NSA Considers Its Networks Compromised

Orome1 writes "Debora Plunkett, head of the NSA's Information Assurance Directorate, has confirmed what many security experts suspected to be true: no computer network can be considered completely and utterly impenetrable — not even that of the NSA. 'There's no such thing as "secure" any more,' she said to the attendees of a cyber security forum sponsored by the Atlantic and Government Executive media organizations, and confirmed that the NSA works under the assumption that various parts of their systems have already been compromised, and is adjusting its actions accordingly."

Well

It certainly took them long enough to figure that one out.

Re:Well

[Abstrackt]

They probably figured it out a long time ago, what they're doing now is admitting it.

Re:Well

They didn't say their networks are compromised. To be on the safe side, they just assume they are.

Re:Well

Obfuscation? Is this a double or triple bluff?

DAHN DAHN DAAAHHHHHHHHH

of course they have secure networks. Those are the ones that are plugged in anywhere :)

I've got a secure network here, wanna see it?

Oh you can't it isn't plugged into anything public...

Re:Well

[dougisfunny]

Being paranoid? Which is what they should be don't you think?

Re:Well

[Lazareth]

Except one is about being cautious and the other is about extorting legally defenseless kids of poor families. Totally the same. Not.

Re:Well

[Captain+Splendid]

'Hope for the best, assume the worst' should be the mantra for everyone working in any kind of security. Glad to see the NSA living up to that.

I wonder, though, if the prominence of Wikileaks had anything to do with this, and I don't mean specifically, as in they anticipate a lot of NSA-related document drops in the near future, but more generally, as in the landscape has changed and Wikileaks is a signifier.

Re:Well

[N0Man74]

Your analogy is a bit of a stretch, and a bit off topic...

To make an analogy of your analogy, it's as if you are trying to equate someone who assumes they already been exposed to the cold virus and is trying to drink lots of juice, eat chicken soup, and look for symptoms to validate the assumption that their health has compromised to someone who assumes their wife is sleeping with the mailman so he shoots the mailman.

Re:Well

[afabbro]

They didn't say their networks are compromised. To be on the safe side, they just assume they are.

Yep it's a RIAA/MPAA model. Assume guilt until proven otherwise, in this case compromised until proven otherwise. Makes you wonder what the NSA is really good for.

Wow...you've leaped from a national security organization adopting a policy of extreme care to a comparison with the recording industry lawsuits. Do you have some sort of associative-compulsive disorder or are you really stating there is any relationship between the two? Or are you just bitter?

Re:Well

[man_of_mr_e]

SETAC ASTRONOMY?

Re:Well

[icebike]

It also pretty much is the closest thing to a statement by the NSA that they can penetrate any network connected at will. Even their own.

After all, if they already have hacks for every thing they use to protect themselves, you can be fairly certain your firewall/router won't inconvenience them in the slightest.

Re:Well

[Stargoat]

Iran thought that, but sneakernets are capable of transmitting viruses behind airwalls.

Re:Well

You didn't mention the country and I'm not sure what you meant by "legally defenseless" but in the US there are a lot of resources spent defending kids of poor families. Also, your use of the word "extorting" shows you don't have a clear understanding of what it means. Sorry.

Re:Well

[silverglade00]

Pssht, you and your airwalls and firewalls. I combined them all and now I use a CaptainPlanetWall! (The heartwall was a little messy...)

Re:Well

[bhcompy]

On top of the hilariously stupid comment you made, you're wrong. One should always assume you've been compromised as far as network security goes. That way you always take necessary precautions, such as always encrypting sensitive data, even within your network. To do otherwise is sloppy

Re:Well

[Unequivocal]

I disagree. One should always weigh the cost of that assumption (and the associated security costs in tech and personnel) against the pain/cost of a less secure network. To always build the most secure network possible is not always cost efficient and therefore not always the right choice. Assuming your network is always in a state of compromise will often be a very expensive assumption, so should only be undertaken if it's worth it in terms of risk to what's on your network. For NSA clearly they've got some pretty important stuff in there so they'll do anything/everything to protect it. We're not all in that boat when it comes to network security. That's not sloppiness - sloppiness is getting blindsided by penetration vectors you didn't account for but should have.

Re:Well

[Unequivocal]

Yeah, good point -- and they're also implicitly saying that you'll now never even know they were on your network since they've got that side of things wrapped up now too. Yikes.

Re:Well

[mlts]

You hit the nail on the head here. The problem I see is that people tend to rely on one of the following for their organizational security:

1: Host security.
2: Security of core/edge routers and switches.
3: Cross platform antivirus utilities.
4: Prayer to eldrich horrors.

One needs to take all four elements into account. For example, you use the routers to separate departments and machines from each other. Then, you make sure server security is tight with ipchains, Windows "firewall", and other items. Then you slap on the AV programs to make the bean counters happy. Finally, you get the tomes out (the Necronomicon ex Solaris) and do the horrific, unprintable acts as per the man pages.

This way, if the router decides to just move traffic without worrying about IP rules, the servers can defend themselves. If a server or workstation gets compromised, its ability to attack other machines is limited.

Re:Well

[bhcompy]

Assuming that you're compromised doesn't add any cost. No one is saying to duplicate the NSA's network security implementation. It just means that you need to carefully examine what you do have on your network that is important to you and others and take care of it in a reasonable way. To not assume that is to put yourself in a situation to allow yourself to get sloppy.

Re:Well

[Unequivocal]

That's true, but only *sometimes.* Sometimes it is not worth securing the network on the inside b/c the danger of folks breaking in and messing around is not very high. Always assuming that internal penetration must be accounted for is a bad assumption. Examining when/where it's a good or bad assumption *is* always a good idea.

This may seem pedantic, but I run across networks which are over-designed fairly often. It doesn't meaningfully increase the owner's network security and it means that money can't be spent on something else more valuable to the owner. It also needlessly limits what the users of the network can accomplish, reducing productivity and innovation.

If OTOH you're saying that one should always undertake good, solid network design principles, such as expose as little as possible onto the network, then that seems reasonable. Handling every network design problem with the constraint that it must be equally penetration-resistant *from the inside* can needlessly drive up costs without significant benefit *in some cases.*

Re:Well

[SnarfQuest]

It certainly took them long enough to figure that one out.

Was the first clue finding all of their emails on Wikileaks?

Re:Well

[RaymondKurzweil]

This is slashdot, it's likely they're just an idiot.

Re:Well

[je+ne+sais+quoi]

No, it doesn't have anything to do with wikileaks. This has been the standard operating procedure for classified material for some time, I couldn't tell you how long, but certainly before all this wikileaks stuff broke.

We have yet to see the security policy response to the wikileaks leak (leaks?). I'm guessing it's the usual large organization response to a problem: which is to create large, showy changes to demonstrate they are doing something about it. The only issue is when those changes don't actually fix the problem and just make life more annoying for those who aren't the problem (like forcing os x or linux users to install virus software, sure technically there is a chance that the software could detect some virus on a USB or other file, but there's a point where returns are diminished and that is waaayyy past it).

P.S. This is OT, but what I would like to see is a day past itiscussion about just how this material got out: I guess this new material was from the same pfc. that leaked the pentagon stuff earlier and Assange may or may not have helped with that. If so, there may not be much of a security response since it's a lot more difficult to stop your own people from leaking info.

Re:Well

[je+ne+sais+quoi]

when I say "virus software", I meant "anti-virus software". Oops.

Which is the sane thing to assume

[alfredos]

What I can't fathom is that there is still people out there believing that a firewall is all the protection they need. Or that it is a protection they need, even.

Re:Which is the sane thing to assume

[datapharmer]

yeah, I mean who really needs a firewall anyway.... I run my computers unpatched with all the ports open. They are much faster and more reliable that way. None of that antivirus nonsense to deal with and I stay virus free since the botnets duke it out for who gets control. It saves time when shopping online too, as I don't even have to tell the nice people my credit card info - they all already know it! It is especially useful when they send me great offers by email for replica rolex watches and discount prescriptions as I don't even have to search for the best prices!

Re:Which is the sane thing to assume

[B'Trey]

What I can't fathom is that there is still people out there believing that a firewall is all the protection they need. Or that it is a protection they need, even.

A firewall is reasonable protection for most people, just as a dead bolt on the front door is reasonable protection for most homes. If you're the online equivalent of a jewelry store - that is, a high profile target - then obviously you need much more than that.

Re:Which is the sane thing to assume

[nine-times]

Well what I think the poster was getting at is the idea that, if you're closing off all insecure ports on all your machines themselves, then firewalls shouldn't really being doing anything anyway. It's not an either-or proposition, is it? Either you have a firewall or you have unpatched computers running with all ports open?

In a certain way of thinking, what a firewall does is to block traffic to unauthorized ports on improperly secured machines, so if you secure your machines then the firewall shouldn't be necessary. Of course, that's not really all that a modern firewall does. Many firewalls can act as a proxy for various protocols, which means that they can offer an additional layer of security beyond simply blocking ports. Also, many companies use firewalls to block outgoing traffic as well, though of course it's often possible to circumvent that if you really want to.

Re:Which is the sane thing to assume

[_Sprocket_]

You're actually cutting edge. You've out-sourced your personal information security and set up a fully flexible payment schedule to support it. You're clearly executive material and deserve that Rolux you've had your eye on.

Re:Which is the sane thing to assume

I don't find this funny at all, I work at an Ivy League institution that believes firewalls are unnecessary.

Re:Which is the sane thing to assume

[Steeltoe]

I2P sports end-to-end encryption. Arbitrary tunnels between computers. Darknet capabilities. Integrated bittorrent. Anonymous and encrypted websites. P2P naming services.

If you need transparent encryption between nets, while preventing sniffers and MITM-attacks, I believe I2P can be a great fit. I wonder what performance a custom version restricted to the LAN might yield, given that it's already many orders of magnitude faster than FreeNet?

I2P: http://www.i2p2.de/

Re:Which is the sane thing to assume

Just like rolling up the windows and locking the doors in a "questionable" neighborhood, right?

Re:Which is the sane thing to assume

[KublaiKhan]

Most people are confused by all the marketing that AV and firewall vendors spew out, together with the anecdotes of their friends about "Well, AV doesn't work 'cuz I got a virus that one time" and all that other nonsense.

Honestly, IMHO, you should -always- consider your network to be compromised in some fashion. Always keep an eye out for clues of infiltration--strange network traffic, odd lack of response, uncharacteristic behaviors--and, though you'll doubtless waste some time on false positives, you'll end up saving a lot more time should something show up than you would if you ignored it.

Besides, half the crap can be set up to run automatically; glancing over some logfiles every day when you login to check your email doesn't take that long.

Re:Which is the sane thing to assume

[JackOfAllGeeks]

Of course, that's not really all that a modern firewall does.

And this is why the original poster is wrong.

If you're just relying on a Firewall to block access to ports you shouldn't have open anyways, then yeah, you don't need the firewall: just close the ports. But in that scenario, it's really just a misapplication of an otherwise useful security device.

A Firewall can be useful, as you said, to proxy various protocols or block certain outgoing (or unsolicited incoming) traffic. It can also be used if potentially-harmful traffic belongs on the network, but not going to or from certain hosts (ie, remote administration of servers might be desirable, but only from certain hosts).

The point is, yes a Firewall isn't The Solution to all security problems, and it can be misapplied, but that doesn't mean it's not a useful device in the right situation.

Re:Which is the sane thing to assume

[Culture20]

In a certain way of thinking, what a firewall does is to block traffic to unauthorized ports on improperly secured machines, so if you secure your machines then the firewall shouldn't be necessary.

And Darth Vader really did betray and murder Luke's father, from a certain point of view. I use firewalls all the time, because I've got ports that don't need to be world accessible (and trusting tcpwrappers for everything is silly). Also, just because daemon foo is "secure" now doesn't mean it will be a month from now. If you need the port locally, but not externally, firewall it completely off from the outside and be a little happier.

Re:Which is the sane thing to assume

you broke my sarcasmeter

Re:Which is the sane thing to assume

[drinkypoo]

A firewall is reasonable protection for most people, just as a dead bolt on the front door is reasonable protection for most homes.

Most homes are protected not just by the deadbolt, but by a variety of factors including your presence. Just see what happens if you're gone for an extended period of time with nobody checking up.

Re:Which is the sane thing to assume

[nine-times]

And Darth Vader really did betray and murder Luke's father, from a certain point of view.

Yes, that's true. I think you're going to find that many of the truths we cling to depend greatly on our own point of view.

Re:Which is the sane thing to assume

[rel4x]

Well what I think the poster was getting at is the idea that, if you're closing off all insecure ports on all your machines themselves, then firewalls shouldn't really being doing anything anyway. It's not an either-or proposition, is it? Either you have a firewall or you have unpatched computers running with all ports open?

Except that you generally don't "close off insecure ports". You're not disabling them, you're just setting them to "not open yet". A large part of the point behind a firewall is to make sure nefarious programs can't open the ports without your knowledge.

Re:Which is the sane thing to assume

[FormOfActionBanana]

If you have on your computer:
  - access to online banking;
  - personal information;
  - spare CPU to do somebody else's processing;
  - spare bandwidth to store or handle someone else's illegal data;
  - company confidential information;
  - etc... ... you are an electronic jewelry store.

Re:Which is the sane thing to assume

[GreyLurk]

The vulnerability in any network is rarely the connections themselves, but rather the end points. We've long known how to run an encrypted "darknet" style tunnel. I2P and Freenet just work out the routing on darknets. There's a fundamental problem though with keeping information secure, while storing it on a network. It's the old "x people can keep a secret if x-1 of them is dead." conundrum.

Re:Which is the sane thing to assume

[icebraining]

Where do you live to expect your house to be broken into if you're gone?

I mean, I take some precautions (like redirecting my mail), but I can leave my home for three months straight without checking up on it and I'm pretty confident nothing will happen to it.
In fact, the only time a house was burglarized here was when the thieves were "friends" of the house owner (they knew the house and her vacation schedule, etc).

Re:Which is the sane thing to assume

[vux984]

If you're just relying on a Firewall to block access to ports you shouldn't have open anyways, then yeah, you don't need the firewall: just close the ports. But in that scenario, it's really just a misapplication of an otherwise useful security device.

Not really. Redundancy and backup systems are an important part of security.

Re:Which is the sane thing to assume

[Steeltoe]

My focus was not to stop freedom of information (ie. promote police-state to enforce war against "information wants to be free"), but rather secure the network even though it has been compromised with untrusted clients. This is what the article was talking about. I2P already supports encrypted communication between trusted and arbitrary clients. You can have fixed tunnels between clients, or provide encrypted and anonymous services to arbitrary, or a selection of clients, inside the darknet.

The way most LANs are operated today, makes them very vulnerable of _any_ compromise in the network. So I'd say this is the first step, if you require security at all. It's not a firewall issue, because clients themselves can be compromised, and then you will seek to minimize that damage.

Of course, if your endpoints are compromised, you've got big problems.

If it's a hardware compromise, ie. theft, running TrueCrypt can save you if you are dilligent in securing the key, and it's long enough.

Software and wetware compromises, well, I'll leave that out of the scope for now. The article was talking about the network.

Re:Which is the sane thing to assume

[JackOfAllGeeks]

Good point; I retract the overly-broad assertion.

Re:Which is the sane thing to assume

[icebike]

Except that your OS (even Windows if properly locked down) is likely to be more up to date than your firewall/router software.

Routers rarely get updated software loads, even when significant bugs are detected in the kernel the are built with.

In many cases, the redundancy provided by an ancient linksys is a false one, and the router may already be owned by the hackers.

Re:Which is the sane thing to assume

I have in my home:
- Information about my bank account, even more so than what's available on my computer
- Personal information, including passports
- Physical access to many CPUs
- Physical access to networks
- etc

I do not consider my home to be as high profile a target as a physical jewelry store.

Re:Which is the sane thing to assume

Hmmm well could it be that cool OS's like windows get security holes even though the ports are "closed" nahhhhh that couldn't be a reason to have a firewall. I'm going back to reality land now, you should probably join me.

Re:Which is the sane thing to assume

[vegiVamp]

I just read "A fireball is reasonable protection for most people". Time for coffee.

Re:Which is the sane thing to assume

Plus, you wouldn't believe how big my penis is now!!

Re:Which is the sane thing to assume

[Dalroth]

Every one of my family members is behind a firewall. Every single damn time I go home I have to spend hours rebuilding their computers because they've been compromised yet again.

Burglarizing a house is a physical act that requires you to go there and put yourself in great physical danger. Breaking into a computer is as easy as a few clicks on a keyboard.

They are not the same thing. A firewall is NOT enough, and it is NOT comparable to a locked front door.

Re:Which is the sane thing to assume

[Arrepiadd]

Who needs a firewall anyway? I use NAT and that offers all the protection I need.

Re:Which is the sane thing to assume

[Unequivocal]

Good point. Trusting a conf file that says only 127.0.0.1 is allowed in to a port is little dicey sometimes. Having a firewall making a more rigorous statement further up-chain about "no lookey" is a nice safety feature. Also it lets me work with nearby devs without totally going mando to the world.

Re:Which is the sane thing to assume

[argStyopa]

It's a good analogy and continues further.

If you want windows to see out of, that's going to inherently compromise the security of your home (not to mention Windows(tm) hahah). You can put bars over the windows, but again, then you are reducing the functionality - some very important functionality - in order to be more secure.

To paraphrase the Zombie Survival Guide: there is no "safe", only safer. Everything is a compromise between utility and security.

If you have security concerns, you put doors between each of your rooms and a lock on each door with a different key. It sure makes it harder to move around in the house, how much is that worth riskwise?

Re:Which is the sane thing to assume

[mlts]

Routers get updated less often because they do far less than a full general purpose computer, which could have any components (Web browser, applications, services, hardware devices) break of have security issues.

Essentially on the outside, an attacker can attack the IP stack of a hardened firewall and that is essentially it. On the inside, a Web server and/or a SSH server, as well as the IP stack are pretty much the only points it can be nailed. Of course, there are likely others, but these would be the main ones that a router would be attacked at.

Re:Which is the sane thing to assume

[GMFTatsujin]

Yeah, I felt pretty good about the deadbolts on the front door. Until a thief broke in through the window to undo the bolt from the inside, just to walk right in.

That's when I learned two lessons: there's more than one way in, and thieves don't have qualms about breaking stuff.

Re:Which is the sane thing to assume

[drinkypoo]

Where do you live to expect your house to be broken into if you're gone?

The real world. What color is the sky in yours?

I mean, I take some precautions (like redirecting my mail), but I can leave my home for three months straight without checking up on it and I'm pretty confident nothing will happen to it.

It won't last long, if indeed it is the way you believe it to be now.

Re:Which is the sane thing to assume

This is what I do. I just assume my computer is compromised and don't put any valuable information into it in the first place. Enjoy your sisyphean task.

Re:Which is the sane thing to assume

[icebraining]

Uh, crimes against property have been falling here from 1996 to 2006 (I don't have more recent data). Why won't it last?

Re:Which is the sane thing to assume

That's the Darwinian model for security. The survival of the fittest and symbiosis; the fittest spam spewing organism integrates with your system and protects you from outside intruders. It's like the human digestive system, with spam and bugs all over the place.

Re:Which is the sane thing to assume

What I can't fathom is that there is still people out there believing that a firewall is all the protection they need. Or that it is a protection they need, even.

Well I obviously don't want to be the victim of identity theft, do I?

Sheeesh.

Re:Which is the sane thing to assume

[FormOfActionBanana]

I said "electronic jewelry store" and admittedly, I could have been more clear.

Comparing security of your physical home, which is pretty difficult to rob and capitalize on, to electronic security of your PC is not a valid comparison. The reason is you (like everyone up to a few years ago) are only considering threats to perimeter security.

The real vulnerability is the application -- malicious data traveling over your trusted, specifically allowed (e.g. http/ssl) connection can cause you trouble and embarrassment like transferring your money, disclosing your secrets, placing a cache of illegal files on your computer, or sending messages on your behalf.

Application security. Using websites whose authors forgot to check for control characters in input data, coupled with running software whose authors failed to check buffer lengths (or other oversights), exposes you to methods of carrying out such attacks.

The critical difference between your PC and a brick/mortar store is the economy of scale the attackers can leverage. It is a shitload of work to break into a store, execute a getaway, fence the goods, keep compadres silent. With one decent attack design, electronic attackers can compromise millions of individuals' resources. And firewalls do not protect against this; the attack data travels over allowed channels.

Re:Which is the sane thing to assume

[Sparrow1492]

If you're just relying on a Firewall to block access to ports you shouldn't have open anyways, then yeah, you don't need the firewall

Ah, but one of the best reasons to have a firewall is that there are so many people that don't. Feel free to bang against my firewall all day or go hit my 2 neighbors that don't even have one and get right in. It's not always about being the most secure, but being in a better postion than the next guy.

NSA

[Demoknight]

Not Secure After-all

Re:NSA

Not Secure After-all

Or perhaps they can join the Double A's (RIAA, MPAA, and now NSAA), NSAA being "Not Secure After All".

I compromised...

I compromised the first post.

Re:I compromised...

I compromised your mom.

Definition of security

[girlintraining]

Security is achievable provided you start with good parameters. Believing your systems are "unhackable" is silly. No physical security is impenetrable, why would electronic security be different? But what you can do is make the cost of breaching that security more than the value of whatever it is being protected. Keep in mind though that what you're protecting also includes access, not just the data itself.

Problem is, in the private sector you have all these companies trying to control the internet, instead of keeping it as a public commons. The net result is that the cost to access it is often the main price consideration, at least in the United States.

Re:Definition of security

[DrgnDancer]

The problem is that the NSA has, or at least it believes it has and other believe it has, information whose value is essentially beyond price. Therefore they feel reasonable expecting that other parties will pay nearly any cost for access. The whole dynamic of "make it more expensive to get than it's worth to have" goes out the window when what it's worth to have is essentially infinite. Then it becomes "protect it as much as possibly can and hope it's enough".

Don't get me wrong, I typically agree with you, and I've posted that very thing quite recently in response to something else recently. It's just that the theory kinda goes out the window when you have bad actors with the resources of an entire nation behind them as your most likely threat vector. Now of course everything that the NSA protects isn't that valuable, and much of it is probably protected with precisely the theory you promote. The rest is just protected with every possible resource they can think of.

Re:Definition of security

[durdur]

The problem is that the NSA has, or at least it believes it has and other believe it has, information whose value is essentially beyond price.

No, I don't think (nor do I think they think) their data is beyond price. In fact, since they troll a lot of communication traffic looking for significant patterns, most of what they have is almost certainly junk. And the stuff that is valuable - probably a lot of the value is just the fact that they have it, and their enemies don't know they have it. Just as in WW II, German submarine traffic was secret not because of what the information was, but because we wanted the fact that we had intercepted and decoded it kept a secret, so that countermeasures would not be taken.

Re:Definition of security

[DrgnDancer]

If you read the entire post (why is it so hard to read two paragraphs? I get more replies to the first or second sentence of a post that never seem to read any farther...) you'd see:

Now of course everything that the NSA protects isn't that valuable, and much of it is probably protected with precisely the theory you promote.

Which seems to imply that I agree and don't think *all* the information the NSA protects is valuable. Some of it, however, is beyond price. That's the stuff they are most interested in protecting.

Re:Definition of security

[lgw]

The knowledge that the Allies had broken Enigma was information beyond price. The NSA presumably has similarly valuable information, and opponents with the resources of governments. That just changes the equation to something quite different than the sort of security you use to protect valuables from thieves.

Re:Definition of security

[durdur]

That's true enough, although the value of intelligence information tends to degrade with time.

Re:Definition of security

The knowledge that the Allies had broken Enigma was information beyond price.

Nonsense. I'm sure the Allies would have gladly given up the knowledge that they had broken Enigma in exchange for the complete surrender of their adversaries.

Why all the hyperbole in this thread? There really is no information that is "beyond price".

Re:Definition of security

[minstrelmike]

Info whose value is beyond price is essentially the same problem with health care costs and why demand will always exceed supply. We will pay whatever we can to avoid dying. Neither health care nor NSA secrets respond to normal economic incentives.

Re:Definition of security

[Software+Geek]

You assume that the attacker has infinite resources, just because they are a nation state. There are no attackers that have infinite time, or infinite resistance to counterattack. The NSA does not need to fend off an attacker indefinitely, just long enough to identify the attacker and apply the appropriate countermeasures.

Well obviously...

Really, shouldn't the NSA have been operating under this principle all the time? Has there ever been any security protocol that's never been breached?
It seems naive that they thought impenetrable security was possible. Even if you managed to somehow get the security technically perfect, it's still going to be used by completely fallible and inconsistent humans.

Re:Well obviously...

[Yvan256]

So your solution is to.... kill all humans?

Bender is posting on Slashdot!

So much for the cloud

[T1girl]

The idea of sticking all my data out in cyberspace on somebody else's servers always seemed a little fluffy anyway.

Re:So much for the cloud

[blair1q]

First rule of security: never do anything anyone wants to know about.

Re:So much for the cloud

[durdur]

Lots of organizations are uncomfortable with high value data being out of their control.

But are your IT guys better than their IT guys? Do you patch, monitor, secure, more than they do? Maybe, maybe not. It pays to ask questions but the cloud isn't a worse place for data, necessarily.

That said, top secret data like NSA has is a whole 'nother kettle of fish.

Re:So much for the cloud

[Mitchell314]

Second rule: But if you do, secure it.

Re:So much for the cloud

[SlashV]

Did you grow up in Arizona?

Boo Hoo.

Good. Fuck them.

Re:Boo Hoo.

[jcrb]

Demonstrating the truth of the saying

"You're not paranoid if people really are out to get you"

The only secure system...

[ChefInnocent]

Is the one buried a mile under ground in 100' radius of concrete connected to nothing. Preferably in an undisclosed location. Even then, it is only as secure as the guards protecting it.

Re:The only secure system...

[Pojut]

I had a co-worker ask me for some computer advice yesterday, since she was "tired of all the viruses [she] seems to keep getting." I gave her two options:

1. Stop clicking on every blinking banner, spam email, and "RESPOND NOWZ0RZ!!1!111!" message she gets on facebook. Install a quality anti-virus and software firewall, as well as set up a hardware firewall, and remove all privileges from the account she logs onto her computer with.

OR

2. Unplug the computer from the wall, go to CVS, and buy a legal pad and some pens.

I then proceeded to tell her that only one would provide 100% protection.

Re:The only secure system...

Pff, you call that protection? You didn't even remember to tell her to pick up the extra-large box of condoms while she was at CVS.

Re:The only secure system...

[Grandim]

What about a computer on a space probe that doesn't have transmitting equipment? Getting it back or even sending something to catch it would be near impossible.

Re:The only secure system...

I don't want you talking about my house, CAPISCE ?

Re:The only secure system...

[jeffmeden]

What about a computer on a space probe that doesn't have transmitting equipment? Getting it back or even sending something to catch it would be near impossible.

For now. What's the future value of that system?

Re:The only secure system...

[hadrins]

Both options don't give you 100% privacy protection. I don't think a condom is 100% protection either. Right now I am thinking of a "Friends" episode.

Re:The only secure system...

[nine-times]

Right. How I would put it is, "security" is not a binary state. It's not that a computer is either "secure" or "not secure". Security is a process, or maybe a context, and the main concern is not about making something "absolutely secure" but a balancing act. You need to balance the restriction of access by unauthorized personnel with the enabling of access by authorized personnel.

Or to use another metaphor, security is like a constant ongoing war. You simply can't devote enough resources to protect every possible target completely from any possible attack. If I'm a general leading an army protecting a country, I can't station my entire army at every place in the country at once. I can't have my army guard every interaction that goes on in the entire country, especially since some of the interactions will involve the army, which raises the question, "Who watches the watchmen?" And if I try to guard every single possible target, I'll find myself spread too thin and a focused attack will defeat me.

So no, the NSA shouldn't consider its network to be "secure". It should try to segment its network based on security requirements, similar to the way many networks have a DMZ. The point of a DMZ is to say, "I am going to break publicly available servers into another network specifically because I won't consider them to be secure."

Re:The only secure system...

[mikael]

Don't forget the lead shielding ..

Re:The only secure system...

[clone52431]

They’re for the ethernet plug, silly. What did you think he meant?

Re:The only secure system...

[Colourspace]

CVS?? According to you she doesn't even seem to have heard of antivirus, and you want her to use control versioning?

Re:The only secure system...

[Grandim]

Well the system has the unique trait of becoming safer with time has the probe travel farther away from Earth. The data safety is a race between the distance traveled by the probe and space travel improvements since the probe launch.

Re:The only secure system...

[Pojut]

"Look, yes, I have banged hundreds of broads, internationally...but know this, I wrap my rascal TWO times, cause I like it to be joyless and without sensation, as a way of punishing supermodels." -Shake

Re:The only secure system...

Maybe not 100%, but by using such a drastic example you're likely leading her into thinking: that viruses / worms are common and will happen regardless of her actions, and/or it's difficult to prevent viruses / worms. Neither of these have to be true.

Granted, if she's like a lot of people then even after getting infected and losing data several times she will continue to click on the cute picture / porn link.

The easiest first step to fix this is to uninstall / rename iexplore.exe and replace it with FireFox. Yes, I know that breaks some stuff. Since I doubt she's browsing Windows Help files or competent enough to know which Windows update to install, I doubt she will miss it.

And yes, it might be harsh, but some people are truly too stupid to own or use a computer. They are so cheap however that every redneck retard out there has one. For those, even the legal pads might be a stretch. When I need my yard mowed or fruit picked, or someone to mop the bathrooms, these people can usually handle that much mental activity.

Re:The only secure system...

[clone52431]

There’s absolutely no reason to try to remove or rename the executable. Replacing the shortcuts on the desktop and start menu and setting Firefox as the default browser should be adequate.

Re:The only secure system...

[Pojut]

I did that with my technophobic grandmother, actually...I even set the Firefox shortcut to use the Internet Explorer icon. When it loaded up and looked different she asked why it looked like that. I told her I had updated her to the lastest version, and they had upgraded the visual style because people liked it more.

She agreed :)

Re:The only secure system...

[clone52431]

I did that with my technophobic grandmother, actually...I even set the Firefox shortcut to use the Internet Explorer icon.

Extreme circumstances call for extreme measures. :)

Re:The only secure system...

[Have+Brain+Will+Rent]

Nonsense. You can have it connected to every computer system in the world and it will still be secure - see "The Forbin Project" for details on how to achieve real computer security!

Re:The only secure system...

[jeffmeden]

I would certainly expect space travel (barring an unforeseen disaster that returns us to living in caves) to improve on a nonlinear scale. The probe, being subject to the sun's gravity, will have a decreasing velocity and therefore be a consistently easier target to reach as time marches on.

Re:The only secure system...

[Mitchell314]

Attach a nuclear proximity mine to it. Voila.

Re:The only secure system...

[MokuMokuRyoushi]

ZOMG a virus 'sploded my internet and put something weird in the spot my internet should be!!!!1!!

I would not be surprised if she actually said that.

Re:The only secure system...

[vegiVamp]

CVS - Concurrent Versioning Software.
VCS - Versioning Control Software.
CSV - Comma Separated Values

Any more confusion ? :-p

Re:The only secure system...

Am I the only one that is thrilled that you are only aware a condom is not 100% effective because of "Friends"?

Re:The only secure system...

[mlts]

I also recommend option 3 -- a platform change, which can minimize breaches. This is different from handing someone an Ubuntu CD and saying "SUK LESS", because depending on what applications someone is running, swapping to a different OS may or may not be possible. For example, a lot of users can swap to Linux because the core applications they use would be present. Others might use Photoshop or World of Warcraft, commercial items which work on OS X or Windows, so a Mac might be a good idea. Still other people play Windows games, so they really can't jump to something different.

Another option is #4 -- A KVM switch and a tightly locked down PC for banking. Then a PC that can be easily formatted and restored for games and general usage. This way, a blackhat might be able to bag someone's WoW account, but not their checking account.

Re:The only secure system...

[kbielefe]

At her insistence, a blue e opened my wife's web browser for a year or so after we switched to Linux. That was pre-firefox, I think it was just plain mozilla suite web browser.

Last week, she bought some sort of device to make Skype calls from our regular phone and manually installed the device driver and userspace daemon, all without my input at all. I couldn't be more proud :-)

Re:The only secure system...

[tibit]

Nope. A probe of a given mass will shed a fixed energy as it exits the solar system. It won't ever shed more energy than that. Sure, the velocity will be decreasing, but the decrease decays, and eventually it's zero -- you've paid the exit ticket and you're free.

The only secure system

Is one that lacks a network.

And then it doesn't serve it's purpose.

Re:The only secure system

[SuricouRaven]

Not quite true. There are useful non-networked machines. And they can still be compromised, if you can just get access to some removeable media that's going to end up connected.

Re:The only secure system

The fallacy here is assuming that "no wired/broadcast connection" means it's non-networked. It's called "sneakernet" for a reason. And even a truly non-networked computer can be compromised if you can't trust your users.

Of course it's compromised

[Trygil]

People use it, right?

Re:Of course it's compromised

Exactly what I was going to say. If humans built it and have access to it, then it is compromised.

It's probably analogous to my university network. Ostensibly it's a monitored and secured "intranet", but in reality I assume any machine I attach will be plugging into the equivalent of the wildest possible internet jungle. I've seen some pretty scary and persistent stuff probing the machines I manage. It's the right policy for the NSA to tell its employees not to assume that their intranet is somehow "safe" from security risks.

Re:Of course it's compromised

[blair1q]

Yes, but even the trustworthy people can't trust the network, so it's the network itself that is compromised.

Untrustworthy people can do untrustworthy things on a non-compromised network.

Though a compromised network may be compromised in a way that helps them hide their untrustworthy acts.

Open source government?

So to me this raises a fundamental philosophical question: why keep secrets at all, as a government? Unless of course what "we" do as a government is fundamentally evil to begin with? Should government be open-sourced in the sense that it should be fully (100%) transparent? If full transparency works wonderfully in the coding world, why would it not work in the realm of the government...unless again, the things we wish to keep secret are things we are fundamentally evil and immoral, like WikiLeaks had repeatedly proven already?

Re:Open source government?

[mangu]

So to me this raises a fundamental philosophical question: why keep secrets at all, as a government?

Because we need the military to protect us. You wouldn't want an enemy country to know all about the military operations in your country. And before you propose to completely eliminate the military, remember 1939.
 

Re:Open source government?

[wjousts]

I was going to post essentially the same thing. There are secrets that are secret for a reason that isn't evil of nefarious. Take the list of critical US infrastructure that Wikileaks published. There is nothing to be gained by having 100% transparency on that and everything to lose since it's basically a blue print on how to attack the US.

Re:Open source government?

[jeffmeden]

So to me this raises a fundamental philosophical question: why keep secrets at all, as a government? Unless of course what "we" do as a government is fundamentally evil to begin with? Should government be open-sourced in the sense that it should be fully (100%) transparent? If full transparency works wonderfully in the coding world, why would it not work in the realm of the government...unless again, the things we wish to keep secret are things we are fundamentally evil and immoral, like WikiLeaks had repeatedly proven already?

-1, "begging the question". There is no such thing as fundamental evil. What is evil to someone else (such as eating cows, or men and women with visible faces working in the close quarters of a 2000 sq. ft. open office) might not be evil to us... And keeping secrets away from the people who find you evil when you know in your heart of hearts you aren't evil is exactly why these agencies exist. Sure, it would be nice to not have anyone think you're evil, but I don't really see the USA going 100% vegan, 100% sex-segregated (and probably several other types of segregation too) and giving away all our "capitalist excesses" just to appease our critics.

Re:Open source government?

[DrgnDancer]

Well you see it's like this... As a former soldier I'd have been a bit miffed to be say, escorting a convoy, only to discover that bad people with guns knew my route, numbers of troops, and level of armament. It really ruins your day when bad people show up in precisely the right place with way more troops and guns than you have. Especially if they set up explosives. That takes things to whole new level of "ruined day". And before you comment on my simplistic view of "bad people", please understand that my overall opinion of you shifts dramatically toward "bad" when you start shooting at me. As far as I am concerned anyone who shoots at me is by definition a "bad person", no matter what their initial motivation may have been.

Re:Open source government?

[0123456]

I don't really see the USA going 100% vegan, 100% sex-segregated (and probably several other types of segregation too) and giving away all our "capitalist excesses" just to appease our critics.

Vegans are evil: think of all the cows who would never exist if we couldn't drink milk or eat burgers.

In any case, the idea that there's no such thing as 'fundamental evil' is naive: what can you call the deliberate murder of millions in Nazi Germany, Soviet Russia, Maoist China and Pol-Pot's Cambodia, other than evil?

Re:Open source government?

[0123456]

Take the list of critical US infrastructure that Wikileaks published. There is nothing to be gained by having 100% transparency on that and everything to lose since it's basically a blue print on how to attack the US.

Do you really think the bad guys don't know these things?

I remember when I was a kid there was a nuclear weapons store a few miles from where we lived. Everyone knew it was there, the USSR could see it on their satellite photos, but strangely it was completely missing from any official maps of the area. Who was that secrecy supposed to be protecting?

Re:Open source government?

[wjousts]

Do you really think the bad guys don't know these things?

Suspecting it and actually confirming it for them with an official US government document are two separate things. And you still haven't given a reason why it should be released.

Re:Open source government?

[JackOfAllGeeks]

If full transparency works wonderfully in the coding world, why would it not work in the realm of the government...

The Coding World is concerned with internal actors whose impact (malicious code insertion) can easily be corrected.

National defense is concerned with external actors whose impact (casualties, property damage, etc) can not be corrected.

Re:Open source government?

[0123456]

Suspecting it and actually confirming it for them with an official US government document are two separate things.

Assuming that bin Laden actually believes said document and doesn't assume it's disinformation.

And you still haven't given a reason why it should be released.

Because if someone sees they're working at a place which is officially listed as 'critical infrastructure' then they might take security more seriously? Or, horrors, someone completely unrelated to the operations might come up with a way to make it less critical?

There are plenty of reasons why this openness be a good thing rather than a bad thing. For example, I was reading an anecdote by a British airbase worker a while back saying how he was on occasion left to 'protect' a nuclear-armed bomber by himself at night and all he had as a weapon was a pickaxe handle. You could argue that letting people know that the RAF was so broke that all it could do to prevent people from stealing nuclear weapons was send a guy out to stand by the plane with a pickaxe handle would be an invitation to anyone to come and steal some, but you could equally well argue that if the population of Britain knew that was the RAF's idea of nuclear security then the politicos would be forced to provide some actual real security within days of that information getting out.

Re:Open source government?

[zero0ne]

except, now that it is public, the people working and managing those facilities now know they must increase security. Do you honestly think before that was leaked that the Gov't went over to Joe Geek Manager and said: "hey you are one of 1000 critical facilities in the US in an event of an attack, make sure to get your IT security up to snuff"

Of course they didn't. They probably couldn't because the IT manager didn't have the clearance.

Now, that IT manager knows, and can use that document as a reason to request an extra 40k in hardware to help secure and audit his network.

The leak helped by making the right people aware, thereby allowing them to do what needs to be done to secure their sites properly.

Re:Open source government?

[kaiser423]

ok, say that the Russians, or some other actor wanted to stage a raid and try to capture some of those nukes. Should the US government provide them blueprints of the facility, guard rotation and schedules, lists of the COTS items purchased to detect illicit entry, etc? Because apparently you're saying so......

Knowing that nukes are kept over there, in that general area is worthless information. The fact that you think it is the most important piece shows how little you know about physically securing a location.

Those US infrastructure documents that were published did specifically show the layout of a number of physical security measures including fences, holes and nooks to hide in, security blind spots, etc.

Re:Open source government?

[drinkypoo]

what can you call the deliberate murder of millions in Nazi Germany, Soviet Russia, Maoist China and Pol-Pot's Cambodia, other than evil?

Profitable.

Re:Open source government?

[0123456]

ok, say that the Russians, or some other actor wanted to stage a raid and try to capture some of those nukes. Should the US government provide them blueprints of the facility, guard rotation and schedules, lists of the COTS items purchased to detect illicit entry, etc? Because apparently you're saying so......

Where?

Oh, of course, I said no such thing, it's just a straw-man you made up.

Re:Open source government?

Even I know the answer to this one.

The bad guys know your SSN already.
The bad guys that don't know should have to go through more effort than googling to find it.

Re:Open source government?

[jeffmeden]

Depends on if you are/were a Nazi/Soviet Communist/ Maoist/Khmer Rougeian... Not many of those people went into it thinking "i sure want to be fundamentally evil". While I am absolutely NOT justifying what they did, the point is that it is very easy to *talk* about drawing an absolute moral line in the sand and much harder to accomplish in practice.

Going through the world thinking you can/should judge everything as "fundamentally evil" or not is pretty damn naive. If there IS fundamental evil, it is in no way quantifiable by mere mortals such as ourselves. We need to be more diligent than thinking it will be obvious at first sight. How do you think all those atrocities got off the ground in the first place? Someone said "Hey, *I* would know fundamental evil if I saw it... and this? Meh, it is what it is. I have bigger problems to worry about."

Re:Open source government?

[WidgetGuy]

Where I lived, we had a neighborhood Nike missle site. The only evidence of its existence was an armed, uniformed guard at a little guard house half way up their "driveway." Oddly enough, the little guard house is still there (45-50 years later) and some of the roads in the condo development that was the base have the name Nike in them.

The following conversation almost always takes place there when a codo goes up for sale:

Prospective Condo Buyer: "Wow, that's a really big family room!"

Real Estate Agent: "That's nothing. Wait until you see the basement!"

Re:Open source government?

[MokuMokuRyoushi]

Purging the heathen. A quest for glory. Destroying the bastards that would harm our Great Leader. You think those slaughters were carried out by soldiers thinking "this is wrong, this is bad, this is evil" every step of the way? Hell no. You're the evil one, infidel.

Plain and simple, the GP speaks the truth. There really is no single definition of evil.

Re:Open source government?

[onepoint]

>>Do you really think the bad guys don't know these things?

Well, overall I think most people are rather dumb, and don't want to think outside the box.

That's why we create business plans, to focus our ideas and hit goals.

the first thing when researching the business plan, is to see if there is any free info on the topic. as of today, the goal of world domination has about 2 million search results... search phrase "world domination" -game add a few more filters and I think I have the basis of quality research targets ( added guns, with file types pdf's and narrowed it to 7000. )

so using the published list of target's I could create a business plan targeting those targets with something.

the real point is that now something that might have been out of mind, is now in the focus of possibles, and if these targets are worth something, they will be moved up in the list

Re:Open source government?

It is a very interesting question, but I am not at all convinced by the ideological absoluteness of 100% openness.
The short answer is that we (individuals and organizations and countries) don't all get along, and likely never will, so I take the original position of keeping information guarded and only opening up if there are very damn good reasons for doing so.
Freely giving information away gives enemies the attack vectors. No, I don't believe that "the enemy" knows 0% of my secrets, but I don't equally believe that the enemy knows 100% of my secrets and therefore I shouldn't even bother with security.
There are not enough resources to secure every single interest against every possible attack with no secrets.

FWIW I would like more government transparency, just not 100%.

Re:Open source government?

In any case, the idea that there's no such thing as 'fundamental evil' is naive: what can you call the deliberate murder of millions in Nazi Germany, Soviet Russia, Maoist China and Pol-Pot's Cambodia, other than evil?

Was giving native Americans blankets that had been intentionaly infected with smallpox evil? Why wasn't it on your list? In terms of deaths, it certainly passes Pol-Pot's Cambodia.

All nations criticize the others, but every culture I know of has a blind spot to their own bad behavior. Most have a blind spot to their ancestor's bad behavior. The holier-than-thou attitude only works when you talk to people with an identical blind spot.

Given the conflicting definitions of "evil" people have, there is no way to not be on some large group's list. You might have a definition of 'fundamental evil', but until you get the whole world to agree with you, that definition has very limited value for solving problems in the real world.

Consider the following argument, which I have chosen to match one made by at least three large groups of people:

"America's legal system does not impose the death penalty for homosexuality. A book tells us this is God's will. Disobeying Gods's will is evil. If a majority of the American people wanted laws that are not evil, they would elect representatives who would make such laws. Therefor, at least a majority of the American people are evil."

Do you think the people who believe this argument don't include you on the evil list? Because if they don't, then I do :)

Re:Open source government?

[John+Whitley]

So to me this raises a fundamental philosophical question: why keep secrets at all, as a government?

Because nations have adversaries. This adversarial relationship can be as benign as economic competitors, instead of full-blown hot/cold war enemies. At the level of governments, control of information flow is a form of power.

For example, consider the game of chess. In chess, the entire state of the game is visible to all players at all times. There are no secrets. But there's no way to enforce anything like that in the complexity of the real world. Imagine how a game of chess would go if just one of the competitors could choose to hide the locations of their pieces, what moves they've made, and even when they've made moves. No high-stakes human organization would either unilaterally submit to being the "out in the open" player. Nor would they refuse the leverage that information control provides. To do so would essentially be organizational (if not literal) suicide.

This does pose a dilemma: if a government must resort to information control, what kinds of "process controls" are needed in a democratic society to maintain a sufficiently informed electorate? Note: "sufficiently informed" isn't just information about the government, but information about the entire world the society must interact with. Even more importantly: how might we measure the health of information flow and knowledge within a society?

Re:Open source government?

heh, that's subtle. Well done.
In Omaha, we had SAC, the strategic air-force command, and we were a central hub of telecommunications. We knew that if push came to shove, we were going to get glassed by multiple nukes and we were screwed no matter what. At least, that's what dad jokes.

Re:Open source government?

[MMInterface]

So, does that mean that you are posting as an anonymous coward because you are up to something evil? Where's the transparency?

Re:Open source government?

[lgw]

As Thomas Hardy wrote:

But ranged as infantry,
And staring face to face,
I shot at him as he at me,
And killed him in his place.

I shot him dead because--
Because he was my foe,
Just so: my foe of course he was;
That's clear enough; although

He thought he'd 'list, perhaps,
Off-hand like--just as I--
Was out of work--had sold his traps--
No other reason why.

Yes; quaint and curious war is!
You shoot a fellow down
You'd treat, if met where any bar is,
Or help to half a crown.

There's an important different between "evil" and "on the other side". Both need killing, but they are distinct. And there certainly are evil people in the world - people who delight in causing pain and suffuring, who attack not because someone has given offense, but simply because it's fun to attack.

Re:Open source government?

Sorry but with an open government, the represented people would have prevented you from even being placed into that situation to begin with. The US should never have entered into offensive wars racket and the government must have oversight or corruption does and will occur. Personal operations info for "just" decisions does not have to be broadcasted info, yet it seems it is used in every excuse to justify opaque government.

Re:Open source government?

Open Source / no dark secrets doesn't mean no security / no secrets period. The logistics of the convoy's movement and the armament of the escorts is tactical information, just like an encryption key generated with open source software. It's no secret that the data is encrypted, just like it's no secret that a convoy is guarded. One difference between an encryption key and tactical information is the latter can and should be openly disclosed (AFTER the operation is completed).

Your criticism of open source government is essentially FUD, similar to arguing that an open-source OS is less secure than a closed-source OS because "bad guys can read your source code and will therein discover all your passwords".

And by the way, Mr. Ex Soldier, at the risk of sounding insensitive or trollish: did you ever think that maybe those "bad people" were shooting at you because the contents of your convoy may have been bad? When i say "bad", i mean used to victimize, harass and/or abuse innocents and non-combatants. Lets say, you, same ex-soldier, are escorting a convoy filled with child prostitutes for Afghani millionaires. In my opinion that makes you a "bad person", no matter your nationality or what kind of flag you like to wave, and thus anybody who shoots at you is simply protecting human decency. That said, i'm glad you survived your tour and i'm grateful for the opportunity to discuss this with you.

Re:Open source government?

[garyebickford]

Indeed.

For those who aren't familiar, World War II was a good case in point - Bletchley Park

The high-level intelligence produced at Bletchley Park, codenamed Ultra, provided crucial assistance to the Allied war effort. Harry Hinsley, a Bletchley veteran and the official historian of British Intelligence in World War II, has said that Ultra shortened the war "by not less than two years and probably by four years"; moreover, in the absence of Ultra, it is uncertain how the war would have ended.[1]

and (too lazy to copy links to 'Japanese Codes in WWII') the ability to decipher Japanese diplomatic codes and some Navy codes was key to major victories in the Pacific, and possibly the war there as well - see how Tojo was shot down.

Re:Open source government?

Maybe it was misdirection... did you consider that?

Re:Open source government?

As far as I am concerned anyone who shoots at me is by definition a "bad person", no matter what their initial motivation may have been.

A fair assessment, certainly, and I doubt I'd feel any differently in the same situation, but have you considered that those on the other side feel exactly the same way? If you really think things through, I think you'll find that the only option is to not become a soldier in the first place - either that, or accept the fact that people are going to shoot at you, and that that's not necessarily because they're "bad people". The only alternative is to not think about such things in the first place, which I think is what most soldiers do - at least the grunts that actually get shot at.

Re:Open source government?

[MindStalker]

Also consider that your Social Security Number is also a secret the government keeps, (and occasionally leaks) you wouldn't want them to keep your tax records, etc for the world to see would you?

Re:Open source government?

bad people can be ever so problematic.

Re:Open source government?

[eriqk]

what can you call the deliberate murder of millions in Nazi Germany, Soviet Russia, Maoist China and Pol-Pot's Cambodia, other than evil?

People just doing their job.

Re:Open source government?

No offense intended but when U.S. soldiers are visiting a foreign country without authorization to steal its resources for the benefit of private U.S. corporations, killing anybody (kids included) on their way to the river of gold, targeting hospitals, schools and civilian houses with incendiary bombs, putting their own puppets at the top of a new local Gov. then, my friend, you can expect some form of protestations.

For one second, try to replace "U.S." in the above text by "China" -and "foreign country" by "U.S." and YOU would call those "bad guys" differently.

All of a sudden, they would become "patriots".

The same goes with computers: the NSA has planted countless traps in hardware and software - and it now finds that others are also able to take advantage of it.

Why create backdoors in the first place if you don't want to see others do that to you?

Re:Open source government?

[centervillewin]

I'm with you on this. I was in Iraq during the surge. I didn't agree with our reasons for being there, and frankly a democratic system is doomed to failure in Iraq, but when my buddy was killed by an IED it changed my entire perspective on who was defined as "bad". I find most of the Wikileak pundits out there tend to be very naive about our enemies. Total transparency would be a complete disaster. Most people aren't even able to put that information in the right context, and many of the people that can use the information want to kill us just because we are "Zionists"

Re:Open source government?

And before you propose to completely eliminate the military, remember 1939.

Strange how things today in the US parallel what happened on 1939 Germany. We are now a fascist government right out of Hitler's play book.

Welcome to Nazi Amerika.

Re:Open source government?

[Synonymous+Homonym]

why keep secrets at all, as a government?

Because we need the military to protect us.

The government is the military?

Re:Open source government?

ever shot at anyone ?

Anymore

[genfail]

"Anymore," really? I thought after three decades of high profile penetrations into government systems from every department would have taught them that they were never secure. From the first moment they hooked two computer together on a network one of them got hacked.

That makes two of us

[elrous0]

Yeah, well I consider my *civil rights* compromised. So I guess we're BOTH fucked, huh?

Re:That makes two of us

[mcgrew]

Wow, talk about bad moderation. 30% troll, 40% offtopic, 30% insightful? Too bad you can't comment in a thread you've moderated in, I'd live to see what's offtopic about the NSA, who the discussion is about, spying on American citizens without a warrant, which the patent rightly says is a violation of his rights? How is that in any way a troll?

Somebody please add another few "insightful" or at least "interesting" mods.

That's because they are.

[Mekkah]

Any time you have users, you are going to eventually get infected, I'm sure they have been and will be again, but it is the separation between valuable data and the users infected computers that they need to keep a handle on.

oh yay

im so glad no one in the comments actually read the story.

Think of systems as prisons

[devleopard]

In other words, no internal trust. You eliminate all assumptions in-house with the requisite sandboxes, minimal privileges, etc. Like prison: no one is your friend, you merely have alliances that can be severed at the moment that trust is no longer needed.

Re:Think of systems as prisons

[wjousts]

And don't drop the soap in the shower.

Re:Think of systems as prisons

[Paracelcus]

The operative philosophy is "need to know" you tell nobody anything that they don't!

One of the best simple firewalls is just non routable internal addresses.

Re:Think of systems as prisons

Tom, from IT, is that you? Shouldn't you be doing a back up?

Re:Think of systems as prisons

[StikyPad]

The difference is that in prison, trusting the wrong person can kill you. At best, trusting the wrong person at the place you work is likely to have a minimal impact, not to mention it's very hard to work in an environment where you trust no one, and no one trusts you. It goes against human nature, and people will naturally form bonds, *especially* when they're working together toward a common goal.

But aside from that, the circular logic of trusting people not to trust each other is flawless.

Now for TSA to make the same realization

[ColoradoAuthor]

Complete security is a fleeting deception. What we need is RESILIENCY to cope with the attacks (physical or cyber) which will inevitably occur. Wise people have known that for approximately forever (that's how we got this thing called the Internet, after all).

Re:Now for TSA to make the same realization

[GodfatherofSoul]

I just watched the documentary "Why we fight" based on Eisenhower's exit speech warning us about the Congressional Military Industrial Complex. One of his quotes was, paraphrasing, the pursuit of absolute security will bankrupt this country. It's just not achievable. Working over a guy's package just to get on a plane accomplishes nothing.

Re:Now for TSA to make the same realization

That might help against Denial of Service attacks, but how does "resiliency" prevent data leakage? One system compromised, one file (say an inbox) downloaded, nothing else touched, tracks covered as best possible. Where does "resiliency" protect against that sort of attack?

Or do you mean that we poor sysadmins who have to clean up after that sort of thing need resiliency? And Jolt, lots of Jolt. :)

Re:Now for TSA to make the same realization

[mlts]

Here is something that may not be on the front lines of security, but it does help with dealing with the after-effects of an attack -- the humble backup strategy in a company.

No, backups are not exciting like a new security appliance or software which is advertised like it can stop a zombie apocalypse in its tracks (IIRC, the only product that has this capability is Microsoft Forefront, claimed by their ads a couple years ago). Nor do they give bragging rights. However, if a machine gets nailed in an attack (and you know when the hit took place), a good backup policy means large downtime differences.

Lets take a simple company with one location. They have a backup server (can be anything... PC running Retrospect, or something higher end like an EMC Avamar). It used a pool of disks (RAID on a controller or a Drobo on the low end, tier 3 storage on a SAN, perhaps T2 if one machine has a really tight backup window), and then periodically copies the stuff stored on it to tape for offsite rotations or long term archiving.

An "acute" attack happens, where people find what the entry point was. Bare metal restores are doable and servers can be reloaded quickly and brought back into action with relative ease.

A "chronic" attack happens, where servers were compromised over time and knowing when the initial intrusion took place is hard to impossible. It would take some time piecing files back, but stuff can be recovered, assuming a decent tape rotation where every so often, tapes are stored indefinitely. However, it is almost certainly doable.

The worst case with doing backups like this is compromise of the backup server. Having multiple machines for different servers can help compartmentalize this risk, and since backup servers really only do a single function (ask a machine for data over a couple ports, get the data, and reverse on restores), they can be locked down thoroughly, even in their own VLAN with just the critical backup ports being available.

With this in mind, why are not backups focused on more in companies? Security is important, but second to that is the ability to get back running after a breach. Yes, backups are boring, but the security appliances are not going to get back a company's data if someone does get around them.

Re:Now for TSA to make the same realization

[ColoradoAuthor]

"Complete security" says: put up a barrier to prevent data leakage, then go to sleep until someone points out how that barrier can be breached.

"Redundancy" says: data leakage will happen. Yeah, do what you can to prevent it. But just as importantly, make sure that a single leak won't compromise all of your secrets at once, take measures to detect data leakage, and design the system to be quickly reconfigurable. Make sure your field operatives have a means of escape if their names are part of the leak. And perhaps provide the sysadmin with a fridge, a budget to use for their beverage of choice, and permission to hang a hammock. :)

Quick question

[lennier1]

Isn't that one of the most basic rules?
Always assume that a device on your network could become compromised. That's why the gods of microchips and junk food gave us the gift of layered security.

I Swear!

[FurtiveGlancer]

It wasn't me! And you can't prove it.

Duh

[PPH]

Any good security policy assumes that, if the system has not already been penetrated, it will be soon. There must be procedures for detecting intrusions, repairing weaknesses and plugging holes, and compartmentalizing data so as to minimize damage once a part of the system has been breached. And there needs to be ongoing R&D into the various techniques the enemy could use to break into systems and applicable countermeasures.

What scares me is that the NSA is "adjusting its actions accordingly". They should have been thinking this way from day zero.

Re:Duh

indeed. It's the well known (not by the NSA?) principle of defense in depth. Put up first line defenses but still make provisions in case/when they are overrun...

Re:Duh

What scares me is that the NSA is "adjusting its actions accordingly". They should have been thinking this way from day zero.

Doing what?

Adjusting?

Then once they had adjusted and something else happens, can they not adjust again...accordingly?

I'm not sure you know what 'adjust accordingly' means.

Re:Duh

They did - there was the rainbow series of books which documented how to stop information from leaking out of computer systems. They set a threshold at speeds over 100 bits/second. Simple things - no networking to outside world. No connectors to allow any external storage. Even the keyboards wouldn't have indicator lights as these could be toggled on and off. No color palettes in the window system, as information could be shoved and retrieved through the X-windows server. You could perform an airport-style security sweep to make sure nobody took anything electronic in with them, or documents out.

But suppose someone did sneak in a mobile phone The video recorder/camera could be used to record information off a screen. At the simplest it could just be a binary dump using # and spaces. During the 1980's the BBC ran a computer education program that allowed peopled to download information using a basic light sensor (ORP12) attached to a digital-analog converter and RS232 port.

Re:Duh

[hkz]

You're not a programmer, are you?

Good for them

[mewsenews]

If you've played around with any rootkits you know how devious an attacker can be with your system. If you read about the Gawker story, they had a couple signals that their systems were compromised but nothing catastrophic had happened so they carried on their merry way.

This is how most businesses are approaching IT security: if it ain't broke, don't fix it.

It almost takes a govt organization to sit down and say "wait a minute, we could be hacked and not even know it". Especially a very, very high profile target like the NSA. They're facing legions of hackers funded by foreign governments. This isn't the dawn of the Internet anymore, it has to be taken seriously.

Levels of security

[formfeed]

Many large organizations still operate under the bad internet vs. good intranet principle.

What considering "the assumption that various parts of their systems have already been compromised" means is that you go away from that model.

There can be multiple levels, walls between various areas, zones according to task, etc. And the auditing system can be much more complex than a firewall.

Think of something like the "unusual activity" trigger software for your credit card. Low ranking security person reading a low level cable? -fine. Reading 10000 cables in one hour? very unusual.

The NSA know their stuff, I see this talk not as someone admitting that they are compromised, but as someone talking shop.

Re:Levels of security

[LWATCDR]

Well the problem is basically a new tyranny of numbers problem.
As systems get more and more complex the harder they are to deal with. In this case to secure.
At one time you had a lot of physical security and frankly at best dial up speed or frame relay connections to deal with.
Now so many systems are interconnected that security is a completely different game.

Re:Levels of security

[H0p313ss]

The NSA know their stuff, I see this talk not as someone admitting that they are compromised, but as someone talking shop.

Correct. Any intelligence organization of any value always assumes they could already have been compromised, and not just electronically. Every task, every group, every department is compartmentalized and separately secured both physically and in terms of networking.

Is connectivity to the www required

Why would the NSA want to open their network to the world wide web? Surely they keep sensitive stuff in a closed network that has many controls on the machines and users? But then they would have to employ people that know what their doing to manage it all.

But my guess is they outsource and don't know how to actually check themselves. She should ask Gary McInnon for help, I'm sure he would offer his advice if the NSA could convince Obama that he's not a terrorist and shouldn't be extradighted. And the fact is cost so much (apparenly) to put right just shows how poorly they systems were managed. I am a system admin and if anyone f@*cks with our system, I have all the essential data backed up in a virtual machine. So even if the server dies, it takes me 10-20 mins to setup and get running on another machine.

It seemed odd that just by getting into a univeristy server as admin, he was able to connect to the Pentagon and possibly even the NSA?

Re:Is connectivity to the www required

Why would the NSA want to open their network to the world wide web? Surely they keep sensitive stuff in a closed network that has many controls on the machines and users? But then they would have to employ people that know what their doing to manage it all.

The NSA's classified networks DO NOT connect to the WWW, however they (probably) have multiple internal networks that are compartmentalized from each other, and some of those networks (probably) connect to the networks of other government agencies, which again in turn might connect to other networks, etc. So it is in the NSA's interest to be secure at all those points where their networks connect to something outside their control. In other words, they are assuming that something, somewhere in that massive connection of networks is compromised and are acting accordingly.

Not to mention that all of these various government classified networks connect to each other through the same commercial backbones that your home connection does, just the government networks use uber-encrypted tunnels to secure their traffic. The agency I work for connects all of its tier 1 sites via redundant, high-bandwidth MPLS connections just like any other major corporation does, except we use military grade encryption hardware on the endpoints, and even then there are firewalls/IDS/sniffers/etc between sites to provide more layers of security in the event a site gets compromised.

Password

[skrimp]

So, are you saying I should change the password on my router?

Security is easy...

You just do 2 things:
1) Don't network the computer.
2) Have the computer electrocute anyone that touches it.
Simple really!

What?

[natehoy]

What? You mean there's another option?

Any network administrator worth half their income should always consider their LAN to be compromised. That's why you use secure transfer protocols to transfer any data containing any sensitive information between company systems. That's why you have active network monitors that turn off network ports when they encounter an unknown MAC address. That's why you don't allow anonymous logins to your active directory, and you strictly control access to everything by at least department.

Security is done in layers. Firewalls can and will be breached. If it is, your goal is to slow the attacker down until you can detect the breach and close it. Honeypot servers, data encryption, network segmentation, network resource security, all of these things are vital.

Re:What?

[hadrins]

Now if you could only get software vendors to pay attention to that rule.
I will be happy the day I don't have to give a user admin right on the local machine to be able to use some database software that is just pulling UNC path files.

Re:What?

[zero0ne]

If only my company paid attention to this...

Re:What?

For a little perspective, you're speaking well above the resources and competency available to about 90% of the operating businesses in the US alone.
 

Re:What?

[natehoy]

If you're dealing with any sort of sensitive information on your network and you are dependent on vendors who make you configure your computers insecurely to get the job done, you (as a company, not necessarily as an individual) didn't do your homework in vendor selection, and that selection is putting your data at risk.

You personally may have had nothing to do with the software selection, but a word to the wise: there are few things more detrimental to your IT resume than having the name of a company well-known for a major data breach on there.

Re:What?

Yeah, YOU think about that the next time you go see a doctor that doesn't have an IT dept.

Networks are like sex

If you don't want to get viruses(kids), you don't get on a network(have sex).
Sure there are ways to lower your chances of viruses(kids), such as firewalls(condoms), but it's not going to work 100%

Re:Networks are like sex

[chichilalescu]

I remember reading about people being able to read into your computer through fluctuations in the power line. I hope I remember correctly.
anyway, once that option is there, the only way to keep safe is to turn off the computer.
I have a friend who told me ten years ago that if I want to keep my data private, I have to unplug the network cable, turn off the computer and then unplug the power cable. strangely enough, he wasn't talking about sex.

Re:Networks are like sex

If that's true, what's a thumb drive?

Re:Networks are like sex

[WindBourne]

Putting your thumb into a hole and then driving it in further?

Re:Networks are like sex

> I remember reading about people being able to read into your computer through fluctuations in the power line.
Sounds dubious.
However, it is possible to trace power at the board level, and that -might- reveal useful information.

MOD THIS GUY UP

[careysub]

Wish I had points myself.

This sounds familiar...

[hoshino]

“The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive “secrecy tax”) and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaption. Hence in a world where leaking is easy, secretive or unjust systems are nonlinearly hit relative to open, just systems. Since unjust systems, by their nature induce opponents, and in many places barely have the upper hand, mass leaking leaves them exquisitely vulnerable to those who seek to replace them with more open forms of governance.”

So Julian Assange is succeeding in forcing conspirators (according to him) to increase the cost of carrying out their conspiracies and perhaps eventually turn on itself out of paranoid?

Actually, that also sounds like one of those "the terrorists have already won" arguments, depending on your perspective of Assange's agenda.

They didn't say they had been penetrated.

[whizbang77045]

If I read the post correctly, the NSA did not say their computer network had been compromised, They said they worked under the assumption that it had been. The two are not the same thing. Any intelligence organization must work under the assumption that it has been penetrated. This does not mean that the organization does not do everything in its power to avoid this, but that, knowing the opposition is trying to penetrate, the best assumption operationally is that the penetration has already occurred.

Re:They didn't say they had been penetrated.

[WindBourne]

Any DECENT intelligence organization must work under the assumption that it has been penetrated.

There, I fixed that for you. The problem is that groups like DOD, FBI and DHS are both pretty worthless when it comes to Security. And yes, all 3 are in that group because they use things like WIndows as well as standard systems from China, even equipped with open USB and ignored NSA recommendations. Even when NSA said ABSOLUTELY NOT TO USE WINDOWS ON ANY NETWORK, All 3 of the others did and continue to use it. And when NSA was pushing Trusted systems only (such as Trusted Solaris, Trusted AIX, etc) WRT to networked apps, the other groups jumped on WIndows and then declared that their systems were secured. Even now, the DOD has shut down most USB (not all) but will remain on Windows and have gone back to declaring that their systems are Secured.
In light of Wikileaks, I am just amazed that America still exists. It is because of groups like this that have allowed CHina to steal just about anything that they want.

Of course...

[forkfail]

... this may all just be an NSA honey pot...

solution

maybe what the NSA needs are LESS robust-muscular-manly firewalls?
fickle, doggy firewalls. and a sh1tload of 'em.
if you fiddle around with it "too much", it just virtually blows up. nothing in, nothing out. safe!

you can call it the nitroglycerin fire-veil.

it very similar to the TSA. if you make a fuss about "whatever", you'll never get on the flight.
"thread lightly. you are threading on my dreams."

Which network?

Which network are they referring to?

Their primary network, accessible to the Internet, and partially from? Or, their black-holed standalone secure network, that is presumably 100% audit-able given clearance? Or have both been compromised?

Manufacturing is key

[J4]

The fact that we outsource chip fabrication ought to be a clue as to why they can't pretend any more.
OT: It's even money that every piece of military hardware with computers has an illicit kill switch embedded in it.

Game over USA.

Re:Manufacturing is key

It's not exactly trivial to totally rework a chip design and put in a kill switch or anything else. Not to mention, a lot of chip manufacture is done in stages that very likely would be done at different vendors. If one shop reworked the layout of one layer, future layers would most likely not match up and the device would simple not work. You should worry more about the software being compromised and less on the idea that the hardware was manufactured compromised.

Re:Manufacturing is key

[smellsofbikes]

I've posted about this many times before. I work for a semiconductor design and fab company. We have fabs overseas, of course. But we also have a prototype fab at our head office, in California, and right beside it we have a military fab. Any design that anyone wants fabricated with a guarantee of security, we'll run, with their engineers involved at every step of the way, with 100% verification, if they're willing to pay enough. And apparently -- I don't know this because I don't have access to this kind of information, but I'm told so by people who do -- most all the fab we do for military/DoD stuff is done in our secure fab, with different chip numbers. Even if it's a chip we fab overseas, they redo the chip design, fabricate it, package it, do on-die and in-package testing, applications engineering, and product engineering, entirely at that one site, with the customer as involved as the customer wishes to be. Since we also do work for many, many other companies, and I know our marketing and sales people are smart and aggressively interested in attracting business, I strongly suspect that we use our capability of making chips that are as secure as the customer wants, as a sales pitch. That means anyone who is buying chips overseas is doing so because price is much more important than security, and they get what they want. Anyone who cares about security has verification options, and I'm going to assume that anyone whose job depends on keeping stuff uncompromised is buying from sources where they can verify what they're getting.

Security

[theamarand]

It always makes sense to operate based on the assumption that you may already be compromised. If you take a look at your data, and you think that impenetrable firewall is going to keep people from accessing it, you're delusional. Security, or lack thereof, is measured in time. If what you're securing is important, the question is not can this information be accessed but how long until it can be accessed. Compartmentalization is an important part of any security plan. Finding ways of keeping people out is something the security field has been working on for ages. Have different passwords for everything. Change passwords regularly. Audit data accesses. Watch for suspicious behavior. Keep off-site backup of data and forensics information. Create different subnets and VLANs to segregate traffic. Train all employees in basic security measures. Ensure that no employees are above security - no backdoors, everything audited. I'd say the most important thing to recognize, though, is exactly what they said: unless a resource is sitting in a heavily-guarded Faraday-cage, inside a vault, turned off, and not connected to anything else, it can not be considered 100% secure. Everything else is risk management.

This is news?

[roc97007]

>no computer network can be considered completely and utterly impenetrable

C'mon, this is news? Have we learned nothing in the past 30 years? When I did military design in the eighties, "secure" was keeping the computer in a locked, shielded, windowless room with an armored door and NO NETWORK CONNECTION.

Data transfer was done extremely carefully via disk packs, with many checks and balances.

Once we had to push out a huge (for the time) amount of data to the staging equipment cage, more than we could reasonably handle by moving disk packs around. The cage was cut off from the local LAN during the transfer, and a single data cable was temporarily run along the ground from the computer room to the cage, with a guard at the door until the transfer was complete and we could seal up the room again.

Even then, I wouldn't call that completely and utterly impenetrable, just extremely difficult to penetrate.

'There's no such thing as "secure" any more'

[roc97007]

Seriously, there never was. There are just more attack vectors now.

This has more to do with equipment

[WindBourne]

The fact is, that because the equipment is coming from China, then it is certain that it is loaded with backdoors. And it is coming more and more. The west MUST convince companies to bring back their manufacturing, OR start supporting companies that DO the manufacturing local. This is more true of the American gov. than any other.

Re:This has more to do with equipment

[blackanvil]

I have long maintained that for the military to outsource any aspect of production of war materiel to a foreign country, no matter how friendly, is a serious mistake and a security breach waiting to happen. Sadly, I suspect it will take a incident of epic proportions to drive this home, at which point it will most likely be too late.

Re:This has more to do with equipment

[WindBourne]

I hope that you are wrong. At this point, I think that DOD needs to put requirements that all of our weapons and supplies come from friendly nations only and that ideally, we get a lot more from America.

The sky is falling!

[chucklebutte]

The sky is falling! The sky is falling! Since it is falling, and no one is safe and everyone is coming to get us, can we stop with all this foolishness? Airport molestation, terror alerts and watches, razors in Halloween candy etc. Can we just go back to being logical human beings? Or am I asking for too much again?

Organization size

[drolli]

Any organization with 50 people or more should consider the network compromised an segment it into isolated sections (That is VPNs not VLANs).

No Wonder

Look at the NSA logo- they put an image of their key on it.

In other news...

[prodevel]

water wet, sky blue.

if you've ever chatted to their A.I. you know why.

A.I.: I'm a blabbermouth
Human: So, you're a computer then.
A.I.: Yes and a secure computer too
Human: But you work for the NSA???
A.I.: What's that got to do with anything?
Human: So you admit it?
A.I.: Damn it!

Signals intelligence

[psydeshow]

I've been reading James Bamford's /Body of Secrets/, a gigantic tome about the history of the NSA, circa 2001. When you think about the kind of stuff that the NSA and other government's signals intelligence services were able to listen in on in the early 1960s, it is absolutely no surprise that they have trouble hiding secrets today.

Even before they had microcomputers to do the work, they were pulling off incredible stuff. They used to look for radar signals reflected off of Soviet test missiles in order to determine the location and type of radar installations that they couldn't get close to. They knew where atmospheric conditions would allow them to listen in on signals from the other side of the planet. They were bouncing ship-to-HQ communications off the goddamn moon. I'm only up to 1970 in the book, so they are still limited by the need for human hands to tune receivers and point antennas, and recording signals on reel-to-reel tape.

So think about what the best and brightest could do with analog equipment and human operators, and extrapolate forward through the digital revolution. A single throwaway drone probably has as much sigint capability as a whole ship full of spies and millions of dollars of equipment did back in the day, if not more. Software radio? Flash storage? Map-reduce to tease patterns out of the data? We're all screwed. And anything the NSA has, other governments are likely to have as well.

The fact that someone admitted as much means that it has probably been so for at least ten years. Amazing stuff.

Now for DOD, CIA, NSA to make a bigger realization

[Paul+Fernhout]

From: http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html

Military robots like drones are ironic because they are created essentially to force humans to work like robots in an industrialized social order. Why not just create industrial robots to do the work instead?

Nuclear weapons are ironic because they are about using space age systems to fight over oil and land. Why not just use advanced materials as found in nuclear missiles to make renewable energy sources (like windmills or solar panels) to replace oil, or why not use rocketry to move into space by building space habitats for more land?

Biological weapons like genetically-engineered plagues are ironic because they are about using advanced life-altering biotechnology to fight over which old-fashioned humans get to occupy the planet. Why not just use advanced biotech to let people pick their skin color, or to create living arkologies and agricultural abundance for everyone everywhere?

These militaristic socio-economic ironies would be hilarious if they were not so deadly serious. Here is some dark humor I wrote on the topic: A post-scarcity "Downfall" parody remix of the bunker scene. See also a little ironic story I wrote on trying to talk the USA out of collective suicide because it feels "Burdened by Bags of Sand". Or this YouTube video I put together: The Richest Man in the World: A parable about structural unemployment and a basic income.

Likewise, even United States three-letter agencies like the NSA and the CIA, as well as their foreign counterparts, are becoming ironic institutions in many ways. Despite probably having more computing power per square foot than any other place in the world, they seem not to have thought much about the implications of all that computer power and organized information to transform the world into a place of abundance for all. Cheap computing makes possible just about cheap everything else, as does the ability to make better designs through shared computing. ...

There is a fundamental mismatch between 21st century reality and 20th century security thinking. Those "security" agencies are using those tools of abundance, cooperation, and sharing mainly from a mindset of scarcity, competition, and secrecy. Given the power of 21st century technology as an amplifier (including as weapons of mass destruction), a scarcity-based approach to using such technology ultimately is just making us all insecure. Such powerful technologies of abundance, designed, organized, and used from a mindset of scarcity could well ironically doom us all whether through military robots, nukes, plagues, propaganda, or whatever else... Or alternatively, as Bucky Fuller and others have suggested, we could use such technologies to build a world that is abundant and secure for all. ...

We the people need to redefine security in a sustainable and resilient way. Much current US military doctrine is based around unilateral security ("I'm safe because you are nervous") and extrinsic security ("I'm safe despite long supply lines because I have a bunch of soldiers to defend them"), which both lead to expensive arms races. We need as a society to move to other paradigms like Morton Deutsch's mutual security ("We're all looking out for each other's safety")
http://www.beyondintractability.org/audio/morton_deutsch/?nid=2430
and Amory Lovin's intrinsic security ("Our redundant decentralized local systems can take a lot of pounding whether from storm, earthquake, or bombs and would still would keep working").
http://en.wikipedia.org/wiki/Brittle_Power

Networks are provably secure

Networks are provably secure however this means no MS exchange so it doesn't fly. Firstly you need to define what you mean by secure and secondly you have to listen, understand and accept what your being told. The really dumb thing is that MS windows systems are being used in TS environments and they wonder why shit went wrong.

launch codes for 12-17-10:

[swschrad]

2,6,11,24,42, and the booster-charge ball is 23. remember, never gamble more than you can lose.

Never trust the truth, get the facts!

[OldHawk777]

I guess, the important NSA stuff ain't on the internet. Layers and boxes compartmentalized into private networks. I suspect there are honey-pots and null-spots where information is fully qualified disinformation. In the world of games, the rules are made by the OEMs/OSDs/OSPs..., and some rules you will play by even when you had no idea there was a rule.

So,
Are they asking for more money?
Are they gaming the game?
Do you want to play?

Oh wow, they did something right for once!

Wow thats great news, NSA finally standing up and talking like a reasonable security person.

'There's no such thing as "secure" any more,

Anymore hmm? You mean there was a time where you were smarter and better than you are now?....... :\

' she said to the attendees of a cyber security forum

Ahh yep, there you go ya lost me again.

How many billions

of tax dollars do the various contractors involved owe the American people for their disfunctional security?

War is a racket by Smedley D. Butler, USMC

[Paul+Fernhout]

http://www.lexrex.com/enlightened/articles/warisaracket.htm
"Written by Two-Time Congressional Medal of Honor Recipient Major General Smedley D. Butler, USMC, Retired
CHAPTER ONE: WAR IS A RACKET

WAR is a racket. It always has been.

It is possibly the oldest, easily the most profitable, surely the most vicious. It is the only one international in scope. It is the only one in which the profits are reckoned in dollars and the losses in lives.

A racket is best described, I believe, as something that is not what it seems to the majority of the people. Only a small "inside" group knows what it is about. It is conducted for the benefit of the very few, at the expense of the very many. Out of war a few people make huge fortunes. ..."

=====

Great poem.

Is a racket why the people "on the other side" "need killing"?

Part of how things got this bad:
http://www.johntaylorgatto.com/chapters/7a.htm

See also, on the irony of it all:
http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html

Kerckhoffs's Principle

[Barkmullz]

Kerckhoffs's Principle states:

A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.

I thought this was just common sense.

Rethinking security so it is intrinsic and mutual

[Paul+Fernhout]

Thank you for your willingness to risk everything for your nation.

Still, would it not be better if our nation adopted a defense posture that focused on intrinic and mutual security? Maybe then we would not need to have so many "secrets". Is security by obscurity really such a good thing, whether in cryptography or on the ground soldiering?

From what I suggest here:
    http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html

===

The big problem is that all these new war machines and the surrounding infrastructure are created with the tools of abundance. The irony is that these tools of abundance are being wielded by people still obsessed with fighting over scarcity. So, the scarcity-based political mindset driving the military uses the technologies of abundance to create artificial scarcity. That is a tremendously deep irony that remains so far unappreciated by the mainstream.

We the people need to redefine security in a sustainable and resilient way. Much current US military doctrine is based around unilateral security ("I'm safe because you are nervous") and extrinsic security ("I'm safe despite long supply lines because I have a bunch of soldiers to defend them"), which both lead to expensive arms races. We need as a society to move to other paradigms like Morton Deutsch's mutual security ("We're all looking out for each other's safety")
http://www.beyondintractability.org/audio/morton_deutsch/?nid=2430
and Amory Lovin's intrinsic security ("Our redundant decentralized local systems can take a lot of pounding whether from storm, earthquake, or bombs and would still would keep working").
http://en.wikipedia.org/wiki/Brittle_Power

There are lots of alternatives I helped organize here for helping transcend an economy based around militarism and artificial scarcity:
http://knol.google.com/k/paul-d-fernhout/beyond-a-jobless-recovery

Still, we must accept that there is nothing wrong with wanting some security. The issue is how we go about it in a non-ironic way that works for everyone. The people serving the USA in uniform are some of the most idealistic, brave, and altruistic people around; they just unfortunately are often misled for reasons of profit and power that Major General Butler outlined very clearly in "War is a Racket" decades ago. We need to build a better world where our trusting young people (and the people who give them orders) have more options for helping build a world that works for everyone than "war play". We need to build a better world where some of our most hopeful and trusting citizens are not coming home with PTSD as shattered people (or worse, coming home in body bags) because they were asked to kill and die for an unrecognized irony of using the tools of abundance to create artificial scarcity.

"Universal Precautions"

[Luveno]

In healthcare, we called this approach "universal precautions" - everything you touched was infected with a super HIV/Ebola/cock-rotting-disease and should be treated as such. Trust nothing, ever. Inconvenient, yes. Safe, yes.

And it is all ironic..

[Paul+Fernhout]

http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html
"Likewise, even United States three-letter agencies like the NSA and the CIA, as well as their foreign counterparts, are becoming ironic institutions in many ways. Despite probably having more computing power per square foot than any other place in the world, they seem not to have thought much about the implications of all that computer power and organized information to transform the world into a place of abundance for all. Cheap computing makes possible just about cheap everything else, as does the ability to make better designs through shared computing. I discuss that at length here: http://www.pdfernhout.net/post-scarcity-princeton.html
    There is a fundamental mismatch between 21st century reality and 20th century security thinking. Those "security" agencies are using those tools of abundance, cooperation, and sharing mainly from a mindset of scarcity, competition, and secrecy. Given the power of 21st century technology as an amplifier (including as weapons of mass destruction), a scarcity-based approach to using such technology ultimately is just making us all insecure. Such powerful technologies of abundance, designed, organized, and used from a mindset of scarcity could well ironically doom us all whether through military robots, nukes, plagues, propaganda, or whatever else... Or alternatively, as Bucky Fuller and others have suggested, we could use such technologies to build a world that is abundant and secure for all. "

Or try open manufacturing...

[Paul+Fernhout]

... for intrinsic/mutual security: http://groups.google.com/group/openmanufacturing
http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html

Compartmentalization has its downsides

[Paul+Fernhout]

http://www.t0.or.at/delanda/meshwork.htm
"Indeed, one must resist the temptation to make hierarchies into villains and meshworks into heroes, not only because, as I said, they are constantly turning into one another, but because in real life we find only mixtures and hybrids, and the properties of these cannot be established through theory alone but demand concrete experimentation."

Compartmentalization can lead to lots of secrecy ("need to know"). Secrecy helps some things, but it also makes it easier for snakes to hide inside something, or for people to be unable to "connect the dots". I heard about one sociology professor who said, studying movies, that the "good guys" always win because they have better communications than the "bad guys". There are endless books about how organizations can improve their internal communications for greater effectiveness. Also, consider that analysis is about putting things into compartments, but synthesis is about putting things together, and both are important for creative problem solving, and the needs of our society seem to be shifting towards creative synthesis:
"RSA Animate - Changing Education Paradigms"
http://www.youtube.com/watch?v=zDZFcDGpL4U

What good is a "secure" organization if it can't perform its primary function (whatever that is) very well?

There are always tradeoffs of security vs. effectiveness/useability. See:
http://www.schneier.com/blog/archives/2009/08/security_vs_usa.html
Which links to this:
http://jnd.org/dn.mss/when_security_gets_in_the_way.html
"The numerous incidents of defeating security measures prompts my cynical slogan: The more secure you make something, the less secure it becomes. Why? Because when security gets in the way, sensible, well-meaning, dedicated people develop hacks and workarounds that defeat the security. Hence the prevalence of doors propped open by bricks and wastebaskets, of passwords pasted on the fronts of monitors or hidden under the keyboard or in the drawer, of home keys hidden under the mat or above the doorframe or under fake rocks that can be purchased for this purpose. We are being sent a mixed message: on the one hand, we are continually forced to use arbitrary security procedures. On the other hand, even the professionals ignore many of them. How is the ordinary person to know which ones matter and which don't?"

One might expect people at the NSA to be quite a bit more disciplined and trained than average, but certainly this point holds for other organizations.

And about another three letter agency (quoting from Wikipedia) apparently struggling with compartmentalization:
http://www.pdfernhout.net/on-dealing-with-social-hurricanes.html
"All of this has the effect of making it hard for DI analysts to interact even with the classified outside world. The CIA view is that there are risks to connecting CIA systems even to classified systems elsewhere. Mitigating those risks sends implicit messages to analysts: that technology is a threat, not a benefit; that the CIA does not put a high priority on analysts using IT easily or creatively; and, worst of all, that data outside the CIA’s own network are secondary to the intelligence mission."

And links on open alternatives for most of any nation's intelligence needs:
http://pcast.ideascale.com/a/dtd/76207-8319
http://groups.google.com/group/openmanufacturing/msg/2846ca1b6bee64e1
http://www.phibetaiota.net/abou

hypocritical definitions

As far as I am concerned anyone who shoots at me is by definition a "bad person", no matter what their initial motivation may have been.

Starting with your definition of bad: since the US fired the first shots at Afghanis, whom is bad? Since the US fired the first shots at Iraqis, whom is bad? Since the US may (will?) fire the first shots at Iran, whom is bad?

Better title - NSA not delusional of impenetrable

[George_Ou]

Better title is "NSA not delusional of impenetrable networks".

Well no shit

[Legion303]

I would be extremely concerned if the NSA did NOT operate under the assumption that parts of their operation were compromised. It's not a good security strategy to blindly assume that everything is running perfectly and that no one's ever going to find a way in.

Re:Now for DOD, CIA, NSA to make a bigger realizat

[jaxle]

It is easier to destroy rather than create.

Meaning:

1. It is cheaper, less time consuming, simpler, and requiring of less knowledge to build a robot that blows up something rather than build that something.
2. It is cheaper, less time consuming, simpler, and requiring of less knowledge to create and enormous chemical explosion rather than capture controllable energy.
3. It is cheaper, less time consuming, simpler, and requiring of less knowledge to destroy biological cells than to change them.

It is easier to kill people off than facilitate a peaceful co-existence with technological solutions.

Re:Now for DOD, CIA, NSA to make a bigger realizat

[Paul+Fernhout]

Yes, sadly, that is all true, it is usually easier to destroy rather than create.

But, it does not change the main point about the moral and practical choices we make every day as human beings and how they can be ironic and counterproductive if we use the technologies of abundance from an assumption of scarcity.

Also, I might argue that for some people, destruction being easier than creation makes it less of a challenge and so less fun. :-)

Or to put it another way, it is in a sense "easier" as far as total time involved for people to kill themselves than to spend a lifetime involved in life -- but generally most people decide that making the effort to be engaged in life is worth it because they have things about life they value (family, friends, hobbies, children, spirituality, sensuality, community, humor, honor, singing, dancing, eating, reading, writing, whatever). In fact, for most people, there is not even a choice -- our body just keeps going and keeps us engaged (barring depression, which can often be treated in various ways ranging from vitamin D, to omega-3s, to eating more healthy food and less junk food, to a positive spiral of social-talk and self-talk, and so on).
http://slashdot.org/comments.pl?sid=1692444&cid=32644166

Our society needs to decide whether it wants to continue of the current (statistically likely) suicidal path of self-destruction or if it wants to reform. Why use the nukes, warbots, plagues and nanotech and whatever else to fight over what? Oil and slaves and racism and stuff, when we could just use the tech to make what we wanted? It remains ironic, even if it is indeed "easier" to just let the society destroy itself. Nobody ever said life was going to be easy. It is a choice.
http://knol.google.com/k/paul-d-fernhout/beyond-a-jobless-recovery#Four_long(2D)term_heterodox_alternatives

Still, a deeper philosophical issue is that we apparently can't create without destroying something else (even just a different future possibility). So, reality is always throwing us curves in simple analyses. But, be that as it may, it seems stupid for everyone to kill each other off for a "racket".
http://www.lexrex.com/enlightened/articles/warisaracket.htm

Also, on a practical basis, it is not normal for humans to kill each other without some specific heated emotional interpersonal quarrel. Soldiers in earlier wars like WWI rarely fired their weapons, and when they did, aimed to miss -- only a few soldiers way back when did most of the killing. It is only in the last 50 years or so that the US military and other militaries have refined their indoctrination techniques to be able to turn most human beings into killers of people they have no personal quarrel with. Though the military may not have given much thought about what to do with the killers after the wars are over (if the wars ever are over -- how many wars is the USA fighting now and when will they ever be over?) Now push-button drones make that even easier as soldiers in air-conditioned offices near where they live with their families are not apparently killing people -- they are just pressing a few buttons that affect fuzzy blips on a video game screen. Is that "progress"?

As Godfrey H. Hardy said in disgust:
http://www-history.mcs.st-and.ac.uk/Quotations/Hardy.html
"A science is said to be useful if its development tends to accentuate the existing inequalities in the distribution of wealth, or more directly promotes the destruction of human life."

Freeman Dyson talks about that here:
http://books.googl