Slashdot Mirror

← Back to Stories (view on slashdot.org)

It's Time To Split Up NSA Between Spooks and Geeks

Posted by timothy on from the sideline-coaches dept.

Hugh Pickens writes "Noah Shachtman writes in Wired that most of us know the National Security Agency as the supersecret spook shop that allegedly slurped up our email and phone calls after the September 11 attacks, but not so many know that the NSA is actually home to two different agencies under one roof: the signals-intelligence directorate, who can tap into any electronic communication, and the information-assurance directorate, the cybersecurity nerds who make sure our government's computers and telecommunications systems are hacker- and eavesdropper-free. 'The problem is, their goals are often in opposition,' writes Shachtman. 'One team wants to exploit software holes; the other wants to repair them.' Users want to know that Google is safeguarding their data and privacy. The trouble is that when Google calls the NSA, everyone watching sees it as a package deal. Google wants geeks, but it runs the risk of getting spies, too."

15 of 122 comments (clear)

  1. Nonsensical ... by krou · · Score: 4, Insightful

    Okay, so TFA is arguing that creating a new agency 'that didn’t include the spooks would' avoid conflict and bring about 'acceptance across the government and the private sector'.

    But right in the beginning, it says '[Google] wants geeks, but it runs the risk of getting spies' when it contacts the NSA.

    If there is no guarantee that Google doesn't end up getting spooks from the NSA, who can say this new agency won't have spooks in there from the NSA?

    Am I missing something here, or is there some magical reason why this new agency won't have spooks embedded there, and it should be trusted any more than the NSA?

    --
    'If Christ had tweeted the sermon on the mount, it might have lasted until nightfall.' - John Perry Barlow
    1. Re:Nonsensical ... by jumpinp · · Score: 5, Insightful

      Oh, so you want a government/agency you can trust. Sorry, all out of that.

  2. Hell No by DesScorp · · Score: 5, Insightful

    We do not need yet another federal agency. Splitting them in two will only result in two bigger agencies with an ever ravenous appetite for more tax funds.

    One of the worst things Bush did post 9/11 was creating the spate of new federal agencies. Can anyone say that their flying experience is actually better after TSA was created? Anyone?

    How much good did creating yet another layer of intelligence bureaucracy do us? Did intelligence get any better after we made the Director of Central Intelligence obsolete by creating a Director of National Intelligence? Not one damn whit. It just grew the federal payroll some more, and added more bloat and bureaucracy.

    Vital intelligence work needs to be done, but we need to be trimming down these agencies, not creating new ones.

    --
    Life is hard, and the world is cruel
    1. Re:Hell No by glwtta · · Score: 2, Insightful

      Can anyone say that their flying experience is actually better after TSA was created?

      The TSA is supposed to make your flying experience better?

      --
      sic transit gloria mundi
  3. Two sides of the same coin by Daniel+Dvorkin · · Score: 4, Insightful

    Keeping our systems secure, and breaking into the other guys' systems, are damn near the same job. It is a good thing to have the people responsible for both working together, and maybe trading jobs occasionally. There is no American computer security and Russian computer security and Chinese computer security: there is only computer security, and systems which are more or less secure. The NSA has historically been about the only government agency that really seems to get this, and it would be a real mistake to break it up.

    --
    The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
    1. Re:Two sides of the same coin by el_tedward · · Score: 2, Insightful

      [sarcasm]
      Yeah, if anything, the NSA has made things LESS secure! I mean, look at SELinux. It's a load of crap!!
      [/sarcasm]

  4. Re:Why does Google need to 'partner' with the NSA? by Anonymous Coward · · Score: 0, Insightful

    Amerika! Amerika ist wunderbar!

  5. Re:how will that solve anything? by Hal_Porter · · Score: 2, Insightful

    You wouldn't actually do it, you'd just tell people you'd done it and hope some of them are gullible enough to fall for it.

    --
    echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
  6. Smarts by sjbe · · Score: 2, Insightful

    I'm not sure having a PhD in math grants expertise in computer and network security.

    It doesn't but you're going to find a pretty heavy correlation between the two. Someone good in math is far more likely than average to have or be able to develop expertise in any given use of computers. The skill sets are different but the skills do overlap to a non-trivial degree. I'm sure a PhD is not required to work in computer security at the NSA but I also suspect they have more PhDs in that role than most employers. Just a guess I'll admit but it seems likely.

    My guess is their expertise is used largely in encryption efforts.

    I think you are probably correct.

    I really see no evidence that the NSA has scooped up the smartest math PhDs.

    Certainly they have no monopoly on smarts. Academia, private industry, finance, NASA and others employers unquestionably have a big share. The only safe thing to say is that the NSA apparently has a goodly number of very bright individuals working there. What portion of the talent pool they have is something that I'm sure is heavily classified if anyone even knows.

    1. Re:Smarts by dgatwood · · Score: 4, Insightful

      Someone good in math is far more likely than average to have or be able to develop expertise in any given use of computers.

      Careful there. Being good at math---being capable of learning higher level math concepts---is not the same as having taken the time to do so. A lot of very people don't bother going beyond a certain point simply because their primary interests lie elsewhere. And to some degree, being too analytical can actually hurt your ability to write good software.

      Writing software is not an entirely analytical process. It has some analytical components, particularly in understanding how the parts fit into the whole. However, creating the code itself is also an artistic process in many ways. You must consider all the different ways of doing something and choose the best one, based not just on the current needs, but also on a general feeling about what you might want to do with the code in the future without going overboard.

      • Overly analytical people often over-plan and over-design, resulting in code that is too complex to maintain, is too slow, or takes too long to finish. Getting everything perfect the first time is too important, so nothing ever gets done.
      • Overly artistic people tend to not plan enough, painting themselves into a corner. The result is that the entire project gets thrown out and redesigned every couple of years because they need to add a new feature and the design can't readily accommodate it.

      Thus, good programming requires a very delicate balance between analytical abilities and creative/artistic abilities. Analytical skills are necessary, but not sufficient.

      I would actually argue that programming skills tend to be more strongly correlated with musical ability than math education. Good musicians are generally good at analytical tasks, including math, but also have the artistic ability needed to take that critical step back and pay attention to the system design, the UI, etc.

      I've always found it staggering how many of my coworkers are musicians. In my department alone, it's at least one in three, and many of the people who aren't musicians have kids who are. Whenever we have a department party, we usually get together a group of people and jam. And my previous employer was the same way.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    2. Re:Smarts by Listen+Up · · Score: 2, Insightful

      While you make some good points, your arguments are inherently incorrect based upon your misunderstanding of creative problem solving. Here is a link http://en.wikipedia.org/wiki/Creative_problem_solving. Note the second sentence in the second paragraph. Problem solving as a whole is considered the most complex of all intellectual functions. Mathematical problem solving is considered one of the highest, if not the highest, forms of creative problem solving. Also consider for a moment that effectively the entire field of computer science was originally developed by Mathematicians.

      I would argue that writing code is a purely analytical process. I would also argue that people who believe programming is purely an art form or is best suited for people who are not analytical, for example musicians, make terrible programmers. From my personal experiences, these kinds of people are at best "hacks" and tend to write average or below average code, which may or may not work. And that same code is almost always poorly designed, poorly architected, poorly implemented, poorly documented and poor performing. All of the people whom I've worked with who are Mathematicians, Engineers, Physicists, etc. who are also professional software engineers tend to write exceptionally good code. They also tend to have the appropriate analytical and creative problem solving skills necessary to provide appropriate solutions to extremely complex problems throughout all levels of development from architecture to implementation.

      Getting back to the Wikipedia article, your misunderstanding is based upon the fact that while musicians may be creative, that does not mean they are creative problem solvers. Creative problem solvers though can be purely creative. Which correlates perfectly with my own personal experiences, since most highly analytical creative problem solvers I know also enjoy pursuing such subjects as art, design, music, etc. As a matter of fact, most of the people I work with enjoy photography outside of work, not music. And the opposite is true, people who are only musicians tend to be neither highly analytical nor decent problem solvers.

    3. Re:Smarts by dgatwood · · Score: 2, Insightful

      Odd, from what i've seen, most physicists write the worst code of all. Scientists and mathematicians gave us COBOL, BLAS, and LAPACK. They gave us functions with names like xerbla and sgemm. And so on. They tend to create code that is so brilliant that nobody can understand it except the person who wrote it, and after a few weeks, not even that person. That may not be your experience, but the experience is far from uncommon. :-)

      And just to be clear, I didn't say that all musicians would be good programmers. I said that more of the good programmers that I've known are musicians than math majors by a large margin, at least among recent grads. If you look far enough back, everybody who learned programming did so in a math department, but that's just a historical artifact arising out of computers having been created originally to solve math problems. Among recent grads in computing, math is certainly a common minor, but it's not a very common major at all.

      I also strongly disagree with the Wikipedia article's assertion that any significant amount of music doesn't involve problem solving. Well, maybe singing to a limited degree. Beyond that, though, that's a pretty absurd argument, IMHO.

      Even basic performance involves a lot of creative problem solving, from realizing that a particular fingering doesn't lend itself to playing a given passage on piano or choosing an alternate fingering on flute for trills to listening to everyone else and choosing the right volume to blend or stand out as needed, staying with them in tempo, etc. Every single technical skill involves creative problem solving, and playing any musical instrument is necessarily a technical skill. More to the point, it's continuous creative problem solving for long periods of time in which a single mistake wrecks things.

      And once you get into composition, that's doubly true. Whether you're coming up with good voice leading that avoids parallel fourth/fifth motion, ending up on the same note, or other awkwardness, dodging cross-relations between voices, creating countermelodies that obey good rules of counterpoint, or handling transpositions for different instruments (which admittedly most people just let software handle now), you're doing creative problem solving at a very high level. I actually think that composing good music is in many ways harder than writing software in terms of the amount of problem solving that you have to do (either intuitively or deliberately) at every step of the process. Try juggling 20+ independent voices in your head and you'll understand what I'm talking about.

      So both composing music and performing it involve a not insignificant amount of problem solving and analysis. There's no such thing as purely artistic music, really. I have a hard time understanding how anyone who really knows music could even suggest such a concept.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  7. Re:Why does Google need to 'partner' with the NSA? by jeff4747 · · Score: 5, Insightful

    Because besides having the best "hackers" on the planet, the NSA also has the best sysadmins on the planet. Because the aforementioned 'hackers' practice against them.

    This, btw, is why the author's idea is terrible. You want both offense and defense in the same agency so that they can share techniques.

  8. Lets start a cyberwar with China. by wireshark · · Score: 1, Insightful

    As the wars in Iraq & Afghanistan are winding down the government "especially the republican party" sees the need for a new war. What better way to grease up lucrative contracts between the U.S gov & it's most successful companies than a "cyber" war. The Google breach is clearly an intel/political issue. The technical aspects are minimal & we all knew that great firewall compromised any chance of IT security there yet the story is portrayed as a technical one. Oh my! google was hacked by the chinese. They must need technical government support. Rarely is the story portrayed simply as an international policy issue. It's war I tell you & the economy loves a good fight.

  9. Am I missing something? by edittard · · Score: 2, Insightful

    'The problem is, their goals are often in opposition,' writes Shachtman. 'One team wants to exploit software holes; the other wants to repair them.

    How are they in opposition? Isn't the aim to exploit the ones in their systems, and plug the holes in ours.

    --
    At the bottom of the /. main page it says 'Yesterday's News'. Well they got that right.