nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
SEC 'fesses to security breach, says swiped info likely used for dodgy stock-market trading

Silver badge

Who watches the watchmen?

So, irony of ironies, the SEC is supposed to be starting an investigation of Equifax...

Who's going to investigate the SEC?

7
0
Joke

Re: Who watches the watchmen?

'Who's going to investigate the SEC?'

The KGB?

Not sure if the icon is appropriate or not.

4
0
Silver badge

Re: The KGB?

Belarus? They're the only country that still has a KGB as far as I know.

3
0
Pint

Re: The KGB?

I realised my mistake after editing time was up, I knew I'd get corrected.

Just one of the things I love about this place.

Have a pint.

FSB then?

4
0
Silver badge

Re: The KGB?

FSB then

More likely the SVR (Sluzhba Vneshney Razvedki). The FSB are somewhere between the FBI and MI5 in that their remit is primarily domestic. The SVR are the Foreign Intelligence Service (successors to the First Chief Directorate) so an investigation in the USA would likely fall under their bailiwick.

1
0
Black Helicopters

I wonder how big the breach has to be before the US government places the country’s internet entirely under its benevolent protection? You know, like China?

5
0
Silver badge
Facepalm

Software vulnerability in the EDGAR system

"a software vulnerability in the test filing component of the Commission's EDGAR system"

Any technical details as to the nature of the breech, technically speaking?

"a recent .. review faulted the SEC for .. use of unsupported software among other failings."

What was the name of this 'unsupported software'?

July 2017: "the commission continued to use an outdated version of an operating system on its key financial systems although the operating system’s vendor stopped supporting this version of the software over a decade ago and no longer develops or releases patches for the software."

No need to guess then :)

4
0
Silver badge

Re: Software vulnerability in the EDGAR system

"Use of unsupported software" on any system should be the occasion for something between a formal reprimand and dismissal. If anything, it is more important on development and test systems to ensure that all software not only is supported but that support will be available until at least a half year into the scheduled deployment life, and ideally through the planned life of dependent software. Note that "support" might include support by in-house staff, for FOSS and in-house developed software.

0
0
Silver badge
Devil

"corporate filling system"

"corporate filling system" - my mind is boggling right now.

0
0
Anonymous Coward

The rest of the US financial system

...is gamed in pretty much the same way. So what's so special here...??? An admission of guilt from a feeble regulator nobody outside of Wall Street really understands. Plus, by admitting liability as a Government agency, it excuses them totally from any accountability, never mind a hint of firing!

Like the War on Drugs, which was a multi-billion-dollar multi-decade roaring success. Lets raise a glass to American Exceptionalism... Exceptionally good at ripping off the less fortunate and getting away with it... Because lets face it, if you're not a millionaire in America, YOU'RE A TOTAL LOSER!

0
0
Silver badge

The description of the vulnerable system as "the test filing component" suggests the possibility that business filers may have submitted genuine reports to a test system. That would put a significant part of the onus on them if the test system was very clearly identified as such and carried prominent warnings that it should be used only for test data. The public announcement was silent on that.

The announcement also was not comforting in stating that "it is believed the intrusion did not result in unauthorized access to personally identifiable information, jeopardize the operations of the Commission, or result in systemic risk." They have known about this for months and by now should know the answers rather than believing what makes things look least bad.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing