Wednesday, March 12, 2008

Scary $#!+

US government forces military secrets on Brit webmaster
Sorry, we thought you were us
By Dan Goodin in San FranciscoMore by this author

A website promoting the town of Mildenhall has been shut down after it unintentionally became the recipient of hundreds of classified emails, including messages detailing the planned flight path of President Bush.

Over more than a decade, www.mildenhall.com received emails detailing all kinds of secret military information that were intended for official Air Force personnel. One detailed where Air Force One could be found in the air during a planned visit to the region by President Bush. Others included battlefield strategy and passwords.

"I was being sent everything from banal chat and jokes, to videos up to 15mb in size," Gary Sinnott, owner of mildenhall.com, said in this article in EDP 24. "Some were classified, some were personal. A lot had some really sensitive information in them."

As owner of mildenhall.com, Sinnott received every email that had that domain name included in the address field. The site was set up to provide information about the town of Mildenhall, which is about a half-hour's drive north east of Cambridge.

Sinnott says he brought the SNAFU to the attention of Air Force officials but was never able to get the problem fixed. At first, they didn't seem to take the matter seriously, but eventually, they "went mental," he said. Officials advised Sinnott to block unrecognizable addresses from his domain and set up an auto-reply reminding people of the address for the official air force base.
But still, the official emails continued to flow in to Sinnott's site. And to make matters worse, some people got angry after Sinnott told them they were sending email to the wrong address and gave his address to spammers. Sinnott was receiving 30,000 pieces of email per day, most of which was junk mail.

So Sinnott pulled the plug on the website. Though he remains the owner of mildenhall.com, it may only be a matter of time before all those emails incorrectly addressed to Air Force personnel at mildenhall.com automatically begin to bounce. And that ought to make security conscious people everywhere breath a little easier.

Alas, according whois records, mildenhall.net and mildenhall.org are in the hands of non-military individuals and mildenhall.us is available to anyone with $35. Given what we now know about the boobs who send confidential information, that ought to give us pause. ®

The article doesn't really get to the heart of the problem - there is an Air Force base near Mildenhall called Mildenhall Air Force Base. So the dumbasses here, instead of checking to see what the domain is for the base, just assumed it was mildenhall.com (because that's what it should be, right? Even though it's a military base, and not a commmercial entity, it's always .com isn't it?) and sent messages, UNENCRYPTED, to the wrong people. Then said person, being nice, alerted the military and they basically waved him off. Imagine if someone else had thought of this - heck, this could be happening all over the world.

This goes under Bushian, even if it did start before he was in power...

No comments: