WSJ: NSA Computer Upgrade

Phillip H. Zakas pzakas at toucancapital.com
Wed Mar 14 17:18:40 PST 2001 


i don't think they would allow classified/non-classified data to cross the
traditional divisions between siprnet and niprnet (which is one reason
employees have multiple physical computers on their desks.) plus today's
trusted computer systems are designed to control access to data (at granular
levels including network, workstation, individual, application, etc.) on top
of all of that physical and logical stuff, i'm sure information is still
generally compartmentalized anyway.  it simply sounds like a standard non
classified communications (email) capability upgrade.

though i do agree with you that people are probably the number one leak as
you're saying.  in fact all opsec/infosec assessments consider 'insider'
threats the greatest problem to deal with (citibank 1995 is an excellent
example of this.)

phillip

-----Original Message-----
From: owner-cypherpunks at Algebra.COM
[mailto:owner-cypherpunks at Algebra.COM]On Behalf Of Ray Dillinger
Sent: Wednesday, March 14, 2001 11:33 AM
To: Bill Stewart
Cc: cypherpunks at cyberpass.net
Subject: Re: WSJ: NSA Computer Upgrade





This does not sound nearly as much like a "computer upgrade" as
a "security downgrade".  When you make top-secret files easier to
move around the network, you make them easier to steal.

No matter what the precautions are, wider access to people within
the organization means more access for people who want to
supplement their civil-servant incomes by selling secrets.
Even if the technology is perfect, the people are a weak
link and the more of them you put on a list the likelier it
is that there's a broken link.

On the other hand, we could see some interesting things if the
technological solutions to this set of secure communications
problems is ever made public. It amuses me to think they may
wind up using off-the-shelf solutions like kerberos and PGP.

			Bear


On Tue, 13 Mar 2001, Bill Stewart wrote:

>NSA COMPUTER UPGRADE - [The Wall Street Journal, B1.]  What does it take to
>send an e-mail to all 38,000 employees at the government's premier
computing
>center, the supersecret National Security Agency?  "An act of God," says
the
>agency's director since 1999, Lt. Gen. Michael Hayden.  The NSA, he
>discovered to his chagrin last year, has 68 e-mail systems.  He has three
>computers on his desk - none of which can communicate with the others.  To
>deal with those frustrations, Hayden is now plunging into one of the U.S.
>government's biggest information-technology outsourcing deals ever.

<clip>

More information about the cypherpunks-legacy mailing list