Is the Pentagon secure?

[Vod]

I am shocked that the secretary of defense was able to plug an unauthorized device into their network.   TWENTY FIVE YEARS ago I worked head of IT at a major accounting company and I had the network restricted to known MAC addresses and software.    If you brought a personal laptop in, you would not get an IP address even if you spoofed your MAC.    It was required, esp around tax season when million dollar clients brought in their own computers, possibly infected with god knows what.

This was in 1999 when we were undergoing Y2K changes.  I can't image what type of incompetence Elon has placed as their network administrator.  The pentagon should have their own mobile network, so all cell phone and wifi signals are blocked. 

How was this drunk able to bypass their security, and how long until he tells others accidently?

[Zlantann]

I am shocked that the secretary of defense was able to plug an unauthorized device into their network.   TWENTY FIVE YEARS ago I worked head of IT at a major accounting company and I had the network restricted to known MAC addresses and software.    If you brought a personal laptop in, you would not get an IP address even if you spoofed your MAC.    It was required, esp around tax season when million dollar clients brought in their own computers, possibly infected with god knows what.

This was in 1999 when we were undergoing Y2K changes.  I can't image what type of incompetence Elon has placed as their network administrator.  The pentagon should have their own mobile network, so all cell phone and wifi signals are blocked.  

How was this drunk able to bypass their security, and how long until he tells others accidently?

Trump's team have showed some level of incompetence in carryout their duties. This was how Atlantic editor-in-chief Jeffrey Goldberg was added to a Signal chat group that included JD Vance, Mike Waltz, John Ratcliffe, Susie Wiles, Stephen MillerTulsi Gabbard and Pete Hegseth. This group was discussing sensitive security or military information without knowing that a third party was in the group. Maybe there was another leaks that happened again. It is obvious that Donald Trump handed over important positions to unqualified people.

[pooya87]

Their boss uses twitter to publish highly classified military-quality spy satellite image and the underboss uses Signal to leak highly classified military intelligence not once but twice;
... this kind of behavior should be expected already.

[o48o]

I am shocked that the secretary of defense was able to plug an unauthorized device into their network.   TWENTY FIVE YEARS ago I worked head of IT at a major accounting company and I had the network restricted to known MAC addresses and software.    If you brought a personal laptop in, you would not get an IP address even if you spoofed your MAC.    It was required, esp around tax season when million dollar clients brought in their own computers, possibly infected with god knows what.

This was in 1999 when we were undergoing Y2K changes.  I can't image what type of incompetence Elon has placed as their network administrator.  The pentagon should have their own mobile network, so all cell phone and wifi signals are blocked.  

How was this drunk able to bypass their security, and how long until he tells others accidently?

This is probably just another tip of an iceberg, as there's no one preventing him to mess up, when Hegseth pretty much fired everyone who knows how everything works at the start.

I would argue that trump is intentionally picking bad people for him to look better, but that requires planning, and so i think it's just about loyalty superseding the talent. In this case it's just DUI over DEI.

Worst thing (from their stance) is that weakest link against high grade security are people involved, and these people involved seem to be highly susceptible for social engineering. But they are just bringing more people into the loop like his wife, which i am assuming Hegseth did only to impress her.

It speaks volumes that top staffers have been resigning. I would do as i wouldn't want to be thrown under the bus for just being involved. And why would anyone want to end up in prison for treason for being involved in future incidents.

[bias]

I am shocked that the secretary of defense was able to plug an unauthorized device into their network.  TWENTY FIVE YEARS ago I worked head of IT at a major accounting company and I had the network restricted to known MAC addresses and software.    If you brought a personal laptop in, you would not get an IP address even if you spoofed your MAC.    It was required, esp around tax season when million dollar clients brought in their own computers, possibly infected with god knows what.

This was in 1999 when we were undergoing Y2K changes.  I can't image what type of incompetence Elon has placed as their network administrator.  The pentagon should have their own mobile network, so all cell phone and wifi signals are blocked. 

How was this drunk able to bypass their security, and how long until he tells others accidently?

So, if your boss in that job brings his personal laptop/ phone and tells you to open the network, will you say no, "I don't?" Sorry, but I doubt it. He is the Secretary of Defence, he has the clearance to do this, he can bypass the system. It's been said that he was specifically warned to be careful not to share sensitive information on "an unsecure communications system". That means they were aware that 1- he uses his personal phone instead of the gov's authorized one, and 2- he chats on Signal or whatever else this joker did that we don't know. The employees inform him and ring the bells. Now, if the "boss" is an idiot like him, that's another thing that they can do nothing about. That's someone else's job...
P.S: He didn't say it accidentally; he accidentally put the editor-in-chief of The Atlantic on the chat from his contacts list... Viral fool!

[Vod]

So, if your boss in that job brings his personal laptop/ phone and tells you to open the network, will you say no, "I don't?" Sorry, but I doubt it.

Which is exactly why our policy was to block all unknown devices.   A billion dollar client wants to plug his laptop in, the auditor says OK, but it won't work.   You are right - clients weould not stick around long if they were denied something - so the board of directors took the choice away from them.  

I did say no to many bosses who wanted an exception.  But I was also following corporate policy, so I was protected.

[bias]

Which is exactly why our policy was to block all unknown devices.   A billion dollar client wants to plug his laptop in, the auditor says OK, but it won't work.   You are right - clients weould not stick around long if they were denied something - so the board of directors took the choice away from them.

That's the best thing that a company can do. Remove from the start any unsafe demands from their clients. However, when I'm referring to the boss, I didn't mean the clients but the board of directors. Those (and not all of them) are the SoD, not the clients.  

I did say no to many bosses who wanted an exception.  But I was also following corporate policy, so I was protected.

That doesn't mean that they don't bypass you or your recommendation.

[Vod]

That doesn't mean that they don't bypass you or your recommendation.

They couldn''t.    Only I, with the admin password, could give access.  No one could order me to do so except for a vote by the board, which was across the country in Toronto.  

It's common for large corporations to have a single point of access.   I only controlled access in the Calgary office and I did offer access through HR emergency questions, but bad actors can hold companies hostage.  You can't just "bypass" security in modern networks with no back doors or vulnerabilities.

https://en.wikipedia.org/wiki/Terry_Childs_(network_administrator)#:~:text=Terry%20Childs%20is%20a%20former,FiberWAN%20system%20to%20his%20supervisors.

(It's funny, I asked Deepseek to find this story, but I guess the keyword "story" prompted it to make one up.  I had to specifically ask to find an existing article,  lol)

[paxmao]

I am shocked that the secretary of defense was able to plug an unauthorized device into their network.   TWENTY FIVE YEARS ago I worked head of IT at a major accounting company and I had the network restricted to known MAC addresses and software.    If you brought a personal laptop in, you would not get an IP address even if you spoofed your MAC.    It was required, esp around tax season when million dollar clients brought in their own computers, possibly infected with god knows what.

This was in 1999 when we were undergoing Y2K changes.  I can't image what type of incompetence Elon has placed as their network administrator.  The pentagon should have their own mobile network, so all cell phone and wifi signals are blocked. 

How was this drunk able to bypass their security, and how long until he tells others accidently?

The institutions are as secure as the people who work in them. I think that says everything, given the type of people who have been choosen to run the instutions. Just recap:

- CIA Director - A woman who was unable to say "Yes Snowden was a spy and did something wrong".
- FBI Director - A man who wrote conspiracy theories in Twitters.
- Secretary of State - A man who opened a secret chat group to a journalist.

I would not worry about the Petangon... I would worry about absolutely all the institutions that have been now interveened.

[Lida93]

Their boss uses twitter to publish highly classified military-quality spy satellite image and the underboss uses Signal to leak highly classified military intelligence not once but twice;
... this kind of behavior should be expected already.

It appears the Trump administration has little or no concerns for national security yet it claims to be security conscious. This ain't the first security mistake in just less than 100 days in office. The recent was when a journalist was added to  a group chat detailing information of a military attack.

Now it's a Pentagon accidental security leak... I wonder what could be the fate of the US Security Intelligence in the next in coming days of Trump's administration. Honestly, a lot of incompetence is being overlooked under Trump

[bias]

They couldn''t.    Only I, with the admin password, could give access.  No one could order me to do so except for a vote by the board, which was across the country in Toronto.  

It's common for large corporations to have a single point of access.   I only controlled access in the Calgary office and I did offer access through HR emergency questions, but bad actors can hold companies hostage.  You can't just "bypass" security in modern networks with no back doors or vulnerabilities.

Well, this was something that I wasn't aware of. So, based on this fact, the Pentagon and similar government buildings will have at least this factor on, if not more. In any case, we are talking about a guy whose head is empty and needs to be accountable for this.

I would not worry about the Petangon... I would worry about absolutely all the institutions that have been now interveened.

Or the ones that are still vulnerable to such stupid actions from such stupid people.

[bias]

So, the blame for this "Signalgate" scandal goes to Mike Waltz. And if someone thought that he would be out, he thought wrong. Instead of being out on the spot, he is taking another role in the Government as an Ambassador to the UN. Such a good job deserves applause and a reward. As for the SoD Pete Hegseth, is like nothing happen, at all...