Slashdot Mirror
NSA Tasked With 'Policing' Government Networks
Novus Ordo Seclorum writes "The NSA has a new assignment. No longer merely responsible for signals intelligence, the NSA now has the task of defending against cyber attacks on government and private networks. 'The plan calls for the NSA to work with the Department of Homeland Security and other federal agencies to monitor such networks to prevent unauthorized intrusion, according to those with knowledge of what is known internally as the 'Cyber Initiative.' Details of the project are highly classified. Director of National Intelligence Mike McConnell, a former NSA chief, is coordinating the initiative. It will be run by the Department of Homeland Security, which has primary responsibility for protecting domestic infrastructure, including the Internet, current and former officials said. At the outset, up to 2,000 people -- from the Department of Homeland Security, the NSA and other agencies -- could be assigned to the initiative, said a senior intelligence official who spoke on condition of anonymity.'"
This story is bound to make the next issue of the 360is quaterly bulletin "Executive Intelligence". AG
I would hope important government networks would not be on their own network and thus not susceptible to "cyber" attacks.
Libertarian Leaning Political Discussion Forum.
"Can we get a license plate?" "zooming, zooming, enhancing... got it."
http://www.rense.com/general79/wdx1.htm
If some guy walks into the meeting and turns off your Surface-to-Air missiles in the middle of a joint chief of staff meeting using just his laptop and an internet connection, like in "Live Free or Die Hard", you make sure you listen to him, and don't just blow him off.
After all, you know the saying, "Those who do not learn from the history presented in movies, are bound to repeat it."
"Thank you for using Stop-n-Drop, America's favorite suicide booth since 2008"
not to mention the litteny of local and state police departments.
If you mod me down, I will become more powerful than you can imagine....
Does this mean that DHS and the NSA will 'police' my private network?...Cool!!
But I have to ask, does it run on Linux...natively?
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
Well, all I can say is: good luck. That's one hell of a job to give to a single agency and still allow for the flexibility that the individual departments and agencies require. Should we be expecting a massive, wasteful consultancy project, then?
I suppose it'll be efficient to scan packets I send to
make sure I'm not doing something evil and packets I
receive to make sure nothing evil is being done to me.
Trouble is, when two functions are bureaucratically intertwined,
we'll never be able to rein in either, separately: we criticize
one, and the other will be presented as justification.
And we seem to be having trouble reining in entities with just
single functions, already!
...according to those with knowledge of what is known internally as the "Cyber Initiative." Details of the project are highly classified.
Well, if it's highly classified, then we can ount on the fact that it's money well spent
(/sarcasm)
The theory of relativity doesn't work right in Arkansas.
It seems like its primary mission is to protect against attacks on government networks, not spy on individuals. But, considering the bad record the US government has held as of late, I don't quite trust them.
Sigh. I wish for better days.
US businesses that currently accept chip and PIN/signature
The FBI is the only police department, at least at this point. The FBI is the federal government's police. Most policing is done at the city or county level, some at the state level. However for crimes that span states, crimes on federal land/property, crimes against the federal government and so on there is the federal police, the FBI. The NSA and CIA are not police agencies, they are spy agencies. The CIA is human intelligence, the NSA is signals intelligence. What that means is the CIA is all about getting information from people, be it by attempting to place spys or turning other agents or whatever. The NSA is all about getting information electronically, by wiretapping, listening in on radio waves, and so on.
The reason to have these separate is in part because it is very different kind of jobs, but also to try and prevent abuses. In theory (though we've seen that it isn't obeyed) the CIA and NSA don't do domestic operations. They are for spying on foreign powers, not US citizens. By maintaining an organizational divide it helps keep abuses down.
The DHS is a good idea at the high levels in an amazingly fucked up and retarded implementation. The idea is that the NSA and CIA often know things that the FBI doesn't, and vice versa. This is not to mention other intelligence agencies and so on. So often, everyone has a piece of the picture, but nobody can see the whole thing. This was the case with the time leading up to 9/11. Various groups knew pieces, but nothing solid. So the idea is DHS helps get the information collected and formed in to a solid picture. They get facts from all groups, NSA, CIA, FBI, customs, state and local cops and so on, and to then be able to coordinate action.
In reality they are a big waste of time and money that does nothing useful.
But really we want intelligence and police to be separate and we also want the police broken down in terms of power. Having one big federal police force would be problematic. At least with local policing voters can, in theory, hold their police more accountable. They have a say in how local issues are handled. Also, laws differ from state to state. What is true in one state is not true in all of them. Law enforcement needs to be segmented to take that in to account.
As a comparison look to Europe. There you are talking about an area of similar size and population (similar as in the same basic level, not as in equality). While there are European wide things like Interpol, each nation has it's own police, and often subdivisions below that. Also those police forces are usually separate from intelligence forces.
The US really isn't different in that regard, it is just a very large nation. A great many nations are smaller than a number of US states.
The NSA has their own Linux distro, specially hardened for security.
:-)
Let's hope they start deploying it more widely...
No sig today...
... Details of the project are highly classified. But not secret enough to issue a press release about it?Take Nobody's Word For It.
I've been pondering which of these is worse for some time:
- The UK's overt population surveillance through CCTV monitoring,
- or the US's covert population surveillance through electronic eavsdropping.
So take your pick, pixels or all other forms of bits!
(Wait, I think I just answered my own question)
Why do the words "Stazi", "SS", "Gestapo", and "Praetorian Guard" jump to mind?
It seems that this has happened before in history -- where you give one (or more) "secret police" power over everyone with no true checks and balances. From my understanding (which admittedly may be very flawed), the Department of Homeland Security answers exclusively to the executive branch, and now it also seems to control a (fairly large) group of intelligence officers. Do the words "consolidation of power" mean anything? No?
Well then how about: "this is the dawn of a new Galactic Empire!"?
Isn't this going to give the NSA a prefect excuse for any intrusions into a private or protected network where they get caught. "We were safeguarding your system, honest."
But at the safe time they are the governments "secret snoopers" so they are not going to tell that they were in your network if they can help it.
A conflict of interests for the NSA then.
The NSA has always been policing networks. The difference is that now they are required to work with others and teach them. DHS has been the true joke. It was loaded with a bunch of W.'s friends who paid MS by standardizing on it. Since then, DHS has suffered numerous incursions into their network as well as their core systems. NSA does not suffer the same issues and now W's friends hope to learn from them, so that afterwards, they have jobs.
- Spy on other networks and listen in on their communications (that means decryption).
- Prevent others from spying on us (that means not only security, but encryption).
We all know that they developed the core part of SEL, which really help make Linux "trusted" (in addition, to other changes). In addition, everybody knows that the NSA listens to systems outside of America as well as will comprimise them (yeah, NSA does install whatever is needed to bring down systems during a conflict).NSA has actually been listening to American systems for decades. The difference with now, is that they kept the general information to themselves. It use to be that NSA kept nearly all the info to themselves. Now, they are required to turn over ALL information to the DOJ. That is an issue. After this bozo is out, hopefully, a number of people will be jailed and then sanity will return.
If you're considered a valuable corporation, they'll defend you, no worries. Against you, if necessary.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
DHS is going to "monitor" your local government network. Bin Laden is a bogeyman, the goal is Total Information Awareness. They already have taps on domestic phone and internet, now they will get their taps into local networks. This is just another turn of the collection and enlargement of federal power. No real information security will be gained as they add yet another channel to leak information.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Ha ha. I got a good chuckle over this. Government employees tend to be government employees because nobody will hire them in the private sector. The best and brightest certainly don't work for any branch of the US gov't. Hell, this is the same government that couldn't even help hundreds of thousands of people in our own country after Katrina. Good luck NSA. You're gonna need it!
I don't respond to AC's.
2008 PRNewsWire - Today Symantec and the NSA announce a merger. The NSA will become a wholly owned subsidiary of Symantec Corp. In exchange, Symantec will issue 100,000 shares of common stock to each member of Congress.
Coming soon to a network near you - NortonNSA!
When information is power, privacy is freedom.
I know NSA is the bad guy of the week, but this doesn't really sound like a "new responsibility" to me. NSA has, almost from the beginning, been composed of the Signals Intelligence and the Information Assurance Directorate, which does exactly what this article is talking about, and has for quite some time now.
this will be what it claims ot be on the surface.
It will actually turn out be yet another way of snooping in on citizens without needing to get judicial permission first. I'm sure the RIAA will get involved too so the whole thing will be mostly twisted into blocking or reporting on copyrighted media sharing etc.
And, as ever, all conducted under the guise of anti-terrorism.
I personally like this turn of events, as the US govn'ts tech security score card has rarely risen above "D". I just wish they would transfer their effort from monitoring some average joe's cellphone/email/blackberry/web surfing to this.
as per typical slashdot style, I didn't RTFA. After reading it though, this sounds fairly invasive. The "infrastructure" monitoring covers most everything now that the vast majority of America's systems are controled through computers. As long as they're just putting up more firewalls and stopping hacker attacks, fine. I fear however with this administration that information gathered may find its way into some metadatabase where ID'ing people is standard.
This actually makes some sense. NSA has two main divisions - Signals Intelligence, which collects information, and Information Assurance, which tries to protect US information. Traditionally, these were the codebreaking and codemaking sides of the agency.
It's a boost for NSA Secure Linux. The real intent of NSA Secure Linux, by the way, was not to plug holes in Linux. It was to get something that enforced mandatory security out into the community, so that that applications would be converted to run under stricter rules. For example, a browser should be running as several components, some of which are secure but dumb and some of which are insecure but untrusted. Few application developers picked up on this. That part didn't get enough community attention.
NSA takes a quite different view of computer security than the "security industry". They're less concerned about annoying high volume attacks, and more concerned about quiet, focused attacks aimed at specific targets. They're also very interested in who's behind the attack, and will devote collection resources to finding out more about the attackers.
This last may give some attackers something to worry about.
NSA lackey: Mr President, we've just received word that we're to monitor the government's communications networks.
NSA President: Get me the president... of AT&T! We'll need them on this one...
*ring* *ring*
NSA President: Hello, Randall?
AT&T President: Ugh, who do you want us to spy on this time, Keith?
"If you do things right, people won't be sure you've done anything at all"
Sorry, kids, but this has been part of the NSA's duties since is was chartered on Nov 4 1952. Don't believe everything you read in the funny papers.
"The DHS is a good idea"
No, it's a bad idea made worse by bureaucratic bungling. Every time I've flown, I've yet to see a competent screener at an airport. At best, they are a non-entity. At worst, they are belligerent people who are the type typically weeded out by police forces in the first psychological screening. Perhaps they understand their job is not to provide security, but rather to convince the flying public that things are safe.
The DHS fights with shadows and ignore actual threats to security. They are simply yet another way to hire more contractors and an excuse to send more money off to Halliburton. The fund wacky ideas and ignore basic police force. They insist they need to monitor all our lives and then lie when the facts don't support such outrageous needs.
It's one of those agencies whose job is so cynical that at first you can't believe that you're understanding their role correctly. But once you do, and you see the people they're hiring, you'd get that DHS should be abandoned and that the heads of these agencies should be funded by career bureaucrats instead of people who helped the president in his last campaign.
I'm going to assume based on this claim that you work for DHS. I have to wonder if you realize you'll have to get a real job after Bush leaves?
Can we say "traffic whoring", children? I knew we could.
No it hasn't.
From TFA:
In a major shift, the National Security Agency is drawing up plans for a new domestic assignment: helping protect government and private communications networks... [emphasis added]
This is such a "major shift" that (once again, from TFA):
The NSA's new domestic role would require a revision of the agency's charter, the senior intelligence official said.
The most secretive agency in the United States government is getting involved in law enforcement and the nature of their involvement is highly classified. Nope, nothing to worry about there.
Those networks are easily capable of DDOSing important government servers and whole networks. Furthermore, when they're not busy flooding Estonia off the net, they're used to spam the world pushing illegal copies of 0ff1ce and Acr0bat (probably to fund terrorist training camps in Nigeria), phishing scams (probably also to fund terrorists) or exposing children to porno ads. Why not have the NSA track down the ringleaders and then have the CIA make them quietly disappear?
That would do at the very least as much to make us safer as confiscating bottled water and nailclippers at the airport does and for once would REDUCE invasions of privacy and annouances.
Or is that just a little too much like doing something useful for DHS's taste?