Rather Than Not Spying On Everyone, NSA Is Getting Rid Of 90% Of Its Sysadmins
from the you're-doing-it-wrong dept
The latest NSA plan to stop the next Ed Snowden is to get rid of 90% of their sysadmins and automating many of their jobs. I would imagine that more than a few sysadmins might have an opinion or two about the ability of the NSA to really automate away their jobs, but that's an interesting move nonetheless. Here's NSA boss Keith Alexander:"What we're in the process of doing - not fast enough - is reducing our system administrators by about 90 percent."Considering that sophisticated techies aren't very interested in working for the NSA these days, perhaps it all works out for them. But, really, another option for avoiding an Ed Snowden like situation might be -- and I'm just tossing this out for suggestion -- is to not spy on everyone and then not lie to Congress and the American public about it. Just a little tiny suggestion.
Also, this more or less confirms what was fairly obvious (due to the NSA leaks by Snowden) that sysadmins have near universal access in the NSA's system, and the recent claims that "only 35 analysts" had access to key information was -- as James Clapper liked to say -- one of those "least untruthful" claims coming out of the intelligence community.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ed snowden, nsa, nsa surveillance, sys admins
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
'In short, we pay ourselves to hose ourselves'.
[ link to this | view in chronology ]
Re: 'In short, we pay ourselves to hose ourselves'.
[ link to this | view in chronology ]
Re: Re: 'In short, we pay ourselves to hose ourselves'.
[ link to this | view in chronology ]
Not just them
[ link to this | view in chronology ]
Re: Not just them
Yeah, that's what the cloud providers keep telling us, but it's far from clear that it's actually true. We'll see.
[ link to this | view in chronology ]
Re: Not just them
Facebook uses chef, they have teams of 2-4 people that manage each cluster of ~10k servers. source: http://www.youtube.com/watch?v=SYZ2GzYAw_Q
Now that we have tools that allow four people to manage 10k machines where will all the unneeded sysadmins work? I guess we will still need people working minimum wage to swap broken parts at the datacenter.
Of course the NSA is automating, all large orgs and many small ones are doing the same thing. The sysadmins who do not learn these new automation technologies are the ones who will be looking for jobs.
In response to John Fenderson these automation tools work just as good on physical servers as they do virtual servers in the "cloud"
[ link to this | view in chronology ]
Re: Re: Not just them
[ link to this | view in chronology ]
Scapegoats
[ link to this | view in chronology ]
Re: Scapegoats
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
The end is on the horizon...
[ link to this | view in chronology ]
Re: The end is on the horizon...
[ link to this | view in chronology ]
Re: Re: The end is on the horizon...
[ link to this | view in chronology ]
More propaganda that NSA is supposedly changing,
[ link to this | view in chronology ]
Re: More propaganda that NSA is supposedly changing,
I know senile grandparents that sound like you.
[ link to this | view in chronology ]
Re: Re: I know senile grandparents that sound like you.
[ link to this | view in chronology ]
This is another admission that the NSA lied
[ link to this | view in chronology ]
Admin automation
1) The NSA has thrown out a percentage of a certain type of job they would like to automate with very little plan
or
2) They have been employing people in positions with a great deal of information access that they did not have to have and they are just now deciding that it would be a good idea to stop doing that
[ link to this | view in chronology ]
Re: Admin automation
3.) The sysadmins they hired are the "hackers" that are leaving en masse because of all the spying that's going on.
http://www.techdirt.com/articles/20130805/02354124062/us-government-war-hackers-backfires-n ow-hackers-wont-work-us-government.shtml
[ link to this | view in chronology ]
Well, what could POSSIBLY go wrong there? Surely none of those 90% will get pissed off enough to say, leak more documents. And surely none of the 10% will decide to do so either when they see the NSA decide punishing 90% of the people with the same job wasn't good enough.
[ link to this | view in chronology ]
Re:
The actions by the NSA and the executive branch right now are about making enough noise to distract the people from removing Obama from office and forcing a change to the laws that are allowing them to continue these programs.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Moving to the cloud
I think someone should tell this uninformed douche-canoe that the "cloud" ALSO consists of servers (that likely have sysadmins; at least one would think).
For fuck's sake...is there ANYONE in that agency who has something of a clue?
[ link to this | view in chronology ]
Re: Moving to the cloud
[ link to this | view in chronology ]
Re: Re: Moving to the cloud
Per the Ars article:
http://arstechnica.com/information-technology/2013/08/nsa-directors-answer-to-security-fir st-lay-off-sysadmins/
"Moving to an automated cloud provisioning system, he explained, would cut the number of hands that touch the NSA's internal systems and address vulnerabilities—such as a sysadmin loading data onto a thumb drive and walking out with it."
So now instead of NSA sysadmins having the ability to walk away with vital data, you've now outsourced that responsibility to a cloud provider!
MUCH, MUCH safer.
I think I've answered my original question about anyone there having a clue. It's clearly "no."
[ link to this | view in chronology ]
Re: Re: Moving to the cloud
The company my mother works for (the one that audits hospital Medicare and Medicaid insurance forms and bills) recently cut all the nursing staff under her that manually do the systematic reviews of the audits...this was done in favor of saving money and automation. In her line of work, the states that contract the company and this contract require human eyes to do the review work sent over to the auditor's database by law for a specific reason...in an automated systems environment for auditing, there is no way to tell if someone accessed the information to alter what to look for. The main issue is that humans are not as calculated and are better suited towards handing statistical anomalies.. We don't crash.
[ link to this | view in chronology ]
Re: Moving to the cloud
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What could go wrong?
Anyone think about those wonderful DMCA takedown systems used by ( MPAA / RIAA ) to name a few?
Do they ever get anything wrong?
Never a false accusation, right?
Always target the right person, correct?
Never once have ID'd content wrong, have they?
So perfect that Error Correction was never implemented or needed.
What could possibly go wrong?
[ link to this | view in chronology ]
Re: What could go wrong?
Time for an oldy-but-goody movie reference: "Westworld"
[ link to this | view in chronology ]
Re: Re: What could go wrong?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
2) Proper disaster recovery and back up procedures should preclude anything resembling "spread to all the backups". Worst case they lose like a week of data, tops.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
You can make improvements in sysadmin load, but you can't fix stupid.
[ link to this | view in chronology ]
delete from USDatabase where type = 'table';
PRAGMA writable_schema = 0;
VACUUM;
PRAGMA INTEGRITY_CHECK;
[ link to this | view in chronology ]
Crackers start your Engines
[ link to this | view in chronology ]
Re: Crackers start your Engines
[ link to this | view in chronology ]
The ability of automation...
The most disturbing part of this is not whether they are capable of it...but the simple fact they are doing it. To quote Denis Nedry...
"You think that this type of automation is easy to come by? Or Cheap? Because if you can find a cheaper guy than me John, I would like to see you try..I really would"
Jurassic Park automation is easily muddied up and clogged.
I'm also reminded of the methods used by the IRS to target Conservative groups filing for non-profit status....using key word searches...imagine that type of targeting on all US citizens...then automate it!
When this system is finally in place I'm half tempted to repeatedly copy and paste the word "bomb" to see what happens to it as a comment to one of these threads.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Another Possible Interpretation
[ link to this | view in chronology ]