Going to be an interesting job interview
Here at xyz we do...
We are looking for a new director of ...
The previous executive left because
We have budgeted to pay you ....
The head of the NSA and his deputy are both expected to leave the signals intelligence agency over the next six months, unnamed US officials told Reuters. The departure of General Keith Alexander, the former US Army officer who has served as the NSA's director for that last eight years, and his civilian deputy would …
The trouble with the various discussions taking place is that they assume, a-priori, that the semi-literate thugs running these organizations have any idea what they are doing. They assume that it makes sense to have a centralized spy operation interfering with the population it is supposed to protect. It is all just completely wrong-headed.
Attacks on 'cyber-space' are surely a problem for all of us. However, allowing people who deeply misunderstand networks and security to take control is a bad idea. They are working very hard to create an *insecure* network that has many different single points of failure.
What we should be doing is creating a truly robust network whose governance is decentralized and widely dispersed. It should not be something you can gain control of by poisoning a DNS root, hijacking a router or mis-using a root certificate held by an entity patently incapable of being trustworthy.
Rather than figuring out how they can *down* legitimate websites by hijacking DNS, they *should* be directing resources to making sure that *nobody*, including them, can do so.
They spend so much time figuring out how *they* can control something that they neglect to investigate whether such control makes sense at all.
As odd as it seems, I think one of the biggest problems with security agencies and entities like the FBI and the RCMP is that the organizations foster illiteracy. Some of what they do indicates that they just simply do not have very good reading comprehension.
The purpose of three-letter-agencies is principally to protect their budget/remit/authority from other three-letter-agencies.
If they have any time left, they do what-they-know-to-be-right (tm).
Since what they have been doing is right (because they have been doing it) they do more of the same thing.
As anyone who has watched 'Yes Minister'  will know, the purpose of any government agency is to grow and increase its budget and staff count. Companies measure their success by profits, govenrment departments by the number of employees and the size of their allocated budget.
and youtube: http://www.youtube.com/watch?v=aom7Cwvt56U
To dismiss as "semi-literate thugs" the men and women, both civilian and military, who staff NSA and like agencies would be a serious error. On average they probably are well above the mean in intelligence and do not differ from a cross section of Americans in matters of ethics. To assume further that they do not understand networks and network security also would be an error (although they seem to have been somewhat lax personnel security matters).
Another gross error is to assume that dispersing governance of the logical structure of the internet will somehow make it more robust and secure. It will not. Dispersed governance will have little effect on the physical internet which, in fact, is quite robust and has security that is heavily dependent on who has physcal access to the hardware components.
Those wishing to control the internet, including through such devices as DNS and root certificate subversion, are more the politicians, free enterprise criminals, anti porn militants, and the likes of MPAA and RIAA than they are intelligence agencies which mainly want unfettered access to the physical internet. The instance of internet control that come readily to my mind are Iran, Egypt (during the Arab Spring) and the seizure of the Megaupload servers on dodgy warrants, none related in any way to NSA activities.
"On average they probably are well above the mean in intelligence and do not differ from a cross section of Americans in matters of ethics."
Therein lies your error. Avg. USAians are below avg. intelligence. It didn't always used to be this way, but it is now - for reasons I will not discuss here. So get your grubby paws off our network/data USAians. --intl. Internet usr.
The management goofs that allowed Snowden to probe and copy widely, and remove the material, are justification enough for the departures. Others, at lower levels, will retire or be reassigned or have done so already. For a variety of reasons, the last few weeks of December and the first week of January are popular for civil service retirements.
"The departure of General Keith Alexander, the former US Army officer who has served as the NSA's director for that last eight years, and his civilian deputy would potentially allow the Obama administration to introduce reforms of the NSA ..." This from the administration under which the alleged abuses were greatly expanded and extended? Stunningly naive.
"NSA's leadership were angry at the Obama administration's failure to do more to defend the spy agency against criticism of its surveillance programs". OK, I know that's the take of some anonymous source, but even if it's just propaganda being spun up by one of the "aggrieved parties" (intel agency managers or execs), I have to ask, "REALLY?" The President has pretty much completely burned all his bridges to the civil lib community, not to mention anyone in our (tech) business with half a brain, and they're trying to argue he didn't do enough? How do you defend the indefensible, exactly? As tom says above, the real failure here was by managers and execs at the three-letter agencies who failed to enforce even the most basic security best practices. It was their negligence that provided Snowden with the opportunity to walk off with their (not necessarily our) most embarassing secrets. Our friend btrower gets it exactly right when he writes, "The trouble with the various discussions taking place is that they assume, a-priori, that the semi-literate thugs running these organizations have any idea what they are doing." Clearly the depths (or heights) of their incompetence (and entirely unnecessary flushing of taxpayer dollars) have now been revealed for all to see. As btrower says a bit further on, what we all, including the US government, should be concentrating on is making our internetworks more robust and secure, so robust and secure that not even those three-letter agencies can compromise them. Seems to me that if they find it too hard to accomplish THAT mission maybe the time has come for them to move out of the way and let someone try who isn't afraid of doing some really hard work.
...HAHAHAHAHA, suuure, NOTHING, absolutely NOTHING, right.
PS: never understood how on Earth this guy retained his position after REPEATEDLY deliberately LYING TO CONGRESS, always quickly being caught afterwards...? Just what kind of dirt he knows about whom that allowed him to stay after such (repeated) criminal offenses? He should've been replaced and held accountable per Section 1001, Section 1505 and Section 1621 of Title 18 of the U.S. Code, namely for knowingly and willfully concealing a scheme and making false statements to a committee of the Congress, for obstruction of proceedings of a committee and/or perjury, respectively.
"The departure of General Keith Alexander, the former US Army officer who has served as the NSA's director for that last eight years, and his civilian deputy would potentially allow the Obama administration to introduce reforms of the NSA ..."
In reality, what difference are any kind of reforms going to make regarding the secret practices of the various agencies.
Passing a law to say what they are doing is effectively meaningless without meaningful enforcement such as prison sentences for the transgressors. They have already been breaking the law for at least the last couple of years.
The problem will still remain however, as any such laws passed will just mean the agencies will take greater pains to ensure they don't get caught, whistle blowers like Snowden will find it harder to access the relevant info and should they steal some, may find they have been under surveillance all the time and are suddenly on their way to a large island in the Carribean or worse about to commit suicide unwillingly.
I am certain that the problem does not only lie with the NSA, I feel by their relative silence that many other agencies in the US and elsewhere are if not in cahoots with the NSA, are at least conducting similar operations and will after any legislation is applied to the NSA.
Let's face it the job of the FBI is to maintain US internal security as well as serious or Federal crime fighting. They are supposed to keep an eye on American citizens ( albeit within the law).
Making changes to the law doesn't mean anything will really change so don't throw away the tin foil hat and don't uncover your webcam just yet!
Too much of what is put out as analysis, and too much of the commentary assumes as obvious that which is untrue: that the intelligence agencies operate in a vacuum independent of external controls and keep their activities secret from other parts of the government. It surely is true that there is some of this, and that there is jockeying among the agencies for funding and status. But in the main, it is untrue, now with the NSA as it was since the '50s with the Iranian and other coups, the Bay of Pigs invasion, the Gulf of Tonkin incident, and other similar matters. The activities were known to the responsible Cabinet officials, legislators on responsible committees, and, many times, to the President. They might not have been known in all their gory detail, partly due to agency inclination to shelter bosses, maintain flexibility, or avoid appearing pessimistic or bearing bad news; and partly due to supervisory reluctance to know too much, or to hear opinions that were either negative or differed from their preconceptions.
The NSA operations were governed by laws Congresses passed and Presidents signed, were subject to the authority of the Secretary of Defense, detailed rules from the Attorney General, supervised by Senate and House committees and the FISC. The published leaks suggest they were at least moderately forthcoming to the FISC, and they took some chastisement for misinterpreting and exceeding the rules under which they were authorized to operate. Discussing the NSA as a rogue agency operating on its own usurped authority both misstates the problem and does injustice to the NSA and its employees. Any solution will have to take into account that it is widely dispersed, that there is plenty of blame to assign, and that landing on the NSA (or FBI) is a lazy cop-out.
Given their fairly central supply side roles in the PRISM system - and the fact that they are bound into those roles by what appears to be a Government contract that is fully enforceable in Law, (as evidenced by the ongoing appeals to SCOTUS by Google to repudiate (just) the gag-order clauses) - I would venture to suggest that Microsoft, Google and Apple could properly be described as among the largest US Defence Contractors out there...
They may not, (to our knowledge), be being paid for their services, but they are nonetheless Contractors complicit in the 'service delivery' for all that...
This can be debated to death, but I'm beginning to believe this isn't about dragnet mass surveillance, its about targeted micro-surveillance leading to clear abuses of power. The mass surveillance part is cover to paste over highly-targeted Edgar-J-Hoover-like abuses. My conclusions stem from reading the reports of past NSA whistleblowers, actual program designers who were much more senior than Snowden...
Should you become a person of interest i.e. an OWS protestor or an outspoken critic of the banking establishment, or the military, or an outright critic of the US administration, you will be targeted automatically...
You may also become an unwitting target if you represent a foreign competitor to a US company, especially in the industrial military or energy sectors. Follow the money! The recent revelations of NSA spying in Brazil and France tell us a lot more about what's really going on...
NSA Spying Doesn’t Work to Prevent Terrorism .... (Its all about the money)
William Binney knows as much about spying as anyone alive... (former NSA whistleblower)
Indeed, The Washington Times gives some nice little details:
"In response to a follow-up question, Gen. Alexander also acknowledged that only one or perhaps two of even those 13 cases [out of 54 foiled terrorist plots he had claimed before] had been foiled with help from the NSA’s vast phone records database."
"Director of National IntelligenceJames R. Clapper denied that the number of plots foiled should be the sole metric by which the success of the program is measured. “I think there’s another metric here that’s very important. … I would call it the ‘peace of mind’ metric.”"
The new line of defense for the NSA: Give us your taxes. You'll feel better afterwards.
Alexander is a symptom. James Clapper is the disease. None of this could have ever happened without his knowledge. He either dreamed it up while on his holodeck or approved it. Alexander was sacrificed so James Clapper could remain in his position. None of this can truly begin to change as long as Lord Voldemort is still there.
The problem is none of the politicians will come out and say that a few Boston bombings are a cheap price to pay for the freedom and prosperity that the US (pre-9/11) enjoyed. Even a 9/11 per year is a cheap price to pay - although placing locks on the cockpit doors would stop terrorists using planes as fuel-laden guided missiles. But apparently fear, paranoia, xenophobia and claims of "making America safe" play better in the polls than freedom.
Biting the hand that feeds IT © 1998–2021