[HN Gopher] A physical breach is a nightmare scenario for Capito...
___________________________________________________________________
A physical breach is a nightmare scenario for Capitol IT
Author : rmason
Score : 162 points
Date : 2021-01-07 19:14 UTC (3 hours ago)
(HTM) web link (twitter.com)
(TXT) w3m dump (twitter.com)
| cpascal wrote:
| The author of the Twitter thread links to another thread towards
| the end that notes the risk of a classified information breach
| isn't too high.
|
| https://twitter.com/ericgeller/status/1347226499930230785
|
| Obviously that doesn't change the fact that the entire building
| should be considered compromised and scrubbed.
| slg wrote:
| The last 5+ years of leaks from politicians should have taught
| us that something doesn't need to be classified to be highly
| damaging to both the individual and the nation.
| jmiter wrote:
| Maybe someone can answer this for me:
|
| having worked for the US gvt, though not in legislature or dept
| of state, PIV cards were always required to access a gvt machine,
| and leaving your PIV inserted while absent from the room was, in
| theory, a serious offense.
|
| Are congress critters and others not required to use ID cards
| when accessing gvt networks?
| Jtsummers wrote:
| Different agencies have different IT systems at the federal
| level. The PIV cards used by the DOD and some other departments
| are _not_ universal within the executive branch, and the
| legislative and judicial branches manage their own IT systems
| (sometimes still managing it locally rather than having any
| kind of centralized system). Government IT is very much a set
| of feudal territories still and many of them are not well or
| consistently managed.
| chefkoch wrote:
| I'm not sure you can say no to senator who wants stuff changed?
| jnwatson wrote:
| The rules for the executive branch are fairly rigorous. The
| legislative branch, not so much. There's a huge difference in
| scale: the executive branch employs some 4 million folks, the
| legislative branch just 35K.
|
| Just the picture of Pelosi's desktop indicates there's no
| automatic screenlock, which is a fairly low bar as controls go.
| fl0wenol wrote:
| It wasn't Pelosi's desktop, it was her scheduling
| assistant's. You can clearly see his name on the Outlook
| inbox.
|
| Not that it's much better, but it is still an important
| clarification.
| dillondoyle wrote:
| Another thread that I think offers some context a bit less
| 'scary' than this [1]. Most of the stuff the invaders could of
| had easy access to - eg in a Member's office - is not that
| important, consider what is leaked to the press strategically for
| politics every day.
|
| I'd be more concerned about listening devices especially key
| committee Members and staff e.g. foreign relations LAs
|
| I don't have firsthand knowledge of the non-classified working
| computers of Congress but maybe someone can confirm if IT used
| SolarWinds and their network is already compromised.
|
| * also individual Member offices are treated basically like
| businesses in a lot of ways. e.g. the Member can contract/share
| hire their own IT helpers too. i can't find a source quickly but
| a few years ago remember the article about some guy working for a
| few Dems being a dumb ass
|
| * * I'll also add that almost any US citizen can get a meeting
| inside a Member's office. A house member directly or with a
| staffer. I'm sure there are a ton of listening devices that metal
| detectors wouldn't find and that are quick to place
| surreptitiously
|
| https://twitter.com/ericgeller/status/1347226499930230785
| rootusrootus wrote:
| > almost any US citizen can get a meeting inside a Member's
| office
|
| Indeed, most days you can just walk directly into any senator's
| or member's office. Maybe leadership has different rules, I
| haven't tested that, but I had no trouble strolling into Ron
| Wyden's office. So anything you can get through the building
| metal detectors (which really aren't very sensitive, they're
| just looking for weapons) you could take in and surreptitiously
| drop off.
| psychlops wrote:
| Heaven forbid someone front runs the trades of Congress.
| jaywalk wrote:
| The one person who almost got into an area where they really
| didn't want people was shot dead. This guy's acting like the
| rioters breached a SCIF or something. The Capitol building is
| (was, normally) open to the public.
| thinkmassive wrote:
| Yep, the important rooms would not accidentally be left
| accessible, even in a situation like what happened yesterday.
|
| https://en.wikipedia.org/wiki/Sensitive_Compartmented_Inform...
| paxys wrote:
| Multiple computers belonging to congressmen/their aides have
| been reported accessed or stolen
| (https://thehill.com/homenews/senate/533162-merkley-says-
| capi...). Someone posted a picture of Nancy Pelosi's email
| client, stole mail and left a threatening note in her office.
| Other private chambers were vandalized (https://twitter.com/Sen
| JeffMerkley/status/134703950452849868...). Can anyone really
| confirm that there were zero foreign agents among the thousands
| of rioters who accessed the building? Let's not pretend what
| happened was normal.
| chefkoch wrote:
| You'd have to reimage all those computers for sure.
| jaywalk wrote:
| Not normal, not good. Will cause issues for sure. But those
| computers did not have access to classified information.
| paxys wrote:
| > But those computers did not have access to classified
| information.
|
| Got a source for that? You really think a sitting Senator's
| laptop has zero useful data for a foreign government, or
| even the opposition party? Heck his browser history or
| synced texts could have enough blackmail material.
| [deleted]
| Jtsummers wrote:
| Useful data != Secret/TS data. If there is any Secret/TS
| data on these systems, there's already been a security
| breach and yesterday wasn't special. Unclassified systems
| are often assumed unsafe/breached to begin with.
| randylahey wrote:
| I don't disagree, however... human beings can be lazy,
| short-sighted or take short-cuts. I wouldn't put it past
| someone to keep something where it shouldn't be,
| intentionally or by accident.
| jjcon wrote:
| I don't think you understand how difficult it would be to
| get classified information on your unclassified laptop
| and there isn't a chance in hell you could do it by
| accident
| Robin_Message wrote:
| Just wondering as I have no special knowledge, but
| suppose I am a senator and I receive a number of
| classified briefings on a particular issue.
|
| Could I use Outlook to take some notes on my thoughts on
| that issue? Say as a draft e-mail? I don't think there
| would be anything technical to stop me, and it's not
| going to set off any automatic exfiltration flags.
|
| But those notes could very well need to be classified.
| Does everyone in the Capitol with access to classified
| material have the necessary skills and incentives not to
| make notes about them on their personal computer?
| jjcon wrote:
| If you are receiving a classified briefing you cannot be
| on a machine that has internet access - the briefing
| would be in a secured area with no personal devices and
| the only machines in that area are airgapped (and they
| are airgapped forever, no switching back and forth).
|
| You could of course write stuff down afterwards in an
| unsecure place but that is day 1 essential huge fucking
| deal no no. You don't even discuss classified info
| outside a secure area, not in your public office not in
| the outback not ever. That doesn't mean people don't do
| it but when they do and it is found out it is a really
| big deal. Accidents do happen and there are protocols in
| place to deal with them when they occur. 99.9% of these
| leaks are extremely mundane low tier classification and
| are due to document misclassification etc. Sometimes the
| name of a project is classified and is leaked by
| reference etc but when it comes to actual important stuff
| people are quite competent at keeping that in secure
| areas.
| richardwhiuk wrote:
| You write an email that references something you read in
| a classified briefing?
|
| Nancy Pelosi is part of the Gang of Eight - https://en.wi
| kipedia.org/wiki/Gang_of_Eight_(intelligence) which is
| briefed on National Security matters by the Executive
| Branch (this is top secret, special forces operations
| style stuff).
| Jtsummers wrote:
| That's actually how a lot of real-world classified data
| leak incidents happen. Either someone records a
| classified fact/detail on an unclassified system through
| carelessness or lack of caution, or compiles a set of
| facts that are (in aggregate) classified but individually
| unclassified.
|
| The latter can be particularly pernicious as it's hard to
| know the aggregate classification. I may be able to say
| in separate contexts "The XF-42 is capable of exceeding
| 1200 nautical miles per hour" and "The XF-42 is capable
| of flying in excess of 60k feet" but placing the two
| facts together can actually be classified (in practice,
| usually more than two details).
| setr wrote:
| This seems nonsensical -- why are the sum of the parts
| more classified than the individual?
|
| If I put together a long list of facts about the XF-42,
| it's classified, but if I separate each item onto a
| different page and tell someone else how to recompile the
| information (eg page numbers), it's fine?
|
| I can't imagine a scenario where this model makes sense
| -- ignoring absurdities like classifying basic facts (sky
| is blue) and words (help) due to cascading
| classification.
|
| It seems to me the rule should be that of poisoning --
| any information in a document with classification X
| poisons the rest of the document to the same
| classification; or rather, a document classification is
| the maximum of its children
| Jtsummers wrote:
| My example probably wasn't the best as too much is
| already given away. It's more like this:
|
| - We have a manned aircraft
|
| - We have an aircraft that can travel above 60k feet
|
| - We have an aircraft that can sustain or exceed Mach 8
| at that altitude
|
| - We have an aircraft called the XF-42
|
| - We have an aircraft based in Middle-Of-Nowhere, AZ
|
| - We have 10 operational aircraft of some specific type
|
| Any one of those details may be unclassified, but as you
| start pairing them up classified information can be
| derived from it. Note that in this, somewhat better,
| example only one item identifies the aircraft (rather
| than my initial example in which both items identified
| it).
|
| Publicly it may be known that an XF-42 exists, even where
| it's based, and that there are only 10. Publicly it may
| be known that _an_ aircraft exists which is manned,
| travels above 60k feet and over Mach 8. But the two sets
| of data may not be joined in public because that would
| give more information than desired (in particular, that
| there are only 10 indicates a limit on the capability of
| the mystery superfast and high altitude aircraft).
|
| EDIT: Regarding some of your other comments.
|
| If I spread the information out _and_ tell you how to
| reconstitute it so you can make a cohesive whole, I 've
| just obfuscated the classified information which is the
| same as leaking it straight up.
|
| Regarding "poisoning", this is how it's done. If you have
| a document with TS data, the document is TS even if it's
| a single line item surrounded by unclassified data.
| jjcon wrote:
| I've never seen exactly what they are talking about but
| what they may be getting at is actually information
| compartmentalization - group A can know fact A and group
| B can know fact B but neither group can know AB. Some
| higher up official can know AB but must keep those facts
| separated in documentation because they may share
| portions with the groups. Having said that - both A and B
| are classified. You can't have unclassified
| compartmentalized info.
| [deleted]
| jaywalk wrote:
| There's a difference between the personal data you
| mentioned, which is on all of our computers, and actual
| classified information.
| snowwrestler wrote:
| I know a lot of people who worked for members of Congress
| and a few who do now. Computers sitting on desks in
| regular Congressional offices do not have access to
| classified materials. Most members of Congress or their
| staff do not have access to classified material at all.
|
| There is a lot of private information on those computers,
| though, and the biggest risks there are the use of that
| info to harass staff and/or manipulation of it to feed
| conspiracy theories (see: Pizzagate).
|
| Blackmail material is extremely unlikely since these are
| all government computers and everyone who works there
| knows they are subject to oversight.
| jjk166 wrote:
| There are lots of things to be concerned about besides
| classified information - such as emails and personal files
| of congress members and staffers - but even further it's
| not just what you can get off of the computer, it's what
| you can put on it.
| jjcon wrote:
| > such as emails and personal files of congress members
| and staffers
|
| All of which is not of national security concern and most
| of which is already subject to public access via foia
| meragrin_ wrote:
| > The one person who almost got into an area where they really
| didn't want people was shot dead.
|
| The videos showing her get shot had several police in the area
| and they never looked like they were very interested in
| protecting that area before she was shot.
| c_r_w wrote:
| Difference between the Secret Service and Capitol PD.
| saargrin wrote:
| not sure the office computers are typically accessible to
| public
|
| now they gonna check everything for possible keyloggers or
| whatnot
|
| and theres no way of knowing if any computer was left unlocked
| and might have had something installed on it
| NortySpock wrote:
| At least one protestor claimed he found an unlocked computer.
| Up to others to verify if that claim is accurate.
|
| https://arstechnica.com/tech-policy/2021/01/pro-trump-
| report...
|
| Windows-L is the keyboard command to lock on Windows. I
| strike it by habit every time I get up from my chair.
| raverbashing wrote:
| Best way I found is to set a "hot corner" that will lock
| the computer once the cursor is moved there
|
| Easier than typing a key combination
| InitialLastName wrote:
| I had that at one point, but on Windows, with a high
| resolution screen and maximized windows there are too
| many useful operations dangerously close to every corner.
|
| Some folks at my office have ID cards that need to be
| inserted to operate the computer (it locks when the card
| is removed from the reader). The smart ones have attached
| the card to their belt so that when they walk away, the
| card goes with them and the computer locks.
| mkl95 wrote:
| Super-L is the keyboard command to lock on Gnome. The super
| key is called the windows key on Windows :-)
| jedberg wrote:
| "Hi Representative Foo, I have a presentation on the USB
| stick here I'd like to show you, mind if I plug it in?"
|
| "I just need to download the presentation from my website,
| can I use your computer real quick?"
|
| Do you really think an 80 year old anti-tech representative
| would even consider that a problem?
|
| I'd have to assume the computers are already protected from
| that attack vector.
|
| Edit: I'm getting a lot of downvotes without replies, which
| makes me thing people don't agree with this. I wonder, how
| many have actually worked in corporate IT security for a non-
| tech company with older employees? Because things like this
| definitely happen on a daily basis.
|
| Case in point: Pelosi's screen was unlocked when that guy sat
| down, which was at least 20 minutes after she left. That
| means that not only does she not lock her screen when she
| gets up, but the screen saver doesn't even auto-lock after 20
| minutes.
| ufmace wrote:
| Does anybody remember when Bradley/Chelsea Manning released
| ~hundreds of thousands of classified diplomatic cables? I seem to
| remember that most of the tech world at the time thought that was
| awesome. I wonder why this time they're clutching pearls about
| how scary and terrible this could be.
| Sebb767 wrote:
| > I wonder why this time they're clutching pearls about how
| scary and terrible this could be.
|
| Most of the readers here know quite a few things about system
| administration and/or IT security. As I read this thread, most
| comments only discuss the IT security implication or express
| sympathy for the poor souls that will need to clean up this
| mess; there's hardly any discussion about the morality of
| possible leaks.
| [deleted]
| randylahey wrote:
| Your recollection does not comport with my own. A lot of
| sensitive classified information was leaked, a good deal of it
| having nothing to do with warrant-less wire-tapping, etc.
| mjburgess wrote:
| Four 5seconds until their contents was clear.
|
| It was initally assumed to be a leak on moral grounds. And
| ended up just putting a lot of people in danger, and disrupting
| international diplomacy.
|
| I dont think many who know the details support the leak.
| jessaustin wrote:
| No human was physically harmed as a result of Manning's
| leaks. If there had been, such a person would have been
| mourned in the USA war media for months.
| fl0wenol wrote:
| Since you're bringing up Manning but not mentioning Snowden,
| and also helpfully dead naming her in case we were confused, we
| can assume you're not bringing this up in good faith but as a
| slanted whataboutism.
| nosmokewhereiam wrote:
| They can't sign emails without PKI right?
| sybercecurity wrote:
| Officially yes, but the use of S/MIME signed email in the
| federal government is minimal/non-existent beyond a few
| instances.
| unixhero wrote:
| Hey! They used it on The X-Files. I've got proof. (Joke)
| adrianmonk wrote:
| Are there security cameras? If so (assuming footage wasn't
| tampered with), then you can maybe narrow down the locations
| where people actually did have physical access.
| TT3351 wrote:
| Access to the Capitol isn't very restricted. People who are
| handling top secret information know that very well; that said,
| plenty of personally compromising information can usually be
| found on any given personal computer.
| jedberg wrote:
| Is it though? I was having this discussion with a friend last
| night. If I were IT for the Capitol, I would already be operating
| under the assumption that all the clients are hostile.
|
| There are constantly visitors to the Capitol, including foreign
| visitors who could easily be spies. Also, the Members themselves
| are often old, anti-tech, and not the kind of people who will
| remember to lock their screen when they get up. I would already
| assume Member computers are a huge attack vector, and act
| accordingly.
| _Microft wrote:
| Here is why Foone thinks that "forgetting to lock the screen"
| is unlikely:
| https://mobile.twitter.com/Foone/status/1346924327996772354
| mikeryan wrote:
| Relevant Picture (from since deleted tweet - Interesting that
| the media is still accessible on twitter...)
|
| https://pbs.twimg.com/media/ErErUqKXMAMQtyy.jpg
| chris72205 wrote:
| I _believe_ this is where that picture originated from
| https://twitter.com/mikko/status/1346922681158000640?s=21
| _Microft wrote:
| It almost looks like a photo that an employee themselves
| might take after being shown such an alert message.
| chipsa wrote:
| Congress apparently doesn't use CACs, and the photo shown of
| the desktop shows no card reader to stick a card in.
| watwut wrote:
| Random visitors don't go into offices. They don't look into
| cupboards. They don't sit behind desk with computer.
| AnimalMuppet wrote:
| How about staffers working for members from the other party?
| Yes, you'd expect a "gentlemen's agreement" not to do such
| things. You might not be wise to trust it, though...
| watwut wrote:
| I doubt there is anything like gentlemens agreement last 8
| year's. Everyone was aware it is sociopaths run the place.
|
| So I think other party stsffers are not trusted to be left
| alone.
| chefkoch wrote:
| But perhabs visitors like lobbyists, donors etc. could be
| often alone long enough with a computer to something bad. And
| don't forget all the viruses that tweet porn links.
| watwut wrote:
| Unlikely, given that it does not happen in commercial
| companies either and there no one particularly has reason
| to care.
| MacsHeadroom wrote:
| Private companies are compromised by visitors every
| single day. Outsiders on-premise are one of the largest
| attack vectors after insiders.
|
| This is why both the local network and endpoints are no
| longer trusted in security models.
| generalizations wrote:
| And yet you still have to assume they might.
| lumost wrote:
| Authorized individuals have classified documents on Capitol
| hill computers, there have been many options available to
| support breaching a workstation given physical access for
| years.
|
| In this event you don't even know if such authorized
| persons had time to lock their computers.
| Rebelgecko wrote:
| I am a random nobody and I was able to waltz in to my
| congresswoman's office. Obviously I wasn't digging through
| the desk drawers, but it's not like I was closely observed
| while I waited for my congresswoman's secretary to get off
| her phone call
| moate wrote:
| This is not similar to having 4 ours of unfettered access
| during a riot. They literally were digging in desk drawers,
| using the phone, leaving threats, carving hate speech into
| wooden doors, etc.
|
| I once saw a citizen with a 6-shooter strapped to his hip
| at a Colorado county clerk's office peacefully fill out
| some paperwork for 5 minutes. What does this story tell us
| about what rioters did or didn't do while tearing up the
| capital building?
| defen wrote:
| > I once saw a citizen with a 6-shooter strapped to his
| hip at a Colorado county clerk's office peacefully fill
| out some paperwork for 5 minutes. What does this story
| tell us about what rioters did or didn't do while tearing
| up the capital building?
|
| 1 minute of Googling tells me that Colorado is an open-
| carry state, and there is no specific exclusion for
| county offices, so unless this was in Denver or another
| municipality that prohibits open carry I don't see the
| relevance of your story to what happened in the Capitol.
| bszupnick wrote:
| This person, who seems to have more intimate knowledge of
| capitol IT, also mimics the concern:
| https://twitter.com/neurovagrant/status/1346964347684179970
| anovikov wrote:
| On the other hand, there are for sure plenty of cameras out
| there. Why not just find everyone who participated and make sure
| no one sees them again? Just make them disappear.
| riversflow wrote:
| Seriously? You are really asking the government to disappear
| people?
___________________________________________________________________
(page generated 2021-01-07 23:00 UTC)