Slashdot Mirror
Why the NSA Can't Replace 90% of Its System Administrators
An anonymous reader writes "Curious about the recently purposed NSA cuts, Courtney Nash explores a few myths about systems automation 'In the aftermath of Edward Snowden's revelations about NSA's domestic surveillance activities, the NSA has recently announced that they plan to get rid of 90% of their system administrators via software automation in order to "improve security." So far, I've mostly seen this piece of news reported and commented on straightforwardly. But it simply doesn't add up. Either the NSA has a monumental (yet not necessarily surprising) level of bureaucratic bloat that they could feasibly cut that amount of staff regardless of automation, or they are simply going to be less effective once they've reduced their staff.'"
> or they are simply going to be less effective once they've reduced their staff.
Which wouldn't be such a terrible thing.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
The worst thing you can do with a person in a privileged access position is tell that person substantially in advance that they have a 90% chance of being made redundant. The overwhelming majority of people are reasonable, rational and won't do anything - but when you have such a large set of people - some won't be so amenable to being pushed out the door.
In short, I'd be surprised if they haven't created a small army of potential Edward Snowden's through this. Wherever I've worked, if we made a system administrator redundant we'd have disabled their account before they were told and then broke it to them - even if it was under consideration, we'd send them home with pay for the duration - it's just common sense.
-SG
... 100% of potential leakers are now 90% sure that they're going to lose their job anyway.
Carry on, NSA.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Hello? Have you have your sarcasm detector surgically removed?
And please don't do that fucking boneheaded bit with the fucking asterisks. If you're really fucking old enough to say "fuck" and that's what you fucking mean, then fucking say "fuck", already. Otherwise, just fucking use a different fucking word.
Il n'y a pas de Planet B.
Ya I have to day at my work at least the Linux servers are certainly NOT easier than the Windows servers to administer. The Linux lead spends a lot of time dicking around in the command line messing with scripts and settings to get everything working and managed nice. It works, don't get me wrong, we have a functional setup and process, but this idea that it is somehow easy and magic is false and speaks to a lack of experience.
When I see someone who proposes something like "replace Windoze (lol I totally stuck it to Microsoft misspelling their software!) with Linux" as a magic fix for needing less people in a big enterprise to me it says this is someone who has installed Linux on their desktop, and maybe a personal web server, and somehow thinks that means they know all about enterprise administration. They figure what is true for them must be true for 50,000 systems. I mean after all, the fact that they had Windows crash on them one time clearly means it is unstable and unsupportable!
Windows does a lot right for the enterprise. Their authentication service is really good. AD really does the trick for managing a large collection of systems and users. We use it as the backend for everything, Windows, Linux and Mac and yes, we've tried it other ways (we used to do Sun LDAP and IDsync as the backend, what a nightmare to make work). Anyone who says Microsoft doesn't have good tools for large scale management is really just saying they don't have experience in a large scale setting with Windows and other OSes.
Also that suggestion is funny, given that the NSA likes and uses Linux for a number of things. You might want to look up who gave us SELinux (hint: the NSA). Ever wonder why it has such paranoid, granular, control if you want it? That's why.
SILLY RABBIT!
The NSA will just set up shop in Dubai, with their other Haliburton friends... They will import labor that can barely speak English, and with Dubai's labor laws they can literally padlock the employees to the desks.
Manning and Snowden both prove anybody not an "Inquisitor" for the team is a liability to the cause. They consider themselves OUTSIDE the law, don't expect them to learn the lessons we think they should.
My guess is a change of title, too.
I don't understand why the news and journals report what the NSA announces. For a long time this agency didn't even exist officially. They are allowed and expected to lie about absolutely everything, there are not even reliable records on how many people they employ. Their official statements are and have always been deliberate bullshit and disinformation. It's pointless to take into account anything they say about themselves at all.