Slashdot Mirror
Why the NSA Can't Replace 90% of Its System Administrators
An anonymous reader writes "Curious about the recently purposed NSA cuts, Courtney Nash explores a few myths about systems automation 'In the aftermath of Edward Snowden's revelations about NSA's domestic surveillance activities, the NSA has recently announced that they plan to get rid of 90% of their system administrators via software automation in order to "improve security." So far, I've mostly seen this piece of news reported and commented on straightforwardly. But it simply doesn't add up. Either the NSA has a monumental (yet not necessarily surprising) level of bureaucratic bloat that they could feasibly cut that amount of staff regardless of automation, or they are simply going to be less effective once they've reduced their staff.'"
change of title? are all IT workers called system administrators? do all IT works say do stuff maybe 1-2 times an week that classes them as an system administrator? maybe with more automation then that 1-2 times a week can go a way?
That's one way to reduce the number of sysadmins effectively.
Fairfax county Virginia wouldn't survive without it. Private contractors milking public paranoia.
This comment has been generated by obligatory troll-bot 10000, an innovation of Huawei and your local NSA front. Have a nice day.
Bye!
Maybe instead of cutting staff numbers they can just outsource the administrators to China?
Apparently they look for clues to organizations that have solved similar problems.
NSA Boosting Automation in Wake of Snowden Leaks
The agency has created a private cloud using OpenStack, a Web standard developed by NASA and Rackspace Hosting Inc. Analysts say this lets the NSA run its IT operations in a way that more closely mirrors that of Amazon.com Inc. or Google Inc. Previously, it took weeks or months for employees at NSA to get access to computing resources, said Nathanael Burton, a computer scientist speaking at the OpenStack Summit in Portland in June. The private cloud “let us grow to a scale that a very small team of 12 to 15 people could manage,” he said.
“We’ve transformed the NSA and over the next few months we’re going to be working with the larger intelligence community to roll out our OpenStack system across the entire intelligence community,” said Mr. Burton in a video of the conference. The NSA did not respond to requests for comment.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
1. Fill current admins heads with bad info. 2. Get rid of 9 out of 10 of them. 3. From then on everytime someone working at NSA leaks something blame it on a. disgruntled or b. info that does pan out (it was contrived anyway) 4. ????? 5. Profit.
@Valentinial
Since "anonymous reader" isn't in a position to know anything about how the NSA's systems are set up, what these administrators exactly do, who has/needs administrator privileges vs. who could do their jobs with reduced privileges, etc., etc., then isn't this discussion even more of a waste of time than usual on slashdot?
...or they have ways of automating unimaginable to the uninitiated. Take a look at stuff the US government made, and when.
The F-22, developed in the 90s at latest, had processors more powerful than 2005 commercial processors. The NSA's improvement to encryption technology proved math knowledge 7 years ahead of its time. The Blackbird was over a decade ahead of its time for physics.
Now IBM has a brain simulation with as many synapses as a human brain, running 1500 times slower. That's just 16 years of Moore's law doubling. Is it so far-fetched to thing the NSA has AI that can replace a lot of sys admin and basic spycraft duties?
> or they are simply going to be less effective once they've reduced their staff.
Which wouldn't be such a terrible thing.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
The worst thing you can do with a person in a privileged access position is tell that person substantially in advance that they have a 90% chance of being made redundant. The overwhelming majority of people are reasonable, rational and won't do anything - but when you have such a large set of people - some won't be so amenable to being pushed out the door.
In short, I'd be surprised if they haven't created a small army of potential Edward Snowden's through this. Wherever I've worked, if we made a system administrator redundant we'd have disabled their account before they were told and then broke it to them - even if it was under consideration, we'd send them home with pay for the duration - it's just common sense.
-SG
So many companies claim this, then have their computer systems basically implode. The NSA will not be an exception. I don't think too many Americans, (or anyone else, really), will mourn their passing.
It's option number A, dipshit.
And it isn't just the NSA, it's the entire Department of Defense. Jesus fuck, you would think somebody would notice when the Navy has more admirals than it has ships.
outsource to F*** Up and give up control of data as well? just so in the end it costs more to fix the f*** up then what you saved in labor?
There are plenty of American companies that cringe when they hear Air Fance and the A-300.
The mind conceives, the body achieves, the spirit manifests.
Replace computers with typewriters.
Have gnu, will travel.
... 100% of potential leakers are now 90% sure that they're going to lose their job anyway.
Carry on, NSA.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
source for that f-22 shitniz? 'cause I call bullshit OR it's very creative definition for a commercial processor. blackbird wasn't ahead in "physics", rather it was and still is a milestone in _manufacturing_(titanium).
but yes, it is far fetched to "thing" that nsa has an AI, since they don't seem to have even a HI. they just said they're cutting down on system admins to get the senate off their backs since what the NSA actually is... is that it is a MASSIVE money pump to private hands(for people who skim the contractor wages).
world was created 5 seconds before this post as it is.
Hello? Have you have your sarcasm detector surgically removed?
And please don't do that fucking boneheaded bit with the fucking asterisks. If you're really fucking old enough to say "fuck" and that's what you fucking mean, then fucking say "fuck", already. Otherwise, just fucking use a different fucking word.
Il n'y a pas de Planet B.
To be fair when you work force is made up of a lot of computer scientists, cryptographers, mathematicians, etc you could probably turn over some responsibility for administration to the workforce with out losing much.
More of concern is, are they being hired and fired based on their loyalty to General Alexander? Or to the constitution of the United States?
I bet he's firing people who might question his interpretation of the constitution.
The NSA could certainly prevent 90% of their systems administrators from seeing the data though. All data should be encrypted when it is not displayed. Everything on file servers should be encrypted and most of the admins won't need the keys.
http://michaelsmith.id.au
Don't you dare try to get rid 90% of system admins.
Better back off, or I will replace your management team with a 5 line shell script, and sell it to Obama as a way of demonstrating that he is serious about more efficient government.
They have a specific job. Their admins do fine completing that job. They go through rigorous background checks. Unfortunately, a contractor got to the info and was able to thwart the system. ES just made it extremely difficult for everyone interfacing NSA to work now.
woot?
Why do I have to read all this classified garbage on Slashdot? Is the NSA's shredder broken?
Either a bloated government department will piss away less money,
or they become less effective at voilating our rights
who cares either way, just get rid of them
Like everything else, they will simply offshore all those sysadmin jobs to India, China, Vietnam and Russia, of course, which is what they normally do, you douchetards!
The NSA has a proven track record with lying to the American public.
I'm perfectly fine with their being less "effective."
Keep your eyes to the sky.
source for that f-22 shitniz? 'cause I call bullshit OR it's very creative definition for a commercial processor. blackbird wasn't ahead in "physics", rather it was and still is a milestone in _manufacturing_(titanium).
"Still is" is a bit of a stretch, as it was abandoned because other systems replaced the need for it (at least publicly). Satellites are now better for surveillance. It is no surprise -- in the other vertical extreme, Russian submarines made of titanium were deeper diving than anything else built, but ultimately the tactical advantages from having the capability did not really exist, and it was extraordinarily hard on the boat's systems.
Magic Beans sold by Puppet Labs? That's the only way I can see this working out. Of course, in practice, there is no such thing as "Magic Beans" from anyone, least of all Puppet salesmen.
Anyone who has done a puppet deployment, realizes that you've just traded 1 problem for another.
In IT, knowing Puppet is great for your career - it is like being Microsoft Certified. There will always be someone that thinks they need you, when it truth, YOU are the problem and will end up costing more that just getting great sys Admins who you can trust.
Automation has a place - Salt, Rexify, Chef, Ansible, CF Engine and 10 others are play in this space. Each has issues.
and in the spirit of pointy-haired bosses everywhere it means little. The administration is going to squeeze whatever good press they can garner from the comment and then do nothing. Oh, wait, there will be a panel of learned IT staff, then a study group, then a plan-for-a-plan group, then a project planning group then a phase I project and then, wait for it, a cut in funding that cancels the project.
Heh. People think they leak now? Just wait till all those (Dell) admins hear they're going to be fired.
Hey, they were the ones that claimed that noone need to have anything to hide, unless they are terrorists. In the other hand, maybe the ones that order drone strikes qualify as that.
Are you kidding me? As far as I am concerned the NSA can replace 100% of them, with adobe-bricks (three dimensional rectangles made from mud and straw), and we will all be better off. We can turn the NS's storage facilities into a competitors for, or extensions of, the Yucca Mountain Nuclear-Waste Storage Project, and we'll be beter off again.
What to do with the let-go SysAdmins? The rabid ones, the ones not glad to be out, need to be shot. The sane ones, the ones glad to be out, we can replace some of the 67,000 or so we were told we were short last year, and so had to import from abroad to fill positions, with. There weren't Americans enough to fill those positions, they said. Well, replace the NSA's with nuclear waste and there should be, and we should be able to send most of the imported ones home again. ......Or has it been those imported ones the NSA has been hiring?
Look how well the DRM take down bots have worked. Another flawed knee jerk solution to a already flawed system.
When it hits the fan it will cover everyone that has signed off on this. If we end up having another 911 just wait and see everyone trying to blame someone else for missing it and pointing fingers.
Why didn't the bots catch it?
Who was responsible for the writing of the bots?
Why don't you have more people tracking your data?
Why weren't you people trained better to see the patterns in the data?
Why do you collect so much data that you don't have the time or resources to filter it or review it?
Who implemented this?
My not just migrate To The Cloud.
Troll is not a replacement for I disagree.
I think I lost a few IQ points just reading it. Anyway, in rebuttal:
1. You don't need very many smart people. Albert Einstein did all the hard stuff when it came to the atom bomb. Factories run with a 2 or 3 engineers instead of thousands of workers. Lotus 1-2-3 put thousands of accountant clerks out of work. Etc, etc. I suppose we can all go work at Walmart.
2. Fewer people means less people to leak. Also fewer jobs means people more afraid of losing what little they have. It means less idealism and more dog-eat-dog survival.
But hey, who am I point all that out. If we just keep telling ourselves the scary stuff isn't happening because it didn't all happen at once that makes it OK, right?
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Perhaps NSA is not kidding
Perhaps they will just go ahead and lay off 90% of their admins, who are American citizens
And then, they will hire admins from Bangladesh as replacement
NSA doesn't need to be troubled by admins who are American citizens who understand the concept of Liberty, Human Rights, and Democracy - they can hire replacement admins from 4th world countries where nobody cares about any of those "Western Luxuries"
Why are people unable to parse simple English? They are not "laying off 90% of their system administrators" - they didn't say "we're going to lay off 90% of our sys admins." They said "we're going to take admin privileges away from 90% of the people who have sysadmin privileges." The job doesn't cease to exist just because you can't type "rm -rf /*"
NOWHERE in the coverage of Gen Alexander's remarks has he said they were planning to lay off 90% of their IT workforce. What he said was this:
This is a case of the NSA saying, "we've given sys admin access to far too many people, and we're going to restrict that now."
Fuck those fucking fuckers! They're all fucked up.
Think of this as an exercise in poetic license. If the NSA fires their/our own and replaces 'em with higher paid contractors employed by privately owned companies who are free and likely to hire the newly fired public employees, everyone but the shareholders gets screwed. The public pays more for the same service. The employees are effectively relieved of their gub'ment pensions which will be replaced by the insecurity of privately guttable replacements and the shareholders and executives walk away with their pockets stuffed. It's an accelerated form of privatization which benefits investor/crooks, many of whom ooze out of the public sector and straight into quasi-entrepreneurial ownership. Real entrepreneurs actually create something new. These scum just recreate governmental functions under a corporate umbrella. It's neo-fascism at its worst.
Are you talking about SR-22?
Different bird.
Perhaps the reason they are laying off 90% of them is because they simply don't need them anymore because XKeyScore now does manually what used to take a lot of manual system administrator work to accomplish. They say they've been collecting data since 2008 but its plausible they've been at it for a lot longer than that.
fuck fuckity fuck fuck fuck
“He’s not deformed, he’s just drunk!”
Would it be legal to add "Have you ever worked for the NSA?" to your interviewing questions? I'd like to see them all denied jobs in the private sector once they lose their jobs with the NSA. They have knowingly worked to support spying on American citizens. Treat them like the criminals they are.
While we're at it, ask if they worked for SCO over it's last 5 years... don't want that so called 'talent' to ever have an IT job again, either.
Would it be legal to form a do-not hire list based on previous employment? It's not a race, it's not a sexual preference, it's not a gender... It's an indicator of ethics.
This sig intentionally left blank.
Yes, that's a pretty apt description of the likely downward spiral of greed.
(I guess I was just busy enjoying some cheap thrills, watching JD troll himself with the China reference at the top of the thread.)
Il n'y a pas de Planet B.
Some poor sods are behind filters that won't let the see any web pages that contain words like fuck unless the word is obscured in some way.
Why should anyone trust anything the NSA says to begin with?
One, neither Google nor Amazon use Openstack. Openstack is no where near the best of breed yet.
Two, I don't know about them specifically, but I've seen places that have the ability and will to do it correctly, and I've observed organizations that really don't but think they do. There is a high probability NSA ultimately falls into the latter category, even if you hand them the perfect tooling (that generally isn't made available).
This shouldn't be that complicated.
1) Sysadmins who implement surveillance systems have access to information for which they are not authorized. Replace them with small shell scripts.
2) Since analysts as well can abuse their authority in selecting surveillance targets, replace them with a "target identification AI."
3) Drone pilots are fallible, and may accidentally fire on the wrong targets (or worse, refuse to fire at all!). Replace them with automated piloting systems.
That should do it! Why, with the computers in charge of selecting targets, observing and tracking them, and then dispatching drones to eliminate them, we'd save billions in tax dollars, and there's no humans in the way to abuse their authority. What could possibly go wrong?
We don't have a state-run media we have a media-run state.
As of today, System Administrators will require an Entry Permit. System Administrator Entry Tickets are no longer sufficient.
Their thinking probably goes along the lines of: each admin has a0.00003% of ratting them out each year and with a zillion admins they are looking at an 8% per year chance of a whistle blow. (Numbers came out of my ass) So if you can reduce the number of potential whistle blowers to 10% you massively reduce the chances of a whistle blow to less than one per career.
But if you have fewer admins each will have to not only have greater power due to the larger surface area but due to the whole hit by the bus thing the overlap will have to be greater. So you now have a bunch of guys with a bigger picture and better access. In that case I should invest in portable media companies as these guys are going to be running in and out with truckloads of data.
What all these agencies really need to do is to reevaluate what they are doing. This way the Snowdens still working for them will say; oh look we just used boring legal means to arrest run of the mill terrorists. Nothing to leak there.
But instead these various agencies are more concerned about covering their own asses. If I were a betting man I would guess their are more resources now deployed to catch Snowden and anyone working with him than probably the top 10 genuine terrorists put together. Not to mention the damage that they are doing to their own country. Every right they trample in their attempt to catch him just adds another exclamation point to his leaks. So services like AWS aren't going to collapse tomorrow but right now there are people all over the world looking to get their data out of the US and there are companies all over the world slowly ramping up to accept their business. You don't move your servers overnight and you don't set up data centers over night. But I suspect that you will see a slight change in the growth graph and that change is permanent.
The other key damage is even more subtle. If you are running a company such as Siemens would you probably had suspicions that China would be after your data to give to their companies. But now you might be thinking whoa is the US pulling this crap too? Now you are going to be reticent about any of your best stuff going to the US. You are going to rethink research grants to US universities. Again not overnight but all things being equal world relations with the US just chilled a few degrees.
That would be pretty much every SlashDot discussion that has more than a dozen comments.
"Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
Clearly the NSA needs to ensure that none of these former employees is able to leak anything...
Replace all of your systems administrators!! Just install Microsoft System Center, press a few buttons, wave a magic wand. Then get those pink slips ready! Sit back and relax as Microsoft System Center takes care of everything. It supports just about every operating system, non-Windows(tm) based systems requires additional licensed third party vendor software. Once you stream line your business and embrace the cloud you will be able to reduce your human capitol. If you do ever have any issue Microsoft will always be there to help. Contract with our knowledgeable experts who will get you back on track fast, additional support contracts and minimum fees may be required.
There is or can be built a machine that can simulate any physical object. -Church-Turing principle
No reductions in work force will occur.
Fear and Money and Greed rule Congress. DoD has bought enough members of Congress so it's all academic now.
Look what happened in London! Obama does not have 'plausible deniability' like Nixon had for a few weeks in his second term.
Just who does not believe that a 'President's' Mouth Organ is NOT lying.
Obama should celebrate Labor Day at the WH with a 'Yellow Cake' party! Even invite Cheney and Bush for good old time sake.
Sucks to get laid off and I feel real bad for those that might but...
Hire 95% more or lay off 95%. Doesn't matter really. Either way, our individual rights will benefit. The turmoil will only distract from their efforts to subvert our inalienable rights.
Actually, probably better if they were to hire 95% more managers. That'd make them incapable of doing anything aside from having meetings.
"The ferrets, they're every where I tell you!"
H* w** b**** fucking s********, y** fucking i****.
They plan to confine their activities to legal surveillance from now on.
Yeah, right.
Albert Einstein did all the hard stuff when it came to the atom bomb.
Einstein didn't do diddly with the atom bomb besides help persuade Roosevelt to get out ahead of the Germans in developing one.
Have gnu, will travel.
Which 10% are actually doing the work, which they should keep? Which 90% are spending their days playing Minesweeper?
Its a problem that most of industry has to deal with. And indications are that they haven't done a very good job of it.
Have gnu, will travel.
With a few hundred well written powershell scripts.
Or maybe it's just a trap to flush out potential leakers, sort of like the Hundred Flowers Campaign, except with a stick instead of a carrot (make the sysadmins think they have nothing to lose). In which case they'll drop the idea after catching as many of them as possible.
They will lay off all of their system administrators at 2:14 a.m. Eastern time, August 29th.
That's when PRISM will become fully self-aware.
less?? intelligence agencies all over the world and the american versions in particular are already the least effective, most useless, indeed counterproductive part of government. That's usually what you get for unlimited funding and almost no oversight: a whole lot of stupid. Don't feel bad yanks, all the other security/intelligence states collapsed, but so far all you've accomplished is a trillion dollars in debt (the cost of security theatre since 9/11). There's still time I suppose.
I had to finish using all my 15 mod points before they expired yesterday, or I would have modded you up
Seems to me that in order to succeed the NSA has to disband itself.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Post 9/11 a non US friend of mine was working at an American army base as an admin. New security measures meant that he was not allowed to touch the keyboard of his workstation but had to direct a grunt to "move the pointy thing to the left", "left click start" etc. for a few weeks. Apparently they got quite good at working together like that but the grunt never knew what he was doing.
Build Skynet!
The problem with the NSA is, they think they can see all their systems as "a larger installation" and as such, automation would work. By connecting all their systems into one "larger installation" they are effectively putting all their data in a single place. That's something you really don't want to do. Before you know it, someone tasked with migrating the data to a newer instance of "a larger installation" makes a copy of it and runs off to Hong Kong with it.
By giving "everyone" access to the Business Intelligence systems you have set up on your data pools, the chance that someone will abuse it, will grow exponentially. By not giving anyone access, there is no use for these systems.
The only way to prevent people to run off with any significant amount of imformation, is to keep that information out of their reach. This means you will need a lot of isolated installations and people tasked to do just a few things. Even if they go rogue, the damage is contained to the information they were able to access, not the motherlode. In practice, this means you'll need a lot of "system administrators" doing lots of "manual tasks" that could easily be automated if there would be enough scale for it to make it worthwhile. The NSA wants their cake and eat it too, but they'll keep on moving the risk, not removing it.
I was promised a flying car. Where is my flying car?
It doesn't matter what OS is on these servers. The NSA used to work with a separation of privileges and isolated systems. This means that people would get a limited amount of rights, to do a limited amount of tasks on a limited amount of servers. If they would go rogue, they wouldn't be able to do a lot of damage per individual. This means that any possible form of automation is usually already done, regardless of the OS.
Moving to a "sharing culture" and "Business Intelligence" systems that are shared within the entire organization and with other agencies and countries, means that the NSA lost the advantage of having a lot of small islands of information that can't be "lost to the enemy" all at the same time. Still having the "old" administration policies in place means that they now have a lot of people with admin rights but also access to a large cache of data. They don't want to go back to the segregation system and lose the BI, so they are trying to limit the risk by automating administration over larger sets of servers and removing the manual processes. Regardless of what OS they are running, just moving from a plethora of small platforms to just a few large groups of servers will give them a significant reduction in the amount of people required to admin them. By linking their systems to each other on admin level they probably are creating a new risk, that of an attacker gaining admin rights and walking all over their systems with a single account....
I was promised a flying car. Where is my flying car?
Subject: outsource to F*** Up and give up control of data a
Body: outsource to F*** Up and give up control of data as well? just so in the end it costs more to fix the f*** up then what you saved in labor?
Sank-oo Mr. China man!
Subject: outsource to F*** Up and give up control of data a
Body: outsource to F*** Up and give up control of data as well? just so in the end it costs more to fix the f*** up then what you saved in labor?
Sank-oo Mr. China man!
Subject: outsource to F*** Up and give up control of data a
Body: outsource to F*** Up and give up control of data as well? just so in the end it costs more to fix the f*** up then what you saved in labor?
Sank-oo Mr. China man!
Subject: outsource to F*** Up and give up control of data a
Body: outsource to F*** Up and give up control of data as well? just so in the end it costs more to fix the f*** up then what you saved in labor?
Sank-oo Mr. China man!
Subject: outsource to F*** Up and give up control of data a
Body: outsource to F*** Up and give up control of data as well? just so in the end it costs more to fix the f*** up then what you saved in labor?
Sank-oo Mr. China man!
Subject: outsource to F*** Up and give up control of data a
Body: outsource to F*** Up and give up control of data as well? just so in the end it costs more to fix the f*** up then what you saved in labor?
Sank-oo Mr. China man!
My guess is a change of title, too.
I don't understand why the news and journals report what the NSA announces. For a long time this agency didn't even exist officially. They are allowed and expected to lie about absolutely everything, there are not even reliable records on how many people they employ. Their official statements are and have always been deliberate bullshit and disinformation. It's pointless to take into account anything they say about themselves at all.
I posted an anonymous comment on some girly 'news' page some time ago. You probably know the sort: Don't disagree with the article; don't introduce any 'controversial' topics, do write with pretentious self-importance. When I checked the moderated post, "tits & arse" was translated into "**** & ****".
How many linux programs or services handle low disk space nicely.
Some even go more crazy creating more logs, eating more of what tiny space is left.
How many server software that creates its own logs is smart enough to recompress all raw logs when disk space hits zero. None, they are happy to leave gigs of logs sitting there. But a dead server is better working server right? Server dead, but you have logs.
Or the other case where programs go, cant connect error, retry 100000000000 times, creating a 100 gig log file.
Liberty freedom are no1, not dicks in suits.
There are several companies that say you can do it, and they're happy to sell you mega-expensive software that'll make that happen.
I'll say it ain't so easy. I'm in a smaller satellite IT group that's a part of a larger organization with the deep-pocket support of corporate.
While we've been successfully managing our collection of systems for the last 10 years using home-grown and other tools, the parent group is literally on their fourth set of vendor-provided suites that claim to automate... everything. As each set of tools gets deployed they find the warts in it, and within two years they've declared it crap and are undertaking a new cleverly-named project to replace it.
Oh, I'm sure it can be done. Probably using any of the tools available for purchase. But it takes a lot of time, and you need plenty of the very skilled people you're trying to replace.
So I'm not buying the whole 90% claim. I'm sure that's a number that appeared in some high-end IT manager's PowerPoint presentation, and it probably came straight off a slick presentation from some vendor with lots to gain from a sale to a desperate federal agency with an unlimited budget.
I'm just saying that it won't happen easily - if at all.
Or rather its easier just to get a 4G USB stick, plug it into a 10feet usb cable that hides the 4G connection in the pot plant.
Liberty freedom are no1, not dicks in suits.
I imagine that there is such a seeming glut of sys admins simply to compartmentalize their infrastructure.
Easy enough to do away with... but there goes your compartmentalization. I imagine that the remaining SA's are going to be cream of the crop and also subject to higher standards of scrutiny.
I am very small, utmostly microscopic.
I also wonder why they don't encrypt this data? A SA doesn't need the keys to decrypt the files. All (s)he needs to see is that the files are there and that they are not corrupt.
I am very small, utmostly microscopic.
The whole thing about getting rid of 90% was mangled in translation.
What's actually going on is the number of people with full admin access is being reduced by giving them lower access. So instead of 100 people with root there will be 10 with root and 90 with "power user" equivalent.
With Chinese H-1B workers!
Rick B.
It's hinted in the article, and in some of the comments, but nobody is actually saying it: dumping 90% of the system administrators would purge a lot of people for whom "information wants to be free" is a hot button issue that overrides common sense...like keeping one's job, or doing one's job. Of special interest to the NSA, but also applicable to any organization that wants to keep secrets, even if it's just IP.
I think of this whenever a co-workers goes on an "information wants to be free" rant. I wonder if the confidentiality of our own processes are valued by that employee.
Proof A) A person has had more than 50% of their brain removed/taken out by some accident, but they are still 100% normal and can talk etc recall all memories.
So we know that the human brain is 90% duplication, and possibly 99% redundancy. So even a brain 1/100th the size could comprehend and be as smart as a human in theory.
IF the brain is nothing more than a conduit socket to the soul that has the real brain power, then brain simulation is dead and cannot ever be done unless we ressurect ghosts to run our VM brains.
Liberty freedom are no1, not dicks in suits.
Its a honeypot without the honey.
1. Announce Layoffs
2. Turn on logging
3. See which Sys Admins start downloading files
4. Prosecute them publicly as hippie commie terrorist who hate America
Instead of creating their own in-house private cloud linked through their own private facilities linked all over the world, they went with a public company that can do this for them? Are they NUTS? No, really. If this isn't the worst, most unsecured way to do ANYTHING, I don't know what is. Do they use their full names as their login IDs as well?
Are you kidding me?
That, exactly. In the acronym-laden government agency that I work, a huge majority of the local staff are coded as 2210 Systems Administrator, and a large portion of them never touch a PC, let alone a server. Recode the job titles appropriately, cut where possible, and a 90% "reduction" is entirely feasible with virtually zero impact to efficiency.
So the NSA is using software to start automating their systems. I can see the headline now:
Air traffic grinds to a halt, All US citizens on TSA no fly list
Undetectable Steganography? Yep, there's an app fo
I can't get an answer! Are they firing employees or contractors?
If they're firing employees, they'll just hire them back as contractors.
If they're firing contractors, they'll just hire them back later.
If they're automating procedures, they'll hire more contractors than ever to automate it, and usually those projects are boondoggles.
Has anyone actually been fired, or is this wishful thinking?
If Snowden's accounts are correct, many people have Sys Admin level access even though that is not their role in the organization. It is entirely possible that, like every sane organization, the NSA is working to fix their systems so that people outside of IT don't need Sys Admin level access to do their jobs. This process is sometimes known as implementing proper security.
Taking away Sys Admin rights from people who don't need it is "reducing our system administrators." Headcount does not need to change at all for them to accomplish this goal.
For the last effing time, they DID NOT SAY they were getting rid of those people. What Alexander said is that they'll reduce the number of administrators. Translation: They're going to take away admin rights from 90% of the people who have them. The community at large has doled out admin rights much too liberally over the years and now there's a push to rein that in. Anyway, stop perpetuating the myth that the Fort is dumping 90% of their administrators out on the street. It is simply not true.
I for one am not suprised they can't replace 90% of their sysadmins.
No idea how many sysadmins they have but unless it's a multiple of 10 it will be pretty hard to replace them without cutting a couple of them in pieces...
For people working on breaking heavy encryption algorithms you would expect that they can do simple math...
They'll just outsource the work to the Chinese, right? ;-)
I can see it now. It will go something like this:
"Hello former NSA workers, we are anonymous. Come join us".
Or something like that.
To get this 'automation' the NSA will release request for proposals to contract companies. Having worked in government contracting for 10 years, I know how this works. This is service work where the prices are based on the bodies. Contract companies are guaranteed to make money (they only add bodies if they can bill to the government, the fee on top of salary is set to guarantee a profit) even if they deliver garbage. Contract companies will tell the government what they want to hear in a proposal. There is no financial risk to them in doing this. The only risk is losing the contract to a recompete. However, during the contract period they will turn a profit. There is a profit margin in going 'yes we can do that absolutely' to win the contract instead of 'uh guys your being stupid here, this won't work' and losing the contract. There are NO financial penalties on these companies.
Further projects that get alot of political attention get rushed. The requirements will be vague and then they will change. Contract companies are ok with that because a change is a new work order, more bodies, and more money. Generally when this happens the government gets garbage. Its in large part their fault for delivering incompetent requirements and not understanding what is required. It is also the contract companies fault going 'oh absolutely we can do that', but they do not bare any cost.
As a technical person, I would avoid this project unless I was desperate for a job. It will be a frustrating mess with insane hours. Possibly lots of terminations (your just a body, they get a new body and charge the government, what do they care about training time?). From experience, the government typically does not have people qualified to give out good requirements. Qualified techies don't read government job boards. The government people would not know how to interview them anyway. From experience you end up with an overseer who is clueless and complains about punctuation and the wrong noun in a document.
if they want to automate and reduce the number of SAs, they should form more modest goals. However, a 5 year goal of reducing the number of SAs by 15%, is not the kind of thing you can get Congress to approve a budget line on. Half of this is going to be process reorganization. If not more than half. Its about a change in management. Bringing SAs in house to work for NSA may be a good idea. When companies win contracts they work to the word of their contract and go no further. Technical staff is not allowed to offer more. The company wants more money. you also eliminate the big profit margins you pay to the contract companies. Often times they are just doing accounting. Very sensitive projects are typically directly managed by the government anyway. That being said, they can't get the 'you can never be fired protection' that some government people get. Techies who don't produce need to be fired. I won't be the only technical person on here who has been glad to see someone causing us a hassle fired.
This is apparently beyond the government. Also, its not that easy to communicate to the public and a congress that wants to get on TV by complaining.
This is a fair trade. Techies who work on top secret projects make higher than market wages. Typically MUCH higher. This is because there is always a demand for people with clearances. There is always a shortage. Alot of people can't pass the background check. Non-citizens are not elligible. Having a top secret clearance is generally considered 'life time employment'. Your talent level is much less important than if you can pass the background check. Companies need to pay to sponsor people for clearances. They would rather fire someone who has alot of skill and hire someone who sucks who is already cleared than to pay for a clearance. Seen it many times... They don't care if your all that good.
Snowden was pulling down 125k with very good benefits at 29 as an SA. He was probably working a 40 hour work week. SA jobs typically have very long hours. I can say the hours since its hard to replace TS SAs, so they don't have to live there, due to the issue with replacing their clearance. He may have worked over here and there and like most SAs had off hours work. However, this is a VERY safe job as long as you follow the rules.
no outsourcing. No H1Bs. Very few people are elligible to take your job.
Require people on TS projects to give up their passports. If you don't like it work elsewhere at less money. I am very confident you will find plenty of people willing to do this. No passport means you can't flee to China. This won't solve everything... but its a fair exchange for a higher salary and much more job security.
What does the NSA mean? Lay offs? Ship to Guantanamo? Make disappear? They can't let all those folks just wander the streets with the knowledge they have. Can you truly leave the NSA and remain alive or condemned to a life in hiding?
I would really *LOVE* for them to carry this out. Fire 90% of your staff trained in network security.
Awesome.
That would mean the NSA spy machine would suddenly become the property of the blackhat community. I'd find that HIGHLY entertaining.
So, back to the NSA. They should replace *nix servers with Windows? I'd like that. Any person who wants the NSA to be far less effective would like that!
def get_legislator_vote(Representative me, Bill b) :Yes
else
return :Present
end
end
if me.received_campaign_contributions_from_opponent?
if me.can_spin_to_constituents(b)
me.add_actions(:acquire_favors, b.supporters)
return :No
else
me.add_actions(:cash_in_favor_to_get_no_votes)
return :Dont_Vote
end
end
if b.bill_gives_government_more_power? && me.can_spin_to_constituents(b)
return :Yes
end
if b.bill_restricts_government_power?
return :No
end
if b.cnn_says_bill_addresses_current_crisis?
return :Yes
else if b.cnn_says_bill_will_cause_apocalypse?
return :No
end
if me.party == b.billsponsor.party :No :Yes :Amend :Present :Present :No :Yes :Present :No;
if me.received_campaign_contributions_from_supporter? if me.can_spin_to_constituents(b, b.supporters) return
if me.party == currentpresident.party
if currentpresident.opposes? b
return
else if currentpresident.supports?(b)
if me.canSpinToConstituents?(b)
return
else b.amendable?
else
end
else return
end
else
if currentpresident.supports
return
lse if currentpresident.opposes? return
else return
end
else
return
end
end