Justice Department IT Staff So Incompetent They Block All Webex Conferences
from the the-software-may-suck,-but... dept
We've heard all sorts of random stories about over-aggressive IT staffs or filters that block random websites for no good reason, but sometimes the situations are truly bizarre. For example, a friend sent over an announcement concerning a webinar from the DC District Court about the Electronic Case Filing (ECF) system. Obviously this is a useful thing for lawyers and law enforcement to understand. So it struck us as interesting to see the following tidbit in the emailed announcement:SPECIAL NOTE TO DEPARTMENT OF JUSTICE ATTORNEYS/STAFF:Really, now? We've already had reasons to question the technical competence of the DOJ, but to do a complete block of all Webex webinars? Overkill much?
The WebEx web conferencing website is not accessible to DOJ attorneys/staff due to internet blocks set in place by your IT department, therefore you are unable to register for a webinar training class or participate in the WebEx training room session itself. However, the option to participate in only the teleconference portion of the training class is available and will still prove useful.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: blocking, doj, it, justice department, webex, webinars
Companies: webex
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
Or if you read to the opposit (TI) you could say Total Ignorance.
[ link to this | view in thread ]
In this case I don't think that level of sarcasm exists. It's like using a volleyball net to protect yourself from a hurricane.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Java Maybe?
"WebEx is the only on-demand online collaboration service provider to have earned both WebTrust and SAS70 certification, giving you the highest levels of security possible."
If I had to guess I would say their IT doesn't like the requirements - Java, cookies enabled or ActiveX.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Blaming the IT staff for this is like blaming the average soldier for strategic decisions by their commanders, defense contractors, and enemy combatants.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Management
Mgmt: We have a problem with unauthorized Internet use.
IT: Well have a 'discussion' with the people who are abusing privileges, explain the rules, and lay out consequences. AND FOLLOW THROUGH WITH THEM.
Mgmt: No no no, just block the Internet for everyone.
IT: derp.
[ link to this | view in thread ]
WebEx has issues
More details below, from Secunia.
Description:
Multiple vulnerabilities have been reported in WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An indexing error when storing certain data during the processing of WRF files can be exploited to corrupt memory.
2) An error when handling the length value of a Define Huffman Table (DHT) JPEG marker within a WRF file can be exploited to cause a stack-based buffer overflow.
3) An error when processing certain records within WRF files can be exploited to cause a heap-based buffer overflow.
4) A boundary error when processing WRF files can be exploited to cause a heap-based buffer overflow via a specially crafted Audio size value.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions:
* Client builds 28.0.0 (T28 L10N).
* Client builds 27.32.1 (T27 LD SP32 CP1) and prior.
* Client builds 27.25.10 (T27 LC SP25 EP10) and prior.
* Client builds 27.21.10 (T27 LB SP21 EP10) and prior.
* Client builds 27.11.26 (T27 L SP11 EP26) and prior.
Solution:
Update to a fixed client build (please see the vendor's advisory for details).
Provided and/or discovered by:
1, 2, 4) Damian Put via iDefense.
3) An anonymous person via iDefense.
The vendor also credits Microsoft Vulnerability Research (MSVR).
Changelog:
2012-07-18: Updated vulnerabilities #1 through #4. Updated credits and added links.
Original Advisory:
Cisco:
http://tools.cisco.com/security/...dvisory/cisco-sa-20120627-webex
[ link to this | view in thread ]
[ link to this | view in thread ]
ECF training in 2012? DOJ 5-7 years late to the game
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: WebEx has issues
[ link to this | view in thread ]
Re: Java Maybe?
[ link to this | view in thread ]
Re: Java Maybe?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Buffons...
Setup a conference room with a dedicated PC, off the main network... and allow webex's from the PC. No critical or sensitive data on the PC... no chance for hacking into their system...
So simple... a caveman could do it.
If only cavemen were running the DoJ instead of monkeys...
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Java Maybe?
I doubt they blocked the webex site, I bet they just blocked technology that webex needs to function.
[ link to this | view in thread ]
Re:
(and if you have one, why didn't you link it to begin with?)
[ link to this | view in thread ]
US Govt Systems often blocked due to sensitive data
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Donnicton
Joe already cited secunia above. Even without software vulnerabilities, Webex is two-way communication, not just a webinar viewer.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Management
Which is blocked. Cue recursive violent thoughts against management...
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
WebEx allows desktop sharing
WebEx Conferencing is configured "per host domain", and those settings include whether or not the "owner" of the conference requires an SSL based connection (not on by default), or on the "public" servers.
Since WebEx enables full desktop sharing between participants (beyond just single file PowerPoint sharing), this could easily expose information that shouldn't be seen by others on a conference.
I can tell you from experience that the incompetence is on the users, because I've often seen some stuff that people have unintentionally shared that they should not have...
[ link to this | view in thread ]
Re: Buffons...
(j/k)
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Not so much
[ link to this | view in thread ]
Re: Not so much
[ link to this | view in thread ]
Here is why its blocked
So let me explain this to the non technical crowd. If setup properly you are not an administrator of your machine. This means you have no power to modify installed applications on your device. You do have the power to run them and also save documents, favorites and some other items as designed by your group policy administrator.
In response to the increased limited powers of the average end user, certain software makers have modified the installation of their software to areas that you are able to modify. This essentially allows for installation of software by non administrators, and here in lies the problem. In the case of gotomeeting/webex this is the only option to install it.
Scenario 1.
You get bored at work and like animals so you decide to surf seemingly harmless websites until you hit a browser exploit. This exploit then inserts code into your user profile in a randomly named folder next to the webex folder in your profile. Your antivirus fails to detect it. That code then systematically encrypts your files and then destroys your network shares. This has now compromised the security of your organization and cost thousands of dollars. You have just been owned by cryptolocker.
WebEx works fine though you can all have a meeting to discuss the damage.
Scenario 2.
You get bored at work and like animals so you decide to surf seemingly harmless websites until you hit a browser exploit. This exploit then inserts code into your user profile in a randomly named folder next to the webex folder in your profile. Your antivirus fails to detect it.
NOW HERE IS THE DIFFERENCE
The code attempts to run but is prohibited from execution via group policy software restriction via path rule. No code execution is allowed from your user profile. The threat that would have compromised your system has been stopped dead. A week or so later your antivirus finally catches up and it is deleted. Oh and gotomeeting/webex does not work.
If you appreciated this explanation
BTC 1N2NJyBKJEgu22htUhgtiaJcedUgLNHtQA
[ link to this | view in thread ]