My friends over at Sticky Minds picked up a UPI article about Norm Coleman's campaign office being hacked into. It's a summary of an original article in The Hill. For many years we've been fighting this knee-jerk security reaction that if it's a "security" issue, it must be a "firewall" issue. The difference between these two articles just underscores that point.

The only "security" aspect of the UPI article is the fact that the word "firewall" is mentioned twice. I can think of a thousand ways that a campaign headquarters could get breached that would not involve the firewall at all. In fact, if they're taking donations over the Internet, they're probably doing so using a server that physically resides in a data center somewhere, not at the campaign HQ. And if data did get sucked out of campaign HQ computers, it's most easily done by getting a staffer infected with a virus or some malware. Nobody, but nobody, beats down the firewall these days. They trick you into running something you shouldn't, or they attack your applications (e.g., the web server where contributions are accepted).

The Hill's article gets this right. At least they don't get it wrong. They present some facts and don't misrepresent anything. The UPI summary dwells on the firewall, however, when it has limited space available for the article. It leads the lay reader to the conclusion that firewall breaches (a) happen, (b) are relatively common, and (c) were likely in this case. I see (and apparently the FBI sees) no reason to think that's the case here.