*>>Nope. Does that matter?** * Yes, it most certainly does. Surely, you aren't suggesting that scale is not a factor in design and implementation considerations?
It's a well known fact that everyone outside of a failure is smarter than all the people inside the failure -- right up until they aren't. *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* **Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market…*** On Sun, Sep 1, 2013 at 7:52 PM, Kurt Buff <[email protected]> wrote: > Nope. Does that matter? Well, I suppose you think it does, but I doubt > it. With scale should come resources, and the NSA obviously does have > resources, including people with far more training, and who of whom > are smarter, than me. > > There are no excuses for this. > > Kurt > > On Sun, Sep 1, 2013 at 4:25 PM, Ken Schaefer <[email protected]> wrote: > > You've designed "more secure" systems at scale (40K+ employees) in an > information heavy organisation (bank, accountancy etc.)? > > > > Cheers > > Ken > > > > -----Original Message----- > > From: [email protected] [mailto: > [email protected]] On Behalf Of Kurt Buff > > Sent: Monday, 2 September 2013 4:01 AM > > To: [email protected] > > Subject: Re: [NTSysADM] Re: Finally. > > > > Aside from reading all those Le Carre novels? > > > > I've already designed more secure systems than were obviously in place, > as have many people on this list, perhaps including you. > > > > Kurt > > > > On Sat, Aug 31, 2013 at 7:35 PM, Ken Schaefer <[email protected]> wrote: > >> And what are your qualifications/experience, that allow you to make > >> such a call? (I’m assuming that you have no inside knowledge of how > >> the NSA works, and are relying on the public speculation/allegations > >> at el Reg etc.) > >> > >> > >> > >> Cheers > >> > >> Ken > >> > >> > >> > >> From: [email protected] > >> [mailto:[email protected]] > >> On Behalf Of Kurt Buff > >> Sent: Sunday, 1 September 2013 12:03 AM > >> To: [email protected] > >> > >> > >> Subject: Re: [NTSysADM] Re: Finally. > >> > >> > >> > >> On the evidence, absolutely. > >> > >> For an intelligence/espionage operation to be so thoroughly pwned > >> because of such amazingly poor internal operational security, there > >> can be only one conclusion - management responsible for internal > security should be fired. > >> > >> I'm just glad they weren't, and I hope that what Snowden took is > >> enough to bring them down, and that it's all revealed to the public. > >> > >> > >> > >> Kurt > >> > >> > >> > >> On Sat, Aug 31, 2013 at 4:20 AM, Ken Schaefer <[email protected]> wrote: > >> > >> So, you’re saying that the feared NSA, which has a bunch of > >> un-discovered rootkits, which able to undertake some of the most > >> advanced espionage in the world, is managed by idiots? Seriously? > >> > >> > >> > >> From: [email protected] > >> [mailto:[email protected]] > >> On Behalf Of Jon Harris > >> Sent: Saturday, 31 August 2013 6:17 AM > >> To: [email protected] > >> Subject: RE: [NTSysADM] Re: Finally. > >> > >> > >> > >> Generally from I have seen in state (Florida) organizations is that > >> they don't like promoting anyone but a moron into supervisory positions. > >> Occasionally someone will make a mistake and promote an intelligent > >> person but not often. I would suspect this is the case with the Feds > >> as well (worked with them too). Several times I have seen them hire > >> those with less brains and longer tongues and large lips over those > >> with brains. As long as this keeps happening then we will continue to > >> see this happen. It will be a long time before they get rid of all > >> the defective management personnel as I would think private companies > >> would have little to gain by keeping them (maybe why they seem to > >> concentrate in public jobs?) and in a government job it is MUCH harder > to get rid of them. > >> > >> Jon > >> > >> > >> ________________________________ > >> > >> Date: Fri, 30 Aug 2013 14:34:15 -0400 > >> Subject: Re: [NTSysADM] Re: Finally. > >> From: [email protected] > >> To: [email protected] > >> > >> +13 > >> > >> On Aug 30, 2013 11:05 AM, "Kurt Buff" <[email protected]> wrote: > >> > >> On Fri, Aug 30, 2013 at 10:52 AM, Micheal Espinola Jr > >> <[email protected]> wrote: > >>> > >>> I accidentally hit CTRL-Enter before finishing that email... and > >>> apparently that's a shortcut to instantly-send a message in Gmail. > Yay! I > >>> love learning new things... but anyways - So, yea, this Forbes > article was > >>> the first I have seen that highlights the real underlying IT problem > >>> regarding Snowden - aside from other OT issues. > >> <snip> > >>>> > >>>> I may have missed some article by someone else somewhere, but Its to > >>>> see Forbes 'get it' before anyone else... > >>>> > >>>> > >>>> http://www.forbes.com/sites/timworstall/2013/08/30/if-the-nsa-really > >>>> -let-edward-snowden-do-this-then-someone-needs-to-be-fired/ > >>>> > >>>> -- > >>>> Espi > >> > >> > >> Agreed- massive failure on the part of many people in the NSA in > >> implementing security procedures. > >> > >> Of course, what Snowden showed, beyond that, is the massive failure > >> that is government policy and practices regarding > >> surveillance/espionage in general, so I'm actually quite happy Snowden > >> was able to do what he did. > >> > >> Kurt > >> > >> > > > > > > >
