Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Google Government

The House of Representatives Is Blocking All Apps Using Google's Appspot.com (fastcompany.com) 46

New reader calewithac writes: In an attempt to stop ransomware attacks, the House's security team has banned all apps hosted on appspot.com from being used on its servers. This means that all appspot hosted apps are inaccessible inside Congress. According to Ted Henderson, the founder of the Cloakroom -- an anonymous messaging app for Capitol Hill staffers -- all of his apps are effectively not available to their target audience.
This discussion has been archived. No new comments can be posted.

The House of Representatives Is Blocking All Apps Using Google's Appspot.com

Comments Filter:
  • Or a Congressional Easter Egg.
  • by stephanruby ( 542433 ) on Saturday May 07, 2016 @04:38PM (#52068107)

    I would think Cloakroom was the one thing being targeted, because the House or Representatives doesn't want anonymous leaks.

    • Actually, they probably already have a forced MITM proxy (requiring you to trust a self-signed root CA from the gateway) that decrypts all traffic going across the wire.

      If they have such a MITM -- and I can't imagine that they don't, since I know this is an extremely common thing in Federal IT -- then they would actually gain enormous insight into *who* is leaking, simply by allowing people to connect to these sites like Cloakroom and observing the traffic.

      I will concede, however, the argument that if you p

      • Cloakroom -- an anonymous messaging app for Capitol Hill staffers

        I would think if someone made an app specifically for such a small user base the whole intent was to spy on their messages. After all, capital hill staffers are allowed to participate in insider trading, so the developer could turn a HUGE profit without ever leaking any of the content he intercepted.

        • Interesting idea. So what you're saying is if I can get our users to talk stocks, it wouldn't be considered insider trading for me to use the data as long as they've published it on Cloakroom?!
  • by Anonymous Coward

    How would ransomware work on a country with a gazillion dollars in debt load? Could they give the debt to the ransomers?

  • Seems reasonable.

    If the app server cannot be relied upon to provide clean (no spyware, trojans, ...) apps, then it is entirely reasonable to block it, and any communications with it.

    'Course, since many of the Apple apps have those same "features", spyware, in particular, they should be blocked, also.

    GPS tracking, for example, can be used to follow aides from one office to another, or from the floor to an office, making it more difficult to have some of the delicate negotiations often required to make a gove

    • by Anonymous Coward

      By design everything and anything from Google is spyware. That is how they make money.

      By blocking anything Google you automatically block about 90% of the web spyware.

      • By design, automobiles are dangerous. There is no way around that fact. By blocking the use of automobiles, you automatically reduce dangerous behavior by 90%. I now have a new outlook on life thanks to my new skill to make up facts, stats and scary stuff to post on the internet.
    • by AK Marc ( 707885 )

      GPS tracking, for example, can be used to follow aides from one office to another, or from the floor to an office, making it more difficult to have some of the delicate negotiations often required to make a government work

      The negotiations would be done without phones present anyway. If you are worried about it, hand your phone to another aide. Let them wander around like they are doing the regular things. Nobody will ever know that you were sitting somewhere else. Or just leave it in your desk. It'll be obvious you don't have your phone on you, but it won't point to anything in particular.

  • Perfection (Score:2, Insightful)

    by Anonymous Coward

    ... banned all apps hosted ...

    Tell me again how perfect the cloud is: I forget. When you give up security and archiving duties to someone else, some form of auditing is needed. Otherwise you're not getting the efficiency you paid for, and you don't have any way to detect that.

  • According to Ted Henderson, the founder of the Cloakroom -- an anonymous messaging app for Capitol Hill staffers -- all of his apps are effectively not available to their target audience.

    which means the blocking is working as intended.

  • Wrong target, House (Score:5, Interesting)

    by Sir Holo ( 531007 ) on Saturday May 07, 2016 @06:48PM (#52068465)

    How about banning DropBox. The CEO as openly stated they they index every file that crosses their servers.

    Oh, now I see. Republicans won't ban DropBox because Condi Rice is on its Board of Directors.

    My own (huge) institution has banned Dropbox entirely. Instead, a subscription to Box Sync was purchased for everyone. Box Sync encrypts before upload/sync, and then decrypts locally. They literally cannot peer into your files—This is by Design.

    • Instead, a subscription to Box Sync was purchased for everyone.

      Ah yes, because you certified the source was actually using the full chain of requirements to ensure encryption doesn't accidentally leak info, right?

      hey, heres a novel idea ... run your own fucking file servers and stop putting shit in the cloud then you won't have to even wonder whats going on with it.

      They literally cannot peer into your files—This is by Design.

      Thats cute, you totally have no idea how easy it is to get information out of copious amounts of encrypted information.

      • Thats cute, you totally have no idea how easy it is to get information out of copious amounts of encrypted information.

        Especially considering that without the source code of the client software and a lot of man hours auditing it, there is no guarantee that the client software is not making the encryption keys available is an obscure part of the encrypted files specifically for access by parties you didn't intend to view/use them.

    • My own (huge) institution has banned Dropbox entirely. Instead, a subscription to Box Sync was purchased for everyone.

      Dropbox has a client for GNU/Linux OS; Box appears not to [box.com] because of low demand [box.com]. Did the price of this "subscription to Box Sync" include a subscription to Windows for Linux users to run in a VM? Or how well does the Box client for Windows work in Wine? Or are you using an unofficial client [github.com]?

    • Any time your data is being stored in an unencrypted format (or encrypted with keyword indexing, whatever, same difference) on a server you don't control, you should bring with you the *expectation* that the company hosting your data, and/or potential political or corporate adversaries, can and WILL access that data.

      If you're OK with that, then more power to you. I doubt NSA or a corporate competitor cares about your pictures of playing fetch with your dog. They might care a bit about a copy of a secret agr

  • Gee.. that's something new for them. sarchasm
    • by Anonymous Coward

      Is a sarchasm a giant hole you fall into if you misinterpret's someone's use of irony?

  • Thats really all this is about? Fuck off

    According to Ted Henderson, the founder of the Cloakroom -- an anonymous messaging app for Capitol Hill staffers -- all of his apps are effectively not available to their target audience.

    Go fuck yourself Ted and Cloakroom. They can pull out their personal phone and visit your shitty site that no one cares about if they want to.

    They can go home and send you posts.

    What you're really pissed off about is that they can't easily leak shit to you, and you're crying about how they aren't paying their employees and resources to give you shit you want to then stab them in the back with.

    You're a complete and total douche for whining about this.

    I'm all for leak

    • Lol. Hundreds of elected Members of Congress use our app every day for legislative updates and thousands of staffers use Cloakroom as a venue for bipartisan policy debates, which don't happen anywhere else. We host policy experts from every part of the political spectrum and use it to share legislative ideas.
  • by Anonymous Coward

    Can somebody explain, what is appspot.com, what is an "app" in this context, and what does it mean for them to be "banned from the House's servers"?

    The summary (and TFA) doesn't make any sense to me:

    - what does it mean for an "app" to be "hosted on appspot.com" but "used on the House's servers"?

    - in what way do restrictions on the House's servers affect what software is or is not "accessible inside Congress", or what software is "available to" Capitol Hill staffers?

    - who and what are they trying to protect

news: gotcha

Working...