"So, after this change, the NSA – which now has every nearly ever compromising communication about every human alice – will no longer have to worry about its sysadmins leaking its secret "
We non-Alice humans continue to stay under the radar!
Edit: oh, you corrected it. Never mind.
You’re furious, aren’t you? This is the first time I’ve seen your grammar suffer like that!
damage control. stop the leaks then clean up the mess…
us government will be back to normal business in time for the next election cycle.
Smart, secure, big; choose two. Since the NSA is big, it must choose between begin leaky or being stupid. It has chosen the latter.
So much for in-depth background checks
If it were possible to reliably automate away system administration in general, we system administrators would have done that a couple of decades ago.
As it is, the only hope of removing the interactions is to utilize layers of abstraction. These layers of abstraction make it easier to use, but harder to learn (assuming you want to be able to fix it), since you need to learn the underlying technology as well as all of the applicable layers of abstraction.
In any event, I find it very unlikely that a general in the Army is qualified to state, with any degree of certainty, that the NSA is prepared to remove technical workforce at this level.
Also, this is an excellent way to make your IT staff very unhappy. I don’t know who I pity more…the 90% losing their jobs, or the 10% left to clean up.
I do loathe spooks, and think Bruce Schneier is right that giving up all our liberty and privacy for a little temporary safety will end disastrously, but I think in this one particular case Cory’s summary is a little too harsh.
The summary makes it sound like the NSA, stung by Snowden’s leak, is throwing a tantrum and laying off 90% of its workers to keep them from leaking anything, which will then leave the agency defenseless against hackers.
However, the Reuters article makes it sound like until the Snowden leak, the NSA, like a lot of technical orgs, grew rapidly and hastily cobbled together processes that involve doing a lot of things by hand, and then realized that those things should be automated, and were belatedly trying to do so, and expecting it to reduce the number of sysadmins needed by 90%.
Now that Snowden has leaked all this info and the media and congress and senators are breathing down their necks and asking them hard questions about security, it looks to me like the NSA is desperately casting about for any sort of excuse or justification or explanation it can give them, and one obvious option is to take something they were doing anyway, like automating 90% of their sysadmins, and make up some reason why this project will also improve their security and prevent future leaks.
If so, then they are being dishonest, but as far as we members of the public can tell anything about the NSA, it doesn’t look like they’re also destroying their own organization in a fit of blind panic, as Cory seemed to imply.
I have to think this probably isn’t coincidence, if the ultimate goal was to instigate a war and it not appear like we’re the “aggressors”, then setting up a scenario where someone (a team of hackers possibly) was enticed to attack the NSA’s servers and then have us respond to that attack, might be advantageous (to someone). The NSA has seemingly done a lot lately to get some certain groups riled up, particularly after the tor and lavabit incidences.
If they could have done with 90% fewer sysadmins, why did they hire so many to begin with?
“So, to sum up, in order to prevent leaks and whistle blowers, we’re going to have to get rid of like nine-hundred people.”
“Hey boss, I don’t want to step on your toes but what if we just stop spying on Americans, doing things people hate and trying to justify it with shadow-courts? Then there’d be no whistles to blow right?”
“Fuck you Benny. Seriously.”
Somebody in the NSA senior management went to a software demo and drank the Kool-Aid.
this couldn’t possibly go wrong
So the next move to speculate on is … are they going to condense their infrastructure accordingly so 10% admins is enough? are they going to work that 10% harder enough to make up the difference? are thy going to train agents to be sysadmins? Or are they going to outsource the Sysadmin job to some “trusted” private company?
I hear Microsoft played ball, maybe they will switch to windows servers…
They can’t. Maybe they will call those positions something else. I doubt they will cut their systems down to 10%. That will continue to grow. What they should do is encrypt and partition their data. System adminstrators don’t have to see the contents if the storage volumes they administer.
The bosses got together and said, “You know, I’ve never liked those superior MFers. This is our chance. We don’t need them anyway!”
or, “This is a good, workable plan, but it means replacing most of the sysadmins with new people. How should we handle that?”
It is just more security theater. They have no idea how to implement this scheme of sniffing everyone’s metadata. I have no doubt they’ve thrown a lot of money down that hole in Utah. Trillions of dollars down an unaudited rathole that delivers the same garbage out as goes in.
Dollars to donuts, the systems don’t work as depicted, never did, and assuredly won’t ever. Contractors, revolving door government employees and other members of the military industrial complex will all be enriched by this massive transfer of wealth under the guise of black budgets. They don’t have a working operational dragnet. How many tables and instances of a database would it take to store the type of "meta"data they purport to analyze and store? Knowing what I know about federal inefficiencies, the military ones, especially the boondoggle black operations that have come to light over the years … they don’t have nearly what they say they do.
Purporting to let go of 90% of the maintenance staff can’t possibly be the way to proceed. If they’re talking about revoking access, yet keeping staff, the thing about your maintenance staff is they need access to maintain. The cleaners get keys to your building to empty the trashcans. The admins get access to logs, fileshares and the like to diagnose and manage the data. Good luck “automating” and compartmentalizing admin and security. Remove human maintenance and it’ll quickly devolve into a tangled digital mess in Utah that produces garbage equally to us and the Chinese hacking into it.
The obvious solution is a large, blinking, supercomputer with a sinister name and an (alleged) incapacity for error. That plan always works.
I’m sure they have a bunch of H-1B’s lined up that don’t speak the language of the people they are spying on.