Skip to main content

NBC News delved into a key security issue with the Edward Snowden leaks: Just how does a technical contractor have access to so much information? Turns out, it's a combination of antiquated systems and far too much power placed in the hands of the 1,000 system administrators, most of them contractors, in the agency.
“It’s 2013 and the NSA is stuck in 2003 technology,” said an intelligence official. [...]

As a system administrator, Snowden was allowed to look at any file he wanted, and his actions were largely unaudited. “At certain levels, you are the audit,” said an intelligence official.

He was also able to access NSAnet, the agency’s intranet, without leaving any signature, said a person briefed on the postmortem of Snowden’s theft. [...]

If he wanted, he would even have been able to pose as any other user with access to NSAnet, said the source. [...]

[A] system administrator has the right to copy, to take information from one computer and move it to another.

So much for the great internal systems the NSA has for monitoring its work force to ensure compliance with the law. But we already knew this was a problem, with the revelation of LOVEINT, the term the NSA has used to designate when agents illegally use their power and their tools to spy on their romantic interests. That, the NSA tells us, hardly ever happens. They know that because only a handful of agents have self-reported that they've done this. Because the NSA relies on staff to self-report when they break the law. There's a fail-safe system for you.

Not to worry, an intelligence official says, because while "U.S. intelligence has invited so many people into the secret realm, [...] most people aren’t willing to vacuum everything up and break the law." They're just willing to break the law to spy on their lovers. But what happens, in a system so rife with security flaws, when we've got a president who decides to use exploit those weaknesses for personal or political gain? It wouldn't be the first time it happened, and it would be far too easy now.

Originally posted to Joan McCarter on Tue Aug 27, 2013 at 12:40 PM PDT.

Also republished by Daily Kos.

EMAIL TO A FRIEND X
Your Email has been sent.
You must add at least one tag to this diary before publishing it.

Add keywords that describe this diary. Separate multiple keywords with commas.
Tagging tips - Search For Tags - Browse For Tags

?

More Tagging tips:

A tag is a way to search for this diary. If someone is searching for "Barack Obama," is this a diary they'd be trying to find?

Use a person's full name, without any title. Senator Obama may become President Obama, and Michelle Obama might run for office.

If your diary covers an election or elected official, use election tags, which are generally the state abbreviation followed by the office. CA-01 is the first district House seat. CA-Sen covers both senate races. NY-GOV covers the New York governor's race.

Tags do not compound: that is, "education reform" is a completely different tag from "education". A tag like "reform" alone is probably not meaningful.

Consider if one or more of these tags fits your diary: Civil Rights, Community, Congress, Culture, Economy, Education, Elections, Energy, Environment, Health Care, International, Labor, Law, Media, Meta, National Security, Science, Transportation, or White House. If your diary is specific to a state, consider adding the state (California, Texas, etc). Keep in mind, though, that there are many wonderful and important diaries that don't fit in any of these tags. Don't worry if yours doesn't.

You can add a private note to this diary when hotlisting it:
Are you sure you want to remove this diary from your hotlist?
Are you sure you want to remove your recommendation? You can only recommend a diary once, so you will not be able to re-recommend it afterwards.
Rescue this diary, and add a note:
Are you sure you want to remove this diary from Rescue?
Choose where to republish this diary. The diary will be added to the queue for that group. Publish it from the queue to make it appear.

You must be a member of a group to use this feature.

Add a quick update to your diary without changing the diary itself:
Are you sure you want to remove this diary?
(The diary will be removed from the site and returned to your drafts for further editing.)
(The diary will be removed.)
Are you sure you want to save these changes to the published diary?

Comment Preferences

  •  Nixon and Hoover squirm in Hell from envy. n/t (34+ / 0-)


    Actual Democrats: the surest, quickest, route to More Democrats. And actually addressing our various emergencies.

    by Jim P on Tue Aug 27, 2013 at 12:43:41 PM PDT

  •  it's stupid to have so much intelligence/no? (10+ / 0-)

    Don Benedetto was murdered.-IgnazioSilone(BreadAndWine)

    by renzo capetti on Tue Aug 27, 2013 at 12:45:27 PM PDT

  •  From the Equestrian Necrosadist Department........ (18+ / 0-)

    These programs are not cheap not only physical facilities but from a personal perspective.

    Apply the $500 Hammer,$4000 coffee  Maker rates to IT.

    With the extra added insult they couldn't stop two morons armed with "Grannie's" Pressure cooker....... despite one of them being "In the system".....................

    I want 1 less Tiny Coffin, Why Don't You? Support The President's Gun Violence Plan.

    by JML9999 on Tue Aug 27, 2013 at 12:46:44 PM PDT

  •  Amazing story. (10+ / 0-)

    Sounds like Snowden got to live the hacker dream! I had a somewhat analogous experience working at an ISP in the late 90s - with root access, I could view any of our customers' emails. I never abused that, because it would have been unethical, and I wasn't that interested anyway.

    I doubt that I would have done anything, in Snowden's situation. but I can see how it would have appealed, at a certain age - it's like Toto tearing down the wizard's curtain...

  •  How the NSA really does its work: (11+ / 0-)

    •Step 1: NSA goes to Gmail, guesses “puppy64” as the password for all usernames, and successfully gains access to over 5 million email accounts

    •Step 2: Hits Ctrl+F, types “illegal activity”

    •Step 3: For anyone who doesn’t have a computer, NSA agents bring one right over to your home for you to use

    •Step 4: Automated bots install a tracking program on your internet browser, which logs your incredibly pathetic cycle of only ever visiting the same five sad little websites

    •Step 5: Randomly texts “what’s up?” to citizens and keeps detailed records of everyone’s responses

    •Step 6: You know how your password turns into dots after you type it? Well, the NSA figured out how to read dots

    •Step 7: America saved

    (- the Onion)

    Warren/3-D Print of Warren in 2016!

    by dov12348 on Tue Aug 27, 2013 at 01:11:43 PM PDT

  •  Just wait until someone starts actually (7+ / 0-)

    talking about how antiquated these antiquated systems really are.  Or talking about how the contractors to government build to a bare minimum to increase their profit margins - especially on fixed procurement contracts.  Or the government procurement process which is basically set up so that none of the end clients participate in the actual contracting process - end clients being people inside the agencies who might actually know something about what they need to buy unlike the procurement officers.

  •  The gloves are out of the bag now... (4+ / 0-)
    Recommended by:
    deben, eztempo, kyril, StrayCat

    Back when total domestic surveillance was still considered a fanciful dystopian delusion, the state was prevented from using the information broadly, since they had to keep the source secret. The calculus of use was such that only extreme situations would merit getting complete logs and workup from  the NSA.  That barrier has been substantially removed.

  •  I haven't read (9+ / 0-)

    NBC's reporting, but I wonder if they included this news from a few weeks ago:

    The National Security Agency, hit by disclosures of classified data by former contractor Edward Snowden, said Thursday it intends to eliminate about 90 percent of its system administrators to reduce the number of people with access to secret information.

    Keith Alexander, the director of the NSA, the U.S. spy agency charged with monitoring foreign electronic communications, told a cybersecurity conference in New York City that automating much of the work would improve security.

    Almost everything you do will seem insignificant, but it is important that you do it. - Mahatma Gandhi

    by NLinStPaul on Tue Aug 27, 2013 at 01:28:40 PM PDT

    •  Which doesn't quite make sense given (4+ / 0-)
      Recommended by:
      BentLiberal, erratic, eztempo, kyril

      the size of the operation - even if only because of the fact that there are multiple facilities and offices around the country.

    •  I really hope they pursue that automation (3+ / 0-)
      Recommended by:
      kyril, StrayCat, MindRayge

      ...scheme. The whole thing will come crashing down around their ears.

      Only problem is that the contractor supplying the automation (what? you're surprised that is how it's going to work?) will get overpaid fabulously in return for abysmal failure. :-(

      But overall, that's a good trade-off.

      -Jay-
      
    •  Great. (0+ / 0-)

      All across America, there were be analysts, secretaries, receptionists and general staff waiting 4 hours for the tech guy to come and unstick their computers which are frozen on the blue screen of death.

      That helps.

      © grover


      So if you get hit by a bus tonight, would you be satisfied with how you spent today, your last day on earth? Live like tomorrow is never guaranteed, because it's not. -- Me.

      by grover on Tue Aug 27, 2013 at 02:38:30 PM PDT

      [ Parent ]

    •  Who will automate the automators? (3+ / 0-)

      The thing with computer systems is that at some level, somebody has an obscene amount of power.

      Option A: Lots of separate systems, each with their own sysadmin team, each of which can access a fragment of the big picture. Many points of vulnerability, but each one is relatively small.

      Option B: A few sysadmins in a central office managing automated tools which admin lots of big systems, each of which can access a large part of the big picture. Fewer points of failure, but each one is catastrophic.

      The other problem with option B is that all software has bugs. All of it.

      Also, techies often have senses of humour (and sometimes ethics) that may not be shared with their employer. Guess who writes the automation software?

      "Let’s just move on, treat everybody with firmness, fairness, dignity, compassion and respect. Let’s be Marines." - Sgt. Maj Michael Barrett on DADT repeal

      by kyril on Tue Aug 27, 2013 at 02:45:42 PM PDT

      [ Parent ]

      •  That solution as proposed is, in my mind, (3+ / 0-)

        a clear indication that Clapper has no fucking clue what kind of operation he is charged with running.  None.

        He knows that all of those "server-thingies" provide "metadata" about "bad guys", but he hasn't a clue how those "server-thingies" work, no clue whether or not they are in fact working, and no clue about whether or not any of the "metadata" his "team" is collecting could be considered reliable information because he has no clue how software actually works.

        Add to that a few powerful, old Senators who probably need help dialing their cell phones if they actually have one of their own and you've got a perfect recipe for the stupids.

  •  As I've Said Before (10+ / 0-)

    The way people representing the NSA have described their security systems makes it sound really kind of ... amateurish.

    If Snowden was able to do this, others were to -- as the LOVEINT scandal indicates -- and I'm guessing a lot of them had more nefarious purposes.

    The probably still haven't found the giant data conduit sending their surveillance info off to China every night.

    "I'll believe that corporations are people when I see Rick Perry execute one."

    by bink on Tue Aug 27, 2013 at 01:54:03 PM PDT

    •  Outgoing traffic is fairly easy to monitor (0+ / 0-)

      It's unlikely that there's a giant data dump directly from NSA HQ.

      It is quite possible that there's a steady trickle via thumb drives.

      "Let’s just move on, treat everybody with firmness, fairness, dignity, compassion and respect. Let’s be Marines." - Sgt. Maj Michael Barrett on DADT repeal

      by kyril on Tue Aug 27, 2013 at 02:49:27 PM PDT

      [ Parent ]

      •  I Have No Actual Details (1+ / 0-)
        Recommended by:
        StrayCat

        But the NSA is making this information available not only to its own employees but to countless contractors, counter-terrorist Fusion Centers and other law enforcement offices. That data is not circulated via thumb drive, but rather through the pipes where these systems connect.

        "I'll believe that corporations are people when I see Rick Perry execute one."

        by bink on Tue Aug 27, 2013 at 02:52:52 PM PDT

        [ Parent ]

        •  Well, yes (0+ / 0-)

          but it's fairly easy to check what's being sent and where it's going.

          "Let’s just move on, treat everybody with firmness, fairness, dignity, compassion and respect. Let’s be Marines." - Sgt. Maj Michael Barrett on DADT repeal

          by kyril on Tue Aug 27, 2013 at 03:15:57 PM PDT

          [ Parent ]

  •  I have been wondering about this since the (3+ / 0-)
    Recommended by:
    Betty Pinson, erratic, Kevskos

    beginning.

    Thank you for this diary.

    "They did not succeed in taking away our voice" - Angelique Kidjo - Opening the Lightning In a Bottle concert at Radio City Music Hall in New York City - 2003

    by LilithGardener on Tue Aug 27, 2013 at 02:05:27 PM PDT

  •  Hahahahahahahaha - self reporting (11+ / 0-)
    So much for the great internal systems the NSA has for monitoring its work force to ensure compliance with the law. But we already knew this was a problem, with the revelation of LOVEINT, the term the NSA has used to designate when agents illegally use their power and their tools to spy on their romantic interests. That, the NSA tells us, hardly ever happens. They know that because only a handful of agents have self-reported that they've done this. Because the NSA relies on staff to self-report when they break the law. There's a fail-safe system for you.

    "They did not succeed in taking away our voice" - Angelique Kidjo - Opening the Lightning In a Bottle concert at Radio City Music Hall in New York City - 2003

    by LilithGardener on Tue Aug 27, 2013 at 02:06:30 PM PDT

  •  the only problem with using LOVEINT (0+ / 0-)

    is that those people were caught. About the only real problem I've seen so far is that the NSA put too much power into the hands of the system admins which I'm not sure what the solution to that is.

    Der Weg ist Das Ziel

    by duhban on Tue Aug 27, 2013 at 02:12:23 PM PDT

  •  Social media (6+ / 0-)

    Agencies demanded information on 38,000 Facebook users in six months

    WASHINGTON // Government agents in 74 countries demanded information on about 38,000 Facebook users in the first half of this year, with about half the orders coming from authorities in the United States, the company said yesterday.

    The social-networking giant is the latest technology company to release figures on how often governments seek information about its customers. Microsoft and Google have done the same.

    Makes you wonder just how much has occurred with all sorts of social platforms.

    Government of, for, and by the wealthy corporate political ruling class elites. We are the 99%-OWS.

    by emal on Tue Aug 27, 2013 at 02:16:42 PM PDT

    •  Like this one. (2+ / 0-)
      Recommended by:
      DRo, emal

      (glances over shoulder nervously)

      © grover


      So if you get hit by a bus tonight, would you be satisfied with how you spent today, your last day on earth? Live like tomorrow is never guaranteed, because it's not. -- Me.

      by grover on Tue Aug 27, 2013 at 02:40:07 PM PDT

      [ Parent ]

      •  Well....um (1+ / 0-)
        Recommended by:
        grover

        Errrr....well, Now that you mention it ...inquiring minds and all that, that thought has crossed my mind lately.

        Government of, for, and by the wealthy corporate political ruling class elites. We are the 99%-OWS.

        by emal on Tue Aug 27, 2013 at 03:36:25 PM PDT

        [ Parent ]

        •  And under the law, Markos and the team could (2+ / 0-)
          Recommended by:
          emal, stevemb

          Never tell us.

          Makes ya think.

          © grover


          So if you get hit by a bus tonight, would you be satisfied with how you spent today, your last day on earth? Live like tomorrow is never guaranteed, because it's not. -- Me.

          by grover on Tue Aug 27, 2013 at 03:38:44 PM PDT

          [ Parent ]

  •  Quis custodiet ipsos custodien? (4+ / 0-)
    Recommended by:
    bobinson, tb mare, Bisbonian, emal

    Who watches the watcher?

    How often are those personnel with unfettered access audited? Is there a meta-overlord group providing internal oversight on a daily basis?

    That Snowden was easily able to access the data and effectively obfuscate his activities displays too much trust?

    How many of these employees (contractors) are on the take to flow the data to private customers or foreign agencies?

    Another flaw in the human character is that everybody wants to build and nobody wants to do maintenance. Kurt Vonnegut

    by ToKnowWhy on Tue Aug 27, 2013 at 02:17:56 PM PDT

  •  freak out (8+ / 0-)
    He was also able to access NSAnet, the agency’s intranet, without leaving any signature, said a person briefed on the postmortem of Snowden’s theft. [...]
    This is why they are so freaked out. They don't know what he has. No logs tell them what he downloaded. That's why they're downing planes and in general behaving as if they are unglued.
  •  Still no ack of my diary on Saturday re: LOVEINT (3+ / 0-)
    Recommended by:
    Bisbonian, OLinda, emal

    in the linked diary by FP'er Joan McCarter.

    I thought it was considered polite to UTFSE and ack diaries that went before you, even as a FP'er.

    http://www.dailykos.com/...

    I'm beating a dead horse, but it irritates me, because I UTFSE before I posted it, ready to ack the diary that got there first, but there was none.

    The place was utterly dark—the oubliette, as I suppose, of their accursed convent.

    by bastrop on Tue Aug 27, 2013 at 02:31:26 PM PDT

    •  acknowlegement (4+ / 0-)
      Recommended by:
      bastrop, ToKnowWhy, eztempo, kyril

      I acknowledge your diary. :) Good job. :)

      I often have read something in a regular diary days before it hits the front page and it is true again in this case. I am pleased to see I had recced your diary.

      Old news on the FP, but still worth talking about. :)

      •  I can spell it, really. nt (1+ / 0-)
        Recommended by:
        bastrop
      •  I should add (1+ / 0-)
        Recommended by:
        bastrop

        that I agree, you should have a mention and link in the diary.

      •  Thank you I appreciate that. (2+ / 0-)
        Recommended by:
        OLinda, eztempo

        I'm surprised it bothers me so much. I am not one to dwell on something like this but I guess to me it is an issue of civility. I mean, the reason UTFSE exists as a acronym is because it is SO EASY to do and it saves so many headaches there is really no excuse for not doing it.

        So, the simple answer is she never saw my diary in the first place, which I'll bet is exactly the case. Hence, the existence of UTFSE. And here we are.

        Anyway...

        The place was utterly dark—the oubliette, as I suppose, of their accursed convent.

        by bastrop on Tue Aug 27, 2013 at 02:50:50 PM PDT

        [ Parent ]

        •  devils advocate, a little bit (2+ / 0-)
          Recommended by:
          bastrop, JVolvo

          I know how it is. But, I do want to say that Front Pagers are going to cover a story no matter who else may have written about it. It's their job and in some cases it would be hard to try to give everyone credit who might have diaried a story.

          Say Joan searches and 3 or 5 diaries come up. She would need to look at all of them to determine if they're just a link, maybe even a troll, whatever. So she reads them, to see if they're worth referring to, then does she link to 3 of them? Well, she doesn't have time to be researching this kind of thing before putting up a front page story.

          It happens ALL the time. Best you can do is say, "Hey, I diaried this already" in the comments and put a link. When I notice it and can find the diary, I often do that for other Kossacks.

          Joan is a good guy.

        •  It happened to me back in '06 (1+ / 0-)
          Recommended by:
          bastrop

          I understand the frustration of seeing a "first diary" subject appear the next day as a FP'er discovery, without so much as a wink to the guy that first turned up the story.

          C'est la vie.  I decided then that D-Kos wasn't really so very different than my workplace, where the guy in the corner office often gets credit for work done in a cubicle outside his door.

          •  I think it is different, though (1+ / 0-)
            Recommended by:
            eztempo

            because in the workplace, that's just cutthroat office politics or tone-deaf management. I don't think thats the case at all here. My feeling is if she knew my diary existed she likely would have acks the diary in a link. But that is really my point here, not that I was somehow dissed, but that she didn't UTFSE. That's the sum of it.

            The place was utterly dark—the oubliette, as I suppose, of their accursed convent.

            by bastrop on Tue Aug 27, 2013 at 03:15:12 PM PDT

            [ Parent ]

  •  Rhetorical, right? (0+ / 0-)
    But what happens, in a system so rife with security flaws, when we've got a president who decides to use exploit those weaknesses for personal or political gain?
    B/c the next Bush or Nixon or Dear Leader wannabe, we, the opposition, are toast.

    NSA is a rogue agency and needs to be defunded, and its employees fired, all of them.

    Irony takes a worse beating from Republicans than Wile E. Coyote does from Acme. --Tara the Antisocial Social Worker

    by Youffraita on Tue Aug 27, 2013 at 02:35:36 PM PDT

    •  Huh? (0+ / 0-)
      NSA is a rogue agency and needs to be defunded, and its employees fired, all of them.
      Rogue agency? Are you delusional? Let's just pull the plug on every Military organization and tell them to go home and twiddle their thumbs. We don't need them anymore. Oh, and those people working on Social Security Administration, the Fed, the GSA and the EPA, etc. They can go home too. We just want to start over fresh...

      You just DON'T even suggest something so utterly unrealistic.

      "I think it's the duty of the comedian to find out where the line is drawn and cross it deliberately." -- George Carlin, Satirical Comic,(1937-2008)

      by Wynter on Tue Aug 27, 2013 at 02:58:52 PM PDT

      [ Parent ]

      •  My comment may be unrealistic (1+ / 0-)
        Recommended by:
        shenderson

        but we already have the CIA and the FBI, which are clearly NOT rogue agencies.

        What does the NSA do except illegally hoover up all transmissions in violation of the Fourth Amendment?

        Irony takes a worse beating from Republicans than Wile E. Coyote does from Acme. --Tara the Antisocial Social Worker

        by Youffraita on Tue Aug 27, 2013 at 03:27:31 PM PDT

        [ Parent ]

        •  Perhaps you should do some investigating (0+ / 0-)

          ..on your own if you don't even know that much. Start with their mission and work out from there.

          The FBI is a domestic federal agency dealing with crimes, and criminal law.

          The CIA is an extra-territorial agency dealing with matters covertly that endanger the United States.

          The NSA is tasked (in my opinion) with capturing signal intelligence, cryptography, analysis and processing of immense amounts of data. Much like other agencies under the intel umbrella they have their speciality. Other agencies exist that cover satellites, mapping, etc. Mostly because these tasks are immense on their own.

          Before you call for something unrealistic (like Boehner and his cronies always asking for repealing Obamacare), have some idea what your asking for and what you want to be done in its place. Just common sense.

          "I think it's the duty of the comedian to find out where the line is drawn and cross it deliberately." -- George Carlin, Satirical Comic,(1937-2008)

          by Wynter on Wed Aug 28, 2013 at 03:33:53 AM PDT

          [ Parent ]

  •  The sysadmin is God. (3+ / 0-)

    There is absolutely no set of restrictions, logs, or monitoring that can be put in place to restrict the activities of a determined sysadmin. S/he is God, omniscient and omnipotent within your system.

    And you can't get rid of the sysadmins. They're necessary.

    The only solution is: if you don't want it done, don't build a computer system capable of doing it.

    It should also be noted that your programmers are arguably omnipotent over an even wider sphere than your sysadmins; if your system could theoretically be made to do something, they can do it.

    "Let’s just move on, treat everybody with firmness, fairness, dignity, compassion and respect. Let’s be Marines." - Sgt. Maj Michael Barrett on DADT repeal

    by kyril on Tue Aug 27, 2013 at 02:37:54 PM PDT

    •  They are paying amazon to build a could system (1+ / 0-)
      Recommended by:
      kyril

      for them now.  Given how often AWS goes down I can't wait to see how this works out.

      They say it will reduce the number of sysadmins by 90%.

      Praxis: Bold as Love

      by VelvetElvis on Tue Aug 27, 2013 at 02:46:08 PM PDT

      [ Parent ]

      •  LOL (2+ / 0-)
        Recommended by:
        Dr Erich Bloodaxe RN, StrayCat

        Yeah, that'll work out great. Outsource it to Amazon programmers.

        (8 hours after implementation)

        "Hey man, come over and check this out! I built backdoor root access into the NSA servers!"

        "Let’s just move on, treat everybody with firmness, fairness, dignity, compassion and respect. Let’s be Marines." - Sgt. Maj Michael Barrett on DADT repeal

        by kyril on Tue Aug 27, 2013 at 02:55:37 PM PDT

        [ Parent ]

    •  Methinks maybe auditing should belong (0+ / 0-)

      To another group that DOES NOT have access to the main body of data?

      There are reasons all those groups are separate in the Security portion of network admin.

      Only a total fool (or bunch thereof) would envelope all groups and fling them at SysAdmin.

      Ooo! Have the syslogs write to THEIR permanent NSA file, so an audit can be done any time on them, same as can be done to us?

      Another flaw in the human character is that everybody wants to build and nobody wants to do maintenance. Kurt Vonnegut

      by ToKnowWhy on Tue Aug 27, 2013 at 02:53:34 PM PDT

      [ Parent ]

      •  It's not technically possible (1+ / 0-)
        Recommended by:
        Dr Erich Bloodaxe RN

        to audit the sysadmin. I mean...you can audit a sysadmin, but it's not going to do you any good; if they're at all competent, and if they want to do anything they don't want you to know about, it's not going to show up in the log.

        There are a number of reasons for this, but as a basic starting point: they have root access. They can delete the logs. Or if you're storing the logs on another server, they can prevent them from being sent. Or kill the process that's doing the logging (and replace it with a dummy if necessary to prevent suspicion).

        The closest thing to a foolproof method would be a hardware keylogger. But there are ways around that too.

        "Let’s just move on, treat everybody with firmness, fairness, dignity, compassion and respect. Let’s be Marines." - Sgt. Maj Michael Barrett on DADT repeal

        by kyril on Tue Aug 27, 2013 at 03:02:09 PM PDT

        [ Parent ]

  •  Posted this important checklist yesterday: (4+ / 0-)
           Official "Don't-Offend-an-NSA Employee" checklist

    Remember, never turn down a requested date with an NSA employee.

    Remember, never break up with an NSA employee (unless the NSA employee wants to break up with you).

    Remember, never purposely or accidentally cut off an NSA employee while driving.

    Remember, never cut in line in front of an NSA employee at the grocery store.

    Remember, never stand up in front of an NSA employee at the ballgame, a concert or other entertainment event.

    Remember, never cheer louder for your child than you cheer for the child of an NSA employee.

    Remember, never leave an NSA employee off of your party invite list -- even if that NSA employee is only a casual acquaintance.

    Remember, never try and top a story an NSA employee tells at said party.

    Remember, never take a vacation that could make an NSA employee envious.

    Remember, never outperform any NSA employee in any organized athletic endeavor you do.

    Calling other DKos members "weenies" is a personal insult and therefore against site rules.

    by Bob Johnson on Tue Aug 27, 2013 at 02:44:47 PM PDT

  •  Total lack of internal control. The NSA runs like (0+ / 0-)

    Enron!

  •  The antiquated systems bother me far less (1+ / 0-)
    Recommended by:
    kyril

    than the far-too-much-power end of the deal.  I really don't care if they're stuck working with soup cans and string, so long as their ability to abuse their power is eunuchified, figuratively speaking.  

    Romae in die non combureretur.

    by Not A Bot on Tue Aug 27, 2013 at 02:50:03 PM PDT

  •  You are forgetting one important thing (1+ / 0-)
    Recommended by:
    shenderson

    As someone that has lived part of my life in that world, there is one thing that keeps things in check. The continuing reevaluation of your security clearance by polygraph. There is a downside to having so much access in the cleared world. Your are subjected to regular checks by polygraph and they aren't easy. You live under a constant fear of these moments and if someone was openly breaking the rules and law they would more than likely get themselves caught in one of these. Then they would have to explain why they failed in detail until they passed it or had their clearance pulled because of it.

    If Snowden and others were not being regularly reevaluated then there is your fault in the system. Trust is a primary element in someone that is given so much access. But trust is earned constantly and proof must be provided that you still are trustworthy. It's not assumed. Ever.

    "I think it's the duty of the comedian to find out where the line is drawn and cross it deliberately." -- George Carlin, Satirical Comic,(1937-2008)

    by Wynter on Tue Aug 27, 2013 at 02:52:35 PM PDT

    •  Polygraphs are pseudoscience (1+ / 0-)
      Recommended by:
      StrayCat

      debunked by the National Academy of Sciences and banned from use in most countries.

      But it doesn't surprise me at all that the NSA would use them. A lot of decision makers in the NSA probably don't accept climate science or evolution, either.

    •  Polygraphy is mostly pseudoscience. (1+ / 0-)
      Recommended by:
      atana

      Wikipedia summarizes the situation fairly nicely:

      When polygraphs are used as a screening tool (in national security matters and for law enforcement agencies for example) the level of accuracy drops to such a level that "Its accuracy in distinguishing actual or potential security violators from innocent test takers is insufficient to justify reliance on its use in employee security screening in federal agencies." In fact, the [National Academy of Science] extrapolated that if the test were sensitive enough to detect 80% of spies (a level of accuracy which it did not assume), this would hardly be sufficient anyway. Let us take for example a hypothetical polygraph screening of a body of 10,000 employees among which are 10 spies. With an 80% success rate, the polygraph test would show that 8 spies and 1,992 non-spies fail the test. Thus, roughly 99.6 percent of positives (those failing the test) would be false positives.

      Seeking alternatives in higher education? Learn more about this small college in Chicago.

      by shenderson on Tue Aug 27, 2013 at 04:18:58 PM PDT

      [ Parent ]

      •  Never claimed they were 100% perfect... (0+ / 0-)

        As this is something from Wikipedia and the NAS I would have to say that it's not definitive proof that it doesn't work. It's a test, not a all-knowing device that reads minds. Most of the time these lifetime polys flag people that are not criminals but have just not been honest or are high strung during the test. I don't know under what conditions the NAS did it's test, but I would have to say  its likely not similar to what I had to endure.

        False positives aren't failures. We are talking about a highly subjective test. You have to go through multiple tests to verify or clear someone that has a problem. Did the NAS go through that in their evaluation? Or did they just do a simple one time test? Did they evaluate the whole procedure that government uses in testing for security clearances?

        I am not doubting their results. But I would rather like to see that they followed the entire methodology that the government security people follow before claiming it is useless. If you know the rate of error on something you can still obtain value from the results. You just have to compensate for this. It's much like how we predict outcomes in other sciences. We don't just stop predicting because it's not perfect. We work within the parameters we have to get the best results.

        "I think it's the duty of the comedian to find out where the line is drawn and cross it deliberately." -- George Carlin, Satirical Comic,(1937-2008)

        by Wynter on Tue Aug 27, 2013 at 04:50:02 PM PDT

        [ Parent ]

  •  LOVEINT isn't the only lawless abuse... (2+ / 0-)
    Recommended by:
    emal, StrayCat

    Now we're finding out that NSA is using it's data mining intel in murky, semi-official, but definitely outside the bounds of any FISA approved way:

    WASHINGTON, Aug 5 (Reuters) - A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.

    Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges.

    The unit of the DEA that distributes the information is called the Special Operations Division, or SOD. Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security. It was created in 1994 to combat Latin American drug cartels and has grown from several dozen employees to several hundred.
    Taxpayers may like the idea of The Guvmint leveraging our investment in Total Information Awareness by this kind of cross-agency cooperation, but the House and Senate Intelligence Committees surely must have some questions, don't you think?  ...And it turns out, three weeks after Reuters turned up evidence of NSA's jumping out of their "searching for terrorists" legal pen, some in Congress have squeaked out a couple of inquiries:
    Five Democrats in the Senate and three senior Democrats on the House Judiciary Committee submitted questions to Holder about the NSA-DEA relationship, joining two prominent Republicans who have expressed concerns. The matter will be discussed during classified briefings scheduled for September, Republican and Democratic aides said.

    "These allegations raise serious concerns that gaps in the policy and law are allowing overreach by the federal government's intelligence gathering apparatus," wrote the senators - Tammy Baldwin of Wisconsin, Ron Wyden of Oregon, Tom Udall of New Mexico, Richard Blumenthal of Connecticut and Sherrod Brown of Ohio.

    This is not your garden variety "mission creep."  This is responsible law enforcement and intelligence service officials corrupting and breaking the law governing intelligence gathering to bring NSA's SIGINT into play in criminal investigations of Americans and others not involved in terrorism

    This is not a "ha-ha, those incorrigible nerds" story of petty human frailty.  This is the temptation of government officials to abuse and misuse the power they've been given, disregard the law in the following of it, but not in keeping their activities hidden from those charged with "oversight", and this is how the capability bought and built for the NSA will be perverted far beyond watching terror suspects overseas into an accepted and assumed surveillance state here at home that none of us could want.

    Hell, it's bad enough that Google and Facebook and Experian know more about me and my friends than I do... .

  •  Heh. (4+ / 0-)
    Recommended by:
    LieparDestin, emal, StrayCat, CenPhx
    As a system administrator, Snowden was allowed to look at any file he wanted, and his actions were largely unaudited. “At certain levels, you are the audit,” said an intelligence official.
    This is what I was saying early on, cause that's just the way it works...

    And Reggid and Co were so sure that he couldn't possibly have that sort of access, and were all hung up on his job title, going on and on about how he couldn't possibly have that level of access based on whatever it was he was called officially.

    Welcome to the reality of IT :P

  •  Not a surprise (1+ / 0-)
    Recommended by:
    shenderson

    It is absolutely the complete opposite of astounding that the NSA has massive internal security problems.  It's allowed to operate in secret, with no accountability and thus total impunity.

    The first outcome of the disastrously foolish decision to maintian a permanent "security state" bureaucracy that is allowed to operate in secret, is that their product, the intelligence summaries that are their reason to exist, deteriorates.  If you want to know about conditions in foreign countries, go to the State Dept.  They do a much better job of analyzing the goings on in these countries because their intelligence product is not produced in secret.  If their analysts come up with stupid assessments, people are free to criticize them.  Their assessments have to be able to hold up under scrutiny, unlike the products of the CIA or the NSA, or any other secret organization, whose analysts can be wrong with impunity.  It's a lot easier to be wrong than right, it takes a lot less effort to make stuff up to shore up previously held and otherwise politically popular assessments, than to acutally do the work needed to understand things.

    Even worse than intelligence products that continually degrade in quality, lack of accountability leads to misuse of the power conferred by secrecy.  Of course these folks use their superpowers to spy on lovers.  How could this not happen?  Even with the threat of public exposure that public officials lay under, even they quite often abuse their power to satiate their sex drives.  Imagine a bunch of R politicians who don't even have to worry that pictures of them in diapers are going to wind up on Youtube, or that they can pressure subordinates for sexual favors with absolutely no chance it will ever be made public.  Even if the average NSA employee started out at roughtly the same moral level as the general public -- which admittedly is much higher than the moral level of R politicians -- decades of impunity would attract and retain sociopaths to the NSA in preference to normal people.  Normal people don't want to hide in the shadows.  They're proud of work well done, and they don't want some superpower ring of invisibility to shield themselves from scrutiny.

    Governmental power is dangerous under any circumstances.  Unaccountable governmental power is such an obviously bad and dangerous thing, that until the end of WWII, we always had the good sense to keep spies and secret agencies only while we were actively at war, and to get rid of both at war's end, just as we got rid of large standing military forces.  For whatever foolish reasons, we decided at the end of that war that we were wiser than that sound tradition, that we could and should keep unaccountable agencies at work, under the rationalization that such were needed for "security" and "intelligence".  These agencies have provided the exact opposite of security and intelligence, and predictably so.  The only cause for astonishment is that we tolerate their continued existence.

    The states must be abolished.

    by gtomkins on Tue Aug 27, 2013 at 03:15:53 PM PDT

  •  So what? (0+ / 0-)
    Not to worry, an intelligence official says, because while "U.S. intelligence has invited so many people into the secret realm, [...] most people aren’t willing to vacuum everything up and break the law."
    How many people do you need?

    Hate Speech must remain legal. It reminds us that the hate is still out there.

    by SmallTownHick on Tue Aug 27, 2013 at 03:17:23 PM PDT

  •  The problem I have (3+ / 0-)
    Recommended by:
    emal, shenderson, StrayCat

    is that these folks lie just to hear their voices. If they told me the sun rose in the east I would have to double check that just to be sure they haven't somehow screwed with our rotation.

    For those of you all who are still sanguine about metadata and how it won't impact you I give this link:
    how-phone-metadata-can-reveal-your-affairs-abortions-and-other-secrets

    Hi NSA. I am doing constitutionally protected stuff - like free speech. Too bad you are not!

    by glitterscale on Tue Aug 27, 2013 at 03:32:53 PM PDT

  •  Still think its a good idea to give the Feds MORE (0+ / 0-)

    Isn't this what you guys want?  From the creepy "Julia" ads admonishing that big government can fulfill all our needs - cradle to grave- to a desire for government run everything this is the end result.  

    Tyranny.  

    Hope you like it .

  •  I really don't give a damn about LOVEINT. (0+ / 0-)

    I also don't worry a hell of a lot about NSA grunts privately selling our secrets to Entertainment Tonight.  

    THAT is not the problem.  It's not what the lower level people can do.  It's what the HIGHER level people can do with the lower level people.  I don't care how many reforms they put into the system to put tighter reins on the lower level people, because, to me, that doesn't even remotely address the problem.

    I bet they have very strict internal controls in every police state's internal spying system.  Even the KGB's.  I bet the average guy at the KGB isn't allowed to spy on Putin's mistress, for instance, when Putin is there, without a lot of clearance way up the chain of command.  Likewise, I doubt anybody in the NSA is spying on Keith Alexander and that they probably double check against that and would fire anybody who did.

    Makes little difference, though.

  •  I get to quote myself now (0+ / 0-)
    Me Quote #1

    File C: Gen. Keith Alexander's porn collection

    At 349Gb, that's a no-brainer.

    Me Quote #2

    I keep saying this is "scary"

    One part of it is what happens when some people get such unlimited access to so much information and power and use it as they will for purposes they decide.

    The other part is what if other people gain access and use it as they will for purposes they want.

    You don't have one without the other. A stick of dynamite has so much potential energy.

  •  What happens when (0+ / 0-)

    "when we've got a president who decides to exploit those weaknesses for personal or political gain?" Is there any evidence to the contrary with the "black Satan" as prez?

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site