Slashdot Mirror
NSA Targeting Domestic Computer Systems
The NSA was originally supposed to handle foreign intelligence, and leave the domestic spying to other agencies, but Presto Vivace writes with this bit from CNET: "'The National Security Agency's Perfect Citizen program hunts for vulnerabilities in 'large-scale' utilities, including power grid and gas pipeline controllers, new documents from EPIC show.' 'Perfect Citizen?' Who thinks up these names?"
"The program is scheduled to continue through at least September 2014," says the article.
'Perfect Citizen?' Who thinks up these names?"
Answer in subject line.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I am not a number i am a free man..... ...infor-matin infromation
we want
People seem to forget that Intelligence gathering is only part of NSA's mission.
They are also tasked with ensuring the security of the nations computers, cryptosystems and more recently critical infrastructure. But people will believe what they want to believe, so any more when people ask me if stuff in Enemy of the State is accurate I tell them 100%. They're not likely to believe that no, it could actually take weeks-months to get reliable intel data and it's usually generated by some analyst that's 17-25 years old sitting in some windowless building with a crappy computer.
And who better than somebody who knows how the other side thinks?
So the NSA is looking at the vulnerabilities over stuff deployed in USA ? What is the problem ? They also have a mission of protecting and giving advice for the national security ( heck, national security agency, do people fail at english comprehension test ? ).
NSA publish guides on how to secure linux or windows, do explain what the federal agency should do to be secured, so that seems logical to do the same for lots of things not "computer" related, if that can be used to disrupt the country. That's not different from checking a router for problem, or checking a phone if officials use them.
That's truly a fucking non news.
>hunts for vulnerabilities in 'large-scale' utilities
It's not like they're spying wholesale on American citizens...wait, they're already doing that, too.
I think the whole foreign/domestic spy division is pretty much gone at this point. Not saying it's right, just the reality.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
'Perfect Citizen?' Who thinks up these names?"
People who are so deluded they think destroying our way of life is the same as saving it.
#fuckbeta #iamslashdot #dicemustdie
The NSA is tasked with collecting intelligence from foreign sources as well as securing US government information systems from attack. As the private entities listed are components of our nation's critical infrastructure, keeping them secure is probably a good idea. I wouldn't wait for Siemens and its ilk to step up to this task.
Its probably not a perfect separation of government, private industry, domestic and foreign intelligence tasks. But since the NSA has the expertise, I say let them help out. Its not like operating utilities and other infrastructure companies isn't already subject to extra regulation and oversight. Its just a shame the SEC/CFTC doesn't keep as close an eye on our banks.
Have gnu, will travel.
is that project names are composed of two really really random words, whose combination is rejected
if its really too whack.
which doesn't explain why they could have a project named 'perfect citizen'
peopel who get in based on know they kown or who can make the biggest pay off.
NSA was always the domestic counterpart to the CIA, which is only chartered to operate outside our borders.
This is a good idea. The NSA should take on these sorts of roles because domestic computer systems are notoriously insecure.
The real question is whether or not the NSA has the expertise to pull it off.
What you do is called "FUD". Spreading unsubstantiated fear against a very useful privacy tool. How exactly do they subvert TOR by monitoring exit routers ??
Your objective is to have as few people as possible using TOR, because it is actually a pain in the arse of your org.
..for CIA to operate on US soil. And the FBI is very much capable of spreading lies and disinformation on their own. Then there are present and former members of the armed forces who can always be counted on to play the thugs in a dirty game. They are accustomed to believe the lies they are told by their former COs and their buddies. All very informal, no paperwork generated at all.
Does not include physical violence in Pax Americana Land, as that would bring police into picture. But most people can be "effected" with other means such as rumors, lies, slander, sex, marriage and some dark tricks you cannot find in any textbook. It works mostly optically and there is not more than a eyeglasses involved. It is called MK1 eyeball. If you are interested, start training with a cat and learn what effects you can get on the cat just using your eyes.
That is one reason some people wear windshield-class glasses; it protects against optical attack by opposing eyes.
..is quite unproven. What IS proven is that they simply ignore rules about "US persons" and such. Their intercept gear is in the exchanges and everybody knows. They have presidential authority to do so and the courts don't challenge it. You know, "terrorists".
Also, police agencies of all levels (including FBI) operate humint assets. Which is in their charter ("drugs", "weapons trafficking", "terrorism")
This sounds like the NSA is doing the sort of thing that it ought to be doing: protecting the national interest by finding vulnerabilities in critical infrastructure and patching the holes. If reports emerged that it was also, say, having a look around and vacuming up data on service provider's customers while it was in there that would be different, but I see no suggestion of that in the article. Why not have the NSA do penetration testing?
This seems like a *useful* thing for the NSA to be doing. I worry that our domestic IT infrastructure is weak. I would rather the NSA find out what's broken and make the companies fix it rather than Iran, China, or North Korea.
Infosec is part of the NSA brief, and the function is unclassified, so it isn't news. You'll remember this when some scriptkiddy turns your power off, while you were complaining that NSA shouldn't be doing this type of network testing to prevent it from happening.
http://www.nsa.gov/ia/index.shtml
There was an unknown error in the submission.
There is ZERO reason for SCADA systems to be connected to the Internet.
You are being MICROattacked, from various angles, in a SOFT manner.
A hall monitor has more authority than these clowns. You could have anyone of these guys arrested by the lowliest tin pot county deputy and they'd be hard pressed to have him released.
As far as I know from the comments here? Sounds like they're doing pen-testing of critical institution's code & network infrastructure...
Anyhow/Anyways:
* Hey - THAT IS NOT A "BAD THING" (assuming that IS all they're doing that is - I tend to believe it, for now @ least) & it's GOOD someone's doing it, before 'hacker/cracker' types do!
APK
P.S.=> There's a LOT of distrust of these security agencies, but this doesn't sound like they're doing anything "fishy", & actually a GOOD effort...
... apk
With the homeland security monolith growing into a huge machine that consumes cash and excretes bullshit and the FBI and CIA so dysfunctional and jealous that the FBI managed to depose the head of the CIA on "moral" grounds it actually makes sense to pass things over to a bunch that look like they actually work for a living, no matter what their current responsibilities are.
Look up the MN gov Ventura who 1st let the cat out of the bag about the CIA having operatives in local governments.
I've been working on a movie scrip for some time.
The plot involves a President who issues a Secret Executive Order.
The 'Order' with other 'recent' events inadvertently and ultimately sends legions of the Local Police, FBI, DoD and DHS after his 'scalp'.
So my advice to President Obama and his 'secret executive orders,' 'Careful with that ax junior!'
XD
Apparently Thin Thread is not dead, and not only that, the civil liberties and oversight protections have been cheerfully scrapped, and the rest has been expanded to bring abuse of civil liberties not to a foreign audience, but rather, to a domestic one. Why bother having elections when the director of the NSA has all the powers of the worst of the worst police states of the last 100 years. No judicial, political or civilian oversight, unlimited powers, unlimited budget (in the name of national security you can expand it to consume the entire budget of the state). How much did that mini-shuttle cost and what is it for again? On whose behalf are the British police keeping such a tight lid on Julian Assange? I've seen cops have two officers at the front and back of the house of a wanted murderer. They have hundreds of police around the embassy in London. It must cost a fortune. I don't think its the British taxpayer. Who is footing the bill? Over the years, Echelon has cost billions. Its not that they are targeting domestic computers, its just that its investigating fully all transmissions originating or arriving at foreign computers from domestic computers, and likewise checking other domestic computers to see if they are connecting with foreign computers (and doing a bit of fishing at the time). Their coverage is a mere 200% of all computers in the US. And that's it!
Someone please take a screenshot of this webpage, and use it to get rid of Timothy.
This has got to be one the most obviously stupid discussions ever -- mostly bringing out the bismuth foil hat types -- all due to Timothy's wrong and knowledge-less editing.
The NSA has even hacked TFA off of CNET!
Modern energy grids are distributed systems which need to talk to each other for many reasons: efficiency, reliability, emergencies, billing. Even if that would be "off the internet", you would still have this massive distributed system. A single attacker who "illegaly" enters a facility and attaches a mobile phone can hook this distributed system into the internet.
THAT is what you have to prepare for. Besides, running a VPN over the internet with very high security is actually a Solved Problem. Every Linux or BSD kernel (plus a proper admin) can do that.
I suspect it is the quick/cheap/unskilled people problem in the energy business as it is in every other business. The bottom line effects of bad security cannot be properly calculated, so the MBA crappers decide to go for the worst possible security, as that is also the cheapest.
The feds always come with their own police if they really want to achieve something. It is called "FBI".
But sure as hell $business can defend itself against NSA by "working Washington". Until there is no real, massive (read: real-life effects) cyber attack, there will be nice talk and no substantial action.
Why can't they separate all the offensive shit (such as attacking other countries by viruses) from the protection efforts ? As long as that doesn't happen, you better don't touch these people with a ten-foot pole. What makes you think these people have ethics left ? They royally screw with other people's systems and they are supposed to "protect" yours ? Like a burglar being hired for "security" ? Hey, burglars know all tricks, so they can play the good guy like nobody else !!! That's the rationale here, apparently.
Other countries have cleany separated the burglars from the defenders. E.g. Germany with BND(burglars, codebreakers, thieves) and BSI (actual security).
Apparently you woke up from the "civilized world, due process, rule of law" meme and discovered how your world really works. Full-fledged tyrannies do use quite physical mass-intimidation, though. Your government still intimidates only a select few.
So the US is indeed marching towards tyranny, but they haven't reached full development yet. As long as there are no mass protests of armed people, they will tighten the noose every couple of months. With an ageing society, they have lots of support for that, as those old fucks can never have enough "security".
That mini-shuttle is just one conduit of the military-industrial-complex to shaft the taxpayer. Nothing specially nasty about it. If you want to know more about surveillance, get yourself a scanner and listen to airtraffic control and police. Build a direction-finding antenna for it. You will be surprised to learn about what kind of air traffic there is.
Then, join one of the "trade organizations" of the MIC. There you can learn about their tech and from that, their methods. Of course, you better have a bogus "business interest" or they will be pissed (not good for you). Just create a crappy piece of tech and try to peddle it to them. That will suffice as a good cover story.
Some would say Deut. 22:29 is worse than the death penalty!
Contractor
That is, using the lists generated by people that denounce their US citizenship sorted by income by their last two years of citizenship?
In addition, I'm quite sure that the NSA can always trade with other friendly countries for what its charter does not allow them to have.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
Spying is the 2nd name of USA freedom. United Spying Agency.
Recipes for USA bankrupt - http://tinypaste.com/0d66f dd = dollar deluge (printed in the infinity)