
Cyber Security Awareness Challenge - smnscu
https://iatraining.disa.mil/eta/disa_cac2018/launchPage.htm
======
chauffer
It... requires Flash? Is this the challenge?

~~~
marmot777
Isn't flash inherently a security risk hence why none of us have it installed
these days?

------
Haydos585x2
Today Chrome is at version 68. I understand that government departments love
to have explicit version support but why does this site use Flash, require IE
11 (not Edge!), old browser versions and just all this stuff that is _basic_
infosec stuff.

Perhaps this has some good information in it but if they're going to build it
in this way then it's probably worth keeping internally and not releasing to
the world. I think at this point it's probably harder to build something in
Flash and find someone to build it in Flash than in more modern web
technology.

~~~
56chan4
Reverse Psychology, these are phishing attacks where they want to hack you and
study your behaviour. Is it any wonder the head of the UK's MI5 Andrew Parker
did Behavioural Science at Cambridge Uni?

Knowledge is power and you can not undermine the military in anyway, the
military is all about control of the warzone and today you are the enemy
combatant, so every asset is deployed against you to control you from the day
you were born. If you think this stuff is limited to just hacking computers,
consider the fact social engineering is a valid hacking attack vector. Are End
User Licence Agreements just massive obvious warrant canaries when considering
the legal prose?

------
qrbLPHiKpiux
I passed! (Did not install flash)

------
inetknght
Requires javascript. Requires flash.

Is our^H^H^H my military really so backward?

Is it from bureaucracy? Or, are there really people who think this is legit?

How can I get this garbage improved?

~~~
fma
Based on the comments, I thought it was an old training...then I saw the
banner on top said 2018.

This is our tax dollars at work. I wish we had politicians that would spend
our money wisely, rather than just keep increasing military budget and build
crap.

~~~
sdmike1
I had to take i earlier this year.

------
furchin
Step 1: Install Flash

Step 2: Fail Test

~~~
bribroder
Step 3: Uninstall Flash

Step 4: Pass test?!

------
ReidBix
I ended up taking this training at my first summer internship at a private
contractor for the Navy a couple years back. Interesting seeing it here on HN,
but I never really thought the training was really that standout to begin
with.

Definitely felt way more like a way to train non-technical employees to not
get phished and to keep security principles in mind in the workplace. The
game-ification aspect actually seems beneficial compared to other similar
training I've done in the past though!

------
navbaker
Ahh yes, this is an annual thing in the military where, at the end of the
fiscal year, commanders start putting pressure on subordinates who haven’t
completed this course for the year. Everyone is threatened with not being
allowed to go home for the weekend until they prove for the 100th time that
they know not to accept downloaded songs from co-workers, not to let Tina into
the SCIF without her badge, and not to let the shady guy at the cafe use your
smartphone.

~~~
cferr
Also lock down your Facespace account.

------
cik
I maintain two browsers - a secure one, and an insecure one. The insecure
setup runs in a VM, and the profile is on a disk shared from the host - where
the host side symlinks the associated directory to /dev/null.

Seeing that anyone still uses Flash just makes me sad.

------
discreditable
> Get Adobe Flash Player

This one's tough.

------
scriber
is this for real?

~~~
cferr
DoD IT professionals are required to pass this annually.

