Cyber Vulnerabilities?
CLEAR and AIRA were down on and off all week. Some of our older readers might not realize that there are coppers on this job who have never seen an Inventory Book, filled out a five-page carbon Arrest Report, or seen a Court Transmittal that wasn't filled out by a computer. Progress and all that. But when these systems go down, and they go down a lot, a lot of police work grinds to a halt. Street operations aren't affected too badly, but it's difficult to run plates, check names, process arrestees, etc.
Which makes us wonder about things like this:
Which makes us wonder about things like this:
- A coworker of mine says she had the displeasure of waiting for a bus downtown yesterday with a few of the smelly wannabe hippies of OC. Said they were gloating on how easy it was to shut down a bunch of computers at police stations and make the ones at city hall go haywire also. Said something along the lines of 'they haven't seen anything yet', which she interpreted as them already having done something bad.
We don't expect the Department to up and admit that their computer systems may have been compromised. But we'll say with all the different systems cobbled together along with unsecured portals in and out of the network, we wouldn't be surprised if a halfway decent hacker could cause no end to problems. These aren't the hippies of 1968. There are some brainiacs out there without jobs and an appetite for destruction.
Labels: from the comments
posted by SCC at 12:03 AM
42 Comments:
Come on SCC give me a break. Some unwashed unhappy goof makes a comment like that and right away it's to be believed. I spent some time over the last few weeks reading on here how all those protesters were full of shit. Those systems have sucked for a long time. I've worked as a desk Sgt a few times and breakdowns have been a regular occurrence. Let's not give these goods more credit than they deserve.
I used to fill out SIX page carbon arrest reports. And your activity was calculated based on the sixth copy. If the review officer couldn't read the copy, you didn't get the credit. Press hard!
So, some of those 'homeless bums' who were lounging in Penny's former district's computer room might actually have had computer skills?
Shocking. Shocking, I say!
Not only was CLEAR & AIRA down the other day, "Internet Explorer" in it's entirety was incapacitated from about 1330 hours on. Not sure when it was restored, but my understanding is that 1/W had plenty of down time.
I have a buddy that designs and maintains computer systems, writes script and software, etc., etc. for a company that will remain nameless. Daily, he is entrusted with security clearances for certain programs that are second only to those of national security. The operating systems and skills to defeat/circumvent these same operating systems that he learned early on in his career are currently not accesible to the average hacker. Built-in protections exist and are constantly being reviewed, updated, etcetera to keep those with less-than-pure aspirations at bay.
HOWEVER, various loopholes and weaknesses are still often taught in underground settings where those bent on ill-intent and sabotage can get their "feet wet" in the world of cyber mayhem.
Based on what happened with the computers going down, the presence of O.C., ad naseum, I asked him what he thought of our operating system(s). The best part??? After a mere 45 minutes of Googling various aspects of the CPD, computers, servers, et al, and making a couple tech-related phone calls to those with higher clearances, he told me, without exaggeration, that a person with barely-above-remedial skills and some time to kill could effectively shut down the whole kit and caboodle. On a scale of 1 to 10 in security, CPD's is - AT BEST - a 3. This all kind of makes sense when you consider how we always get the shitiest equipment with the City paying connected and minority vendors 5 times what it would've cost to provide us with state of the art products from the get-go. Also easily accessible were schematics and diagrams, just like you'd download a lost owner's manual for your dishwasher.
Also viewable were the intracacies of servers (?) that control transponders/transmitters/receivers and such at the 911 Center. All this information, easily available for free on the internet. And all it'll take to cause pandemonium, it seems, is a few mildly intelligent, anti-establishment Geek Squad rejects with an axe to grind.
If I were one of those in charge of the CPD Think Tank (yea, yeah - an oxymoron) I'd keep this in mind as a very real possibility. Downed computers in the stations and cars can be (for the short term, anyway)...comical. Downed communications and the inability to use radios in the event of a catastrophe or riot situation? Not so funny.
"Some of our older readers might not realize that there are coppers on this job who have never seen an Inventory Book, filled out a five-page carbon Arrest Report, or seen a Court Transmittal that wasn't filled out by a computer."
Us older readers call these coppers "Hair Gels".
French revolution anyone? Anybody else understand what is really going on?
These aren't the hippies of 1968. There are some brainiacs out there without jobs and an appetite for destruction.
Labels: from the comments
POSTED BY SCC AT 12:03 AM
******************************
It seems the roles have been reversed this time around. The "Hippies" are the ones weilding the batons & the Police Brass is too timid & Stupid to take the batons back.
Oy Vey !!!
time to dig my cb radio out of the garage?
Aira and clear are down because we dont have nough cell towers to broadcast the freq. Why is this... because the city owes Verizon a ton of money.
Im still waiting for the Bat signal.
How about back in the day when a Sgt told you to leave yellow paper you went to the desk crew, got your 3 pages of yellow paper.
Then you went to the case reports and tore out the carbon and did your To-From. On a typewriter!
Early 70's.
Then you went on the street and drove around in your un-air-conditioned car and answered your radio. The one on the dash board!
Good Times!
If the job situation and the economy gets worse, then watch out below! We are at a stage where people are angry and pissed. A small percentage is very angry and upset and they are willing to do acts of sabotage.
"Some of our older readers might not realize that there are coppers on this job who have never seen an Inventory Book, filled out a five-page carbon Arrest Report, or seen a Court Transmittal that wasn't filled out by a computer."
As an "older reader" I realize it. Many like me have seen all the different bosses,initiatives,schemes,ideas (remember the black metal beat boxes, who made money of those?)come and go. Even with one inventory book in the district, most arrests,even DUI's took 45 mins,an hr. tops. Arrest report narratives were a couple of lines,not novels or full of disclaimers like we have now. Case reports didn't have the constant, victim,witness and offender being mentioned and repeated incessantly (cripes, is that irritating to read). P.O.'s didn't call a sgt. or if you did,you had better have a good reason or notification. Don't even get me started on all the uniform configurations,(both correct and incorrect)and hair styles.
Different times indeed....
CLEAR and AIRA were down on and off all week. Some of our older readers might not realize that there are coppers on this job who have never seen an Inventory Book, filled out a five-page carbon Arrest Report, or seen a Court Transmittal that wasn't filled out by a computer.
HELL!! There are old-timers who never used a computer for the above uses, so that makes us even. HA HA HA
Some unwashed unhappy goof makes a comment like that and right away it's to be believed.
-----
Looking like a pissbum is standard amongst a lot of brilliant computer geeks. That culture has always been very free-wheeling with no emphasis whatsoever on professionalism.
You should see some of the computer geeks that work for the feebs/NSA etc. I'd guess 95% of them are on modified appearance waivers. Don't have to like them, but don't underestimate them just because of how they dress.
That 'CB radio in the garage' comment was hysterical!
LMFAO!!!
French revolution anyone? Anybody else understand what is really going on?
11/05/2011 01:32:00 AM
Yes. I understand the "trophy for everyone" children have grown up into the 'what are you going to do for me now" adults.
Start at the bottom and work your way up isn't a concept they understand. Out of control handouts by the politicians have turned this into a Nation of do nothings. It's really starting to look like Europe. Something has to change.
As far as our computers go, get rid of Lewin and company. This Department's systems are horrible. Time to outsource this mess to a company that knows computers. Lewin knows more than any police officer, but he doesn't know jack compared to someone in the business.
If these OWS guys wanna crash the system, it's their friend that will sit in jail longer. They are still going to jail. It will just take longer to process them.
Don't believe the gossip, truth is I spilled by coffee and well....you know the rest.
Begun,the clone wars have.....
Anonymous! You heard it here first.
Can't shutdown CPD servers. It's a intranet meaning it can only be accessed through Department computers; you can't acess it at hom. They can shutdown Clearpath, the public CPD website with a DDS attack. As for the intranet, unless these people find someone with access from their own home and gain access through their computer, it's fine.
"Some of our older readers might not realize that there are coppers on this job who have never seen an Inventory Book, filled out a five-page carbon Arrest Report,"
If I remember correctly, arrest reports were, and since we still may have to use them when all else fails, ARE six (6) page form-sets.
Original with five carbon color coded carbon copies. I took my daughter to work some years ago, she didn't know what carbon paper was and when she say the manual typewriters she said, "You guys actually use these antiques?!?!"
Case report filled out for CSA related to OC?
Why arent ordinances being enforced against OC?
Who is calling the shots there? Car 100? Car 47? McWhats-his-name? Rahm?
Wife says she saw a older copper (old school type carry'n a wood baton) yelling at them the other day. said he had the dont screw with me look.
Since this sight is open source, we can only assume that OC is monitoring this blog.
Hi OC!
I remember back when CHRIS was jammed down the throat of the Detective Division. It was discovered that "Progress" supplementary reports could be altered after being approved by a supervisor. It took Information Services over three months to correct this little error. I would be curious to find out if all the misspellings have been corrected yet after twelve years.
French revolution anyone? Anybody else understand what is really going on?
11/05/2011 01:32:00 AM
Yes. I understand the "trophy for everyone" children have grown up into the 'what are you going to do for me now" adults.
Start at the bottom and work your way up isn't a concept they understand. Out of control handouts by the politicians have turned this into a Nation of do nothings. It's really starting to look like Europe. Something has to change.
***********************
Sounds like what has happened with the giving of promotions and coveted spots in the CPD
As far as our computers go, get rid of Lewin and company. This Department's systems are horrible. Time to outsource this mess to a company that knows computers. Lewin knows more than any police officer, but he doesn't know jack compared to someone in the business.
If these OWS guys wanna crash the system, it's their friend that will sit in jail longer. They are still going to jail. It will just take longer to process them.
11/05/2011 10:37:00 AM
Please the system we have is poorly designed plus it is built using a windows platform. That's the first cardinal sin. Our system should be able go run in any platform if someone takes us out then we are able to use any computer but designing it to be only compatible to windows and Microsoft products is just begging for a takedown.
Where's the ANY key?
Yes most corporate networks are wide open and that is a fact. Most companies are cheap and hire contractors like myself. We usually get wide open access from day one, and if you have more than decent skills you could in theory create a back door without anyone even noticing it for months. But I am sure the Police Department does security audits and no one uses plain passwords like kid's birthdays or your badge numbers right?
"...smelly wannabe hippies of OC...were gloating on how easy it was to shut down a bunch of computers at police stations and make the ones at city hall go haywire also. Said something along the lines of 'they haven't seen anything yet'"
Talk is cheap. Remember in 1968, when Hoffman and Rubin and the Yippies were gonna fill Lake Michigan with LSD and send everyone on an acid trip?
Yeah, right.
Ive seen a person take total control over my computer at home from a totally different location, a few states away during an experiment for their job. Was able to gain entry within minutes despite every imaginable safeguard in place. Had every possible identifier, credit card number, insurance policies, SS#s of my family, etc, etc. Simply, the technology DOES exist to be able to do things like this, and there isnt a doubt in my mind that CPD's computer security systems are "entry level" at best. Good luck if the shit hits the fan boys and girls.
Case report filled out for CSA related to OC?
Why arent ordinances being enforced against OC?
Who is calling the shots there? Car 100? Car 47? McWhats-his-name? Rahm?
Wife says she saw a older copper (old school type carry'n a wood baton) yelling at them the other day. said he had the dont screw with me look.
11/05/2011 04:31:00 PM
GET A CR# !!!!
The don't screw with me look is forbidden!!! Off with his head!!!
T
Can't shutdown CPD servers. It's a intranet meaning it can only be accessed through Department computers; you can't acess it at hom. They can shutdown Clearpath, the public CPD website with a DDS attack. As for the intranet, unless these people find someone with access from their own home and gain access through their computer, it's fine.
11/05/2011 12:53:00 PM
You are SO wrong. I'm not even a geek and I could tell you two ways, at minimum, that you are dead wrong on this.
And, no; I'm not going to teach you why. No need to make it easy for the radicals and terrorists.
2130
Try logging on to CLEAR, from any computer in the public library its fun. Or lease it used to be.
"unsecured portals?" Thanks for sharing!!! heh, heh, heh.
Talk is cheap. Remember in 1968, when Hoffman and Rubin and the Yippies were gonna fill Lake Michigan with LSD and send everyone on an acid trip?
Yeah, right.
11/05/2011 11:46:00 PM
you mean that didn't happen?
CC. this to Brett Goldstein, the city's "Chief Data Officer."
You know, the guy with the red stapler.
He'll know what to do.
CPD's system is monitored by the USSS. Good luck hackin it.
Ooooh. Cyber crime!
Well thats one way of shutting CPD down.
Locking up receive sites is another.
just sayin.
Downed communications and the inability to use radios in the event of a catastrophe or riot situation? Not so funny.
11/05/2011 01:18:00 AM
Too easy.
One radio with a DTMF pad and POOF!
Reach to the shoulder to call for help and your shoulder will be the only one hearing you.
A VERY REAL problem
GET A CR# !!!!
The don't screw with me look is forbidden!!! Off with his head!!!
T
11/06/2011 12:38:00 AM
the "dont screw with me look" usually develops after the attachment of a star or a bar or both to the shirt sleeve cuff.
So Ive heard...grrrrrrrrrrrrrrrr
It's an intranet, therefore it's safe? Ha, ha, ha!
Remember, even the Pentagon's intranets get hacked into. It's a bit more difficult. But it's far from beyond their reach.
Post a Comment
<< Home