Schneier on Security
A blog covering security and security technology.
« Zodiac Cipher Cracked |
| Friday Squid Blogging: Severed Hand is Actually A Dried Squid »
August 5, 2011
XKCD on the CIA Hack
Posted on August 5, 2011 at 2:58 PM
• 12 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
A poster on a wall that they can dust for prints. Just sayin'.
Only use LOIC over dial-up and they'll never figure it out.
It's true, but on the other hand it means CIA did a poor job of handling the security of one of its properties.
If a painter's house has a bad paint job, it may not mean anything about how the painter will do on your house, but it's certainly not a good sign.
Exactly. There's a reason hackers attack Web sites - frequently they can use them or the information gained by trying to bring them down to gain access to more secure sites. While this is less likely with the CIA, who can say for sure unless it's tried? HBGary Federal was a computer security site and it broke fairly easily.
This isn't some porn site or some individual's site. It's the CIA which would presumably have a budget and motivation to not allow this.
Would this comic say the same thing if it was Al Qaeda that hacked the site? At the very least it's embarrassing.
Thank you for posting that XKCD link. I especially liked his circuit diagram. One of the best I've ever, ever seen.
I think that and I don't even know what they are!!
You rock Bruce :)
It's not even that the poster was torn down; a more accurate analogy would be that lots of people went and sat in front of the poster so no-one else could see it for a while!
(I'm assuming this was a DOS attack)
I think the last box in the commic was wrong...
Instead of "CIA!!" it should have been "CIA zzz zzz zz..."
Facebook just changed default settings to browse unsecured. What is the economic motive behind not defaulting https? How much more expensive is https to administrate?
As always with XKCD comics the true joy is in the images alt-text. Go back and hover your mose over the strip and enjoy the cutting sarcasm and insight that shows the author really gets it. Beware L.A.D.D.E.R.
"Facebook just changed default settings to browse unsecured. What is the economic motive behind not defaulting https? How much more expensive is https to administrate?"
Running https puts additional load on the servers reducing the number of simultaneous connections a server can handle. While it’s not much additional load per connection with operations the size of facebook this can add up quick. Setting SSL as default would require facebook to purchase, maintain, and administer more servers or more likely separate devices to process SSL connections (SSL Offloaders).The exact amount of expense that would be incurred by adding this would depends on a number of factors, but its greater then $0
XKCD's on form again today: http://www.xkcd.com/936/
Waiting to see "correct horse battery staple" rise up the common used internet passwords lists '-)
No no no...
Read the last frame it's "Horse battery staple correct" 8)
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.