|
This file is available on a Cryptome DVD offered by Cryptome. Donate $25 for a DVD of the Cryptome 10-year archives of 35,000 files from June 1996 to June 2006 (~3.5 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. Archives include all files of cryptome.org, cryptome2.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org. Cryptome offers with the Cryptome DVD an INSCOM DVD of about 18,000 pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985. No additional contribution required -- $25 for both. The DVDs will be sent anywhere worldwide without extra cost. | |||
24 March 1998
From: stocknws15454764664@juno.com by toad.com for jya@pipeline.com Date: Tue, 24 Mar 98 11:50:49 EST To: stocknws15454764664@juno.com Subject: NSA planning "penetration study" of NASA computer security Date: 23 Mar 98 10:07 -0800 TO: Ames Resident Staff FROM: S. Scott Santiago, NASA-ARC CIO SUBJECT: Notification That Use of Computer System Constitutes Consent to Monitoring The General Accounting Office (GAO) will soon initiate a Penetration Study of NASA systems. GAO intends to use the National Security Agency (NSA) to conduct the penetration tests. NASA and GAO are in the process of developing a protocol for the test. This test will affect computers which are Government-owned or Government-funded. Also, for users, there can be no expectation of privacy, and that in using the system, they consent to their keystrokes and data content being monitored. The National Telecommunications and Information Systems Security, Communications Security (COMSEC), monitoring guidelines state that users of systems to be monitored must be properly notified in advance that their use of these systems constitutes consent to monitoring for COMSEC purposes. NSA has told NASA and GAO that before they begin their test, they need written verification that users have been notified consistent with these guidelines. A notification in the Centerwide Email will satisfy providing notice for this penetration study. NASA is required to provide a written certification that this notification has been sent and that a valid attempt was made to notify all employees and contractors affected by this penetration testing. If you would like to respond to this memo electronically, you may do so by double-clicking the following: mailto:amescio@mail.arc.nasa.gov.