NSA COMPUTER UPGRADE - [The Wall Street Journal, B1.] What does it take to send an e-mail to all 38,000 employees at the government's premier computing center, the supersecret National Security Agency? "An act of God," says the agency's director since 1999, Lt. Gen. Michael Hayden. The NSA, he discovered to his chagrin last year, has 68 e-mail systems. He has three computers on his desk - none of which can communicate with the others. To deal with those frustrations, Hayden is now plunging into one of the U.S. government's biggest information-technology outsourcing deals ever. More than 15 companies, including AT&T, Computer Sciences, IBM, General Dynamics and OAO, have formed three teams to compete for a contract set to be valued at as much as $5 billion over 10 years. Requests for proposals went out last week; the winner will be chosen by July. Project Groundbreaker, as the job is called, will be a curious venture by any measure. The winning consortium will take over running the NSA's office-technology infrastructure, including thousands of desktop computers and a Medusa-like tangle of software and internal communications systems. Hayden describes the current setup as "anarchic, convoluted and complex." It is a holdover from the days when the NSA, for security reasons, was broken into dozens of sealed-off compartments. Each bought its own computers, developed its own software and built its own networks, intentionally cut off from the rest of the organization. Hayden now wants to open the place up, at least internally. Whoever wins the Groundbreaker contract will have to meld the current mess into one seamless network, so that for the first time the agency can move around top-secret files as any company would, but without fear of an external security breach. If Groundbreaker succeeds, industry experts predict it could set off a wave of other big outsourcing deals within the federal government. Likely next candidates include the departments of Energy and Defense, and even the Central Intelligence Agency. "This will set the standard for how all similar deals proceed," says Thomas Robinson, president of CSC's Defense Group, which is leading one team that also includes General Dynamics and Verizon. The leaders of the other two competing consortia are AT&T and OAO.
This does not sound nearly as much like a "computer upgrade" as a "security downgrade". When you make top-secret files easier to move around the network, you make them easier to steal. No matter what the precautions are, wider access to people within the organization means more access for people who want to supplement their civil-servant incomes by selling secrets. Even if the technology is perfect, the people are a weak link and the more of them you put on a list the likelier it is that there's a broken link. On the other hand, we could see some interesting things if the technological solutions to this set of secure communications problems is ever made public. It amuses me to think they may wind up using off-the-shelf solutions like kerberos and PGP. Bear On Tue, 13 Mar 2001, Bill Stewart wrote:
NSA COMPUTER UPGRADE - [The Wall Street Journal, B1.] What does it take to send an e-mail to all 38,000 employees at the government's premier computing center, the supersecret National Security Agency? "An act of God," says the agency's director since 1999, Lt. Gen. Michael Hayden. The NSA, he discovered to his chagrin last year, has 68 e-mail systems. He has three computers on his desk - none of which can communicate with the others. To deal with those frustrations, Hayden is now plunging into one of the U.S. government's biggest information-technology outsourcing deals ever.
<clip>
NSA COMPUTER UPGRADE - [The Wall Street Journal, B1.] What does it take to send an e-mail to all 38,000 employees at the government's premier computing center, the supersecret National Security Agency? "An act of God," says
i don't think they would allow classified/non-classified data to cross the traditional divisions between siprnet and niprnet (which is one reason employees have multiple physical computers on their desks.) plus today's trusted computer systems are designed to control access to data (at granular levels including network, workstation, individual, application, etc.) on top of all of that physical and logical stuff, i'm sure information is still generally compartmentalized anyway. it simply sounds like a standard non classified communications (email) capability upgrade. though i do agree with you that people are probably the number one leak as you're saying. in fact all opsec/infosec assessments consider 'insider' threats the greatest problem to deal with (citibank 1995 is an excellent example of this.) phillip -----Original Message----- From: owner-cypherpunks@Algebra.COM [mailto:owner-cypherpunks@Algebra.COM]On Behalf Of Ray Dillinger Sent: Wednesday, March 14, 2001 11:33 AM To: Bill Stewart Cc: cypherpunks@cyberpass.net Subject: Re: WSJ: NSA Computer Upgrade This does not sound nearly as much like a "computer upgrade" as a "security downgrade". When you make top-secret files easier to move around the network, you make them easier to steal. No matter what the precautions are, wider access to people within the organization means more access for people who want to supplement their civil-servant incomes by selling secrets. Even if the technology is perfect, the people are a weak link and the more of them you put on a list the likelier it is that there's a broken link. On the other hand, we could see some interesting things if the technological solutions to this set of secure communications problems is ever made public. It amuses me to think they may wind up using off-the-shelf solutions like kerberos and PGP. Bear On Tue, 13 Mar 2001, Bill Stewart wrote: the
agency's director since 1999, Lt. Gen. Michael Hayden. The NSA, he discovered to his chagrin last year, has 68 e-mail systems. He has three computers on his desk - none of which can communicate with the others. To deal with those frustrations, Hayden is now plunging into one of the U.S. government's biggest information-technology outsourcing deals ever.
<clip>
It is likely that a principal reason for the new NSA system is to be able to more efficiently spy on its users, as with intelink, siprnet and niprnet -- and our own beloved Internet whose users and hackers know not what is being logged. Counterintelligence has become a more important function of the intel agencies than intelligence, as with corporations, educational institutions and families who face internal attacks. Exposing threats to kids, church and nation is a hot market. Counterintelligence in all its forms is riding high as a savior of the commonweal. Still there are dark sides to knowing the truth. The reports of DNA evidence showing that up to 28% of fathers are not the biological fathers of children for whom they are legal parents is a reminder that revisionist intelligence is not limited to the spooks as data mining becomes more widely available. And what will come of government as it becomes more subject to internal attacks due to greater access to snooping technology and counter-snooping attempts to hold onto the privilege of knowing what underlings do not? Deutch thought he knew why it was wise to work at home, to avoid the counter-snoops watching him, but the counter-snoops knew what he did not -- they work for themselves not the bosses. Sys admins may well become the power mongerers of the future, or is that already the case. Hayden is dreaming if he thinks he will be able to watch his troops without their knowing and counteracting it. What is worrisome is the prospect of a coup by the info hi-technoids, most of who work for the military or have contracts with them -- out contracts. SAIC, BBN, Mitre, RAND, the telecomms, the satcomms, operators of the thick connections worldwide, coupled with the wizards at the NSA, NRO, USAF, DIA, and so, could put on a formidable putsch, while the oversight committees remain, as ever, three monkied.
participants (4)
-
Bill Stewart -
John Young -
Phillip H. Zakas -
Ray Dillinger