Oh The Irony
This just made me laugh. All the years of treating us like criminals and now the tables have turned and it's treating its staff as potentials as well. Deliciously ironic.
The National Security Agency (NSA) has decided it really needs to catch the next Edward Snowden before he turns whistleblower/traitor (strike one according to your political orientation). According to this memo (PDF) from Carol Gorman, an assistant inspector general in the Department of Defense's Readiness and Cyber Operations …
Spot on. My understanding is that a lot of compartmentalisation ('need to know' being a fundamental aspect of military and government security for decades before the computer was invented) was torn down after 9/11, when agencies were accused by the politicians of "failing to connect the dots".
Anyone who's worked in security for a few years is likely to have experienced the following scenario:
PHB: This security system is reducing our profit- turn it off.
Dilbert: That will expose us to all these risks.
PHB: Don't argue, just do it.
Security team: Your access privileges have been altered in line with the recent audit. Sir.
PHB1: Put 'em back the way they were, son. Of course I need access to everything, I'm in charge. And don't come running in with that password-change crap, either.
1Pointy Haired Brigadier
Having read "Spycatcher" and seen the level of compartmentalization within an agency (departments were spying on each other because of mistrust of potential moles, without each department spotting that they were being spied on), I had been suspicious that Snowden was an NSA plant, leaking that "we're doing X amount of surveillance" to hide the fact that they were really doing 3X amount of surveillance. But the post 9/11 sharing is more plausible, and makes Snowden more plausible to me. Not that I completely dismiss my earlier idea, to be on the safe side.
Sounds like sensible (and long overdue) overhaul needed because they have no idea of who is inputting data nor of who is copying and extracting it. In such a large outfit there must be staff open to bribery or blackmail. So what exactly have the Russians, Chinese, ISIS and the Mafia walked off with (or maybe inserted, deleted, changed)? If the incompetence is really so great, one need hardly bother with conspiracy theories to get seriously worried...
"In such a large outfit there must be staff open to bribery or blackmail. So what exactly have the Russians, Chinese, ISIS and the Mafia walked off with (or maybe inserted, deleted, changed)? If the incompetence is really so great, one need hardly bother with conspiracy theories to get seriously worried..."
Especially as someone hacked the whole USGov personnel system (including all those 163 page vetting forms for security roles where you tell them everything about yourself).
"What always boggled my mind about the whole Snowden episode is the incompetence it implies at the NSA if he truly were able to just copy all those files."
It goes way beyond that. If the vetting process had been remotely up to scratch, Snowden would never have been employed by any government agency. Snowden was vocally anti-internal spying and had been for years online; anyone who'd read a half-dozen of his forum posts or facebook updates could've told you he would not be happy doing what they had him doing and would leak like a sieve. And the NSA already had this information available from its obsessive data collecting. It combines utter incompetence with an excellent display of not being capable of using the data they were harvesting in even the most obvious and easy cases.
"If the vetting process had been remotely up to scratch". As far as I remember Snowden's background was very good, father etc. What you try to imply is that he from the beginning had some intentions to do something "wrong". I have no prove for that nor have you.
Suppose you start working in Big Pharma and you find out that the company is cheating and putting all users at risk, nothing new there. Should you then react or not. Like with Snowden, or not, it becomes a moral question and most likely also a question of courage.
So lets not forget that it's we the people who elect the government not the other way, although, as always they tend to think they select the people, nothing new here. In a perfect world the government would self regulate it self. But until then it's we the people who have to do it, who should do it and need the courage to do it.
In the same way the government and us should regulate the business, and they hate it, for the simple reason that business has no moral obligations toward anyone but perhaps their shareholders. Skip all regulations for the food industry and you will eat horse shit as superC butter or something. You Americans have been in a newer before seen brainwash regarding regulations regarding the industry. Please wake up before there is only one ISP to "choose" between.
As for Snowden I doubt I had the balls to do what he did, but again it's we the people who has the obligation and right to expose the government, and they hate it, and they have no choice but to hate it, Then it's up to you, the people, how to feel about it. And again dear Americans, wake up, you have been screwed for a long time.
I think the point Naselus was trying to make is that Snowden's earlier behaviour would suggest that he would go public if he found out that mass surveillance was taking place. I do not see any implications regarding any prior (ill-)intent on the part of Snowden or, indeed, any judgment as to whether what Snowden did was good or bad.
My thanks to Naselus for pointing this out; I was not aware of it. Assuming it's accurate, it would support my feeling regarding the leak being planned by higher echelons of the NSA or beyond: one does not, after all, let go of a lead-weight in Earth's atmosphere and expect it to float up like a helium balloon.
You know, this is a funny feeling: I tend to be against conspiracy theories, usually. Yet here I am finding that the simplest explanation I can come up with for the facts I have is a conspiracy worthy of a movie plot. But I simply see no other evidence that the NSA are this incompetent. Indeed, everything else I know points to them being one of the best entities on the planet in doing what they do, regardless whether you agree with it or not.
"What always boggled my mind about the whole Snowden episode is the incompetence it implies at the NSA if he truly were able to just copy all those files."
You've probably never worked in a really, really large organisation - doesn't really matter whether private or public sector, really. Ever heard the old joke about two guys looking at a huge office block? "I wonder how many people work in there?", muses one of them. "Oh, about half of them", answers the other. Yes, the NSA is full of smart people, but not necessarily in admin (or the department that sets the internal guidelines). A lot of them are your average garden variety 9-to-5 employees just shuffling along. But then, we can't all be like Jack Ryan, can we?
Beat me to it, but I was going to go with:
genisoimage -r /embarrassing/secrets/ | wodim dev=/dev/dvdrw speed=1 -
Richard Chirgwin's "sudo cp -R * /dev/DVD" has multiple problems.
If his account does not have access to the current directory, * will expand to *
sudo does not do shell expansion as the target user by default, so cp will be instructed to copy a file or directory called *
If * does not exist, cp will complain.
If * exists and is a file (or * expanded to one name), it will be copied to the /dev directory, and will be called DVD. (These days, /dev is tmpfs, so the file will end up scattered all over the swap partition)
If * exists and is a directory (or * expanded to more than one name), cp will complain that /dev/DVD does not exist.
/dev/dvd is the default DVD-ROM. These days, DVD-ROMs are rare, and /dev/dvd will probably point to the same place as /dev/dvdrw.
I am not sure what copying a file or directory to /dev/dvdrw would actually do. I hope it would cause a meaningful error message, but if not, I have confidence that recovering any data from the DVD would be a really unpleasant task - if possible at all.
I think it is possible to mount a re-writable dvd with a filesystem, and copy files and directories to the moint point. When I read about this (over a decade ago) there was a warning about packet writing being really slow. In real life, you were better off generating an ISO image and asking wodim to transfer it to the DVD as slowly as possible (x1000 speed DVD players and x10000 speed disks were marketing numbers and had to be treated as slightly less reliable that a statement from the home secretary.)
>Richard Chirgwin's "sudo cp -R * /dev/DVD" has multiple problems.
Maybe it was a deliberate mistake, in the same way Frederick Forsyth includes deliberate errors in his books (to avoid accusations of providing instructions to ne'er-do-wells)? In any case, the next Snowden is unlikely to look to Reg headlines for their MO!
In any case, the next Snowden is unlikely to look to Reg headlines for their MO!
El'Reg still use magneto-optical drives? That's a first. I have mine sitting in the cupboard -- unplugged it when I upgraded the box last time as the new machine only has one PCI slot for me to fit a SCSI card. Plus I couldn't get the media for it. (Hardly worth it when a DVD costs 50c and stores twice as much, or equivalent size USB sticks sell for $2.)
I was thinking that, if /dev/DVD actually existed, it'd be a symlink to a block device, in which case the error message would be: "Not a directory"
There can be advantages in copying a non-ISO file to a CD or DVD. E.g. denying that it contains anything if you are caught.Beos and Nextstep used non-ISO cds for at least part of their product.
SGI boot CDs were basically a SGI disklabel with partitions just like their hard drives. (Makes it kinda fun to try and mount one of those on a Linux box…)
Wake me up when the USA President can safetly carry a smartphone, in America, running an American OS, safe in the knowledge that he can't be tracked.
"They can track me" would be a weird issue for a man always accompanied by about a thousand security men and other government employees, plus hordes of journalists.
How about designing an OS, where someone can't just walk in off the street and burn your entire unencrypted database to a DVD. Or at least implement a full irrevocable auditing system where you don't have to wait until the miscreant downloader announces the deed from Moscow.