Wednesday, March 22, 2006


Security Through Begging

Last summer, the surprising news came out that Japanese nuclear secrets leaked out, after a contractor was allowed to connect his personal virus-infested computer to the network at a nuclear power plant. The contractor had a file sharing app on his laptop as well, and suddenly nuclear secrets were available to plenty of kids just trying to download the latest hit single.
It's only taken about nine months for the government to come up with its suggestion on how to prevent future leaks of this nature: begging all Japanese citizens not to use file sharing systems
そして、政府が将来、こういう類の情報の流出を防ぐ方法の提案を思いつくのに、たった9ヶ月ぐらいしか掛からなかった。(ここは笑う所だと思います。 mrgreen
-- so that the next time this happens, there won't be anyone on the network to download such documents. Beyond the fact that this is unlikely to have any effect (at all) on file sharing in Japan, it has nothing to do with the actual security breach.
It wasn't the use of a file sharing system that was to blame here, but the security setup that allows an outside contractor to hook up his personal computer to the power plant's network without doing any kind of security check whatsoever to see if (a) his computer has malware or (b) his computer has file sharing software -- while leaving top secret documents available for his computer to access.
ここで非難されるべきはファイルシェアリング・システムの使用ではなく、外部の請負業者に自分のパソコンを(a)マルウェアを持っていないか(b)ファイルシェアリング・ソフトウェアを持っていないか 等のセキュリティ・チェックを何もしないでトップシークレットのドキュメントに彼のコンピュータからアクセス出来る様になっていたセキュリティ設定だった。
If this is how government officials react to such leaks (taking forever and completely missing the root cause of the problem, while suggesting a solution that is impossible to implement), it's almost amazing that such leaks didn't happen sooner.
カッコの中が上手く訳せない・・・ sad

日本の政府やマスコミ、有識者と言われる人達より、よっぽど問題の本質を理解しているようです。 mrgreen

1 comment:

Trickster said...