Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

It's Time To Split Up NSA Between Spooks and Geeks

timothy posted more than 4 years ago | from the sideline-coaches dept.

Government 122

Hugh Pickens writes "Noah Shachtman writes in Wired that most of us know the National Security Agency as the supersecret spook shop that allegedly slurped up our email and phone calls after the September 11 attacks, but not so many know that the NSA is actually home to two different agencies under one roof: the signals-intelligence directorate, who can tap into any electronic communication, and the information-assurance directorate, the cybersecurity nerds who make sure our government's computers and telecommunications systems are hacker- and eavesdropper-free. 'The problem is, their goals are often in opposition,' writes Shachtman. 'One team wants to exploit software holes; the other wants to repair them.' Users want to know that Google is safeguarding their data and privacy. The trouble is that when Google calls the NSA, everyone watching sees it as a package deal. Google wants geeks, but it runs the risk of getting spies, too."

cancel ×

122 comments

Sorry! There are no comments related to the filter you selected.

The NSA practices equal opportunities (1, Funny)

Anonymous Coward | more than 4 years ago | (#31641446)

Hats of all colors welcome!

Of course (0)

Anonymous Coward | more than 4 years ago | (#31641498)

You can't have white hats without black hats

Re:Of course (5, Funny)

Anarki2004 (1652007) | more than 4 years ago | (#31641840)

and you can't have Red Hat without a subscription (well support at least).

how will that solve anything? (0)

Anonymous Coward | more than 4 years ago | (#31641518)

I don't see how it will solve anything. The same equities will still be in place, it's a matter of self-interest, not necessarily a matter of who does what. Separating them into two agencies might just make the problem worse.

Spooks? That's horrible (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#31641772)

I thought we figured out years ago that racial segregation was a bad idea. Separating the spooks from the geeks won't accomplish anything.

Re:how will that solve anything? (2, Insightful)

Hal_Porter (817932) | more than 4 years ago | (#31642352)

You wouldn't actually do it, you'd just tell people you'd done it and hope some of them are gullible enough to fall for it.

Why does Google need to 'partner' with the NSA? (5, Interesting)

mschuyler (197441) | more than 4 years ago | (#31641532)

Aren't they smart enough and rich enough to hire their own geeks? SIGINT is the main job of NSA, period. If you want to hire the wolf to guard the hen house, you take the consequences.

Re:Why does Google need to 'partner' with the NSA? (0)

Anonymous Coward | more than 4 years ago | (#31641682)

Google & NSA have been in bed together for ages. Heck, you know that thing called Google Earth? It used to be called Keyhole. NSA footed 10% of the bill on that.

Re:Why does Google need to 'partner' with the NSA? (5, Informative)

aristotle-dude (626586) | more than 4 years ago | (#31641838)

Google & NSA have been in bed together for ages. Heck, you know that thing called Google Earth? It used to be called Keyhole. NSA footed 10% of the bill on that.

Wrong agency. It was the CIA who funded Keyhole through INQTEL.

Re:Why does Google need to 'partner' with the NSA? (1)

alen (225700) | more than 4 years ago | (#31641768)

NSA has hired most of the smartest math phd's

Re:Why does Google need to 'partner' with the NSA? (1)

mschuyler (197441) | more than 4 years ago | (#31642022)

Although I immensely respect math PhDs for their understanding and accomplishments, I'm not sure having a PhD in math grants expertise in computer and network security. My guess is their expertise is used largely in encryption efforts. Insofar as that is useful for network security, fine and great, but there's a lot more to network security than just encryption.

I really see no evidence that the NSA has scooped up the smartest math PhDs. In fact, the age of Google is making it harder for the NSA to attract mathematical talent. They simply cannot compete in wages, for example, though they may be able to compete on lifestyle issues. Here's an article that addresses the issue: http://www.businessweek.com/magazine/content/06_04/b3968007.htm [businessweek.com]

Smarts (2, Insightful)

sjbe (173966) | more than 4 years ago | (#31642528)

I'm not sure having a PhD in math grants expertise in computer and network security.

It doesn't but you're going to find a pretty heavy correlation between the two. Someone good in math is far more likely than average to have or be able to develop expertise in any given use of computers. The skill sets are different but the skills do overlap to a non-trivial degree. I'm sure a PhD is not required to work in computer security at the NSA but I also suspect they have more PhDs in that role than most employers. Just a guess I'll admit but it seems likely.

My guess is their expertise is used largely in encryption efforts.

I think you are probably correct.

I really see no evidence that the NSA has scooped up the smartest math PhDs.

Certainly they have no monopoly on smarts. Academia, private industry, finance, NASA and others employers unquestionably have a big share. The only safe thing to say is that the NSA apparently has a goodly number of very bright individuals working there. What portion of the talent pool they have is something that I'm sure is heavily classified if anyone even knows.

Re:Smarts (4, Insightful)

dgatwood (11270) | more than 4 years ago | (#31643622)

Someone good in math is far more likely than average to have or be able to develop expertise in any given use of computers.

Careful there. Being good at math---being capable of learning higher level math concepts---is not the same as having taken the time to do so. A lot of very people don't bother going beyond a certain point simply because their primary interests lie elsewhere. And to some degree, being too analytical can actually hurt your ability to write good software.

Writing software is not an entirely analytical process. It has some analytical components, particularly in understanding how the parts fit into the whole. However, creating the code itself is also an artistic process in many ways. You must consider all the different ways of doing something and choose the best one, based not just on the current needs, but also on a general feeling about what you might want to do with the code in the future without going overboard.

  • Overly analytical people often over-plan and over-design, resulting in code that is too complex to maintain, is too slow, or takes too long to finish. Getting everything perfect the first time is too important, so nothing ever gets done.
  • Overly artistic people tend to not plan enough, painting themselves into a corner. The result is that the entire project gets thrown out and redesigned every couple of years because they need to add a new feature and the design can't readily accommodate it.

Thus, good programming requires a very delicate balance between analytical abilities and creative/artistic abilities. Analytical skills are necessary, but not sufficient.

I would actually argue that programming skills tend to be more strongly correlated with musical ability than math education. Good musicians are generally good at analytical tasks, including math, but also have the artistic ability needed to take that critical step back and pay attention to the system design, the UI, etc.

I've always found it staggering how many of my coworkers are musicians. In my department alone, it's at least one in three, and many of the people who aren't musicians have kids who are. Whenever we have a department party, we usually get together a group of people and jam. And my previous employer was the same way.

Re:Smarts (0, Flamebait)

jlintern (1169449) | more than 4 years ago | (#31643908)

Overly artistic people tend to not plan enough, painting themselves into a corner.

Good musicians are generally good at analytical tasks, including math, but also have the artistic ability needed to take that critical step back and pay attention to the system design

TLDR; some people are somehow better at some things than some other people. In other words:

A lot of very people don't bother going beyond a certain point simply because their primary interests lie elsewhere.

Some simplification. (1)

tjstork (137384) | more than 4 years ago | (#31644620)

Software is engineering. Cryptography is research.

Re:Why does Google need to 'partner' with the NSA? (0)

Anonymous Coward | more than 4 years ago | (#31643214)

I would rather work for the NSA than Google given the choice.

Re:Why does Google need to 'partner' with the NSA? (0)

Anonymous Coward | more than 4 years ago | (#31643404)

Yup because they got numb3rs.

Re:Why does Google need to 'partner' with the NSA? (0, Insightful)

Anonymous Coward | more than 4 years ago | (#31641854)

Amerika! Amerika ist wunderbar!

Re:Why does Google need to 'partner' with the NSA? (1)

StickANeedleInMyEye (1253490) | more than 4 years ago | (#31641906)

Google needs to partner with the NSA/CIA/FBI/etc. just so Microsoft doesn't. Jus sayin...

Re:Why does Google need to 'partner' with the NSA? (0)

Anonymous Coward | more than 4 years ago | (#31641930)

Why can't both partner simultaneously?

Re:Why does Google need to 'partner' with the NSA? (1)

StickANeedleInMyEye (1253490) | more than 4 years ago | (#31642344)

Well... theoretically they could. I suppose they would probably more efficient than two or three govt. agencies by an exponential factor too. It's more a matter of choosing between the lesser of two evils but remembering that they're both still evil.

Re:Why does Google need to 'partner' with the NSA? (1)

ooshna (1654125) | more than 4 years ago | (#31642410)

How is quoting Rammstein insightful?

Re:Why does Google need to 'partner' with the NSA? (0)

Anonymous Coward | more than 4 years ago | (#31642514)

Agreed, though questioning the insight of a Rammstein quote is in itself insightful.

Re:Why does Google need to 'partner' with the NSA? (2, Funny)

nacturation (646836) | more than 4 years ago | (#31642866)

Amerika! Amerika ist wunderbar!

Amerikahu akbar!

Re:Why does Google need to 'partner' with the NSA? (0)

Anonymous Coward | more than 4 years ago | (#31642296)

Not exactly. Protecting US communications via cryptography is the other main function.

Re:Why does Google need to 'partner' with the NSA? (5, Insightful)

jeff4747 (256583) | more than 4 years ago | (#31642580)

Because besides having the best "hackers" on the planet, the NSA also has the best sysadmins on the planet. Because the aforementioned 'hackers' practice against them.

This, btw, is why the author's idea is terrible. You want both offense and defense in the same agency so that they can share techniques.

Re:Why does Google need to 'partner' with the NSA? (0)

Anonymous Coward | more than 4 years ago | (#31643692)

And that resource sharing (admins talking to hackers and vice versa) aids both camps. The best hackers make the best admins.

If you think about and have been there, the agency is one of the best examples of open source sharing. Problem is that information never leaves the front gate for the rest of us to benefit. (chuckle).

If the NSA handles SIGINT, who handles SIGTERM? (2, Funny)

FoolishOwl (1698506) | more than 4 years ago | (#31642744)

And how about SIGHUP?

Re:If the NSA handles SIGINT, who handles SIGTERM? (4, Funny)

cryptoluddite (658517) | more than 4 years ago | (#31643112)

SIGSTOP is handled by KAOS.
SIGCONT is handled by CONTROL.

SIGHUP? It's handl#`%${NO CARRIER

/wrists for making a no carrier joke

Hrmmm (1)

Xuranova (160813) | more than 4 years ago | (#31641540)

How can one side do their job if the other doesn't point out the exploit?

I feel the same about AV software. If the big AV companies don't have at least a few virus/worm writers on the payroll, how else do they know if their defense software is any good?*

*Less assume for a moment that AV software is somewhat decent.

Red Team (0)

Anonymous Coward | more than 4 years ago | (#31641784)

Absolutely. The two sides have a synergy that likely wont work separately. Just look at the Red Team, they use all of the spy tools to penetrate networks for the sake of security. Breaking them up for the sake of PR is foolish, they're worth too much technically together to even consider this.

Spooks and geeks? (0)

Anonymous Coward | more than 4 years ago | (#31641558)

That's racist, Slashdot.

They're African Americans.

Re:Spooks and geeks? (0)

Anonymous Coward | more than 4 years ago | (#31641934)

That's racist, Slashdot.

They're African Americans.

Only if you're a backwards skin-head.

I propose the NSOANSA (0)

Anonymous Coward | more than 4 years ago | (#31641562)

National Security Only Agency No Spies Agency which will be tasked with splitting the security aspect from the spying aspect. To insure this split the NSOANSA should be composed exclusively of spies because only spies will have the necessary intelligence needed to tell the spooks from the geeks. They will also require real-time access to all communications and have full retention of all electronic communication so they can insure that no spies are doing security work.

Nonsensical ... (4, Insightful)

krou (1027572) | more than 4 years ago | (#31641596)

Okay, so TFA is arguing that creating a new agency 'that didn’t include the spooks would' avoid conflict and bring about 'acceptance across the government and the private sector'.

But right in the beginning, it says '[Google] wants geeks, but it runs the risk of getting spies' when it contacts the NSA.

If there is no guarantee that Google doesn't end up getting spooks from the NSA, who can say this new agency won't have spooks in there from the NSA?

Am I missing something here, or is there some magical reason why this new agency won't have spooks embedded there, and it should be trusted any more than the NSA?

Re:Nonsensical ... (5, Insightful)

jumpinp (1144189) | more than 4 years ago | (#31641734)

Oh, so you want a government/agency you can trust. Sorry, all out of that.

Re:Nonsensical ... (1)

MartinSchou (1360093) | more than 4 years ago | (#31643188)

who can say this new agency won't have spooks in there from the NSA?

The same reason that you don't have spooks in the FBI and DMV?

Re:Nonsensical ... (1)

aussie_a (778472) | more than 4 years ago | (#31643930)

The same reason that you don't have spooks in the FBI and DMV?

Yes, neither of those agencies have spooks at all. Nope. Definitely not.

Re:Nonsensical ... (0)

Anonymous Coward | more than 4 years ago | (#31643328)

Am I missing something here, or is there some magical reason why this new agency won't have spooks embedded there, and it should be trusted any more than the NSA?

Their charter will say "no spooks embedded, you can trust us". It'll have the same validity of your average corporate mission statement, e.g. don't be evil and so on.

Tension is good (0)

Anonymous Coward | more than 4 years ago | (#31641602)

Isn't that tension - between those who want to exploit holes and those who want to fix them - a good thing? Tension normally results in balance.

Re:Tension is good (1)

Mikkeles (698461) | more than 4 years ago | (#31641666)

'Tension normally results in balance.'

... and equally commonly in a broken spring.

And??? (1)

bit9 (1702770) | more than 4 years ago | (#31641604)

Google wants geeks, but it runs the risk of getting spies, too.

How exactly will splitting the NSA fix this? It's a government agency. If the government wants to give you spies, you get spies. Doesn't matter which 3-letter acronym organization they get their paychecks from.

Re:And??? (2, Interesting)

General Wesc (59919) | more than 4 years ago | (#31641992)

The government is not a monolithic mind. Bureaucratic distance famously hindered information sharing between various agencies pre-9/11, and that was when it was largely in both agencies' interest to cooperate. That wasn't an isolated instance--it's how bureaucracy works. Someone with control over both agencies could force one agency to subjugate its goals to the others', but it's much more complicated, much more controversial, will receive much more resistance, and is over-all much less likely to be attempted than when it's an intra-agency conflict.

Re:And??? (2, Interesting)

bit9 (1702770) | more than 4 years ago | (#31643108)

Are you kidding me? First off, I never said the government was a monolithic mind. I said if the government wants to give you spies, you get spies. And by "government" I mean whoever the hell is in charge and responsible for things like getting the telecoms involved in wiretapping, etc, etc. These are not just isolated incidents, and it is pure folly to think that just because bureaucracy sometimes creates organizational barriers, that the government can be controlled and held accountable. The spooks will infiltrate wherever they please. The tail wags the dog.

Spooks & Geeks are Intertwined (1)

geoffrobinson (109879) | more than 4 years ago | (#31641634)

Who do you think comes up with the technology to crack encryption of intercept signals?

Re:Spooks & Geeks are Intertwined (0)

Anonymous Coward | more than 4 years ago | (#31643474)

Kellogs ?

Hell No (5, Insightful)

DesScorp (410532) | more than 4 years ago | (#31641706)

We do not need yet another federal agency. Splitting them in two will only result in two bigger agencies with an ever ravenous appetite for more tax funds.

One of the worst things Bush did post 9/11 was creating the spate of new federal agencies. Can anyone say that their flying experience is actually better after TSA was created? Anyone?

How much good did creating yet another layer of intelligence bureaucracy do us? Did intelligence get any better after we made the Director of Central Intelligence obsolete by creating a Director of National Intelligence? Not one damn whit. It just grew the federal payroll some more, and added more bloat and bureaucracy.

Vital intelligence work needs to be done, but we need to be trimming down these agencies, not creating new ones.

Re:Hell No (1)

zill (1690130) | more than 4 years ago | (#31642098)

Can anyone say that their flying experience is actually better after TSA was created? Anyone?

It's the only way for some of us to actually afford X-ray checkups, you insensitive clod!

Re:Hell No (2, Insightful)

glwtta (532858) | more than 4 years ago | (#31642136)

Can anyone say that their flying experience is actually better after TSA was created?

The TSA is supposed to make your flying experience better?

Re:Hell No (2, Informative)

countertrolling (1585477) | more than 4 years ago | (#31642864)

Not "better".. Safer [aero-news.net] ..

Re:Hell No (0)

Anonymous Coward | more than 4 years ago | (#31643536)

They figured at best the war against terrorism would just end up in perpetual stalemate to never be won.
Yet there's tourism... Tourism sounds close enough to terrorism doesn't it? And we can win the war against tourism, can't we?

So now we have created the perfect agency to help us win that war.

Re:Hell No (2, Interesting)

linzeal (197905) | more than 4 years ago | (#31643722)

The TSA is supposed to herd air travelers in ever larger targets for terrorists in front of machines they use to find shampoo bottles in.

Seriously, how long is it going to take for some terrorist to walk into an airport with a suitcase bomb, sit in line for the TSA till he is in the middle of 100's or even 1000's of people during the holiday season and blow himself up ?

Re:Hell No (1)

Culture20 (968837) | more than 4 years ago | (#31643196)

One of the worst things Bush did post 9/11 was creating the spate of new federal agencies. Can anyone say that their flying experience is actually better after TSA was created? Anyone?

To be fair, the only people who have had their planes fly into buildings aren't around to answer. The rest of us have experienced annoyances at the gates, so the boarding experience is worse, but the actual flying experience is just about the same (except the knowledge that just sitting still during a potential hijacking is dumb, so now people are ever slightly more on edge, but that has nothing to do with the TSA).

Two sides of the same coin (4, Insightful)

Daniel Dvorkin (106857) | more than 4 years ago | (#31641804)

Keeping our systems secure, and breaking into the other guys' systems, are damn near the same job. It is a good thing to have the people responsible for both working together, and maybe trading jobs occasionally. There is no American computer security and Russian computer security and Chinese computer security: there is only computer security, and systems which are more or less secure. The NSA has historically been about the only government agency that really seems to get this, and it would be a real mistake to break it up.

Re:Two sides of the same coin (1)

d1r3lnd (1743112) | more than 4 years ago | (#31642128)

No, that's exactly the problem. Because computer security is roughly on parity worldwide, improving US computer security would also improve Russian/Chinese/Xforeign country security - thereby making the NSA's job harder.

Essentially, the NSA has no real incentive to improve computer security - especially given the current trend of domestic intelligence gathering.

Re:Two sides of the same coin (2, Insightful)

el_tedward (1612093) | more than 4 years ago | (#31642304)

[sarcasm]
Yeah, if anything, the NSA has made things LESS secure! I mean, look at SELinux. It's a load of crap!!
[/sarcasm]

Re:Two sides of the same coin (2, Funny)

d1r3lnd (1743112) | more than 4 years ago | (#31642560)

Yeah, take a good long look at SELinux. You'll find it everywhere - after all, it's been distributed for a decade now! And in the past ten years, they've gone on to... ?

In terms of improving overall American cybersecurity, SELinux has proven marginally more effective than sticking your dick in a toaster.

Let's face it - expecting the NSA to highlight security flaws in commonly deployed software is like expecting a magician to explain his tricks to the audience before he does them.

Re:Two sides of the same coin (3, Interesting)

budgenator (254554) | more than 4 years ago | (#31642288)

I've read the article twice and it doesn't support it's own conclusion, if you except as a given that the NSA is bad, a loose cannon in regards to real American's rights it follows logically, if you don't think the NSA is inherently bad the article just panders to the tinfoil hat crowd. Google, an American Corp, and many other Corporations were attacked by an entity that appears was either the Chinese Government, a proxy of the Chinese Government or an entity specifically trying to make it look like the Chinese Government for their own nefarious purposes. Getting the "big guns" involved to help sort out the mess is the only reasonable response, it's what they are supposed to do and what they do.

Re:Two sides of the same coin (0)

Anonymous Coward | more than 4 years ago | (#31643506)

Agree, it's incredibly useful to have the two opposing forces under the same roof. If the INFOSEC guys need world class crackers to try and break their shiny new crypto, they can walk across the hall and tap a SIGINT guy on the shoulder.

actually (0)

Anonymous Coward | more than 4 years ago | (#31641806)

the NSA, well Forte Meade actually is home of a lot more agencies then just two. quite a few actually. DEFSMAC is the only one i can recall off the top of my head, as its been a while since i've read body of secrets.

Who Should be in Charge of U.S. Cybersecurity? (0)

Anonymous Coward | more than 4 years ago | (#31641920)

Schneier on Security - Who Should be in Charge of U.S. Cybersecurity?

http://www.schneier.com/blog/archives/2009/04/who_should_be_i.html ...
      the NSA's dual mission of providing security and conducting surveillance
      means it has an inherent conflict of interest in cybersecurity. ...

Re:Who Should be in Charge of U.S. Cybersecurity? (0)

Anonymous Coward | more than 4 years ago | (#31642470)

Ooops, let's try this again

Schneier on Security - Who Should be in Charge of U.S. Cybersecurity? [schneier.com]

  . . .

            the NSA's dual mission of providing security and conducting surveillance

            means it has an inherent conflict of interest in cybersecurity.

  . . .

This is all wrong. (0, Troll)

crhylove (205956) | more than 4 years ago | (#31641938)

We need to DISBAND the NSA. A democracy should be run by it's citizenry, not the other way around. The entire idea behind the NSA, that the American people need to be spied on, is repugnant, and helps stagnate our liberty in obvious and tyrannical fashion. This kind of agency is the whole reason we don't have real elections with real candidates that talk about real issues. This kind of agency is only required in a media run fascism where the populace does not know who killed JFK, or why, or who then succeeded him and to what purpose.

We should disband the NSA immediately. It is the most loathsome, disgusting, and horrible institution yet created by man, and it serves no purpose other than to subvert the very principle of democracy.

Re:This is all wrong. (1, Informative)

Anonymous Coward | more than 4 years ago | (#31642052)

Um, internal security is a function of the FBI not the NSA - the NSA's job is to gather [electronic, CIA and DIA deal with humInt] on other governments/organizations. It is the FBI's job to investigate domestic ends of these sorts of things and for that, we have warrants, etc. to ensure liberty.

Re:This is all wrong. (1)

zill (1690130) | more than 4 years ago | (#31642158)

But who watches the watchers? Who ensures the NSA does not conduct warrantless tapping? The Attorney General?

Re:This is all wrong. (0)

Anonymous Coward | more than 4 years ago | (#31644056)

In theory, the Constitution.

In practice, no one -- and you don't want there to be. Their job is to gather intelligence. This isn't an organization that cares if you're growing pot or molesting choir boys. They care about national security; to that end they'll do everything they can to get intelligence.

As long as they don't share the intelligence with the police (perhaps you admitted robbing a store) or your wife (you know what you did!), I'm fine with it. When Bush received the memo "Al-Qaeda Determined to Strike in the United States," that's the NSA doing their job. That doesn't mean the CIA, whitehouse, or politics can't bungle it up -- but the NSA did their job.

Re:This is all wrong. (1)

LurkerXXX (667952) | more than 4 years ago | (#31642068)

The entire idea behind the NSA isn't to spy on Americans. It's to spy on EVERYONE. They spend a fortune monitoring all they can on just about every country on the planet.

Re:This is all wrong. (1)

Sir_Lewk (967686) | more than 4 years ago | (#31642072)

The entire idea behind the NSA, that the American people need to be spied on

Who ever said that was the entire idea behind the NSA? You do realize that the NSA spies on other countries as well? Just ban them from listening in on Americans, as an official policy, and don't worry about it.

Besides, it's not like disbanding the NSA would actually do anything. There is a reason people say NSA stands for No Such Agency...

Re:This is all wrong. (1)

glwtta (532858) | more than 4 years ago | (#31642116)

Just ban them from listening in on Americans, as an official policy, and don't worry about it.

The NSA's policy notwithstanding, isn't it actually against the law for them to gather intelligence domestically? I know, I know, here I go with my pre-9/11 thinking again.

Re:This is all wrong. (1)

CZakalwe (1444421) | more than 4 years ago | (#31643026)

Mate, Government Rule Number 1: It's only against the law if you get caught, and there's proof.

Re:This is all wrong. (1)

OrwellianLurker (1739950) | more than 4 years ago | (#31643742)

The NSA's policy notwithstanding, isn't it actually against the law for them to gather intelligence domestically? I know, I know, here I go with my pre-9/11 thinking again.

They've been spying on Americans for decades now. The Patriot Act just legitimized it.

Re:This is all wrong. (2, Informative)

zill (1690130) | more than 4 years ago | (#31642434)

Just ban them from listening in on Americans, as an official policy, and don't worry about it.

I'm sorry but that's purely wishful thinking on your part.

In 1976, the Church Committee reports found NSA obtained copies of millions of private telegrams sent from, to or through the United States in its SHAMROCK program. [icdc.com]

On August 17, 2006, District Court Judge Anna Diggs Taylor ruled in ACLU v. NSA [wikipedia.org] that NSA violated the First and Fourth amendment by warrantless tapping American citizens in the aftermath of 9/11.

In April 2009, intelligence officials admits that NSA had been engaged in “overcollection” of domestic communications of Americans. [nytimes.com] In one extreme case they even wiretapped a congressmen while he was overseas.

Please note that I am not wearing tinfoil hats and all my sources came from either from Congressional hearings or court rulings.

Re:This is all wrong. (1)

Sir_Lewk (967686) | more than 4 years ago | (#31642998)

I don't deny any of it. All I'm saying is that "disbanding" the NSA won't stop any of it. They'll just change their name and set up shop completely secretly, just like before.

In one extreme case they even wiretapped a congressmen while he was overseas.

Really? You consider that an extreme case? If anyone needs to be wiretapped it's the corrupt US politicians who are responsible for all of this, and if wire-tapping should be occurring anywhere, it should be occurring outside the country...

not a problem (1)

r00t (33219) | more than 4 years ago | (#31643580)

"from" the United States: foreign

"to" the United States: foreign

"through" the United States: foreign

(the missing possibility is "within")

Re:not a problem (1)

zill (1690130) | more than 4 years ago | (#31643944)

"from" the United States: An American citizen to a foreign person

"to" the United States: foreign person an American citizen

In both cases the American citizen's Fourth Amendment rights were violated.

Re:not a problem (1)

cdrguru (88047) | more than 4 years ago | (#31645076)

I suspect the view is that all communication between persons in the US and persons outside the US are suspect and are subject to monitoring. Always have been, since the inception of the NSA. They are firmly plugged in to all International traffic, always have been and always will be.

Re:This is all wrong. (0)

Anonymous Coward | more than 4 years ago | (#31642096)

Wrong agency. You're thinking of the FBI who's purpose is domestic intelligence and law enforcement. The NSA just does all the crypto stuff that's picked up by the CIA.

Re:This is all wrong. (1)

budgenator (254554) | more than 4 years ago | (#31642152)

The Information Assurance mission confronts the formidable challenge of preventing foreign adversaries from gaining access to sensitive or classified national security information. The Signals Intelligence mission collects, processes, and disseminates intelligence information from foreign signals for intelligence and counterintelligence purposes and to support military operations. This Agency also enables Network Warfare operations to defeat terrorists and their organizations at home and abroad, consistent with U.S. laws and the protection of privacy and civil liberties. Mission [nsa.gov]

I don't see where "the American people need to be spied on" is part of their mission, in fact they've done some pretty major work like SElinux to keep Americans from being spied on, by anybody. If you don't like what the NSA is doing, write your congressman and have him change the laws.

They already did, and it made things worse (5, Informative)

Animats (122034) | more than 4 years ago | (#31642044)

This is old info, but NSA used to have a big internal division - the important stuff was at Fort Meade, and the less important stuff was at "FANX", the "Friendship Annex" (out near Friendship Airport, now called Baltimore Washington International). Support functions like personnel were at FANX, and still are.

Computer security was at FANX. Which was a problem. Being banished to FANX was bad for your career. The top NSA people didn't go to the computer security side of the house. So computer security languished for years.

All this was back when the USSR was the enemy, and NSA has changed a lot since then. But they still have Fort Meade and FANX, and less important stuff is still at FANX.

For a while, in the 1980s and 1990s, NSA did do serious computer security evaluations. Industry hated it, because products could fail. The original policy was that a company could submit products for evaluation by NSA. In the first round of evaluation, the NSA people told the company what was wrong, and gave them a chance to fix it. The second round was pass/fail; if NSA could break into it, it failed. There was no third round. Some highly secure systems did pass the tests, but they were not mainstream systems.

The process is now more "industry friendly". [niap-ccevs.org] Evaluations are made by outside labs, paid by the companies being evaluated. Companies can keep trying over and over until they pass. Failures are not publicized. There are versions of Windows that have passed some level of Common Criteria testing.

The "geeks and spies" division in the article is bogus. NSA is all geeks. (Mostly the middle-aged federal employee version thereof.) It's buildings full of people working at desks. There are no "NSA agents". The spies and the guys with guns are at CIA, FBI, DIA, and in the intelligence units of the armed services.

Re:They already did, and it made things worse (0)

Anonymous Coward | more than 4 years ago | (#31642104)

Amazing to see a Slashdot comment where the commenter actually knows what he (she) is talking about...

My experience on Slashdot is that, when it comes to the US Intelligence Community, those with the loudest mouths know the least...

Re:They already did, and it made things worse (2, Funny)

Anonymous Coward | more than 4 years ago | (#31642420)

The "geeks and spies" division in the article is bogus. NSA is all geeks. (Mostly the middle-aged federal employee version thereof.) It's buildings full of people working at desks. There are no "NSA agents". The spies and the guys with guns are at CIA, FBI, DIA, and in the intelligence units of the armed services.

This. I always get a laugh out of people saying "NSA agents"... the classic example was from Sneakers and the "NSA Agents" that were pursuing the decryption box. The only "Agents" that work for the NSA are internal types that manage polygraphs and security clearances. The rest of the people are geeks/nerds... well, actually managers and geeks/nerds. I remember an old joke floating around about the NSA: If the NSA ran a rowing crew it would have 7 people calling out "stroke" (managers) and 1 guy actually rowing (geek/nerd).

It all depends (2, Interesting)

mikefocke (64233) | more than 4 years ago | (#31642850)

It all depends on what level of Common Criteria evaluation you are talking about. At the higher levels, there is a lab authorized to conduct a product inspection and, once you pass that test, you get a medium level NIAP certificate. If you wish a higher level of CC approval in the US, after this original process NSA itself takes control and does its tests. So the process is still a two step process with NSA involvement...or was about 4 years ago when I was involved in taking an "Orange Book" product through CC evaluation.

Re:They already did, and it made things worse (2, Interesting)

Rorschach1 (174480) | more than 4 years ago | (#31643504)

I'd always assumed the idea of "NSA agents" was a myth, too. But if you visit the National Cryptologic Museum, there's a memorial there - apparently a duplicate of the one at Fort Meade - honoring fallen cryptologists. I seem to remember that a bunch of the names were actually just stars, because their identities were still secret. From the museum's website:

"The Memorial Wall was designed by an NSA employee and is 12 feet wide and eight feet high, centered with a triangle. The words "They Served in Silence," etched into the polished stone at the cap of the triangle, recognize that cryptologic service has always been a silent service - secretive by its very nature. Below these words, the NSA seal and the names of 153 military and civilian cryptologists who have given their lives in service to their country are engraved in the granite. The names are at the base of the triangle because these cryptologists and their ideals - dedication to mission, dedication to workmate, and dedication to country - form the foundation for cryptologic service."

I have to say that 153 sounds like an awfully high death toll if we're talking about desk workers.

Re:They already did, and it made things worse (1, Informative)

Anonymous Coward | more than 4 years ago | (#31643636)

I have to say that 153 sounds like an awfully high death toll if we're talking about desk workers.

NSA also includes CSS (Central Security Service) which provides crypto support to military branches. Some of the NSA/CSS personnel wind up on various missions which can be risky... e.g. manning various posts, on board planes/boats, etc.

Re:They already did, and it made things worse (1)

recharged95 (782975) | more than 4 years ago | (#31643776)

"banishment" was coined since it was a pain to get to the annex and the facilities (back 10yrs ago) we crap. It's changed over the years AND a lot of stuff is done there now since the agency's outsourcing to Eagle Alliance [csc.com] --most of the IT/IA side is heading in that type of arrangement due to budget cuts.
And a lot of important stuff was done there from time to time. And the real important stuff? Not at the Fort. That was done somewhere else. Though the fort does have the cool (at least to us techies), lower priority projects.


To the op, FYI, annex by acronym maynot be a good idea (when was your or friend's last LS)? ;)

Moral Responsibility (2, Interesting)

HotNeedleOfInquiry (598897) | more than 4 years ago | (#31642496)

Splitting the two seems like an unfortunate way to let otherwise socially responsible geeks do morally questionable things. Keep the two groups together. Let them be totally aware that they are spies and there is a heavy price for deception and living a lie.

CERT & China (0)

Anonymous Coward | more than 4 years ago | (#31642884)

Didn't DARPA create CERT to deal with vulnerabilities? Also, looks like the Chinese may not have just been blowing smoke when they accused Google of working closely with the United States intelligence community.

runs the risk of getting spies (1)

Culture20 (968837) | more than 4 years ago | (#31643148)

Um, sorry to point this out to you, but you run the risk of getting spies by contracting with just a "geek-only" NSA or contracting overseas with other countries.

Re:runs the risk of getting spies (1)

cpghost (719344) | more than 4 years ago | (#31644554)

With every employee that nurses a grudge against you, and with every employee who thinks he/she needs more than his/her regular salary... heck, with every employee that you hire, your risk of getting spies increases. Sub-contracting NSA or third parties and closely monitoring them is significantly safer than the trusted spies within.

Lets start a cyberwar with China. (1, Insightful)

wireshark (1777392) | more than 4 years ago | (#31643180)

As the wars in Iraq & Afghanistan are winding down the government "especially the republican party" sees the need for a new war. What better way to grease up lucrative contracts between the U.S gov & it's most successful companies than a "cyber" war. The Google breach is clearly an intel/political issue. The technical aspects are minimal & we all knew that great firewall compromised any chance of IT security there yet the story is portrayed as a technical one. Oh my! google was hacked by the chinese. They must need technical government support. Rarely is the story portrayed simply as an international policy issue. It's war I tell you & the economy loves a good fight.

This is not nonsense nor stupid, (1)

dragisha (788) | more than 4 years ago | (#31643284)

This is only part of cover story on Chinese vs. Google fiasco.

Obviously, Chinese used earlier Google "teaming up" with NSA as part of action pretext, and now someone is wrapping up things. That was not so, it is this, and so on. A bit oblique, but it must be...

Too bad Chinese won't buy it.

One possibility is - they already "did". And stories like these are to cover tracks when both Google and Chinese pull their moves back.

The US needs both under one roof (0, Troll)

AHuxley (892839) | more than 4 years ago | (#31643438)

How can you have one side without the other.
The signals-intelligence directorate to hack every trackable device and the information-assurance directorate to make sure the voice print is correct before the drone is released?
You can get it killing Dzokhar Dudayev,
You can get it tracking Abdullah Ocalan,
you can get it hacking wikileaks - -
- matter of fact; I've got it now.
A big predatory ideology in denial needs a big cold agency and the best cold agency is the NSA! No such agency.

Just because you create two, (1)

smchris (464899) | more than 4 years ago | (#31643516)

doesn't mean they won't cooperate (e.g. State Department/CIA).

Better solution (1)

Brandybuck (704397) | more than 4 years ago | (#31643718)

Wouldn't it just be easier to abolish the NSA?

Re:Better solution (1)

JoshuaZ (1134087) | more than 4 years ago | (#31643948)

Wouldn't it just be easier to abolish the NSA?

No. First of all, there's a direct public interest in having a government agency which tries to make sure that commercial crypto is secure. That's economically important. It helps businesses and individuals and benefits the general economy. Second, even the spook half of the NSA needs to exist. SIGINT is important. The problem with the NSA rests on overeager SIGINT attempts which violate our rights. But legitimate SIGINT still needs to occur. And if we abolished the NSA the abuses would likely simply migrate to another agency.

Split and In Opposition is the only way to oversee (1)

aschoeff (864154) | more than 4 years ago | (#31643912)

Observing this interplay between the two separate groups is the only way to reliably oversee and glean reliable data that either or both are not compromised, or "rooted." It's a brilliant solution. Be glad they implemented it. The next obvious question is, how do they have the oversight mechanisms kept secret and in redundancy? They'd have to be pretty much 100% passive.

Close and shut down the NSA (1, Interesting)

HooliganIntellectual (856868) | more than 4 years ago | (#31644496)

The NSA has no business existing. Shut down the agency. Secret government agencies have no place operating in an open, free democracy.

Re:Close and shut down the NSA (1)

cdrguru (88047) | more than 4 years ago | (#31644980)

When all governments are open and democratic, you might have a point. How about the ones that aren't. Should the rest of the world force them to change?

How Do We Know the NSA Is Any Smarter Than Google? (1)

littlewink (996298) | more than 4 years ago | (#31644678)

We don't know all of what the NSA does, what it spends, how often it succeeds/fails (or even what that means). Nobody is measuring the NSA for cost/effectiveness. One of the few things we _do_ know about the NSA is that some of the shit they pull violates U.S. citizens' constitutional rights.

What we should do is shitcan the current NSA and start over again. But this time build something that is monitored to ensure that, whatever it does, it does that effectively.

Of course the same could be said about the CIA, FBI and hundreds of other government agencies. But we spend so much more on the NSA. It is a true budgetary black hole.

ad hominem (1)

Strange Attractor (18957) | more than 4 years ago | (#31645074)

I don't like Noah Shachtman or his work. I last thought about him when he wrote something about Los Alamos, NM, which I know well. His article was misleading and had a misplaced sense of excitement and drama. At the time, I checked out some of his other work and found that it was similar.

I put him in with Dvorak. I ignore what he says.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>