The House of Representatives Is Blocking All Apps Using Google's Appspot.com (fastcompany.com) 46
New reader calewithac writes: In an attempt to stop ransomware attacks, the House's security team has banned all apps hosted on appspot.com from being used on its servers. This means that all appspot hosted apps are inaccessible inside Congress. According to Ted Henderson, the founder of the Cloakroom -- an anonymous messaging app for Capitol Hill staffers -- all of his apps are effectively not available to their target audience.
Re: (Score:2)
Do people still say 'asshat'?
Only asshats do that now.
Sounds Like A Feature. (Score:2)
This sounds weird. (Score:5, Interesting)
I would think Cloakroom was the one thing being targeted, because the House or Representatives doesn't want anonymous leaks.
Re: (Score:2, Insightful)
They want leaks that they can control, not actual leaks.
Try and bring a camera phone into a gop fundraiser these days and see what that gets you
Re: (Score:2)
Actually, they probably already have a forced MITM proxy (requiring you to trust a self-signed root CA from the gateway) that decrypts all traffic going across the wire.
If they have such a MITM -- and I can't imagine that they don't, since I know this is an extremely common thing in Federal IT -- then they would actually gain enormous insight into *who* is leaking, simply by allowing people to connect to these sites like Cloakroom and observing the traffic.
I will concede, however, the argument that if you p
Re: (Score:2)
Cloakroom -- an anonymous messaging app for Capitol Hill staffers
I would think if someone made an app specifically for such a small user base the whole intent was to spy on their messages. After all, capital hill staffers are allowed to participate in insider trading, so the developer could turn a HUGE profit without ever leaking any of the content he intercepted.
Re: (Score:1)
Re: (Score:2)
Ransom Congress (Score:2, Funny)
How would ransomware work on a country with a gazillion dollars in debt load? Could they give the debt to the ransomers?
Re: (Score:2)
Simple, they tell everyday Americans to pay up or they will let the politicians go back to messing up the country
dirty app source; block it (Score:2)
Seems reasonable.
If the app server cannot be relied upon to provide clean (no spyware, trojans, ...) apps, then it is entirely reasonable to block it, and any communications with it.
'Course, since many of the Apple apps have those same "features", spyware, in particular, they should be blocked, also.
GPS tracking, for example, can be used to follow aides from one office to another, or from the floor to an office, making it more difficult to have some of the delicate negotiations often required to make a gove
Re: (Score:1)
By design everything and anything from Google is spyware. That is how they make money.
By blocking anything Google you automatically block about 90% of the web spyware.
Re: (Score:1)
Re: (Score:3)
GPS tracking, for example, can be used to follow aides from one office to another, or from the floor to an office, making it more difficult to have some of the delicate negotiations often required to make a government work
The negotiations would be done without phones present anyway. If you are worried about it, hand your phone to another aide. Let them wander around like they are doing the regular things. Nobody will ever know that you were sitting somewhere else. Or just leave it in your desk. It'll be obvious you don't have your phone on you, but it won't point to anything in particular.
Perfection (Score:2, Insightful)
Tell me again how perfect the cloud is: I forget. When you give up security and archiving duties to someone else, some form of auditing is needed. Otherwise you're not getting the efficiency you paid for, and you don't have any way to detect that.
well duh. (Score:2)
According to Ted Henderson, the founder of the Cloakroom -- an anonymous messaging app for Capitol Hill staffers -- all of his apps are effectively not available to their target audience.
which means the blocking is working as intended.
Re: Hypocrisy (Score:2)
Because these apps aren't used for classified information? Most anytime a congress critter gets briefed on something classified, it happens in a SCIF (https://en.m.wikipedia.org/wiki/Sensitive_Compartmented_Information_Facility), a place where unrestricted internet access doesn't really exist.
Wrong target, House (Score:5, Interesting)
How about banning DropBox. The CEO as openly stated they they index every file that crosses their servers.
Oh, now I see. Republicans won't ban DropBox because Condi Rice is on its Board of Directors.
My own (huge) institution has banned Dropbox entirely. Instead, a subscription to Box Sync was purchased for everyone. Box Sync encrypts before upload/sync, and then decrypts locally. They literally cannot peer into your files—This is by Design.
Re: (Score:2)
your institution didn't "ban" dropbox, they just inked a deal for full scale deployment of a competitor, that is all.
No. They did. A 6-month warning was given that access to DropBox domains will soon be blocked from any institutional network connection. Yes, you could proxy around that. Yes, you could use it at home. But why?
I only use Box Sync to share project files with colleagues within the same institution. For real collaborators around the world, especially if the data is sensitive (i.e., patentable), I make them sftp to MY OWN SERVER. I'm working on WebDAV, so they will quit bitching about having to see a co
Re: (Score:1)
Instead, a subscription to Box Sync was purchased for everyone.
Ah yes, because you certified the source was actually using the full chain of requirements to ensure encryption doesn't accidentally leak info, right?
hey, heres a novel idea ... run your own fucking file servers and stop putting shit in the cloud then you won't have to even wonder whats going on with it.
They literally cannot peer into your files—This is by Design.
Thats cute, you totally have no idea how easy it is to get information out of copious amounts of encrypted information.
Re: (Score:2)
Especially considering that without the source code of the client software and a lot of man hours auditing it, there is no guarantee that the client software is not making the encryption keys available is an obscure part of the encrypted files specifically for access by parties you didn't intend to view/use them.
Box for Linux (Score:2)
My own (huge) institution has banned Dropbox entirely. Instead, a subscription to Box Sync was purchased for everyone.
Dropbox has a client for GNU/Linux OS; Box appears not to [box.com] because of low demand [box.com]. Did the price of this "subscription to Box Sync" include a subscription to Windows for Linux users to run in a VM? Or how well does the Box client for Windows work in Wine? Or are you using an unofficial client [github.com]?
Re: (Score:2)
Any time your data is being stored in an unencrypted format (or encrypted with keyword indexing, whatever, same difference) on a server you don't control, you should bring with you the *expectation* that the company hosting your data, and/or potential political or corporate adversaries, can and WILL access that data.
If you're OK with that, then more power to you. I doubt NSA or a corporate competitor cares about your pictures of playing fetch with your dog. They might care a bit about a copy of a secret agr
Blocking something?? (Score:1)
Re: (Score:1)
Is a sarchasm a giant hole you fall into if you misinterpret's someone's use of irony?
So you can't do random shit on a gov network? (Score:2, Insightful)
Thats really all this is about? Fuck off
According to Ted Henderson, the founder of the Cloakroom -- an anonymous messaging app for Capitol Hill staffers -- all of his apps are effectively not available to their target audience.
Go fuck yourself Ted and Cloakroom. They can pull out their personal phone and visit your shitty site that no one cares about if they want to.
They can go home and send you posts.
What you're really pissed off about is that they can't easily leak shit to you, and you're crying about how they aren't paying their employees and resources to give you shit you want to then stab them in the back with.
You're a complete and total douche for whining about this.
I'm all for leak
Re: (Score:1)
What does this mean? (Score:1)
Can somebody explain, what is appspot.com, what is an "app" in this context, and what does it mean for them to be "banned from the House's servers"?
The summary (and TFA) doesn't make any sense to me:
- what does it mean for an "app" to be "hosted on appspot.com" but "used on the House's servers"?
- in what way do restrictions on the House's servers affect what software is or is not "accessible inside Congress", or what software is "available to" Capitol Hill staffers?
- who and what are they trying to protect
Re: (Score:1)
Wish I had Mod points...
Re: (Score:1)