard this goes all the way up to the pope.

The US government employs over 22 million individuals not including the millions of military personnel, making up around 20% or more of the US population. There's going to be careless individuals, leaks, etc. but Gizmodo is a notoriously ignorant source and I wouldn't trust them to deliver correct information.

 

As far as criticizing the idea of government conspiracy with ties to major corporations, here's some undeniable, factual evidence for you

 

https://en.wikipedia.org/wiki/PRISM_(surveillance_program)

 

https://en.wikipedia.org/wiki/NSA_warrantless_surveillance_(2001–07)

 

 

[vorticalbox]

1 hour ago, LAwLz said:

It's not a conspiracy when it has been confirmed, such as Microsoft working with the NSA. 

 

[mr moose]

1 minute ago, TidaLWaveZ said:

You mean,

"It's not a theory when it has been confirmed, such as Microsoft working with the NSA.",

and I agree.

 

I only bring this up to bring you in on my efforts as a resident tin foil hatter to correct the widespread use of the word "conspiracy" in place of "conspiracy theory". It's becoming a serious pet peeve of mine, and only YOU can prevent forest fires!

The US government employs over 22 million individuals not including the millions of military personnel, making up around 20% or more of the US population. There's going to be careless individuals, leaks, etc. but Gizmodo is a notoriously ignorant source and I wouldn't trust them to deliver correct information.

 

As far as criticizing the idea of government conspiracy, here's some undeniable, factual evidence for you

 

https://en.wikipedia.org/wiki/PRISM_(surveillance_program)

 

https://en.wikipedia.org/wiki/NSA_warrantless_surveillance_(2001–07)

 

 

yep, I am not going to start running around assuming everything is proof of conspiracies.  I'm a little to old and tired for that shit.

[Guest Darth Revan]

1 hour ago, themctipers said:

unsecured

 

no password

 

government information 

 

 

how are you that dumb? 

It's the government.

[TidaLWaveZ]

Just now, mr moose said:

yep, I am not going to start running around assuming everything is proof of conspiracies.  I'm a little to old and tired for that shit.

You don't have to assume anything lol. The aforementioned already happened and the Obama administration acknowledged it, apologized for it, and said they will stop.

 

I would ask you if you've been living under a rock or something for the past ten years but in this world who could blame you?

[mr moose]

1 minute ago, TidaLWaveZ said:

You don't have to assume anything lol. The aforementioned already happened and the Obama administration acknowledged it, apologized for it, and said they will stop.

 

I would ask you if you've been living under a rock or something for the past ten years but in this world who could blame you?

I was referring to the bozo who left data un-encrypted on a corporate server.   You do know nothing has really changed in the last 2000 years of human development.  Government are just as bad now as they were then.   People are just as greedy,  and as I get older I have realised possibly every generation gets a little dumber. 

[TidaLWaveZ]

48 minutes ago, mr moose said:

I was referring to the bozo who left data un-encrypted on a corporate server.   You do know nothing has really changed in the last 2000 years of human development.  Government are just as bad now as they were then.   People are just as greedy,  and as I get older I have realised possibly every generation gets a little dumber. 

All agreed.

 

The Flynn Effect may have been right up to a certain point, like early 2000's at best but I also believe the majority of each generation(including millennials which I'm ahsamed to be)  have been getting less intelligent and more dependent as time progresses.

 

I don't consider myself particularly intelligent either, which says a lot about my thoughts towards the majority of younger generations who are ultimately astounded by a plastic bottles ability to land upright when it's filled with the right amount of liquid.

 

[tlink]

3 hours ago, AlwaysFSX said:

You would be thoroughly surprised how dumb government employees are.

these are not company employees lmao this was a private corporation.

2 hours ago, Darth Revan said:

It's the government.

no it isn't. can't you people read??

3 hours ago, mr moose said:

of government employees

see above and below.

3 hours ago, vorticalbox said:

the nation's top intelligence contractor

they where buying a product from a private company, a contractor. the private company left the information there, not the government.

[tlink]

1 hour ago, TidaLWaveZ said:

All agreed.

 

The Flynn Effect may have been right up to a certain point, like early 2000's at best but I also believe the majority of each generation(including millennials which I'm ahsamed to be)  have been getting less intelligent and more dependent as time progresses.

 

I don't consider myself particularly intelligent either, which says a lot about my thoughts towards the majority of younger generations who are ultimately astounded by a plastic bottles ability to land upright when it's filled with the right amount of liquid.

 

don't use millenials or any of the other strauss howe theory terms unironically, its pseudoscience. you can't base your generation on that because their definition of generation is completely ridiculous.

[TidaLWaveZ]

1 hour ago, tlink said:

don't use millenials or any of the other strauss howe theory terms unironically, its pseudoscience. you can't base your generation on that because their definition of generation is completely ridiculous.

Agreed, people born decades apart shouldn't be lumped together. One decade at best, IMO.

[AlwaysFSX]

3 hours ago, tlink said:

these are not company employees lmao this was a private corporation.

Contractors still fall under the "government" category while they're under contract.

 

Guess what, they're fucking stupid too.

[tlink]

12 minutes ago, AlwaysFSX said:

Contractors still fall under the "government" category while they're under contract.

 

Guess what, they're fucking stupid too.

no they literally don't. is google the government? they are company's. they are businesses.

[mr moose]

3 hours ago, tlink said:

no they literally don't. is google the government? they are company's. they are businesses.

They do as far as this context and discussion goes.  Be as pedantic about it as you like but it won't change the discussion.

[Beskamir]

19 hours ago, LAwLz said:

Oh look, more evidence that letting government agencies have backdoors into products is a very risky and stupid move, because those backdoors could be leaked and the effects would be devastating (WannaCry-tier, or worse).

Please remember this the next time someone says that we should be OK with government backdoors in software.

 

It's not a conspiracy when it has been confirmed, such as Microsoft working with the NSA. 

Someone should start a google doc or something where they just archive all the instances of backdoors turning out to be horrible ideas that we can just easily reference whenever an argument over this arises.