Domain: federaltimes.com
Stories and comments across the archive that link to federaltimes.com.
Comments · 22
-
Re:Oracle sues in 3...
Oracle sues in 3...2.....1
They already did. They sued the government in December in the United States Court of Federal Claims.
The judge granted a stay of the lawsuit requested by the DoD while they investigated possible conflicts of interest.
The DoD completed their investigation and decided there were no conflicts of interest, but there may have been other ethics violations. Presumably the DoD's report is controlling in the lawsuit, though nobody has said yet what the disposition of the lawsuit will be.
-
WHAT budget cuts?!?!?
The reason so many Repubplicans DESPISE Miitch McConnel, John Boehner and Paul Ryan is that they have FULLY FUNDED the Obama admin budgets for EVERYTTHING including Obamacare and Planned Parenthood!
Last year, these feckless fools surrendered to Obama completely and gave him an agreement to not limit the debt and not cut the budgets for TWO YEARS (i.e. a free pass for the rest of his presidency)
If you think any government agencies are unable to act beacuse of buget cuts, please explain this: The IRS which continually complains it cannot assist taxpayers becuase it lacks the money gives millions of dollars to its own employees as bonuses even though they are tax dodgers!
How about THIS: The GSA which has been awash in scandals about its incompetence for many years thinks nearly all its employees deserve bonuses and has been handing those bonuses out like candy.
This has been going on all over Washington DC for many years, which is a small part of why a small city that was supposed to be just place where representatives of the people periodically met to do limited government duties before returning home has instead become the hub around which most of the wealthies counties in the nation now reside.
The US government took in more tax money under Obama than under any predient in History, including the presidents who had to buy computers for their administrations back when computers were very rare and extremely expensive. When the IRS and the rest of the agencies were setup, cheap desktop computers did not exist. What's the excuse now?
-
The problem is systemicDrawing a distinction between cybersecurity in the Federal government and cybersecurity in other large organizations is meaningless. The only thing that does is make it easier for any large organization to avoid accountability for their failures.
The US business community has been completely successful in avoiding any regulations on cybersecurity. The US Chamber of Commerce has defeated all attempts to define laws or national standards for computer business security. Instead we have some Presidential decrees that have minimal real world impact.
Since there are no standards, it is impossible to assign any responsibility when data breaches occur. The response consists of cover ups, minimizing the impact of the event, denial of responsibility (the word "unprecedented" is common), rhetoric on helping the victims and not letting it happen in the future. After the public outcry dies down nothing is ever heard about it again. It might as well not have happened. No one is ever fired. No follow ups are made available to anyone outside the organization.
Additionally, those effected by the data leaks are given no support and have no recourse. Being offered free credit monitoring for a year, or even two, is like offering someone with potential HIV exposure a band-aid. The level off effort involved is grossly inadequate. The potential repercussions can happen years later. If the corporation responsible doesn't know how much effect the breach had, how can they decide to come up policies that balance cost and benefits? The reason they do no follow up is because it provides them with iron clad cover from having to pick up the real cost of their failure. It also makes it a certainty it will happen again.
What I just described is exactly happened with the Sony leak. But it could just as easily be the leak that occurred at UCLA in the last couple of weeks, or any leak that made the national headlines in the last 20 years. In fact UCLA was hacked in 2012, so nothing has really changed.
The non-government situation is identical to government cases. The failure modes and responses are identical. This is unsurprising because the organizational issues, technical requirements and talent involved are the same. It is nonsensical to expect that one side of an arbitrary line will have one kind of behavior and the other side will be different. It's just not going to happen.
The other elephant is the room is that a huge percent of the work is not done by the government, but is done by private contractors. That is what happened with the OPM breach. This was reported when the story first came to light, but is now erased from the narrative. That is a part of the cover up. In fact there were two contractor breaches, one at KeyPoint Government Solutions and the other at USIS.
So what is necessary to address the problem? Legislation and regulation that specifically defines standards for data security for both the government and private sector. This has to include severe criminal and financial penalties if data breaches occur. Individuals should be held personally accountable, specifically those at the highest level of the organization. The penalties for failure affecting national security should at the level of treason; life sentences and even the death penalty.
What will actually happen?Nothing. All you need to do is look at Wall Street to see what will happen. The same companies, and even the same people (Jamie Dimon) who were personally responsible for the 2008 crash are doing better then ever, and continue with out and out criminal behavior. So far no one has been charged, much less put on trial. If you assume that your will not be allowed to withhold your personal information from the "business-government complex", it will be leaked, and you will be left completely vulnerable then you understand what is going on.
-
The problem is systemicDrawing a distinction between cybersecurity in the Federal government and cybersecurity in other large organizations is meaningless. The only thing that does is make it easier for any large organization to avoid accountability for their failures.
The US business community has been completely successful in avoiding any regulations on cybersecurity. The US Chamber of Commerce has defeated all attempts to define laws or national standards for computer business security. Instead we have some Presidential decrees that have minimal real world impact.
Since there are no standards, it is impossible to assign any responsibility when data breaches occur. The response consists of cover ups, minimizing the impact of the event, denial of responsibility (the word "unprecedented" is common), rhetoric on helping the victims and not letting it happen in the future. After the public outcry dies down nothing is ever heard about it again. It might as well not have happened. No one is ever fired. No follow ups are made available to anyone outside the organization.
Additionally, those effected by the data leaks are given no support and have no recourse. Being offered free credit monitoring for a year, or even two, is like offering someone with potential HIV exposure a band-aid. The level off effort involved is grossly inadequate. The potential repercussions can happen years later. If the corporation responsible doesn't know how much effect the breach had, how can they decide to come up policies that balance cost and benefits? The reason they do no follow up is because it provides them with iron clad cover from having to pick up the real cost of their failure. It also makes it a certainty it will happen again.
What I just described is exactly happened with the Sony leak. But it could just as easily be the leak that occurred at UCLA in the last couple of weeks, or any leak that made the national headlines in the last 20 years. In fact UCLA was hacked in 2012, so nothing has really changed.
The non-government situation is identical to government cases. The failure modes and responses are identical. This is unsurprising because the organizational issues, technical requirements and talent involved are the same. It is nonsensical to expect that one side of an arbitrary line will have one kind of behavior and the other side will be different. It's just not going to happen.
The other elephant is the room is that a huge percent of the work is not done by the government, but is done by private contractors. That is what happened with the OPM breach. This was reported when the story first came to light, but is now erased from the narrative. That is a part of the cover up. In fact there were two contractor breaches, one at KeyPoint Government Solutions and the other at USIS.
So what is necessary to address the problem? Legislation and regulation that specifically defines standards for data security for both the government and private sector. This has to include severe criminal and financial penalties if data breaches occur. Individuals should be held personally accountable, specifically those at the highest level of the organization. The penalties for failure affecting national security should at the level of treason; life sentences and even the death penalty.
What will actually happen?Nothing. All you need to do is look at Wall Street to see what will happen. The same companies, and even the same people (Jamie Dimon) who were personally responsible for the 2008 crash are doing better then ever, and continue with out and out criminal behavior. So far no one has been charged, much less put on trial. If you assume that your will not be allowed to withhold your personal information from the "business-government complex", it will be leaked, and you will be left completely vulnerable then you understand what is going on.
-
Nepotism??!!In related news, USPTO Commissioner Deborah Cohn has announced plans to resign just months after a watchdog agency revealed that she had pressured staffers to hire the live-in boyfriend of an immediate family member over other, better-qualified applicants. When he finished 75th out of 76 applicants in the final round of screening, Cohn "intervened and created an additional position specifically for the applicant," wrote Inspector General Todd Zinser in a statement on the matter.
I happen to be Ms. Cohn's boyfriend from this article (posting AC for obvious reasons). I worked very hard to earn my newly created post. No nepotism of any kind came into play at all. I completely deserve this job, especially considering all the bedroom hours put in. I deserve my 'new attorney advisor' position ( http://www.federaltimes.com/ar... ). I hope I don't get fired over this...
-
Re:Imagine how much we're saving already with mail
Are you kidding me? Sears and Roebuck, America's biggest retailer up to the late 1980s, built it's business on mail order back in the late 1890s. Mail order catalogs were huge up to the 1990s, internet merely replaced it, didn't invent it.
That said, the USPS still cut it's distribution centers in half a while back:
http://www.federaltimes.com/ar... -
The predictable result
The predictable result will be schedule slips, increased costs, and more waste. Of course the system is conflicted.
DoD to award contracts throughout shutdown, but won't announce them
Defense Giant Warns Shutdown Could Force 5,000 Layoffs
Jupiter aircraft company furloughs 2,000 employees because of gov't shutdown
Shutdown prompts furloughs for 1,800 in Ohio National Guard -
Re:Article translation
"sensitive U.S. army database" is a database where users are emailed their username and password in cleartext
The term you're looking for is "Sensitive But Unclassified."
It is one of the issues mentioned in this classic: The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
-
Re:Think you may want to look at his logs
They're removing the "good" machines (that are censored and aren't saveable) to be used in larger cities to replace the "bad" rapiscan machines.
Quite the opposite. They're removing them because the people who promised they would (eventually) be censored have given up and said it's too difficult to do.
-
Re:Same tired argument from government bureaucrats
If they are so essential, why is there ALREADY a planned one year satellite gap?
You're operating under the flawed assumption that congress has the public's best interest in mind. There was no PLANNED one year satellite gap, you fucking fool.
Congressional budget cutting will delay the launch of a key weather satellite and hinder tracking of killer hurricanes, tornadoes and other severe weather, officials warn.
The satellite, which had been scheduled to launch in 2016, will be postponed 18 months because of spending cuts and delays. The threat during that gap is that National Weather Service forecasts will become fuzzier, with the paths of hurricanes and tornadoes even less predictable.
With more budget cuts looming, further delays are possible — something President Obama alluded to last week. ...
"There will be a data gap. That data gap will have very serious consequences to our ability to do severe storm warnings, long-term weather forecasts, search and rescue and good weather forecasts," Jane Lubchenco, NOAA administrator, told members of a Senate Appropriations subcommittee in April. ...
Forecasters issued warnings five days ahead of tornadoes that struck Tuscaloosa, Ala., and five other states in April. A barrage of 312 tornadoes swept across the Southeast, killing 321 people. On storm day, forecasters gave warnings averaging 27 minutes before actual touchdowns.
Likewise, when a tornado struck Joplin, Mo., killing 151 on May 22, forecasters gave warnings averaging 24 minutes before strikes.
"The satellites are an important part of that early warning process," said Christopher Vaccaro, a spokesman for the service. ...
Lubchenco said without information from the polar satellite, forecasts for a massive storm nicknamed "snowmageddon," which hit Washington in February 2010, would have had the location wrong by 200 to 300 miles and would have underestimated the snowfall by 10 inches. Hurricane tracking would also suffer, she said.
"Our severe storm warnings will be seriously degraded," Lubchenco testified April 1 before the House Appropriations subcommittee governing the agency.
Lawmakers and scientists lauded the value of the program, which provides forecasts for military troop deployments, ocean search-and-rescue missions and farmers tending crops.
"It's important for public safety," said Christine McEntee, executive director of the American Geophysical Union. Cutting the funding "would be penny-wise and pound-foolish."
Lubchenco credited the satellites with helping save 295 people in 2010 by helping track rescue beacons aboard ships.
"That's saving lives, that's saving money," said Rep. Chaka Fattah of Pennsylvania, the top Democrat on the House panel that oversees NOAA funding.
But reduced federal spending threatens all domestic programs. Congress cut spending $38.5 billion in the fiscal year that ends Sept. 30. House Republicans propose to cut another $30 billion next year.So, there was never a planned gap. The damn funding got cut, and now it's getting cut some more. What's the point of having scientists advise on these issues if they get ignored? Fuck them, and fuck you. Can't prioritize anything or even look at the data and reason for yourselves. Go sleep in a tar-pit, you dickheads are hindering the herd.
-
Re:this is a fantasy land
As of it wll ever be the case that trie liberty does not require constant maintenance?
What requires more maintenance? A minimal government or a huge, complex welfare state? Every power given to government requires it's own bit of "maintenance".
So the problem is the deluded fucked up retarded fools who believe their own fucking govt is the problem, and not the parasites corrupting it.
How come I never hear of this complaint from people who don't want a lot of free shit from government? There will always be parasites. There need not be a huge, powerful, unaccountable government eager to be corrupted.
There's over four million people directly employed by the federal government plus a huge but apparently unknown number of contractors (but at least a million of them hold security clearances). Some decent sized percentage of the federal government goes to black projects for which it is probably a felony to distribute cost and budget figures. And the US channels 3.6 trillion dollars a year (plus off budget spending on the military and quantitative easing).
The US code of laws is apparently over 200,000 pages now. That's somewhere around 11 years to read, if you go through 50 pages of law every day.
It's easy to call people lazy and whatnot. It's a hell of a lot harder to keep track of what actually goes on in the US government, much less reduce corruption in that government.
As I see it, size of government correlates with power, unaccountability and difficulty of oversight, complexity of regulation and law, cost, and divergence of interests.
Frankly, I think you'd have to be crazy not to have government reduction near the top of any list of priorities for US society. -
Re:Rank hypocrisy
Right. Except folks like Neely have the hotel gift them a 2000 sq. ft. suite for booking all the peon attendees at that hotel. Zero cost, so no problem. Cha-ching. Shit went on for years, will continue, and 99% won't ever be caught.
The difference is you're one of the peons that has to follow the rules.
Here is another 140+ DC city employees fraudulently collecting unemployment while employed. This shit with the GSA isn't surprising; the place is full of corruption.
You're either a cynic, a sucker or both.
-
Re:Parties? Plural?
they fought for the rights of gays and women
This is also a theatrical wedge issue. The only slight difference is that public opinion fell heavily on the "change the military policy" side, so one tiny corner of gay policy got changed. Until gays have they same rights as non-gay citizens, they are still not showing true support. How many of them are fully invested in truly equal rights for gays? How's Obama's position on gay marriage? They don't even get the half-a-loaf that is civil partnerships. Has there been a single substantive change in non-military policy regarding gay rights?
Yes:
- Presidential Memorandum extending benefits to same-sex partners of federal employees. Source
- Presidential Memorandum protecting gay and lesbian partners’ visitation/healthcare decision-making rights. Source
- Matthew Shepard and James Byrd Jr. Hate Crimes Prevention Act to include gender, sexual orientation and disability. SourceThere's your substantive change.
-
Re:More costs involved.
Exactly. I was going to post essentially what you did.
An article linked from the POGO site quoted a trade rep: "The fact is that POGO's report draws false conclusions by comparing fully burdened contractor rates — which include all costs charged to the government, such as salaries, benefits, overhead, supplies, equipment, materials, rent and more — to an estimate of just salaries and benefits paid to a similar government workforce,"
I am a federal contractor and I guarantee no one billing the government on our contract makes the kind of money alleged by POGO. We work in our own facility, we buy our own equipment, provide our own IT support, plus the overhead people (HR, senior management, for example) are paid from what the company bills for my time.
As you stated, a fair comparison would be to factor in what the government pays for its facilities, equipment, executives, employee welfare, insurance. Also, it's impossible to get rid of a government employee. If we don't perform, though, they can terminate the contract. -
Public misdirection
While the treatment of WikiLeaks and Julian Assange is important, it's USUALLY misdirection, to divert public attention.
How effective is the (replacment) EO 13526 http://edocket.access.gpo.gov/2010/pdf/E9-31418.pdf or http://www.whitehouse.gov/the-press-office/executive-order-classified-national-security-information
Was it followed by State and DoD? Have NIST/FISMA security guidelines been properly implemented (even yet)?
Are there actual timing considerations, when-leaked, vs when EO 13526 went into force? (Signed: December 29, 2009)
WHY would there be no "alarms" when a PFC accesses an enormous number of documents?
Someplace between a half-million and 3 million people with full access to these documents BEFORE they got to WikiLeaks?
What about "the State Department's Risk Scoring tool"?
STREUFERT: "...the continuous monitoring has something that is an assessment capacity of the organization to deal with outside risk that is never longer than a month and scanning data in fact could be as fresh as 24 hours old." (but are they looking at the RIGHT THINGS)?
Refs: http://gcn.com/articles/2010/03/03/rsa-futue-of-fisma.aspx
http://www.govinfosecurity.com/podcasts.php?podcastID=276 [John Streufert, State Department Deputy CIO and CISO]
http://www.darkreading.com/database-security/167901020/security/news/224200410/ninth-state-department-insider-found-guilty-of-illegal-database-access.html [Ninth State Department Insider Found Guilty Of Illegal Database Access - Mar 25, 2010]For investigation:
http://www.state.gov/m/pri/rls/plans/146301.htm
> For example, weekly reports to senior management are now routed through Microsoft
> SharePoint websites instead of by paper or individual emails. -- August 30, 2010In case you think this is "picking on Microsoft"
...
http://www.federaltimes.com/article/20101205/IT03/12050306/
> Besides limiting access to Net Centric Diplomacy, the State Department has recently
> suspended SIPRNet access to two classified sites, ClassNet and SharePoint, according
> to the White House. In an apparent reference to those actions, State Department
> spokesman P.J. Crowley said last week that access to diplomatic cables has been narrowed
> across the government "for the time being." -
Re:Business decisions
If the government insurance is as good as the private insurance but cheaper, what's the problem?
Your point is valid, and applies to everything and anything — not just health insurance: "If the government X is as good as the private X but cheaper, what's the problem?"
The obvious problem is, it can not. It can only be "cheaper" if the taxpayer subsidizes it — our Medicare and Medicade spending (which only covers the old and the poor), for example, exceed the entire Department of Defense expenditures already.
Indeed! Dizzy with success of our:
- government schools — where we pay at the top of the world per pupil, but produce highschoolers unabled to compete with those of the Third World;
- government highways, which cost a fortune, but still cause an American — average, including those who don't drive at all — to spend 38 hours per year waiting in traffic (double that in busy places like LA)
- government postal service — which needs billions of bailouts every few years — despite having a monopoly on First Class Mail service
who wouldn't be anxious to switch to government-provided health insurance? What could possibly go wrong? Next up — government provided food (can't be healthy without good nutrition, can you?), shelter (same), clothes — you name it... I grew up in a country, where the government claimed to provide everything — and it sucked. I move to the US, and what do I find? A bunch of idiots wishing to make the mistake, someone has already made for them!
And it is not like you haven't been warned by your own:
I predict future happiness for Americans if they can prevent the government from wasting the labors of the people under the pretense of taking care of them. Thomas Jefferson
-
Re:Corporations vs. government
Public schools, USPS, and highways are enough...
You were giving positive examples here, right?
You really think so? Our public schools are constantly derided by all — left and right — for producing rather mediocre results. A particular example:
In international comparisons, American 12th-graders rank in the 14th percentile in math and the 29th percentile in science. The U.S. outperformed only Cyprus and South Africa in general math and science knowledge. Worse, Asian countries didn't participate in the last 12th-grade assessment tests.
Next. USPS sucks and can't pay for itself — needs billions of "bailouts" every once in a while — including right now. Had it not been for the government support, and the government-mandated monopoly (private companies aren't allowed to compete with the "First Class" mail) they would've gone bankrupt long ago.
And highways? Are you really proud of them? Despite insane amounts of money put into them (thanks to the inflated union contracts), an average American spends a week waiting in traffic. For Los Angeles (and, other big cities) the time is two weeks...
Is this — the mediocre results, the constant cost overruns, and pathetic wait times, what you think are "positive examples"? Something you want to see in health care?
-
Re:Linked article isn't accurate
On top of all this, these background checks are labour intensive because they require federal agents to interview people who know you and collect personal information about you.
Indeed, we are already seeing the results of over-investigation.
87 percent of the 3,500 initial top-secret security clearance cases Defense approved last year were missing at least one interview or important record.
Security clearances: Faked investigations mount as deadlines tighten -
Re:I'm not surprised
-
Uh oh
If the exercise Hurricane Pam is to Hurricane Katrina as Cyberstorm is to an actual cyber attack, then we're in deep doodoo. No smiley.
-
Re:USA! USA! USA!
Kind of depends on who you think are the domestic enemies of democracy, doesn't it?
If we believe that we can defeat terrorism by reducing privacy, maybe the first place we should open up is the nation's largest employer, and no, it isn't Walmart. Perhaps if we had greater openness on the part of this group, it would lead to a stronger democracy and less terrorism. Isn't democracy defined as public understanding and participation in government?
I think the Patriot Act would be fine if it worked both ways. I should be able to find out what my representatives are doing the same way they can with me. What deals are they making with the energy lobby? What deals are they outsourcing on no-bid contracts? Surely if giving up privacy makes us safer you have no problems with that. -
Re:So how did Akami fend off what ever it was?