I get this from twitter that CERN is concerned about unauthorized info getting out via blog/tweet etc.
http://twitter.com/3GhomeNShake/status/6417968164
My curiosity piqued I enquired further..
http://twitter.com/Harbles/status/6418118701
resp.
http://twitter.com/3GhomeNShake/status/6418478818
And back
http://twitter.com/Harbles/status/6418684653
And no response..
Security.. Chris has anyone expressed concerns to you about passing details obtained behind an external pw?
CERN security concerns...
Moderator: CharmQuark
Forum rules
Any controversial topic can be discussed. Freedom of expression is encouraged. The scientific validity of things posted in this forum may stray from reality quite wildly and the reader is advised to keep that in mind. Please refrain from bad language and DO NOT get overly abusive with other members. You MUST post in English. It is OK to have fiercely intense debate. This forum has no connection with CERN, the LHC or my site. The views here do not represent the forum's views or my views in any way. It is meant as a place to debate or discuss subjects that may create heated debate. Almost no moderation will occur in this forum at all.
Any controversial topic can be discussed. Freedom of expression is encouraged. The scientific validity of things posted in this forum may stray from reality quite wildly and the reader is advised to keep that in mind. Please refrain from bad language and DO NOT get overly abusive with other members. You MUST post in English. It is OK to have fiercely intense debate. This forum has no connection with CERN, the LHC or my site. The views here do not represent the forum's views or my views in any way. It is meant as a place to debate or discuss subjects that may create heated debate. Almost no moderation will occur in this forum at all.
Re: CERN security concerns...
As far as I know, anything accessible via this site has been confirmed as alright for the public to see by CERN by Chris. He has also got a few notes on the site stating that any CERN employee with concerns amount the links/info here can contact him and have it removed - CERN also has the power to restrict access to anything it wishes on its server, naturally.
-
Harbles
- LHCPortal Guru
- Posts: 314
- Joined: Sat Nov 28, 2009 10:22 pm
- Location: Mississauga, Ontario. Canada
Re: CERN security concerns...
I am specifically referring to things that one can only see if you have a CERN external password. Yes pretty much anyone can get one but it implies that they wish to retain control of some things or at least have a record of who had access.
I re-found an item from the US/LHC blog on the topic of what CERN does not want talked about by people on the inside.
http://blogs.uslhc.us/?p=1145
And a quote from DR Heurer
" Particle physics has always operated in a fully open and transparent way. It’s in our DNA to do so. Meetings are open to all comers, and it is important that we continue to foster such a culture of transparency. Nevertheless, we need to be aware that we are much more in the public spotlight than ever before.
We have to be aware that when we are speaking to colleagues in open meetings, giving stories to our home institutions’ internal publications, or writing messages to the CERN community in the Bulletin, the eyes of the world are on us. That doesn’t mean that we should be less candid than we’ve been in the past, but it does imply a greater degree of responsibility in the way we communicate. We must be sure that what we are saying avoids any kind of particle physics ‘shorthand’ that could be misinterpreted, and that results are not communicated until they have passed normal internal peer review procedures. "
So they are very sensitive to premature release of experimental data for obvious reasons but perhaps they are not too concerned about operational matters being discussed.
After all the Bird Baguette from the future stuff that's been going around I can appreciate their being careful.
I re-found an item from the US/LHC blog on the topic of what CERN does not want talked about by people on the inside.
http://blogs.uslhc.us/?p=1145
And a quote from DR Heurer
" Particle physics has always operated in a fully open and transparent way. It’s in our DNA to do so. Meetings are open to all comers, and it is important that we continue to foster such a culture of transparency. Nevertheless, we need to be aware that we are much more in the public spotlight than ever before.
We have to be aware that when we are speaking to colleagues in open meetings, giving stories to our home institutions’ internal publications, or writing messages to the CERN community in the Bulletin, the eyes of the world are on us. That doesn’t mean that we should be less candid than we’ve been in the past, but it does imply a greater degree of responsibility in the way we communicate. We must be sure that what we are saying avoids any kind of particle physics ‘shorthand’ that could be misinterpreted, and that results are not communicated until they have passed normal internal peer review procedures. "
So they are very sensitive to premature release of experimental data for obvious reasons but perhaps they are not too concerned about operational matters being discussed.
After all the Bird Baguette from the future stuff that's been going around I can appreciate their being careful.
Re: CERN security concerns...
I have established a VERY proactive procedure on internal information control..
1) IT security has, and continues to review the portal. I have a excellent relationship with them at the HIGHEST level.. I have a stance of "Tell me anything that needs removing and it will be removed WITHOUT QUESTION..
2) Forum security. I took a proactive stance on this and spent time discussing this with the highest levels.. I pointed out that with all the CERN employees who post here a accidental, or intentional, leak could occur. I was very proactive on this subject.
CERN top security management has maximum moderator powers. I have been VERY clear with them that they can delete ANYTHING at ANYTIME should then need to.. NO need to consult me. I almost forced this power on them. They did not request it.
I constantly clear things with the experiments. Can I say this, can I say that. Can i link to this. I email these guys a whole bunch each day. The Experiments know they can email me and I will remove ANYTHING they don't like. RIGHT AWAY..
This proactive security respect I have for CERN proprietary information is a important subject for me. I am VERY aware of the risks involved in this.
I want ALL of the users here to also respect this..
If you find something that is questionable DO NOT POST IT.. Send it to me and I will check.
ALL of us should be keenly aware of the privilege CERN is giving us. We should respect that and HELP CERN with security of their information. Doing so will keep the public information available to us.
Physics info is TOP secret. I will treat it as such. If ANYONE posts anything about physics I will immd report them. No doubt. I will report thier IP and Email address to CERN security immd.
CERN is NOT stupid. They see, very clearly, our accessing the resources.. Rest assured they have top people in IT security. The external account is required so they can track you.
So.... We are doing a great job and CERN loves it... BUT like NASA sometimes bad things happen and like NASA I think they understand its OK to be open. I personally think being open about a issue/problem helps everybody understand better and quicker so rumor does not get out of control.
I have considered what to do when a serious problem occurs. I think its VERY important to not report "disaster" and stupid tabloid style reporting. Factual and calm posting needs to prevail. I will delete posts that are out of control. Problems and events happen. Its OK. More will occur. Its OK, Its normal. We need to remember this when a bad event occurs.. The event will be overcome and we will get back to the fun shortly..
Think about it. A 1 year delay is only a 10% delay... Its nothing...
So I have considered this whole subject very seriously and have done lots of proactive work on it. We also have major CERN people here posting and keeping watch...
Im all about CERN security. Its that simple.. I would require everyone here to be as well...
In fact im going to change the registration agreements to reflect this...
But yes,,,, a very good question
1) IT security has, and continues to review the portal. I have a excellent relationship with them at the HIGHEST level.. I have a stance of "Tell me anything that needs removing and it will be removed WITHOUT QUESTION..
2) Forum security. I took a proactive stance on this and spent time discussing this with the highest levels.. I pointed out that with all the CERN employees who post here a accidental, or intentional, leak could occur. I was very proactive on this subject.
CERN top security management has maximum moderator powers. I have been VERY clear with them that they can delete ANYTHING at ANYTIME should then need to.. NO need to consult me. I almost forced this power on them. They did not request it.
I constantly clear things with the experiments. Can I say this, can I say that. Can i link to this. I email these guys a whole bunch each day. The Experiments know they can email me and I will remove ANYTHING they don't like. RIGHT AWAY..
This proactive security respect I have for CERN proprietary information is a important subject for me. I am VERY aware of the risks involved in this.
I want ALL of the users here to also respect this..
If you find something that is questionable DO NOT POST IT.. Send it to me and I will check.
ALL of us should be keenly aware of the privilege CERN is giving us. We should respect that and HELP CERN with security of their information. Doing so will keep the public information available to us.
Physics info is TOP secret. I will treat it as such. If ANYONE posts anything about physics I will immd report them. No doubt. I will report thier IP and Email address to CERN security immd.
CERN is NOT stupid. They see, very clearly, our accessing the resources.. Rest assured they have top people in IT security. The external account is required so they can track you.
So.... We are doing a great job and CERN loves it... BUT like NASA sometimes bad things happen and like NASA I think they understand its OK to be open. I personally think being open about a issue/problem helps everybody understand better and quicker so rumor does not get out of control.
I have considered what to do when a serious problem occurs. I think its VERY important to not report "disaster" and stupid tabloid style reporting. Factual and calm posting needs to prevail. I will delete posts that are out of control. Problems and events happen. Its OK. More will occur. Its OK, Its normal. We need to remember this when a bad event occurs.. The event will be overcome and we will get back to the fun shortly..
Think about it. A 1 year delay is only a 10% delay... Its nothing...
So I have considered this whole subject very seriously and have done lots of proactive work on it. We also have major CERN people here posting and keeping watch...
Im all about CERN security. Its that simple.. I would require everyone here to be as well...
In fact im going to change the registration agreements to reflect this...
But yes,,,, a very good question
-
March_Hare
- Posts: 135
- Joined: Tue Dec 01, 2009 6:09 pm
- Location: The Netherlands
Re: CERN security concerns...
Thank you for your openness on this topic. I totally agree with your point of view.
Also - despite the fact that all the links on the portal are public Internet I occasionally have this little voice asking "Yes, but is it really ok to look at all these status updates and other stuff?". Thanks for putting that little voice to rest!
Also - despite the fact that all the links on the portal are public Internet I occasionally have this little voice asking "Yes, but is it really ok to look at all these status updates and other stuff?". Thanks for putting that little voice to rest!
Nothing travels faster than the speed of light with the possible exception of bad news, which obeys its own special laws.
~Douglas Adams
~Douglas Adams