back to article Future Snowden hunt starts with audit of NSA spooks' privileges

The National Security Agency (NSA) has decided it really needs to catch the next Edward Snowden before he turns whistleblower/traitor (strike one according to your political orientation). According to this memo (PDF) from Carol Gorman, an assistant inspector general in the Department of Defense's Readiness and Cyber Operations …

  1. Darren Bell
    Facepalm

    Oh The Irony

    This just made me laugh. All the years of treating us like criminals and now the tables have turned and it's treating its staff as potentials as well. Deliciously ironic.

    1. Gordon 10

      Re: Oh The Irony

      Welll maybe - apart from the fact that this is best practise everywhere.

      1. Chris Miller

        @Gordon

        Spot on. My understanding is that a lot of compartmentalisation ('need to know' being a fundamental aspect of military and government security for decades before the computer was invented) was torn down after 9/11, when agencies were accused by the politicians of "failing to connect the dots".

        Anyone who's worked in security for a few years is likely to have experienced the following scenario:

        PHB: This security system is reducing our profit- turn it off.

        Dilbert: That will expose us to all these risks.

        PHB: Don't argue, just do it.

        1. Jonathan Richards 1
          Facepalm

          Another PHB line...

          Security team: Your access privileges have been altered in line with the recent audit. Sir.

          PHB1: Put 'em back the way they were, son. Of course I need access to everything, I'm in charge. And don't come running in with that password-change crap, either.

          1Pointy Haired Brigadier

        2. John Sturdy
          Happy

          That's comforting!

          Having read "Spycatcher" and seen the level of compartmentalization within an agency (departments were spying on each other because of mistrust of potential moles, without each department spotting that they were being spied on), I had been suspicious that Snowden was an NSA plant, leaking that "we're doing X amount of surveillance" to hide the fact that they were really doing 3X amount of surveillance. But the post 9/11 sharing is more plausible, and makes Snowden more plausible to me. Not that I completely dismiss my earlier idea, to be on the safe side.

      2. Anonymous Coward
        Anonymous Coward

        Re: Oh The Irony

        Probably doesn't help much with security - probably subverted by anyone sufficiently motivated - but will help with quality as there will be fewer mistakes and errors made during normal work.

    2. John 98

      Scary too

      Sounds like sensible (and long overdue) overhaul needed because they have no idea of who is inputting data nor of who is copying and extracting it. In such a large outfit there must be staff open to bribery or blackmail. So what exactly have the Russians, Chinese, ISIS and the Mafia walked off with (or maybe inserted, deleted, changed)? If the incompetence is really so great, one need hardly bother with conspiracy theories to get seriously worried...

      1. John Smith 19 Gold badge
        Unhappy

        Re: Scary too

        "In such a large outfit there must be staff open to bribery or blackmail. So what exactly have the Russians, Chinese, ISIS and the Mafia walked off with (or maybe inserted, deleted, changed)? If the incompetence is really so great, one need hardly bother with conspiracy theories to get seriously worried..."

        Especially as someone hacked the whole USGov personnel system (including all those 163 page vetting forms for security roles where you tell them everything about yourself).

    3. nilfs2
      Big Brother

      Re: Oh The Irony

      We are all terrorist until proven otherwise, that's the NSA logic.

      1. Anonymous Coward
        Anonymous Coward

        Re: Oh The Irony

        Except you can't prove otherwise, so we will be suspects for life.

  2. Lars Silver badge
    WTF?

    Sorry but

    I cannot see how this has much anything to do with "political orientation".

    1. Sir Runcible Spoon

      Re: Sorry but

      Ok, how about "moral compass" instead.

  3. RIBrsiq
    Black Helicopters

    What always boggled my mind about the whole Snowden episode is the incompetence it implies at the NSA if he truly were able to just copy all those files.

    What I choose to believe instead is that he copied what he was supposed to copy.

    1. Mike007 Bronze badge

      If the CIA wanted him dead, he would be dead. Russia or not.

      1. ecofeco Silver badge

        "If the CIA wanted him dead, he would be dead. Russia or not."

        You give the CIA too much credit. They really don't have the humint and influence they used to have.

        Now if it were the Mossad...

      2. allthecoolshortnamesweretaken

        Re: If the CIA wanted him dead / Mike007

        You've been re-reading your Tom Clancy novels again, haven't you? No, 'Gospodin Klerk' is not going to drop by.

        OTAH: good premise for another conspiracy theory. If the CIA doesn't want him dead, then he must be working for them!

      3. Anonymous Coward
        Anonymous Coward

        @ Mike007

        "If the CIA wanted him dead,......."

        Bay Of Pigs!!

        Still think your remark is true?

    2. Naselus

      "What always boggled my mind about the whole Snowden episode is the incompetence it implies at the NSA if he truly were able to just copy all those files."

      It goes way beyond that. If the vetting process had been remotely up to scratch, Snowden would never have been employed by any government agency. Snowden was vocally anti-internal spying and had been for years online; anyone who'd read a half-dozen of his forum posts or facebook updates could've told you he would not be happy doing what they had him doing and would leak like a sieve. And the NSA already had this information available from its obsessive data collecting. It combines utter incompetence with an excellent display of not being capable of using the data they were harvesting in even the most obvious and easy cases.

      1. Lars Silver badge
        Flame

        @Naselus

        "If the vetting process had been remotely up to scratch". As far as I remember Snowden's background was very good, father etc. What you try to imply is that he from the beginning had some intentions to do something "wrong". I have no prove for that nor have you.

        Suppose you start working in Big Pharma and you find out that the company is cheating and putting all users at risk, nothing new there. Should you then react or not. Like with Snowden, or not, it becomes a moral question and most likely also a question of courage.

        So lets not forget that it's we the people who elect the government not the other way, although, as always they tend to think they select the people, nothing new here. In a perfect world the government would self regulate it self. But until then it's we the people who have to do it, who should do it and need the courage to do it.

        In the same way the government and us should regulate the business, and they hate it, for the simple reason that business has no moral obligations toward anyone but perhaps their shareholders. Skip all regulations for the food industry and you will eat horse shit as superC butter or something. You Americans have been in a newer before seen brainwash regarding regulations regarding the industry. Please wake up before there is only one ISP to "choose" between.

        As for Snowden I doubt I had the balls to do what he did, but again it's we the people who has the obligation and right to expose the government, and they hate it, and they have no choice but to hate it, Then it's up to you, the people, how to feel about it. And again dear Americans, wake up, you have been screwed for a long time.

        1. RIBrsiq

          Re: @Naselus

          I think the point Naselus was trying to make is that Snowden's earlier behaviour would suggest that he would go public if he found out that mass surveillance was taking place. I do not see any implications regarding any prior (ill-)intent on the part of Snowden or, indeed, any judgment as to whether what Snowden did was good or bad.

          My thanks to Naselus for pointing this out; I was not aware of it. Assuming it's accurate, it would support my feeling regarding the leak being planned by higher echelons of the NSA or beyond: one does not, after all, let go of a lead-weight in Earth's atmosphere and expect it to float up like a helium balloon.

          You know, this is a funny feeling: I tend to be against conspiracy theories, usually. Yet here I am finding that the simplest explanation I can come up with for the facts I have is a conspiracy worthy of a movie plot. But I simply see no other evidence that the NSA are this incompetent. Indeed, everything else I know points to them being one of the best entities on the planet in doing what they do, regardless whether you agree with it or not.

    3. allthecoolshortnamesweretaken

      Re: incompetence or not? / RIBrsig

      "What always boggled my mind about the whole Snowden episode is the incompetence it implies at the NSA if he truly were able to just copy all those files."

      You've probably never worked in a really, really large organisation - doesn't really matter whether private or public sector, really. Ever heard the old joke about two guys looking at a huge office block? "I wonder how many people work in there?", muses one of them. "Oh, about half of them", answers the other. Yes, the NSA is full of smart people, but not necessarily in admin (or the department that sets the internal guidelines). A lot of them are your average garden variety 9-to-5 employees just shuffling along. But then, we can't all be like Jack Ryan, can we?

  4. MyffyW Silver badge

    Shurley some mishtake

    cp -R * /mnt/myusbstick

    1. Flocke Kroes Silver badge

      Re: Shurley some mishtake

      Beat me to it, but I was going to go with:

      genisoimage -r /embarrassing/secrets/ | wodim dev=/dev/dvdrw speed=1 -

      Richard Chirgwin's "sudo cp -R * /dev/DVD" has multiple problems.

      If his account does not have access to the current directory, * will expand to *

      sudo does not do shell expansion as the target user by default, so cp will be instructed to copy a file or directory called *

      If * does not exist, cp will complain.

      If * exists and is a file (or * expanded to one name), it will be copied to the /dev directory, and will be called DVD. (These days, /dev is tmpfs, so the file will end up scattered all over the swap partition)

      If * exists and is a directory (or * expanded to more than one name), cp will complain that /dev/DVD does not exist.

      /dev/dvd is the default DVD-ROM. These days, DVD-ROMs are rare, and /dev/dvd will probably point to the same place as /dev/dvdrw.

      I am not sure what copying a file or directory to /dev/dvdrw would actually do. I hope it would cause a meaningful error message, but if not, I have confidence that recovering any data from the DVD would be a really unpleasant task - if possible at all.

      I think it is possible to mount a re-writable dvd with a filesystem, and copy files and directories to the moint point. When I read about this (over a decade ago) there was a warning about packet writing being really slow. In real life, you were better off generating an ISO image and asking wodim to transfer it to the DVD as slowly as possible (x1000 speed DVD players and x10000 speed disks were marketing numbers and had to be treated as slightly less reliable that a statement from the home secretary.)

      1. Dave 126 Silver badge

        Re: Shurley some mishtake

        >Richard Chirgwin's "sudo cp -R * /dev/DVD" has multiple problems.

        Maybe it was a deliberate mistake, in the same way Frederick Forsyth includes deliberate errors in his books (to avoid accusations of providing instructions to ne'er-do-wells)? In any case, the next Snowden is unlikely to look to Reg headlines for their MO!

        1. Primus Secundus Tertius

          Re: Shurley some mishtake

          There can be advantages in copying a non-ISO file to a CD or DVD. E.g. denying that it contains anything if you are caught.

          Beos and Nextstep used non-ISO cds for at least part of their product.

        2. Anonymous Coward
          Coat

          Re: Shurley some mishtake

          In any case, the next Snowden is unlikely to look to Reg headlines for their MO!

          El'Reg still use magneto-optical drives? That's a first. I have mine sitting in the cupboard -- unplugged it when I upgraded the box last time as the new machine only has one PCI slot for me to fit a SCSI card. Plus I couldn't get the media for it. (Hardly worth it when a DVD costs 50c and stores twice as much, or equivalent size USB sticks sell for $2.)

          I was thinking that, if /dev/DVD actually existed, it'd be a symlink to a block device, in which case the error message would be: "Not a directory"

          There can be advantages in copying a non-ISO file to a CD or DVD. E.g. denying that it contains anything if you are caught.

          Beos and Nextstep used non-ISO cds for at least part of their product.

          SGI boot CDs were basically a SGI disklabel with partitions just like their hard drives. (Makes it kinda fun to try and mount one of those on a Linux box…)

  5. I Am Spartacus
    Headmaster

    Try reading your own books

    The Orange Book would be a start. No, not that one,

    Try this one

  6. AustinTX

    The solution is free

    NSA should adopt the N. Korean Linux as it's OS. Built-in auditing and everything!

    1. TonyJ

      Re: The solution is free

      "...

      The solution is free

      NSA should adopt the N. Korean Linux as it's OS. Built-in auditing and everything!..."

      And automatic offsite archiving/backup :)

  7. Doctor Syntax Silver badge

    They seem to assume that staff would be doing this via their normal work machines. Have they forgotten that these include people who install backdoors & tap networks?

  8. Anonymous Coward
    Anonymous Coward

    Wake me up

    Wake me up when the USA President can safetly carry a smartphone, in America, running an American OS, safe in the knowledge that he can't be tracked.

    If he can't ensure his privacy from indiscriminate warrantless surveillance, then nobody else can.

    1. NotBob
      Big Brother

      Re: Wake me up

      Some might argue that it's this way on purpose...

    2. Anonymous Coward
      Trollface

      Re: Wake me up

      Wake me up when the USA President can safetly carry a smartphone, in America, running an American OS, safe in the knowledge that he can't be tracked.

      "They can track me" would be a weird issue for a man always accompanied by about a thousand security men and other government employees, plus hordes of journalists.

  9. Tromos
    Joke

    Two person policy

    An extra training budget has been authorised to ensure that both people holding onto the USB stick walk round the same side of the lamppost.

    1. Yet Another Anonymous coward Silver badge

      Re: Two person policy

      Like the famous East-German 2 person + 1 dog policy.

      One person can read, one person can write - and the dog is to keep an eye on the dangerous intellectuals.

  10. ecofeco Silver badge

    Barn door

    Horse.

    Next: more spilled milk coming and control freaks continue to not learn their lesson.

    1. DocJames
      Facepalm

      Re: Barn door

      Yes, the horse bolted in 2013. They're announcing the shutting of the stable door (ie "something will be done") in 2016.

  11. Anonymous Coward
    Linux

    Too many individuals have privileged access to NSA computers ..

    How about designing an OS, where someone can't just walk in off the street and burn your entire unencrypted database to a DVD. Or at least implement a full irrevocable auditing system where you don't have to wait until the miscreant downloader announces the deed from Moscow.

    1. Yet Another Anonymous coward Silver badge

      Re: Too many individuals have privileged access to NSA computers ..

      Can I tender to supply them with petabytes of write-only storage?

  12. Schultz

    “unauthorised or inappropriate activity”

    Doesn't that describe most of the activities revealed by Snowden?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like