UK spy agency GCHQ wants to become an incubator for the next generation of tech entrepreneurs, according to a story doing the rounds in this morning's newspapers. The Independent reports that the proposed scheme will be modelled on the Teach First programme, where graduates work in difficult schools for two years before …
(For privatisation: it's clear that Cheltenham United is already sold-out/funded by Maryland Limited)
On the specific idea of GCHQ/CESG training UK youth, BRILLIANT idea. It is about the only way to add needed resiliency into UK ICT infrastructure & future ICT related businesses. After the Putin take-down of Sony Pictures last year, we need every FT100 company to have embedded cyber offence/defence skills, or its game-over for UK industries...
Tech crèche - go for it!
you write is simple and straight forward like this for example
MoD Apprentice 1984-1988
MoD Civil servant 1988-1991
And then into my career in private industry....
If you want you can write where you worked, but not what you did*
*Making tea and hiding in the boiler house on a friday afternoon playing cards mostly ;)
Anon cos I worked for our lot and I now work in the city with a bunch from the Israeli lot.
The choice on their side: You are going to have to do military service anyway. If you are super smart and can pass all the exams to get into that unit you don't spend 3years tramping around the desert risking being blown up or captured by Hezbollah.
You have been taught from nursery that the IDF is the only thing stopping another Holocaust and you believe that this unit is doing a real job to protect your people.
On our side: GCHQ and similar depts, only did recruitment at Oxford, Cambridge, Imperial - although strangely people with 1st in maths from Cambridge seemed able to get other jobs and so we were lucky to get no-name poly. Your bosses will be the idiot younger sons who couldn't get into daddies friend's bank or even into the guards. Although that is changing, following the semi-privatistion of things like RSRE, they are now 3rd rate business grads who watch the apprentice.
Possibly you will also do vital work protecting the nation from imminent terrorist threat, but back in the days of the IRA we never did.
I know someone who worked for GCHQ and who didn't go to OCIU. He confirms the management by Guards failures. This caused him to depart for a country and industry where technical management were more clued up. All went well until he needed to be security cleared for certain work. Proudly he told the US security people that he had been positively vetted by the UK security services, to be informed "That's going to be a real problem, all those people are commie faggots."
There's actually a somewhat similar program with the NSA. You want to go into computer science or math in college, but can't pay for it? Agree to a 5-6 year stint with the NSA after school, and they will take care of your undergrad college bills. I'd imagine that there is something similar for grad school as well.
"Agree to a 5-6 year stint with the NSA after school, and they will take care of your undergrad college bills"
This wouldn't apply in the UK because they look for rich kid establishment types from the Big Two who don't need the money. And yes this *is* directly linked to GCHQ's a) competence and b) ethical direction or lack thereof.
Much like ex-military, they'll have a deeper understanding, a bit more maturity and probably some skills that many may not have. If one is worried that they'll code in some backdoors, then don't hire them. If they have the skills needed and there's a bit of a trust issue, start them on a "simple" or well-monitored position and work from there.
Ex GCHQ people will know how to keep a national secret, which means they'll also know how to keep a commercial secret.
Code reviews will mitigate the injection of backdoors. In my current workplace, no change gets committed to the working codebase until it has been peer-reviewed by someone competent. (And believe me, most of them DELIGHT in being pedantic bastards and pulling you up on the slightest deviation from coding standards, never mind overlooking any 'undocumented' behaviour.)
"If one is worried that they'll code in some backdoors, then don't hire them"
I probably wouldn't due them them likely having no perusable development history, which prevents all kinds of checks and balances, never mind fear of backdoors; see this recomended reading on a directly related subject.
"Code reviews will mitigate the injection of backdoors. In my current workplace, no change gets committed to the working codebase until it has been peer-reviewed by someone competent"
Yeah because it's always really easy to see when lets say an RNG is backdoored, given there's no standard test for it unless it's compromised *very* obviously, if the Linux RNG was backdoored today, right now, even with the source code available it'd probably be very difficult to do. Which is to say that your assertion depends on the nature of the work. Given you're specifically talking about ex-sigint folks you're probably talking about specialist algos in the first place as opposed to cheapo facebook clone perl devs you can find on any rent a coder type sites.
Today already a lot of top execs in security come from law enforcement/intelligence agencies. Many companies hires them because they think they are "competent". Sure. maybe they have no the keys in hand... but how many would refuse a request from a top exec?
Is this so different for sysadmins? Anyway, the reason seems to be let them build their own companies. Then the question becomes "should you buy products built from companies run by ex intelligence men?" - have their product built-in backdoors to let their "ex" employer access your data?
is the thought of companies set up by people who've just been trained to invade other people's privacy wholesale and to see it as A Good Thing. Yes, I know, chances are most will be perfectly fine people that wouldn't do naughties, but what about the odd rotten apple? What if one of them starts the next big social network or search engine, or data analysis software? OK, I know that those horses have already left the stables so to speak, but heck, no, I do NOT think this is a good idea.
Considering most of our MP's don't appear to have a clue about science and the number that have been shown to be ethically challenged in recent years, I can't help but worry about what they're leading us into. As for saving money, I refer my honourable colleagues to the UK aircraft carrier fiasco, multiple government-funded IT disasters and HS2, all well-reported in this esteeemed publication. Stop that kind of crap, and spend the money on science instead, it'll return on investment many times over.
"people who've just been trained to invade other people's privacy wholesale and to see it as A Good Thing"
Mark Zuckerberg even boasted about doing just that and as far as I know he has never worked for the NSA/GCHQ. Perhaps if he had, the user to user security on Facebook wouldn't be so crap (though obviously the creepy intrusiveness would have been better organised from day 1).
What a spliffing good idea, from the executive depths of public paid sector incompetence. Whatever could go catastrophically gloriously wrong in such an obvious mind moulding mission?
Lambs to the slaughter and systems to meltdown spring immediately to mind.
.... and indisputable evidence of Serial & Secret Intelligence Servering Failure*
What type of bod/boddess would want to work for and/or be in any way associated with a Supposed Intelligent Surveillance and Presumably Intelligently Surveilled Service agency, which allowed on its watch the following disgrace and presumably still active ongoing operation, heralding ......
The information comes as MPs warn that there may not be enough resources available to conduct an official inquiry into historic child abuse cases in Britain during the 70s and 80s.
Last week, Labour MP John Mann said that police and social services may be unable to deal with “tens of thousands” of people likely to give evidence about child abuse, including elite “VIP” pedophile rings, consisting of high-ranking politicians. .... http://rt.com/uk/219419-prince-andrew-child-abuse/
Talk about a monumental credibility gap. Are GCHQ/MI5/MI6 and mouthpiece Cabinet Office ministers, wannabe tiger toothless lapdogs in dire straits need of leading intelligence officers rather than being bastions of the clusterfcuk promoting dead wood to top tiers of reliable indifference and self-satisfying incompetence?
What does all of the evidence prove, beyond any reasonable doubt?
*And that is a private sector and pirate vector opportunity for export and exploitation of the Alternative Futures and Derivatives and Day Trade into Maximising Ponzi Profits and Securing IP Worth in the Zero Day Vulnerabilities Market Place .... CyberIntelAIgent Offer Space for CHAOSystems with Virtually Practical Command and Remote Anonymous Control.
To be, or not to be a UKGBNI Confection or/and Virulent Infection, is the question registered herein.
Biting the hand that feeds IT © 1998–2021