The European defense agency has online a defenseless encryption

and there is even worse on the second image

 

but if you thought that it couldn't be worse, there is also a paga online from the same agency that let's people make their online profile to post for certain jobs in oiur new European army

only it is made for IE6 and has a certificate that is selfsigned and is totally unacceptable

probably this is an old forgotten server or a testserver but this shows that the securityofficers over there have no control over the infrastructure which is worrying because if they didn't see this, what else there is that they don't know about (just a reminder in Belgium we also found a badly in fact not protected Gateway for the Human Resources department)

we didn't go further than this but we think that it is time that they pull some things down and pull some défenses up and control some logs and adapt some levels of security

and meanwhile stop talking about cyberwar because if there is a cyberwar this infrastructure will just be blown away

 

The comments are closed.