If government actors are abusing their power to such an extent that reasonable, honest Americans free of foreign influence feel morally obligated to blow the whistle, then there are going to be more leaks.
It's not a flaw in the system; It's a safeguard against corruption and abuse of the system.
That might be enough for domestic intelligence, but it's really shooting yourself in the foot if you apply "free of foreign influence" to overseas intelligence operatives. (Because you'll never be able to recruit anyone whose exposure to the target culture is significantly deeper than a semester attending a foreign university ...)
ie: not gay and without financial debt
That's what would make sense for a nation with due process, but it does lead to increased risk of leaks from people with no obvious red flags that come up during the background check or in-person interviews.
Generally IMO the security clearance process is not up to the task in a world with more than one threat. It worked ok against USSR when we largely could use full spectrum of information AND could assume most people without black marks were anti-USSR (due to existential threat from nuclear weapons and essentially an undeclared state of war).
Doesn't work so well now when 1) IC really had no mission in the 1990s and 2) IC today is grossly oversized and overresourced for the anti-Islamism mission. The "anti-China, anti-Russia" stuff is much more like a real peacetime intelligence service, i.e. the <<500 people we had before WW2.
I still think the article makes a good point though, you just don't know who the hell has access to your data unless you keep it on your own servers or host the data in a country with extremely transparent privacy and law enforcement governance.
Perhaps the quality of his work matched his obviously high character, regardless of his initial lack of formal credential. This is IT we're talking about - classes are a joke.
We don't know his story yet but this much is certain: he is by definition an exceptional individual.
Tom Zhang, who now teaches at the University of New Hampshire, recently published a proof of the mathematically-famous twin prime conjecture for certain prime number pairs.
For quite some time, Zhang couldn't find work as a mathematician, and during that period, he worked as a Subway fast-food restaurant worker.
http://www.independent.co.uk/news/science/that-figures-profe...
I believe I understand the point that Manjoo is making in his article, but both his choice of example, and the specific derogatory language he uses to express his reaction, makes it seem to me that he has some specific ax to grind about the nature of technical credentials and their social cachet.
Not just this guy, but a contracting firm (BAH) in general? How did they get that bid?
I believe the UK is heading in this direction as well. Thatcher started it, but it's really gone up a few notches since then.
It's a sorry state of affairs when the schools, the fire service, the police, the prisons, the hospitals, the soldiers of war, and even the spies are all controlled by for-profit corporations.
FYI, CISPA is specifically for an NSA program intended to expand collection and give immunity to everyone. The lobbying for it as well as the politicans who proposed it, are heavily funded by these defense contractors.
This is a big part of the problem, the massive .mil budgets go to commercial contractors, who in turn support party candidates by donation. Its an incestuous positive feedback loop.
see Lessigs video talk on "LesterLand".
>Yes, he could be a computing savant anyway—many well-known techies dropped out of school
They're basically bemoaning his lack of official credentials.
If the Government trusted the NSA with our every phone call and email, why should we trust the Government?
They don't want to be able to arrest everyone. They want to be able to arrest anyone. Data collection processes like Prism are an important tool.
However, you don't know and can't predict how the government will change in the future. Data collected today is data that can be abused tomorrow.
The kink is that many patriots do actually understand and love the Constitution and if forced to routinely go against it in their line of works, a few will pull a Manning. That is expected. They can't have it both ways.
Language skills. No drugs. No alcohol. Does well in a hierarchical environment. Check, check, check and check.
It would be against the law to ask about the underwear.
Most of the time, when you go through the lifestyle clearance rigamarole, they're looking for any leverage someone might be able to use to coerce you to act against the employer's interests. Obviously, anti-government sentiment would be a flag, but you can get clearance by being truthful about the dishonest/illegal/etc. things you have done in the past, despite having done those things. In fact, willingness to disclose is a big trust builder.
It's about managing risk, which is why it's easy for me to believe that Marines and members of the LDS community would be given special consideration.
Such is the projection of American military power that his credit card and bank account will already be locked down, on grounds that he is a 'terrorist', regardless of which country he flees to.
It's perfectly possible for Snowden to have done what he did and still have negative qualities - for example, by going public he's making the entire conversation about him instead of the programs he leaked.
By going public, he's also encouraging others to do the same. Even if it's just the smallest amount, it matters.
I understand the guy is emphasizing these things to make his point but still, wtf.
What about his morals? What about his courage? I would most definitely trust my data to a guy that was and is prepared to go to jail for his beliefs that my data should be treated with respect and within the law.
I don't think the NSA would be using the same words you are.
The more legitimate point is that he was a contractor- just how much clearance do contractors get? That seems like the bigger worry to me.
Which isn't to say you're incorrect when you say how much damage a junior sysadmin could do in most places. It is to say that there are options that make this kind of thing a lot harder, to limit the scope and damage rogue admins can cause, and to raise the bar in terms of knowledge required. One would hope the NSA would be employing some of them.
And somewhere along the way you have to accept that your most senior admins aren't always going to be the ones schlepping gear around, which means physical access.
I'm also not entirely convinced of the practicality of building a system where there isn't at least one person who can bypass everything, especially if they're prepared to go into exile as this guy was.
Given adequate resources, I'm sure it's possible, but there's gonna be a shitton of money and ridiculously careful planning involved. I expect the operational overhead to be similarly huge.
"The Information Assurance Directorate (IAD) at NSA recently released a new technical guide entitled Best Practices for Securing a Home Network." - http://www.nsa.gov/ia/index.shtml
I've worked at companies where the secrets behind our app signing key are held to a higher standard than being entrusted to the care of any single entity. Even ignoring how you feel about whether the PRISM system is good or bad, shouldn't we expect the NSA to have better security policies, given the huge scope of abuse these systems could allow?
Why can't we celebrate him for having the moral character to have done the right thing instead of assault his character.
A college dropout that did the right thing by whistleblowing is 1000x better to have in this World than an MIT, Stanford or Harvard graduate who is working at the NSA or CIA being enabling or at least complicit in programs.
It seems unlikely Snowden was in a high-paid and important position without having demonstrated some kind of aptitude. I have the impression he was highly skilled.
The tech community should be the most understanding when it comes to overlooked people who kick ass on the job. Too many tech companies today are focusing on university names, this isn't the way it always was.
Is being nice to Edward Snowden considered aiding a terrorist? The NSA probably just fired off a warrant for the rest of my communications.
//insert crappy article
I mean, why should we give interviews at all? Obviously someone's resume and a class they didn't complete is all we need to know about them.
Document control works on two dimensions: clearance level and need to know. You need to both have the requisite clearance level and a need to know to be approved for access to a given document. Having a top clearance doesn't mean you get to freely look at whatever you want, although the press and general public seems to think it does.
What matters most to the NSA is your ability to pass a polygraph - not your engineering skills.
