• Untitled Document

    Join us on March 29rd, 7pm EST

    for the CBEC Virtual Meeting

    All EYO members and followers are welcome to join the fun and get to know the guest speaker!

    See the link below for login credentials and join us!

    March Meeting Info

    (dismiss this notice by hitting 'X', upper right)

Our blog website blocked ?

Sven

Seglare
I've just found out that the JPL OCIO office claims that our website/blog has malicious or inappropriate content and is blocking it so that our colleagues at JPL can no longer see it. I suspect the problem is that I have expressed reservations about the competence of the OCIO and that is why they have shut the door but I'd still be very interested to hear if anyone outside JPL also sees us as blocked ? Maybe I'm wrong and it is some outside vendor service that has labeled our site as containing malicious or inappropriate content :confused:

The site is http://www.grenander.com

Thanks for any checking and feedback,



-Sven
 

Emerald

Moderator
Hi Sven,

I think you are correct in your analysis. Our device, Cisco Ironport, doesn't have any issues with what it sees. And I will allow that I don't administer our Ironport appliance, but it is configured to block what it determines to be suspicious websites. I'm guessing they (JPL) are sour because of the fact they let the Chinese in to hack JPL for a ridiculous period of time before figuring it out. A synopsis follows, which I copied and pasted with a link to read more. This article was posted 3/1/2012 on FoxNews.com:



"Chinese hackers gained control over NASA’s Jet Propulsion Laboratory (JPL) in November, which could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more -- all at a central repository of U.S. space technology, according to a report released Wednesday afternoon by the Office of the Inspector General.

That report revealed scant details of an ongoing investigation into the incident against the Pasadena, Calif., lab, noting only that cyberattacks against the JPL involved Chinese-based Internet Protocol (IP) addresses.

Paul K. Martin, NASA's inspector general, put his conclusions bluntly.

"The attackers had full functional control over these networks," he wrote.

JPL is a jewel in NASA's space technology crown.

Read more: http://www.foxnews.com/scitech/2012/03/01/chinese-hackers-nasa-jpl-lab/#ixzz1rqok9yLY


http://www.foxnews.com/scitech/2012/03/01/chinese-hackers-nasa-jpl-lab/
 

Sean Engle

Your Friendly Administrator
Administrator
Founder
I've just found out that the JPL OCIO office claims that our website/blog has malicious or inappropriate content and is blocking it so that our colleagues at JPL can no longer see it. I suspect the problem is that I have expressed reservations about the competence of the OCIO and that is why they have shut the door but I'd still be very interested to hear if anyone outside JPL also sees us as blocked ? Maybe I'm wrong and it is some outside vendor service that has labeled our site as containing malicious or inappropriate content :confused:The site is http://www.grenander.com Thanks for any checking and feedback,-Sven
You're saying that JPL has blocked EY.o , or that JPL itself has been blocked?
 

MarkA

Please Contact Admin.
Sven,

Your site is RIDDLED with inappropriate content, which is demoralizing and could lead to the collapse of all productivity at JPL. You're untying, sailing to parts unknown, at your leisure, while the rest of us land-based fools can do nothing but daydream about your adventures.

Crap, I just blew off another chore to ponder what I need to do to be in your situation. I rest my case.
 

ignacio

Member III
Blogs Author
Objectionable content

The only thing I find objectionable is that you're not out there cruising! Aside from that, your site looks great.

Cheers!
:cheers:

Ignacio
 

Sven

Seglare
Thanks to everybody !

I appreciate all the feedback. It really helped. If we hadn't had such progress with the Cape Horn wind-vane installation today we'd be seriously bummed by the false claim by the JPL OCIO.

I sent the following e-mail to the CIO (who I regret I was instrumental in getting to JPL by participating on the IS/IT study team that created the position):

Mr. Rinaldi,

Could you please have your staff investigate what "Malicious or inappropriate material was found" by your organization on our retirement web page(s) ? It is such a serious accusation to make that I am sure it would not have been made lightly and must in fact have been well founded on facts. As we are very protective of our personal reputations we will obviously want to identify the "Malicious or inappropriate material" so that we can remove it forthwith before more harm is done to our good name.

The web pages start at the URL in the sig.

Thank you.



-Sven U. Grenander & Nancy J. Grenander


____________________________________

http://www.grenander.com


Thanks again !



-Sven
 

Emerald

Moderator
Hi Sven,

As an IT guy, I'm going to take JPL's side for a second. What JPL's concern is probably that your site could be hacked without you knowing it, and then someone from JPL visiting it could become a victim of that hack. The idea would be the hacker would break into your site, leave no visible trace, but something malicious that could then go from your site to a browsing computer. Given that JPL was infiltrated by the Chinese, they are, I'm sure, looking to reduce any chance of anything else happening. Of course, to protect from the attack I am thinking of, really means to eliminate all Internet access, as that could happen anywhere to anyone's site. The only argument against you versus someone big, like Oracle, would be you don't have the same resources to secure the site that the "big boys" have. Of course, a piece of Oracle was Hijacked not long ago. In the acquisition of Sun Microsystems, they became the keepers of MySQL, another successful database product (Open Source). Here is a link to a blog at Network World where you can read about a real Hijack of a very tech savy site:

http://www.networkworld.com/community/blog/mysqlcom-website-hacked

That said, I still think it sucks that things have reached this level - not JPL specifically, but security risks in general.
 

Sven

Seglare
As an IT guy, I'm going to take JPL's side for a second.

As an IT researcher I'd agree your point would be fine if the message didn't explicitly state "Malicious or inappropriate material was found". That is a defamatory falsehood unless they have. JPL IT used to be the best in NASA, now it isn't even in the running.

If they have found "Malicious or inappropriate material" we'd obviously want to know what it was so we can correct it.



-Sven
 

ignacio

Member III
Blogs Author
It would be one thing if your site actually contained "malicious or inappropriate content," and I think it's your right as an owner/operator of the website to know what malicious or inappropriate content was found (for everyone's sake). If they're blocking the site on suspicion, then you ought to know what evidence supports the decision to block. Otherwise, if it's a pre-emptive measure, then all websites should be blocked, no? Unless there is some other policy of blocking the sites of retired employees, or boating, or whatever?

As an IT researcher I'd agree your point would be fine if the message didn't explicitly state "Malicious or inappropriate material was found". That is a defamatory falsehood unless they have. JPL IT used to be the best in NASA, now it isn't even in the running.

If they have found "Malicious or inappropriate material" we'd obviously want to know what it was so we can correct it.



-Sven
 

Emerald

Moderator
As an IT researcher I'd agree your point would be fine if the message didn't explicitly state "Malicious or inappropriate material was found". That is a defamatory falsehood unless they have. JPL IT used to be the best in NASA, now it isn't even in the running.

If they have found "Malicious or inappropriate material" we'd obviously want to know what it was so we can correct it.



-Sven


Yes, the way it has been presented by them is problamatic. And if there really is problem material, they should provide you with the information to correct it.
 

MarkA

Please Contact Admin.
Have you asked?

Have you confronted them? Have you sent a cease and desist letter to stop them from defaming you in front of your former colleagues?
 
Top