Slashdot Mirror

An independent report authored by a US government auditing agency has recommended that Congress develop internet data privacy legislation to enhance consumer protections, similar to the EU's General Data Protection Regulation (GDPR). From a report: The 56-page report [PDF] was put together by the US Government Accountability Office (GAO), a bi-partisan government agency that provides auditing, evaluation, and investigative services for Congress. Its reports are used for hearings and drafting legislation. The House Energy and Commerce Committee, which requested the GAO report two years ago, has scheduled a hearing for February 26, during which it plans to discuss GAO's findings and the possibility in drafting the US' first federal-level internet privacy law. If the committee's members would be to follow GAO's conclusions, a GDPR-like legislation should be coming to the US.

The Hanford Vit Plant in Washington state, a $17 billion federal facility for treating and immobilizing radioactive waste, is now on track to begin "glassifying" low-activity nuclear waste as soon as 2022, reports IEEE Spectrum. This is "a year ahead of a court-mandated deadline." From the report: Still, an air of uncertainty surrounds the project. The U.S. Department of Energy (DOE) has proposed reclassifying some of the nation's radioactive waste as less dangerous, and it's unclear how that could affect the Hanford facility's long-term prospects. Hanford houses about 212 million liters of high-level waste, the leftovers of the U.S. nuclear weapons program.

However, higher-level waste has a longer timeline. Separate pretreatment and vitrification facilities aren't slated for commissioning until 2033. All parts of the Vit Plant are legally required to begin fully operating by 2036, under a consent decree between Washington, Oregon, and the federal government. The DOE hasn't said whether, or how, its proposal to reclassify nuclear waste would affect existing plans at Hanford if adopted. The agency is not making any decisions on the classification or disposal of any particular waste stream at this time, a DOE official said by email. [...] Though current law defines high-level radioactive waste as the sludge that results from processing highly radioactive nuclear fuel, the DOE is considering slapping a new, potentially less expensive label on it if it can meet the radioactive concentration limits for Class C low-level radioactive waste. Reclassifying nuclear waste would allow the federal government to sidestep decades of cleanup work, saving it billions of dollars. The relabeling might even enable the DOE to bypass costly vitrification and instead contain tank waste by covering it with concrete-like grout, as the agency does at other decommissioned nuclear sites. Officials and citizens in Washington and Oregon oppose this method for Hanford, "citing the risk of long-term soil and groundwater contamination and the challenges of moving and storing voluminous grout blocks," reports IEEE Spectrum. "Earlier federal studies found that grout 'actually performed the worst of all the supplemental treatment options considered.' (A 2017 report to Congress, however, suggested both vitrification and grout could effectively treat Hanford's low-activity waste.)"

An anonymous reader quotes a report from ZDNet: New computerized weapons systems currently under development by the U.S. Department of Defense (DOD) can be easily hacked, according to a new report published today. The report was put together by the U.S. Government Accountability Office (GAO), an agency that provides auditing, evaluation, and investigative services for Congress. The report detailed some of the most eye-catching hacks GAO testers performed during their analysis: "In one case, it took a two-person test team just one hour to gain initial access to a weapon system and one day to gain full control of the system they were testing. Some programs fared better than others. For example, one assessment found that the weapon system satisfactorily prevented unauthorized access by remote users, but not insiders and near-siders. Once they gained initial access, test teams were often able to move throughout a system, escalating their privileges until they had taken full or partial control of a system. In one case, the test team took control of the operators' terminals. They could see, in real-time, what the operators were seeing on their screens and could manipulate the system. They were able to disrupt the system and observe how the operators responded. Another test team reported that they caused a pop-up message to appear on users' terminals instructing them to insert two quarters to continue operating. Multiple test teams reported that they were able to copy, change, or delete system data including one team that downloaded 100 gigabytes, approximately 142 compact discs, of data."

The report claims the DOD documented many of these "mission-critical cyber vulnerabilities," but Pentagon officials who met with GAO testers claimed their systems were secure, and "discounted some test results as unrealistic." GAO said all tests were performed on computerized weapons systems that are still under development. GAO officials highlighted that hackers can't yet take control over current weapons systems and turn them against the U.S. But if these new weapons systems go live, the threat is more than real, GAO said.

An anonymous reader quotes a report from Ars Technica: Broadband access in tribal areas is likely even worse than previously thought because Federal Communications Commission data overstates deployment, according to a new report by the U.S. Government Accountability Office (GAO). FCC data collection was already known to be suspect throughout the U.S., not just in tribal areas, which in turn makes it difficult for the FCC to target deployment funding to the areas that need it most. Tribal lands have less broadband access than most other parts of the U.S. and thus may be disproportionately affected by the FCC's data collection problems.

"Residents of tribal lands have lower levels of broadband Internet access relative to the U.S. as a whole, but the digital divide may be greater than currently thought," the GAO wrote. "FCC data overstated tribes' broadband availability and access to broadband service. These overstatements limit FCC and tribal users' ability to target broadband funding to tribal lands." Despite the well-known broadband access problems in tribal areas, FCC Chairman Ajit Pai has been trying to limit the Lifeline subsidies that help tribal residents purchase Internet access. A federal appeals court recently blocked Pai's attempt to take a broadband subsidy away from tribal areas.

An anonymous reader quotes a report from Ars Technica: Broadband access in tribal areas is likely even worse than previously thought because Federal Communications Commission data overstates deployment, according to a new report by the U.S. Government Accountability Office (GAO). FCC data collection was already known to be suspect throughout the U.S., not just in tribal areas, which in turn makes it difficult for the FCC to target deployment funding to the areas that need it most. Tribal lands have less broadband access than most other parts of the U.S. and thus may be disproportionately affected by the FCC's data collection problems.

"Residents of tribal lands have lower levels of broadband Internet access relative to the U.S. as a whole, but the digital divide may be greater than currently thought," the GAO wrote. "FCC data overstated tribes' broadband availability and access to broadband service. These overstatements limit FCC and tribal users' ability to target broadband funding to tribal lands." Despite the well-known broadband access problems in tribal areas, FCC Chairman Ajit Pai has been trying to limit the Lifeline subsidies that help tribal residents purchase Internet access. A federal appeals court recently blocked Pai's attempt to take a broadband subsidy away from tribal areas.

U.S. states can now require online retailers to collect local sales taxes, according to a recent Supreme Court ruling that could affect thousands of third-party sellers on top tech sites. An anonymous reader quotes The Verge: In fact, Amazon, which last year started collecting sales tax in all 45 states that require it by law, may have a substantial amount of work to do to help its Amazon Marketplace sellers stay compliant. Yet we don't know if that burden will fall primarily on Amazon or if it will be the responsibility of the sellers. More than 50 percent of all sales on the site are conducted via third-party sellers, some of which use Amazon for fulfillment but otherwise operate independent small- to medium-sized businesses... Etsy, eBay, and others are in similar boats. According to the US Government Accountability Office, as much as $13 billion in annual sales tax revenue is at stake....

Etsy is concerned about what it sees as "significant complexities in the thousands of state and local sales tax laws" and that by overruling the Quill decision, the Supreme Court has put the ball in Congress' court. "We believe there is now a call to action for Congress to create a simple, fair federal solution for micro-businesses," Silverman added.
The Verge writes that "the case may be litigated for years to come to figure out how to account for the over 10,000 state jurisdictions that govern sales tax across the country. That is, unless congressional legislation supersedes the state court decisions... Even groups that were in favor of the ruling, like the nonpartisan research institute the Information Technology and Innovation Foundation, are imploring Congress to act."

eBay has already mass-emailed many of their users urging them to sign an online petition "to protect entrepreneurs, artisans and small businesses from potentially devastating Internet sales tax legislation." The petition presses state governors, U.S. lawmakers, and president Trump to "support the millions of small businesses and consumers across the country."

Keep reading to see what eBay is urging legislators to do...

• Keep the Internet as free from government taxation and regulation as possible.

• Protect entrepreneurs, small businesses and artisans from new taxes, audits or collection burdens because they can least afford the added costs.

• Continue to prohibit states and localities from applying and enforcing sales and use tax laws on small, remote local businesses who have no political or voting connection to the taxing state.

• Reject tax policies that raise prices on consumers who shop online with small businesses for artisan, craft, religious, vintage or other niche products because they should not be paying more taxes.

Do you agree with the Supreme Court -- or with the tech companies who want a new federal solution?

Leave your thoughts in the comments...

An anonymous reader quotes a report from Ars Technica: In 2014, the U.S. Government Accountability Office issued a report on cost estimates for the U.S. Air Force's program to launch national security payloads, which at the time consisted of a fleet of rockets maintained and flown entirely by United Launch Alliance (ULA). The report was critical of the non-transparent nature of ULA's launch prices and noted that the government "lacked sufficient knowledge to negotiate fair and reasonable launch prices" with the monopoly. At around the same time, the new space rocket company SpaceX began to aggressively pursue the opportunity to launch national security payloads for the government. SpaceX claimed to offer a substantially lower price for delivering satellites into various orbits around Earth. But because of the lack of transparency, comparing prices was difficult. The Air Force recently released budget estimates for fiscal year 2018, and these include a run out into the early 2020s. For these years, the budget combines the fixed price rocket and ELC contract costs into a single budget line. (See page 109 of this document). They are strikingly high. According to the Air Force estimate, the "unit cost" of a single rocket launch in fiscal year 2020 is $422 million, and $424 million for a year later. SpaceX sells basic commercial launches of its Falcon 9 rocket for about $65 million. But, for military launches, there are additional range costs and service contracts that add tens of millions of dollars to the total price. It therefore seems possible that SpaceX is taking a loss or launching at little or no profit to undercut its rival and gain market share in the high-volume military launch market. Elon Musk retweeted the article, adding "$300M cost diff between SpaceX and Boeing/Lockheed exceeds avg value of satellite, so flying with SpaceX means satellite is basically free."

An anonymous reader quotes a report from Christian Science Monitor: NASA has taken bold steps toward crewed Mars exploration in recent years. But according to a new audit, the agency may be moving too hastily. The Government Accountability Office (GAO) expressed concerns this past week about the feasibility of NASA's Orion crew capsule and Space Launch System (SLS). In two government-requested audits, the GAO questioned NASA's ability to meet program deadlines, citing insufficient funding and internal management issues. According to the GAO, however, the agency's schedule just isn't realistic. By pushing for earlier launch dates, NASA is increasing the inherent risk of a deep space mission. NASA's budgeting practices are also scrutinized in GAO's audit. In September, the agency asked for $11.3 billion to prepare Orion for launch. "Ideally, if these programs go forward, NASA would be taking actions to reduce the risks we see now, which are being caused by management issues," says Cristina Chaplain, who led the GOA audit, in an interview with the Monitor. "They're going to face the technical issues no matter what. But they're exacerbating them with management concerns, like not having accurate cost estimates." The report adds: "NASA's 'Journey to Mars' initiative has been a source of both excitement and controversy. The Asteroid Redirect Mission, in which the agency will send four astronauts to redirect an asteroid into the moon's orbit, is slated to launch sometime in the next decade. The mission is designed to test new propulsion technology for future crewed Mars missions. In the 2030s, NASA hopes to send an Orion crew to the red planet. NASA plans to complete the first SLS launch in 2018. In the test mission, called Exploration Mission 1, the rocket will carry an empty Orion into orbit around the moon. In subsequent missions, SLS/Orion will launch with a full crew. NASA has scheduled Exploration Mission 2 for April 2023, but administrators hope to launch as early as 2021."

An anonymous reader quotes a report from Christian Science Monitor: NASA has taken bold steps toward crewed Mars exploration in recent years. But according to a new audit, the agency may be moving too hastily. The Government Accountability Office (GAO) expressed concerns this past week about the feasibility of NASA's Orion crew capsule and Space Launch System (SLS). In two government-requested audits, the GAO questioned NASA's ability to meet program deadlines, citing insufficient funding and internal management issues. According to the GAO, however, the agency's schedule just isn't realistic. By pushing for earlier launch dates, NASA is increasing the inherent risk of a deep space mission. NASA's budgeting practices are also scrutinized in GAO's audit. In September, the agency asked for $11.3 billion to prepare Orion for launch. "Ideally, if these programs go forward, NASA would be taking actions to reduce the risks we see now, which are being caused by management issues," says Cristina Chaplain, who led the GOA audit, in an interview with the Monitor. "They're going to face the technical issues no matter what. But they're exacerbating them with management concerns, like not having accurate cost estimates." The report adds: "NASA's 'Journey to Mars' initiative has been a source of both excitement and controversy. The Asteroid Redirect Mission, in which the agency will send four astronauts to redirect an asteroid into the moon's orbit, is slated to launch sometime in the next decade. The mission is designed to test new propulsion technology for future crewed Mars missions. In the 2030s, NASA hopes to send an Orion crew to the red planet. NASA plans to complete the first SLS launch in 2018. In the test mission, called Exploration Mission 1, the rocket will carry an empty Orion into orbit around the moon. In subsequent missions, SLS/Orion will launch with a full crew. NASA has scheduled Exploration Mission 2 for April 2023, but administrators hope to launch as early as 2021."

schwit1 quotes the MIT Technology Review: The FBI has access to nearly 412 million photos in its facial recognition system—perhaps including the one on your driver's license. But according to a new government watchdog report, the bureau doesn't know how error-prone the system is, or whether it enhances or hinders investigations.

Since 2011, the bureau has quietly been using this system to compare new images, such as those taken from surveillance cameras, against a large set of photos to look for a match. That set of existing images is not limited to the FBI's own database, which includes some 30 million photos. The bureau also has access to face recognition systems used by law enforcement agencies in 16 different states, and it can tap into databases from the Department of State and the Department of Defense. And it is in negotiations with 18 other states to be able to search their databases, too...

Adding to the privacy concerns is another finding in the GAO report: that the FBI has not properly determined how often its system makes errors and has not "taken steps to determine whether face recognition systems used by external partners, such as states and federal agencies, are sufficiently accurate" to support investigations.

An anonymous reader writes from a report via EFF: The federal Government Accountability Office published a report on the FBI's face recognition capabilities that says the FBI has access to hundreds of millions of photos. According to the GAO report, the FBI's Facial Analysis, Comparison, and Evaluation (FACE) Services unit not only has access to the FBI's Next Generation Identification (NGI) face recognition database of nearly 30 million civil and criminal mug shot photos, but it also has access to the State Department's Visa and Passport databases, the Defense Department's biometric database, and the drivers license databases of at least 16 states. This totals 411.9 million images, most of which are Americans and foreigners who have committed no crimes. In May, it was reported that the FBI is keeping information contained in the NGI database private and unavailable. It argues in a proposal that the database should be exempt from the Privacy Act.

An anonymous reader writes from a report via EFF: The federal Government Accountability Office published a report on the FBI's face recognition capabilities that says the FBI has access to hundreds of millions of photos. According to the GAO report, the FBI's Facial Analysis, Comparison, and Evaluation (FACE) Services unit not only has access to the FBI's Next Generation Identification (NGI) face recognition database of nearly 30 million civil and criminal mug shot photos, but it also has access to the State Department's Visa and Passport databases, the Defense Department's biometric database, and the drivers license databases of at least 16 states. This totals 411.9 million images, most of which are Americans and foreigners who have committed no crimes. In May, it was reported that the FBI is keeping information contained in the NGI database private and unavailable. It argues in a proposal that the database should be exempt from the Privacy Act.

An anonymous reader writes from a report via CNBC: A new report reveals the U.S. Defense Department is still using 8-inch floppy disks in a computer system that coordinates the operational functions of the nation's nuclear forces. The Defense Department's 1970s-era IBM Series/1 Computer and long-outdated floppy disks handle functions related to intercontinental ballistic missiles, nuclear bombers and tanker support aircraft, according to the new Governmental Accountability Office report. The report shows how outdated IT systems are being used to handle important functions related to the nation's taxpayers, federal prisoners and military veterans, as well as to the America's nuclear umbrella. "Federal legacy IT systems are becoming increasingly obsolete: Many use outdated software languages and hardware parts that are unsupported," the report found. "Agencies reported using several systems that have components that are, in some cases, at least 50 years old." From the report: "GAO pointed out that aging systems include the Treasury Department's 'individual master file,' which is the authoritative data source for individual taxpayers. It's used to assess taxes and generates refunds. That file 'is written in assembly language code -- a low-level computer code that is difficult to write and maintain -- and operates on an IBM mainframe,' the report said." The report also mentioned that several other departments, such as the departments of Treasury, Commerce, Health and Human Services and the Veterans' Administration, "reported using 1980s and 1990s Microsoft operating systems that stopped being supported by the vendor more than a decade ago."

Zachary Cohen, reporting for CNN News: Almost 2,500 of the world's most advanced warplanes, with a total price tag of $400 billion, and they may not have a "brain" in the bunch? That's the fear of federal watchdogs who say problems with the F-35 Joint Strike Fighter's complex logistics software system could lead to a grounding of the entire fleet, not to mention future cost increases and schedule delays. Documenting risks to the F-35's Autonomic Logistics Information System, which Department of Defense officials have described as the "brains" of the fifth-generation fighter, an April 14 Government Accountability Office report says a failure "could take the entire fleet offline," (PDF) in part, due to the lack of a backup system. The report also outlines concerns related to the lack of testing done to ensure the software will work properly by the time the Air Force plans to declare its version of the aircraft ready for deployment this August and the Navy reaches that milestone in 2018. The Marine Corps declared the first squadron of its F-35 variant ready for combat in July 2015, with the intention of upgrading and resolving the software issues before its first planned deployment in 2017.

itwbennett writes: The U.S. government is spending way more than it has to on IT outsourcing. That's the finding of a report released in September by the Government Accountability Office that studied IT services outsourcing at three military branches within the Department of Defense, along with the Department of Homeland Security and the National Aeronautics and Space Administration. According to the report, while efforts to better manage their IT outsourcing had improved, most of these agencies' IT spending "continues to be obligated through hundreds of potentially duplicative contracts that diminish the government's buying power."

Tulsa_Time writes with this excerpt of an account from the (unapologetically partisan) Americans for Tax Reform about a report released by the Government Accountability Office in which "application and enrollment controls on the federal exchange and two state exchanges (California and Kentucky)" were investigated by supplying false information; in each case, the investigators were able to obtain and activate health insurance through the exchanges. A slice: Ten fictitious applicants were created to test whether verification steps including validating an applicant's Social Security number, verifying citizenship, and verifying household income were completed properly. In order to test these controls, GAO's test applications provided fraudulent documentation: "For each of the 10 undercover applications where we obtained qualified health-plan coverage, the respective marketplace directed that our applicants submit supplementary documentation we provided counterfeit follow-up documentation, such as fictitious Social Security cards with impossible Social Security numbers, for all 10 undercover applications."

Patrick O'Neill writes: Cars and streets are now connecting to the Internet for a long list of transportation and safety benefits but the new tech has drawbacks. Experts from government, industry, and academia say they have no confidence they'll develop a secure system that can protect users from tracking and privacy breaches. Their opinions were captured in a recent survey (PDF) from the Government Accountability Office. "The government is coordinating with the transportation industry on the Security Credential Management System (SCMS), a project to verify that basic road-safety messages come from authorized devices. ... At this point, it’s not clear who would even run such a system. Previous plans pointed toward car industry control, but the Transportation Department is now looking into playing 'a more active leadership role' for V2I as well as V2V (vehicle-to-vehicle) networks. That role would include setting security and privacy standards when V2I and V2V networks become operational."

An anonymous reader writes: Fast information exchange is the key to a powerful military, and satellites have been an incredible boon to the commanders of modern fighting forces. But a new report from the Government Accountability Office says the U.S. military is vastly overpaying for its satellite communications, to the tune of tens of millions of dollars. They say the Department of Defense "has become increasingly reliant on commercial SATCOM to support ongoing U.S. military operations." You see, every part of the DoD is required to go through the Defense Information Systems Agency when procuring SATCOM equipment. The problem is that this process is incredibly slow, and fraught with red tape. Because of this, many in the military skip DISA and go straight to commercial providers — at a steep markup. The GAO estimates that this cost taxpayers around $45 million extra in a single year.

chicksdaddy writes: A report from the Government Accountability Office (GAO) warns that the U.S. Federal Aviation Administration may be failing to address cyber security vulnerabilities that could allow remote attacks on avionics systems needed to keep the plane airborne. In a report issued Tuesday (PDF), the GAO said, "significant security-control weaknesses remain that threaten the agency's ability to ensure the safe and uninterrupted operation of the national airspace system." Among those: a lack of clear certification for aircraft airworthy readiness that encompasses cyber security protections. That lapse could allow planes to fly with remotely exploitable vulnerabilities that could affect aircraft controls and guidance systems.

The GAO report did not provide details of any specific vulnerability affecting any specific aircraft. Rather, GAO cited FAA personnel and experts, saying that the possibility exists that "unauthorized individuals might access and compromise aircraft avionics systems," in part by moving between Internet-connected in-flight entertainment systems and critical avionics systems in the aircraft cabin.

Security researchers have long warned that hackers could jump from in-flight entertainment systems in the passenger cabin to cockpit avionics systems if airlines did not take proper precautions, such as so-called "air gapping" the networks. At last year's Black Hat Briefings, researcher Ruben Santamarta of IOActive demonstrated a method of hacking the satellite communications equipment on passenger jets through their WiFi and inflight entertainment systems.

An anonymous reader writes: A recently released report (PDF) by the U.S. Government Accountability Office has revealed that despite some improvements, the Federal Aviation Administration (FAA) still needs to quash significant security control weaknesses that threaten the agency's ability to ensure the safe and uninterrupted operation of the national airspace system (NAS). The report found that while the "FAA established policies and procedures for controlling access to NAS systems and for configuring its systems securely, and it implemented firewalls and other boundary protection controls to protect the operational NAS environment [...] a significant number of weaknesses remain in the technical controls—including access controls, change controls, and patch management—that protect the confidentiality, integrity, and availability of its air traffic control systems."

Beeftopia sends this excerpt from an article at BusinessWeek: "There’s no evidence of any way, shape, or form that there’s a shortage in the conventional sense," says Hal Salzman, a professor of planning and public policy at Rutgers University. "They may not be able to find them at the price they want. But I’m not sure that qualifies as a shortage, any more than my not being able to find a half-priced TV." ... The real issue, say Salzman and others, is the industry’s desire for lower-wage, more-exploitable guest workers, not a lack of available American staff. "It seems pretty clear that the industry just wants lower-cost labor," Dean Baker, the co-director of the Center for Economic and Policy Research, wrote in an e-mail. A 2011 review (PDF) by the U.S. Government Accountability Office found that the H-1B visa program, which is what industry groups are lobbying to expand, had "fragmented and restricted" oversight that weakened its ostensible labor standards. "Many in the tech industry are using it for cheaper, indentured labor," says Rochester Institute of Technology public policy associate professor Ron Hira, an EPI research associate and co-author of the book Outsourcing America.

coondoggie writes: Based on preliminary analysis, the Internal Revenue Service (IRS) estimates it paid $5.2 billion in fraudulent identity theft refunds in filing season 2013 while preventing an additional $24.2 billion (based on what it could detect). As a result, the IRS needs to implement changes (PDF) in a system that apparently can't begin verifying refund information until July, months after the tax deadline. Such changes could impact legitimate taxpayers by delaying refunds, extending tax season and likely adding costs to the IRS.

stoborrobots writes: The Government Accountability Office has investigated the cost blowouts associated with how the Centers for Medicare & Medicaid Services (CMS) handled the Healthcare.gov project. It has released a 60-page report entitled Healthcare.gov: Ineffective Planning and Oversight Practices Underscore the Need for Improved Contract Management, with a 5 page summary. The key takeaway messages are:

• CMS undertook the development of Healthcare.gov and its related systems without effective planning or oversight practices...
• [The task] was a complex effort with compressed time frames. To be expedient, CMS issued task orders ... when key technical requirements were unknown...
• CMS identified major performance issues ... but took only limited steps to hold the contractor accountable.
• CMS awarded a new contract to another firm [and the new contract's cost has doubled] due to changes such as new requirements and other enhancements...

stoborrobots writes: The Government Accountability Office has investigated the cost blowouts associated with how the Centers for Medicare & Medicaid Services (CMS) handled the Healthcare.gov project. It has released a 60-page report entitled Healthcare.gov: Ineffective Planning and Oversight Practices Underscore the Need for Improved Contract Management, with a 5 page summary. The key takeaway messages are:

• CMS undertook the development of Healthcare.gov and its related systems without effective planning or oversight practices...
• [The task] was a complex effort with compressed time frames. To be expedient, CMS issued task orders ... when key technical requirements were unknown...
• CMS identified major performance issues ... but took only limited steps to hold the contractor accountable.
• CMS awarded a new contract to another firm [and the new contract's cost has doubled] due to changes such as new requirements and other enhancements...

schwit1 writes: A GAO report finds that the Space Launch System is over budget and NASA will need an additional $400 million to complete its first orbital launch in 2017. From the article: "NASA isn't meeting its own requirements for matching cost and schedule resources with the congressional requirement to launch the first SLS in December 2017. NASA usually uses a calculation it calls the 'joint cost and schedule confidence level' to decide the odds a program will come in on time and on budget. 'NASA policy usually requires a 70 percent confidence level for a program to proceed with final design and fabrication,' the GAO report says, and the SLS is not at that level. The report adds that government programs that can't match requirements to resources 'are at increased risk of cost and schedule growth.'

In other words, the GAO says SLS is at risk of costing more than the current estimate of $12 billion to reach the first launch or taking longer to get there. Similar cost and schedule problems – although of a larger magnitude – led President Obama to cancel SLS's predecessor rocket system called Constellation shortly after taking office." The current $12 billion estimate is for the program's cost to achieve one unmanned launch. That's four times what it is costing NASA to get SpaceX, Boeing, and Sierra Nevada to build their three spaceships, all scheduled for their first manned launches before 2017.

An anonymous reader writes "A study published in March found that that the reason why the U.S. government has sub-par IT programs is because leading commercial IT companies established in the U.S. aren't involved in government contracting. Either the government holds closed bidding, essentially stifling competition to its own disadvantage, or prospective companies are put off by the cost-prohibitive regulations associated with government acquisition given the low returns (less than 10% as compared to 20% or more in the commercial world). The dysfunction that results has been documented by the Government Accountability Office: of 15 Department of Defense IT projects studied, 11 had cost increases (one of which was by 2,333%), 13 had schedule slippages (one of which was by six years), and only three met system performance goals. If the U.S. wants to lead other governments in technical capabilities by tapping into the technology being developed within its own borders, then some say that instead of exemptions and workarounds such as was applied with Healthcare.gov, a complete rebuild of the whole acquisition program would need to be implemented."

An anonymous reader writes "Members of the Senate have proposed a bill that would prohibit the National Technical Information Service (NTIS) from selling to other U.S. federal agencies technical papers that are already freely available. NTIS is under the Department of Commerce. The bill is probably a result of a 2012 report by the Government Accountability Office (GAO) which points out that 'Of the reports added to NTIS's repository during fiscal years 1990 through 2011, GAO estimates that approximately 74 percent were readily available from other public sources.' Ars Technica notes that the term 'public sources' refers to 'either the issuing organization's website, the federal Internet portal, or another online resource.'"

cold fjord writes "The Detroit News reports, 'A government report finds that major automakers are keeping information about where drivers have been — collected from onboard navigation systems — for varying lengths of time. Owners of those cars can't demand that the information be destroyed. And, says the U.S. senator requesting the investigation, that raises questions about driver privacy. The Government Accountability Office in a report released Monday found major automakers have differing policies about how much data they collect and how long they keep it. Automakers collect location data in order to provide drivers with real-time traffic information, to help find the nearest gas station or restaurant, and to provide emergency roadside assistance and stolen vehicle tracking. But, the report found, "If companies retained data, they did not allow consumers to request that their data be deleted, which is a recommended practice."'"

rullywowr writes "CNN reports that a recent government study found TSA misconduct has risen sharply in three years. Most have heard of the problems such as stealing, but the report also notes that some employees are sleeping on the job, taking bribes, and letting friends/family through the checkpoints without screening."

chicksdaddy writes "Beware you barons of BitCoin – you World of Warcraft one-percenters: the long arm of the Internal Revenue Service may soon be reaching into your treasure hoard to extract Uncle Sam's fair share of your virtual wealth. A new Government Accountability Office (GAO) report on virtual economies finds that many types of transactions in virtual economies – including Bitcoin mining and virtual transactions that result in real-world profit – are likely taxable under current U.S. law, but that the IRS does a poor job of tracking such business activity and informing buyers and sellers of their duty to pay taxes on virtual earnings. The report, 'Virtual Economies and Currencies: Additional IRS Guidance Could Reduce Tax Compliance Risks' found that the growing use of virtual currencies like BitCoin and virtual game currencies warrants the U.S.'s tax collection agency to mitigate the risks. Those include efforts to educate taxpayers and the publication of basic tax reporting requirements for transactions using virtual currencies, The Security Ledger reports."

itwbennett writes "The goal of saving $3 billion by closing 1253 data centers is 'very realistic,' says David Powner, director of IT management issues at the U.S. Government Accountability Office — except that agencies haven't been able to track cost savings for the initiative. Eighteen months from the 2015 deadline, 'we have no idea how much we've saved the taxpayers,' said Steve O'Keeffe, founder of MeriTalk, an online community for government IT issues. This isn't the first snag in the project. Almost a year ago, Slashdot reported that the project was woefully behind schedule." The government released a summary of what data they do have (PDF), and at least the DoD expects to save $575 million next fiscal year. Also see the full GAO report.

TrueSatan writes "In an utterly craven move, the Canadian government has launched a bill to bring Canada into full compliance with the discredited, U.S.-led ACTA agreement — an agreement to which most of the world does not agree. To further pressure the acceptance of this awful bill, the U.S., on the same day, released their Trade Policy and Agenda Annual Report (PDF), which calls on Canada to comply with ACTA obligations. For ACTA to take effect, it would require six signatures from the major economic blocks. Tt appears to have no remaining possibility of getting them, yet the U.S., and now Canada, continue to push it forward. The Canadian bill features claims based on spurious health and safety concerns that have been thoroughly debunked by a U.S. report. Despite these claims being so dubious, they remain a cornerstone of the Canadian bill. Similarly, the claimed losses due to counterfeiting ($30 billion USD) stated in the bill have also been debunked. The Canadian bill seeks to give border guards an unprecedented level of control, without the possibility of judicial oversight. Despite a lack of evidence to suggest that Canada is a major source of counterfeit product, the bill puts at risk the fully-legal parallel import of generic items — pharmaceuticals, for instance. The bill would also change copyright infringement from a civil dispute to a breach of criminal law. Pity Canada if this bill is enacted!"

coondoggie writes "Communications and effective system control are still big challenges unmanned aircraft developers are facing if they want unfettered access to U.S. airspace. Those were just a couple of the conclusions described in a recent Government Accountability Office report on the status of unmanned aircraft (PDF) and the national airspace. The bottom line for now seems to be that while research and development efforts are under way to mitigate obstacles to safe and routine integration of unmanned aircraft into the national airspace, these efforts cannot be completed and validated without safety, reliability, and performance standards, which have not yet been developed because of data limitations." The FAA and others seem mostly concerned about the drones hitting things if their GPS and ground communications are both disrupted.

mask.of.sanity writes "The Department of Homeland Security has taken charge of pushing medical device manufacturers to fix vulnerable medical software and devices after researchers popped yet another piece of hospital hardware. It comes after the agency pushed Philips to move to fix critical vulnerabilities found in its popular medical management platform that is used in a host of services including assisting surgeries and generating patient reports. To date, no agency has taken point on forcing the medical manufacturers to improve the information security profile of their products, with the FDA even dubbing such a risk unrealistic (PDF)."

ATKeiper writes "The Yucca Mountain nuclear waste repository, which was selected by the U.S. government in the 1980s to be the nation's permanent facility for storing nuclear waste, is essentially dead. A new article in The New Atlantis explains how the project was killed: 'In the end, the Obama administration succeeded, by a combination of legal authority and bureaucratic will, in blocking Congress's plan for the Yucca Mountain repository — certainly for the foreseeable future, and perhaps permanently.... The saga of Yucca Mountain's creation and apparent demise, and of the seeming inability of the courts to prevent the Obama administration from unilaterally nullifying the decades-old statutory framework for Yucca, illustrates how energy infrastructure is uniquely subject to the control of the executive branch, and so to the influence of presidential politics.' A report from the Government Accountability Office notes that the termination 'essentially restarts a time-consuming and costly process [that] has already cost nearly $15 billion through 2009.'"

coondoggie writes "It seems well past time that the U.S. ditch its $1 bill — considering such a move could save the country somewhere in the neighborhood of $4 billion. But there is much resistance, or perhaps a lack of real consideration of the issue from most people. Watchdogs at the Government Accountability Office this week testified before a Congressional hearing on the topic, and said dollar coins could save $4.4 billion over 30 years (PDF), or an average of about $146 million per year."

An anonymous reader writes "A U.S. government report released on Tuesday says the Federal Communications Commission needs to update its guidelines for limiting cell phone radio-frequency exposure. The limit was set in 1996 to an exposure rate of 1.6 watts per kilogram, and has not been updated since. The report does not advocate in favor of any particular research, and actually points out that the limit could possibly be raised, but says the FCC's rules have not kept pace with recent studies on the subject one way or the other. An executive for The Wireless Association said, 'The FCC has been vigilant in its oversight in this area and has set safety standards to make sure that radio frequency fields from wireless phones remain at what it has determined are safe levels. The FCC's safety standards include a 50-fold safety factor and, as the FCC has noted, are the most conservative in the world.'"

McGruber writes "The Federal Times has the stunning (but not surprising) news that a new audit found six Defense Department modernization projects to be a combined $8 billion — or 110 percent — over budget. The projects are also suffering from years-long schedule delays. In 1998, work began on the Army's Logistics Modernization Program (LMP). In April 2010, the General Accounting Office issued a report titled 'Actions Needed to Improve Implementation of the Army Logistics Modernization Program' about the status of LMP. LMP is now scheduled to be fully deployed in September 2016, 12 years later than originally scheduled, and 18 years after development first began! (Development of the oft-maligned Duke Nukem Forever only took 15 years.)"

Nerval's Lobster writes with news that U.S. federal agencies are falling behind in their efforts to consolidate government data centers. Current plans call for a savings of $2.4 billion and the closing of over a thousand data centers, but 17 of 24 agencies still haven't provided details on their IT infrastructure and usage. A new report from the Government Accountability Office highlights the problems with this consolidation effort. "Data centers represent a significant cost to the federal government. Electricity to operate federal servers and data centers costs around $450 million a year, according to an EPA estimate cited in the report. Moreover, federal agencies reported limited reuse of data centers, along with server utilization rates dipping as low as 5 percent. The GAO report features agencies claiming several challenges on the way to data-center consolidation. These included accepting cultural change as part of the consolidation; funding the consolidation and identifying the resulting cost savings; operational challenges including procurement and resource constraints; and difficulties in planning a migration strategy."

Nidi62 writes "The Government Accountability Office, through a fictitious company, recently requisitioned parts from China in order to determine if the Chinese government was living up to its promises of battling counterfeit parts. The report from the GAO found that '334 of 396 vendors who offered to sell parts to the fictitious company were from China' and that 'all 16 parts eventually purchased by the fake company came from 13 China-based vendors and all were determined by an independent testing laboratory to be counterfeit.' The parts requested were supposedly for use in F-15s, MV-22 Ospreys, and nuclear submarines, and were requested as new parts. The report (PDF) also says that in the past three years, over one million counterfeit parts came from Chinese companies. This stands in sharp contrast to the Chinese government's promise to clamp down on the production of counterfeit parts in China."

Lucas123 writes "President Obama this week issued a directive to all federal agencies to upgrade records management processes from paper-based systems that have been around since President Truman's administration to electronic records systems with Web 2.0 capabilities. Agencies have four months to come up with plans to improve their records keeping. Part of the directive is to have the National Archives and Records Administration store all long-term records and oversee electronic records management efforts in other agencies. Unfortunately, NARA doesn't have a stellar record itself (PDF) in rolling out electronic records projects. Earlier this year, due to cost overruns and project mismanagement, NARA announced it was ending a 10-year effort to create an electronic records archive."

wiredmikey writes with an analysis of a GAO report on the dismal failure of the IRS to implement secure IT practices. From the article: "The Government Accountability Office has blasted the Internal Revenue Service for failing to implement stronger security measures after a succession of dismal reports on the subject. In a report issued to the Secretary of the Treasury last week, the GAO said that the IRS had met just 15 percent of the 105 previously reported recommendations where information security is concerned. Taking a blunt approach, the GAO said that the IRS 'lacks reasonable assurance as to the accuracy of financial information or the adequate protection of sensitive taxpayer information.' ... It also said it would issue a limited distribution report to the IRS that addresses details omitted from this most recent report due to the sensitivity of the information."

ideonexus writes "Last month an article appeared on Slashdot about how the government pays IT contractors twice what it pays its own workers. Missing from the article was how much the IT contractor pays its own workers. After working for a federal contractor for 10 years, a document accidentally leaked to employees by the contractor illustrated the incredible disparity between what the contractor was paying us and what they were charging the government. Like most contracts according to the GAO, the government provided our offices, utilities, computers, and training, leaving our salaries as the only overhead to the IT contractor, giving them an incredible incentive to keep them as low as possible to maximize profits. When the top 100 defense contractors cost taxpayers $306 billion, eliminating the federal contractor middle-man seems like an obvious place to start the austerity measures."

coondoggie writes "You may or may not be old enough to remember the TV commercial for margarine that had the tag line: 'It's not nice to fool Mother Nature.' But that commercial came to mind as I was reading a report out recently that looked at the viability of large climate engineering projects that would basically alter large parts of the atmosphere to reduce greenhouse gases or basically reverse some of the effects of climate change. The congressional watchdogs at the Government Accountability Office took a look at the current state of climate engineering science and technology (PDF), which generally aims at either carbon dioxide removal or solar radiation management."

itwbennett writes "According to a scathing report from the GAO (PDF) released July 25, the Department of Defense only started to take cyberwar seriously during the past two or three years, after ignoring warnings for about 2 decades. And when we say, 'take it seriously' we mean 'throw gobs of money at it' — to little effect. 'According to DoD, a large number of intelligence agencies and foreign militaries are actively trying to penetrate our military networks. These networks are scanned millions of times a day and probed thousands of times a day. Over the past several years, DoD has experienced damaging penetration to these networks...[including] blueprints of weapons systems that have already been compromised,' the report said. Even for an organization with the budget and security awareness of DoD, the prospect of having to keep pace with the steady increase in threats from smaller countries and stateless terror organizations is 'daunting,' GAO concluded."

Hugh Pickens writes "Dan Elliott reports that a piece of cloth inadvertently left in the fuel line during the manufacturing process may be the reason for the botched delivery to orbit of a military communications satellite that hasn't reached its planned orbit since it was launched in August. The Air Force Space Command and the contractor, Lockheed Martin, have devised a work-around plan using the remaining propulsion systems — reaction engine assemblies and electric Hall Current Thrusters drawing off of onboard fuel—to slowly raise the perigee of the Advanced Extremely High Frequency satellite until it reaches its intended orbit 22,300 miles over the Earth in October, but the GAO says that the $12.9 billion satellite system incurred at least $250 million in extra costs and a two-year delay because of quality problems due to poor workmanship, undocumented and untested manufacturing processes, poor control of those processes and materials and failure to prevent contamination, poor part design, design complexity, and an inattention to manufacturing risks. John Pike of Globalsecurity.org, which monitors defense issues, says the two-year delay is a bigger problem than the extra expense. 'You've got a lot of other things depending on the launch,' says Pike, including ground-based weapons."

coondoggie writes "The number of tax-related identity theft incidents is exploding, and nowhere is that more obvious than at the Internal Revenue Service, which has seen reports rise from 51,702 in 2008 to 248,357 in 2010. While it has programs in place to fight the identity theft issue, it is also hamstrung in many other areas, according to a report out this week (PDF) from the Government Accountability Office. For example, the GAO says the IRS's ability to address identity theft issues is constrained by privacy laws that limit IRS' ability to share identity theft information with other agencies."

coondoggie writes "The development of the commercial space industry has in the past been slow and deliberate, but that seems like it's about to change with a whirlwind of developments that could shape or break its immediate future. Today the Subcommittee on Space and Aeronautics is holding a hearing to go over the Federal Aviation Administration's 2012 budget request, which includes close to $27 million — nearly a 75% increase over 2010 — in the budget for the group tasked with overseeing commercial space development. They're also evaluating the need for a longer regulatory ban. Also this week the Government Accountability Office issued a review of the issues the commercial space industry and the FAA face (PDF) going forward "

snydeq found a story questioning "the quality of education on offer at institutions such as University of Phoenix, DeVry, ITT Tech, and Kaplan in the wake of increasing scrutiny for alleged deceptive practices [PDF] that leave students in high debt for jobs that pay little. 'For-profit schools carry a stigma in some eyes because of their reputation for hard sales pitches, aggressive marketing tactics, and saddling students with big loans for dubious degrees or certificates,' Robert Scheier writes. 'Should IT pros looking to increase their skills, or people seeking to enter the IT profession, consider such for-profit schools? And should employers trust their graduates' skills?'"

coondoggie writes "Protecting and classifying sensitive information such as social security numbers shouldn't be that hard, but (perhaps not surprisingly) the US government has elevated complicating that task to an art form. It seems that designating, safeguarding, and disseminating such important information involves over 100 unique markings and at least 130 different labeling or handling routines, reflecting a disjointed, inconsistent, and unpredictable system for protecting, sharing, and disclosing sensitive information." This was the conclusion of a recent report (PDF) by the Government Accountability Office, which also "found areas where sensitive information is not fully safeguarded and thus may remain at risk of unauthorized disclosure or misuse."