tag:blogger.com,1999:blog-7097666.post3130861691501522291..comments2023-02-08T01:55:44.022-05:00Comments on The Henrybasset Blog: FR13-003: A string of 0-days; NY Times, and a bit of a rantJeffhttp://www.blogger.com/profile/14725803539860168436noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-7097666.post-60217875515630655912013-02-06T18:02:16.758-05:002013-02-06T18:02:16.758-05:00US and foreign universities and research centers h...US and foreign universities and research centers have been hopping points for attacks for a couple decades -- see The Cookoo's Egg for an early example (1989)Arthur P.https://www.blogger.com/profile/03248074444968278236noreply@blogger.comtag:blogger.com,1999:blog-7097666.post-73041400636637145582013-02-01T17:47:53.724-05:002013-02-01T17:47:53.724-05:00US Universities have historically been way behind ...US Universities have historically been way behind the times. When I was at Gartner I would take frustrated calls from the lone security guy at Universities like Georgia Tech. He would not even be allowed to put up a firewall. The universities cited something they call "academic freedom". It was the idea that all information should be accessible and a firewall might block students and staff from that access. Ten years ago Universities had very complex computing environments. Research grants all had money for computers in them and each researcher would buy whatever tools he/she needed. So the university would have a hodge podge of Solaris, AIX, HPUX, even Silicon Graphics IRIX (my favorite). There was no way for IT security to secure or manage all those systems. Universities have ALWAYS harbored attackers. And sadly, the philosophy spilled over into US Government research facilities. Security Leaders Grouphttps://www.blogger.com/profile/13345287430589597890noreply@blogger.com