You would think they (government in general, not just the NSA) would have learned this lesson. Manning also appears to have had access to much more than he needed to do his job. History repeats itself but usually there is a bit more time between repeats.
In my previous job, we had to prove to our government customer we had segregation of duties, we had proper discretionary access controls, and that removable media was disabled. Seems the government would have failed their own audit. I said previous job because I was recently laid off due to a reduction in force. So if anyone knows of opportunities along the east coast, let me know. Kevin On Monday, September 2, 2013, Jon Harris wrote: > One of the reasons for what Daniel is talking about happened during > Operation Market Garden during WWII. One of the officers, I believe it was > a 1st Lue, in the British force dropped into the battle carrying the FULL > battle plans in his pocket. The Germans got those plans on the first > day of the operation. They based their response on to the operation on > what they had. THAT is why you don't give everyone everything. The NSA in > this case based on public admissions and from has come out so far > appears to have forgotten that, go figure. It appears that they did indeed > appear to have handed the "master" keys to the kingdom to a > non-stakeholder, someone working strictly for the money, i.e. a contractor, > or at least a lot of various keys to individual doors for him to walk out > with Gigabytes of information. > > Jon > > ------------------------------ > From: [email protected] <javascript:_e({}, 'cvml', > '[email protected]');> > To: [email protected] <javascript:_e({}, 'cvml', > '[email protected]');> > Subject: Re: [NTSysADM] Re: Finally. > Date: Sun, 1 Sep 2013 13:07:44 -0500 > > Yes, I do think it matters especially in terms of OpSec (this is not > Joe’s Widget Company we’re talking about after all). Are Lieutenants told > the full details of a battle plan, or only what they need to know to do > their job? How about Sergeants? Continuing the battlefield analogy, what > about contractors (mercenaries in that context)? > If you would prefer, the next time I mention the granularity of “Unix > permission” I will include with that a 20-page discussion on what I mean by > “Unix permissions.” If I mention the 1st Amendment do I have to include the > full text of the amendment? Or can we just stipulate in the interest of > brevity that that is not necessary and is already understood? > Permissions flow downward. The primary one handing out the permissions > should be a stakeholder. The persons below him do have the access he has. > Sub-admins is hardly a new concept; they can be contractors and often are. > Authority can be delegated; responsibility cannot. > > *From:* Ken Schaefer <javascript:_e({}, 'cvml', '[email protected]');> > *Sent:* Sunday, September 01, 2013 4:00 AM > *To:* [email protected] <javascript:_e({}, 'cvml', > '[email protected]');> > *Subject:* RE: [NTSysADM] Re: Finally. > > > Do you think it matters, in this case, whether it’s an FTE or a contractor > that has “the keys to the kingdom” – they’d all need to go through the > necessary security clearance, and have the right citizenship etc.? For > someone who /wants/ to betray their country (e.g. for ideological reasons > or monetary inducements), do you think their employment status really > matters? Especially if the penalty for getting caught might include being > charged with treason? > > > > In a large org like NSA, it’s not a matter of simply knowing “UNIX > permissions” – that’s a gross over-simplification of the types of systems a > large organisation would have. There’d probably be multiple Windows/AD and > Windows/standalone environments, multiple UNIX environments, multiple > mainframe/host environments, plus multiple systems when application > permissions where used. There is no single “key to the kingdom” or a person > that has such a key – except the Head/CEO/etc. > > > > If you’re saying that every privileged user, from the developer that might > implement a back door, to the network admin who might trace traffic, to the > backup operator that might duplicate a backup to the person who manages the > HR system and who could create a “fake” identity, needs to be an FTE, then > I think you’ll find that just about every large business and government > agency is “in breach” of your fundamental security principles. > > > > Cheers > > Ken > > > > *From:* [email protected] <javascript:_e({}, 'cvml', > '[email protected]');> > [mailto:[email protected]<javascript:_e({}, 'cvml', > '[email protected]');>] > *On Behalf Of *Daniel Chenault > *Sent:* Wednesday, 4 September 2013 3:08 PM > *To:* [email protected] <javascript:_e({}, 'cvml', > '[email protected]');> > *Subject:* Re: [NTSysADM] Re: Finally. > > > > Why were the keys to the castle given to a contractor, a non-stakeholder? > While we may see a certain amount of laxity in this in industry and > business (not to say that's okay, it just happens) in such a sensitive > environment, one with a very real potential to be the target of espionage, > the keys to the castle should only reside in the hands of an employee. An > extremely well-trusted one with a complete knowledge of computer security > including using the granularity of Unix permissions to create admin > accounts and groups with specific perms to do specific functions. > > A contractor, in the context of the role within the organization, is not a > stakeholder. If the company or organization fails the only impact to the > contractor is it's time to find another contract ( assuming he wasn't the > cause). Time to find another contract is business-as-usual for a contractor. > > When one speaks of "tight security protocols" this is part of the > discussion: a very clear understanding of each position's role within the > organization, how it furthers the mission, the liabilities associated with > the position and a plan to ameliorate those liabilities. That discussion > comes before filling the position with an asset as that also defines the > type of asset; in this context it is employee or contractor. The proper > answer is that the system administrator, the ultimate holder of all > security secrets, the role with complete trust, is someone who has a stake > in the success of the mission and is under the direct authority of a key > stakeholder if not key himself. > > A contractor in such a sensitive environment should never have the full > authority of that administrator delegated to him. That violates the whole > idea of high security and the reason granularity is exposed in the computer > security model (implementation-specific). > > I consider the above to be a rational and reasoned short examination of > how and why the assignments of roles and permissions are to be defined in > any organization where the word "security" is used as part of the > priorities and goals. The higher the need for tight security (say, 1-10) > the more scrutiny each role is given and permissions defined. For the NSA I > would say the need is 11. > But that's all just my opinion late on a Saturday night. I could be wrong. > > > On Aug 31, 2013, at 21:37, "Ken Schaefer" <[email protected]<javascript:_e({}, > 'cvml', '[email protected]');>> > wrote: > > And what are your qualifications/experience, that allow you to make such > a call? (I’m assuming that you have no inside knowledge of how the NSA > works, and are relying on the public speculation/allegations at el Reg etc.) > > > > Cheers > > Ken > > > > *From:* [email protected] <javascript:_e({}, 'cvml', > '[email protected]');> > [mailto:[email protected]<javascript:_e({}, 'cvml', > '[email protected]');>] > *On Behalf Of *Kurt Buff > *Sent:* Sunday, 1 September 2013 12:03 AM > *To:* [email protected] <javascript:_e({}, 'cvml', > '[email protected]');> > *Subject:* Re: [NTSysADM] Re: Finally. > > > > On the evidence, absolutely. > > For an intelligence/espionage operation to be so thoroughly pwned because > of such amazingly poor internal operational security, there can be only one > conclusion - management responsible for internal security should be fired. > > I'm just glad they weren't, and I hope that what Snowden took is enough to > bring them down, and that it's all revealed to the public. > > > > Kurt > > > > On Sat, Aug 31, 2013 at 4:20 AM, Ken Schaefer > <[email protected]<javascript:_e({}, 'cvml', '[email protected]');>> > wrote: > > So, you’re saying that the feared NSA, which has a bunch of > un-discovered rootkits, which able to undertake some of the most advanced > espionage in the world, is managed by idiots? Seriously? > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Jon Harris > *Sent:* Saturday, 31 August 2013 6:17 AM > *To:* [email protected] > *Subject:* RE: [NTSysADM] Re: Finally. > > > > Generally from I have seen in state (Florida) organizations is that they > don't like promoting anyone but a moron into supervisory positions. > Occasionally someone will make a mistake and promote an intelligent person > but not often. I would suspect this is the case with the Feds as well > (worked with them too). Several times I have seen them hire those with > less brains and longer tongues and large lips over those with brains. As > long as this keeps happening then we will continue to see this happen. It > will be a long time before they get rid of all the defective management > personnel as I would think private companies would have little to gain by > keeping them (maybe why they seem to concentrate in public jobs?) and in a > government job it is MUCH harder to get rid of them. > > Jon > > ------------------------------ > > Date: Fri, 30 Aug 2013 14:34:15 -0400 > Subject: Re: [NTSysADM] Re: Finally. > From: [email protected] > To: [email protected] > > +13 > > On Aug 30, 2013 11:05 AM, "Kurt Buff" <[email protected]> wrote: > > > >
