Slashdot Mirror
Trustworthy Software For The NSA?
Janus Daniels writes "There's a new story from the New York Times, as reprinted at CNET News, about security concerns for Government agencies buying software from overseas. According to the article, a whistle-blower who helped sell software to the National Security Agency says that much of the development work is subcontracted to China, raising serious national security risks. He also discovered in the sales-support database... the names of more than 30 [identity-classified] employees of the United States National Security Agency...'"
This guy sounds a bit paranoid to me. As far as I'm concerned it's the US Governments job to look into things like this, not his. Does he honestly think the *NSA* would buy software with huge security holes? One might wonder if the names he saw were fake in the first place; I personally doubt the *NSA* would just give them out. Or maybe I just give them more credit than they deserve...
A lot of questions and insults. Not surprising, as you appear to have done no research. Well, we do know what the NSA does. The NSA is charged with breaking other people's coded message. In other words, it is basically the MOST defensive, MOST safe secret service we have. The worst it does is invade privacy. And it is very unlikely to invade YOUR privacy, as most people do not use the kind of High end cryptology that they coutner. The CIA is far more dangerous and active. Not to mention the various military agencies that do the black ops for the CIA.
P.S. What fool moded this as interesting. It is clearly off topic.
excitingthingstodo.blogspot.com
I should have also said that a number of contracts that one might expect would be internal government projects have more and more been bid out to private contractors. For instance, you might be surprised to find that a number of very sensitive database projects, military police actions and military interventions in the Balkans and Central America are being handled by companies such as Dyncorp.
Visit Jonesblog and say hello.
Jeebus Christ, don't those idiots remember what we did in the Inslaw affair? (Not so much what was done to Inslaw, but the backdoors the CIA put into software which was then sold to unfriendly countries.)
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
why dont you visit their website and attempt to find out for yourself what they do? Here are the two big terms to look for: SIGINT and INFOSEC. When you can tell someone what those are in your own words, you'll know what the NSA does.
The legislative branch is supposed to oversee these agencies and keep them in check. As in so many other respects, your senators and congressmen are supposed to be your proxy, knowing things that the general public ought not to know. And appropriately, it's the legislative branch that controls the budget, which means that they have the power to cut off funding for those programs which are deemed harmful.
Who watches these watchmen? You do. You may not be able to tell whether your elected officials are doing exactly the right thing with respect to sensitive agencies, but you should at least know whether or not you trust them. Either way, be sure you vote.
This kind of reminds me of the Quake backdoor.(barb barb, do some googling to find it out, I can not type it all right now. Ah well, it basically allows any one at iD software to control a server remotely, the flaw in the backdoor is that you can edit your packets to make them look like they come from iD.)
I would personally never use software written by someone else(closed source, that is, open source software is great in the way that it will let me see all it can do) for anything remomtely secure/sensitive. I just do not trust people enough. Especially not people from other countries, why should I? It is a normal behaviour to not trust other people. And I would rather buy software from my own country, it is nationalism!
Also, I find spying very overrated, exactly what can you find out abot a country? If you are really lucky you might steal some blueprints for a new lawnmover, but that is just if you are extremely lucky. Otherwise I would guess that all you can get is dirt-throwing material. Possibly of the grade that some high ranking officials will have to resign or go to jail, but what is the bug deal? It suits them right to get punished for their crimes.
It's called congressional oversight. You need to go back to civics class. Please see 50 USC 413
" Do you know who/what the NSA are? "
Yes, I do. In a moment, you, and anyone else reading this will too.
"The NSA is charged with breaking other people's coded message."
Well, no, not really. That's just oh so simplistic. You make it sound as though someone slaps a coded message on the NSA's desk and they sit there with a room full of really nerdy guys trying to figure out what it means. That's simply ridiculous.
Now let's talk about what the NSA really does. The NSA operates, with the help of a select few other nations, a worldwide communications survillance and recovery network designed to capture, decode, sort, and record any and all internet, satellite, radio, telephone, cellular, fax, or any other communications which travel from one location to another via technology while prioritising data in need of further review. With installations in the US, Canada, the UK, New Zealand, Australia, and numerous other places, the NSA monitors and oversees this massive woldwide network. All messages are automatically compiled and sorted by the system for analysis, at which point any and all irrelevant data is purged. Coded or encrypted information is recorded and decoded on a priority-based system. Keywords are no longer used, as they were 20 years ago or so. Context-sensitive AI systems work through messages to understand a wide range of contextual and syntatic items, setting aside possible intelligence leads, threat information, uninterpretable data, and other information of interest (information which could be useful for or against certain coporations, for instance) for more detailed analysis; or in the case of items deemed high priority, immediate human analysis.
The NSA's missions also include, as you state, cryptography-breaking, but also cryptography-making. They are responsible for creating and maintaining the encryption systems of intelligence and military institutions at the higher levels. In addition to this, they are also responsible for ensuring that new systems developed by anyone, friend or foe, are quickly cyphered so no information remains hidden from us. Much of the mathematics done at the NSA is for the study of cryptography, both practical and theoretical.
The NSA also designs and manufactures survillence devices for audio, visual, and GPS-based tracking. GPS-based systems are developed at a number of NSA sites, and new technologies are first tested and implemented in NSA-controlled satellites in geo-sync orbit for use in tracking and survillance. Part of the NSA's mission has been expanded to include corporate espionage for large US-based mega-corps. NSA surveillance devices have also been used to gain an edge in diplomatic situations, such as in the UN. While the CIA is mostly human to human interactions and manpower-based intelligence, the NSA is nearly entirely technology-based.
"In other words, it is basically the MOST defensive, MOST safe secret service we have."
The NSA is the most likely candidate for the first agency to be used to try to turn the US into a totalitarian state. Its massive surveillance capabilities make a 1984-style society seem so attainable. In the information age, information is power. In the information age, the NSA is the information source. In a world where everything is electronic, the NSA has eyes and ears everywhere, and has developed the technology (with the help of a massive, secretive budget) to ensure that whoever is in control gets the information they need when they need it.
"The worst it does is invade privacy."
Invasion of privacy is 90% of what makes 1984 possible. If you have privacy, you don't have 1984; a dark corner is all it takes.
"And it is very unlikely to invade YOUR privacy, as most people do not use the kind of High end cryptology that they coutner. "
Completely wrong. The NSA does not only monitor highly-encrypted data; that's absurd. The NSA monitors all telecommunications. If it's on the i
-- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
They surely have a little more capacity than, say Google with "73.5 million unique users per month".
Whatever they do with so much electricity.
And they have their own HQs in all those countries in which they observe. In Frankfurt, Germany, it's one whole street, straight under the telecommunications tower.