Hack Targets NASA's Earth Observation System

Gunkerty Jeb writes "A hacker is claiming that a security hole in a server at NASA's Goddard Space Flight Center has exposed data related to a satellite-based Earth observation system used to aid in disaster relief. The hacker, who uses the handle 'Tinkode,' has published a screen capture from what he claims is an FTP (File Transfer Protocol) server at NASA's Goddard Center. The hack comes exactly a month after the same hacker exposed a similar hole in a server operated by the European Space Agency."

Dumbing down

[Anonymous Coward]

When FTP needs to be explained on /. it's time to find another "News for Nerds" site.

Re:Dumbing down

[DanTheStone]

It's because our submitters and editors are too lazy to write a summary, so they just copy-paste a chunk of the article (which may be intended for a less-technical audience).

Re:Houston, we have a serious security problem...

[AMuse]

Hi all; I actually work for NASA as an IT Security guy.

While I can't answer specifics about this incident, you should remember that a great many things done by NASA are "General Science", and the data output from them is specifically and consciously made public.

It's possible that the FTP server is meant to be serving those files "to the public".

Why FTP instead of SFTP? Usually when you choose to make data public to the world, you don't bother implementing crypto on the data. And just because it's available via FTP for distribution, does not mean insecure FTP was used to *place* the data on the server.