IT/Web: February 2017 Archives

Diehard Coders Just Rescued NASA's Earth Science Data, Wired

"Like similar groups across the country - in more than 20 cities - they believe that the Trump administration might want to disappear this data down a memory hole. So these hackers, scientists, and students are collecting it to save outside government servers. But now they're going even further. Groups like DataRefuge and the Environmental Data and Governance Initiative, which organized the Berkeley hackathon to collect data from NASA's earth sciences programs and the Department of Energy, are doing more than archiving. Diehard coders are building robust systems to monitor ongoing changes to government websites. And they're keeping track of what's already been removed - because yes, the pruning has already begun."

Climate Data Preservation Efforts Mount as Trump Takes Office, Technology Review

"Earlier federal data hackathons include the "Guerrilla Archiving" event at the University of Toronto last month, the Internet Archive's Gov Data Hackathon in San Francisco at the beginning of January, and the DataRescue Philly event at the University of Pennsylvania last week. Much of the collected data is being stored in the servers of the End of Term Web Archive, a collaborative effort to preserve government websites at the conclusion of presidential terms."

Rogue Scientists Race to Save Climate Data from Trump, Wired

"The group was split in two. One half was setting web crawlers upon NOAA web pages that could be easily copied and sent to the Internet Archive. The other was working their way through the harder-to-crack data sets--the ones that fuel pages like the EPA's incredibly detailed interactive map of greenhouse gas emissions, zoomable down to each high-emitting factory and power plant. "In that case, you have to find a back door," said Michelle Murphy, a technoscience scholar at the University of Toronto."

A US-born NASA scientist was detained at the border until he unlocked his phone, The Verge

"Seemingly, Bikkannavar's reentry into the country should not have raised any flags. Not only is he a natural-born US citizen, but he's also enrolled in Global Entry -- a program through CBP that allows individuals who have undergone background checks to have expedited entry into the country. He hasn't visited the countries listed in the immigration ban and he has worked at JPL -- a major center at a US federal agency -- for 10 years. ... The officer also presented Bikkannavar with a document titled "Inspection of Electronic Devices" and explained that CBP had authority to search his phone. Bikkannavar did not want to hand over the device, because it was given to him by JPL and is technically NASA property. He even showed the officer the JPL barcode on the back of phone. Nonetheless, CBP asked for the phone and the access PIN. "I was cautiously telling him I wasn't allowed to give it out, because I didn't want to seem like I was not cooperating," says Bikkannavar. "I told him I'm not really allowed to give the passcode; I have to protect access. But he insisted they had the authority to search it."

http://images.spaceref.com/news/2017/phonefb.jpg

NASA OIG: Audit of Industrial Control System Security within NASA's Critical and Supporting Infrastructure

"Despite its significant presence across the Agency and its criticality to the success of the Agency's multi-faceted mission, NASA has not adequately defined OT [operational technology], developed a centralized inventory of OT systems, or established a standard protocol to protect systems that contain OT components. NASA needs to know which systems incorporate OT components because applying traditional IT security practices to OT systems can cause the underlying systems to malfunction. ... NASA also lacks an integrated approach to managing risk associated with its critical infrastructure that incorporates physical and cyber security considerations in all phases of risk assessment and remediation. Specifically, the security of physical and cyber components of NASA's critical assets is managed with minimal collaboration among key Agency stakeholders and does not involve the Office of Strategic Infrastructure, which manages the supporting infrastructure associated with critical assets. This disjointed approach has led to duplication of effort and gaps in security planning and risk remediation at both the Agency and Center levels."

NASA OIG: Security of NASA's Cloud Computing Services

"While NASA has made improvements since our 2013 audit, continuing weaknesses in its governance and risk management processes have prevented the Agency from fully realizing the benefits of cloud computing and continue to leave Agency information stored in cloud environments at unnecessary risk."


Loading

 



Monthly Archives

About this Archive

This page is an archive of entries in the IT/Web category from February 2017.

IT/Web: January 2017 is the previous archive.

IT/Web: March 2017 is the next archive.

Find recent content on the main index or look in the archives to find all content.