Friday, October 5, 2007

DHS DDoSes itself... with email

I've never been a big supporter of the DHS' security initiatives, and even less of the government's efforts to be "secure" (I mean, their track record alone speaks volumes) but this latest oops is too much. I guess I'm glad I'm not on their mailing list, because I wouldn't want to be spammed to hell now that some of their personal email addresses are out.
What's worse, you have to wonder who the original "reply-to-all" person was, or if it was really a "user who un-checked a box..." somewhere in the mailserver. What's particularly interesting to me is that the mailing list doesn't use traditional listserv or MajorDomo distribution channels, and obviously uses some bungled Domino install at a contractor site.

Lovely. I'm sure their internal security is much better...

Read all about this snafu here on eWeek, in case you've missed it.

1 comment:

Tom Los said...

are we really surprised? The internal department that is created to handle homeland security can't even keep themselves secured...