Forgot your password?
typodupeerror
Databases Government IT

The FBI Wants To Know About Your IT Skills 211

Posted by Soulskill
from the and-how-you-take-your-coffee dept.
AHuxley writes "The FBI, via the Office of Management and Budget, would like to find out more about your information technology expertise if you are part of InfraGard. Terms like 'practical utility' have been included in a 60-day emergency notice of information collection via the Paperwork Reduction Act of 1995. Is your boss or cubicle colleague part of InfraGard? It's a private, non-profit organization run as a public-private partnership with the Federal Bureau of Investigation. Are they passing info back about you or your company?"
This discussion has been archived. No new comments can be posted.

The FBI Wants To Know About Your IT Skills

Comments Filter:
  • by Anonymous Coward on Sunday January 10, 2010 @09:16AM (#30714336)

    Maybe it's not that sinister but that's the first thing that popped into my head. Looking at the website, it's initial intentions aren't that sinister but mandating that much sharing of information sounds a bit creepy. You guys are going to be DHS'd/FBI'd to death if you're not careful.

    • They refer to it as "A collaboration for infrastructure protection". Does that make those who sign up for it "collaborators"?

    • by h4rm0ny (722443)

      it's initial intentions aren't that sinister

      Or at least its stated intentions. Nightwatch sounds like a good fit, actually: If you're loyal, then why wouldn't you want to help? The catch of course being loyal to what...

    • There was actually an episode of a show on TV about it (Conspiracy Theory with Jesse "The Body" Ventura)... dunno how much of it you can believe, but if even some of it, then this is sinister.

      This would not be the first time that the government has helped/hired/worked with outside agencies to collect information that they cannot legally collect directly. My presumption would be that with updating such records about the members of InfraGuard, they can find the InfraGuard members best suited for covert info

    • Re: (Score:2, Insightful)

      by IdleTime (561841)
      This reminds me of the same program KGB once operated, they just called it "Report anything unusual about everyone!" and it was a disaster then so why do these douchebags think this is a good idea now?
    • Re: (Score:2, Insightful)

      Maybe it's not that sinister but that's the first thing that popped into my head. Looking at the website, it's initial intentions aren't that sinister but mandating that much sharing of information sounds a bit creepy. You guys are going to be DHS'd/FBI'd to death if you're not careful.

      You are quite correct... remember Carnivore and the denial it existed? Then we ended up with Magic Lantern which is still denied even though I have the source code. The CIA are the evil ones, not the FBI. I have had good help from some federal agents in the past and I saved a 13 year old girl from a pedophile in Las Vegas. The fed in question was in California and I am here in the UK, now if it was not for our collaboration and my IT skills I would have never located her and quite possibly she would have be

  • by gmuslera (3436) on Sunday January 10, 2010 @09:17AM (#30714338) Homepage Journal
    They want to be ready for the next July 4 just in case they need someone capable to infiltrate into some alien computer system.
  • First post! (Score:5, Insightful)

    by Godji (957148) on Sunday January 10, 2010 @09:18AM (#30714344) Homepage
    The part I don't understand is why anyone would voluntarily become a part of InfraGrad and start "sharing information" about others in the first place.
    • Re:First post! (Score:4, Insightful)

      by woody.jesus (1665793) on Sunday January 10, 2010 @09:33AM (#30714400)
      Well, if you are a member of InfraGrad and your boss isn't, then he suddenly has to be aware that you might snitch on him at any time. Now he has to treat you with some respect for a change! Or if the boss is already a party member, then as a fellow Infragrader, you'll be preferred for promotions and raises. Maybe you were a weak little sniveling rodent before, but now you're a member of INFOGRAD and you can strut around in your imaginary jackboots because you're just a little bit better than those common people!
      • Re: (Score:2, Insightful)

        by gladish (982899)
        Sounds a little like the "Hitler Youth" http://en.wikipedia.org/wiki/Hitler_Youth [wikipedia.org]
        • Re:First post! (Score:4, Insightful)

          by Opportunist (166417) on Sunday January 10, 2010 @01:21PM (#30715740)

          More like The Party. Not only refering to the NSDAP but also to any parties in one party dictatorships. It was not much different in the Soviet states. You were a member of The Party and you suddenly had a much higher chance of promotion, of scientific credibility, of other merits that are credited on the whim of someone or a group of people.

      • Cash, that is, not just "influence" which might backfire. I heard that Stasi rates were rock bottom, but the US screwy agencies have deeper pockets. Hey, in these challenging times lots of folks would be willing to snitch (perhaps even inventively) on their colleagues and other obstacles to job security or promotion (=boss).
        Not being a citizen of any NATO country, they'd probably offer me less, the bastards.
        • by AHuxley (892839)
          Yes East Germany was strapped for cash.
          They went for anyone useful in any organisation they could, turning them, seducing them.
          Or used own as long term sleeper, entering at the lowest point and working their way up.
      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Well, if you are a member of InfraGrad and your boss isn't, then he suddenly has to be aware that you might snitch on him at any time. Now he has to treat you with some respect for a change!

        Or fire you at the first possible chance he gets before you can get the goods on him. It's all great that you'd try to take him to court that you were fired for being in the InfraGrad program, but you'd have to prove it as well. And regardless of the case, after such a case is made public you can kiss your other job pros

    • Re:First post! (Score:5, Interesting)

      by FooAtWFU (699187) on Sunday January 10, 2010 @09:40AM (#30714418) Homepage
      It seems aimed at big "IT Infrastructure" companies like ISPs, search engines and mail providers: a way to be in touch with these people in the event of "cyberterrorism" and systematic DOS/takeover attempts. It seems like a much better idea than waiting for something to happen and then have no idea who you're supposed to get in touch with about it. Knowing who to call in an emergency shouldn't have to be half the battle.
      • by onepoint (301486)

        valid point, It looks like the government wants users ( in this case IT Pro's ) to be in communication so that in-case of something real bad, the net can still work.

        reminds me of 9/11 air traffic controllers, they did an excellent job getting planes out of the air without government interference ( after they were told ) and since then, there are no standing orders to interfere with them if it happens again ( let the people who handle air-traffic do there job and not government it up ).

      • It seems aimed at big "IT Infrastructure" companies like ISPs, search engines and mail providers

        No, it is/was aimed at any company willing to get involved. I went to one of their meetings and the whole thing kinda creeped me out. I got the distinct impression that we were expected to routinely rat out anyone we could find.

    • it's called totalitarianism. Long history. look up words like STASI, KGB, GESTAPO. If there is a way someone can gain some social advantage over others, eventually there will be a "someone" to cheerfully fill those jackboots.
    • You could ask the 100,000 “inofficial employees” of the Stasi [wikipedia.org] that.
      Or those who, in Nazi times, betrayed their own family members because they hid Jews.

      Or actually anyone who “works” at an agency that spies on its own population.

    • by astar (203020)

      if you pay attention, you should also consider "block watch" programs. These are still voluntary. In seattle, people would make the point effectively enough that the cops had to stop having public organizing meeting. this was a while ago.

      with the perpetuality clauses in the senate health bill, we now have what Tom Paine explicitedly described as tyranny, so what do you expect?

    • Because they believe the whole "good citizen and patriot" BS?

      You'd be amazed how far this can reach. The whole Gestapo system would not have worked if it hadn't been for people who consider it their "patriotic duty" to inform about people who are not really "in line" with the whole system, even if they themselves could not have cared less about the whole Nazi movement.

      There are not really black or white, not really for or against government. Well, there are, but they are the minority. Most people are somewh

    • by ScrewMaster (602015) * on Sunday January 10, 2010 @01:56PM (#30715976)

      The part I don't understand is why anyone would voluntarily become a part of InfraGrad and start "sharing information" about others in the first place.

      Because, if you're not in the InfraGuard then you must be an InfraRed.

    • Re: (Score:2, Interesting)

      This is a test of your biases. How would you feel if the Democratic Party was trying to create a support organization of volunteering IT professionals? The Republican party? moveon.org?

      If you think the US does not need some organization that does the job of DHS, then you are an idiot. If you accept that the job needs to be done, then you also have to accept the people that you've got, you can't just fire them all and build a new DHS by hiring, say, fine arts majors. At that point you can have a discu

    • by Lord Kano (13027)

      Think of all of those people who were never qualified to become a cop or some type of covert agent. They can sign up for Infragard and live out their fantasies.

      LK

  • Sooo, essentially... (Score:2, Informative)

    by tciny (783938)
    ... the Stasi of the IT world or am I misreading this? The wording seems intentionally diffuse.
  • by mc1138 (718275) on Sunday January 10, 2010 @09:28AM (#30714380) Homepage
    While I'm against snooping without cause, something of this in a collaborative model isn't necessarily a bad thing, though it does open up for potential abuse. There are lots of times when I call up buddies ask them what sort of IT issues they're having with security, spam, etc, and this just seems to formalize it a bit, and get the circle of trust a little bigger. Companies too often seek to distrust the authorities for crimes because it will make their companies look weak. As such criminal will get away with things solely because no one reports them. This doesn't look like a secret "Stone Cutter" type group, just a way to get to know some local colleagues and keep more ears to more ground looking for potential threats.
    • by betterunixthanunix (980855) on Sunday January 10, 2010 @10:34AM (#30714688)
      What I find striking is the utter lack of information that the FBI's website gives about what Infragard is really about. They give few details about what sort of information they are looking for, and what sort of information they give back to their members. That alone makes it difficult for me to trust...
  • Funny stuff (Score:5, Funny)

    by oh2 (520684) on Sunday January 10, 2010 @09:40AM (#30714420) Homepage Journal
    Lol, "Self-identified as IT specialists" indeed. Thats one funny document. What would they need that kind of information for ? To evaluate bragging rights ?
    • Re:Funny stuff (Score:4, Informative)

      by finitimi (126732) on Sunday January 10, 2010 @10:12AM (#30714558)

      I am a member of InfraGard. In the past, our local FBI office has asked members of our chapter to self-identify their expertise in a particular IT specialty. I and others did so, and subsequently assisted them in a couple of criminal investigations. I think the FBI just wants to broaden and formalize their inventory of IT subject matter experts.

      • by The FBI (1717712) on Sunday January 10, 2010 @10:24AM (#30714628)

        The FBI has never contacted you in any way, shape or form, other than through this post. You are advised to retract your statement and apologize, otherwise legal action will be brought against you. Thank you.

        Have a nice day.

        • by ZosX (517789)

          Did you create a user id just to post this?

          • by Cabriel (803429)
            I'm pretty sure that one's been around a while, and he just whips it out for sarcastic intrigue. A couple of posts lower, you'll see someone with an ID number in the 30millions, which is 13million higher than The FBI.

            On the other hand, if it's the real FBI, then it kind of tells you how late they really are to the IT Party. ;)
            • by Icarium (1109647)

              And this is why people shouldn't drink before midday. Blurry vision, faulty memories and imaginary UIDs.

              • by Sir_Lewk (967686)

                He probably saw a post id, which currently seem to be in the 30-millions (yours is #30716530 for example).

    • by Yvanhoe (564877)
      L33tSp34k is the mandatory language on the filling form. It also asks for your WaRlOrDz rankz and asks you to list your "mad skillz".
  • by Anonymous Coward on Sunday January 10, 2010 @09:41AM (#30714424)

    Wekl, fwirstly, my tyuping sklills are spoty on.

    • by CptNerd (455084)
      Aye sink ewe knead two get hay gnu spill chucker, lake thee won aye rote four dose peephole.
  • by Anonymous Coward

    So, if the FBI wants to ask for certain records they have to get a warrant.

    But, if a member of InfraGard decides to provide the FBI with records without the FBI asking then it's a private citizen reporting "suspicious behaviour"

    Or, would a member of InfraGard be considered an officer of the government, making any records they had access to inadmissable?

    I'm guessing it's pretty clear that I'm not a lawyer.

  • by Callandor (823150) on Sunday January 10, 2010 @10:28AM (#30714650)
    From the information provided, which is very little, it appears that the FBI is requesting information from people who have voluntarily joined an organization of IT professionals not just sponsored by but directly affiliated with the FBI. Why is this getting everyone's hackles up? It does not say that the information will be required of all members, nor does it say that members will be required to inform on their coworkers or companies. The ACM asks you about your IT skills, too. How is this different?
    • by Tellarin (444097)

      From the little info that is available, the problem seems to be exactly the direct affiliation with the FBI.

      ACM is just a professional organization, and they'd like to know the profiles of their members. ACM doesn't have other goals but tho help their members (at least officially).
      The same applies to IEEE and others.

      In this case, an external entity (the FBI) is asking for this info from members of another entity, which does not specify clearly their purpose or the nature of their relationship with the FBI.
      I

  • by cravey (414235) * on Sunday January 10, 2010 @10:30AM (#30714660)

    They only want information about the IT skills of their own members. How else would they process ONLY 28,000 responses at 2 minutes each? This doesn't even seem to apply to all Infragard members, only:

    "Public and private professionals
    self-identified as having information technology expertise."

    This would also be why it's called:
    "InfraGard Knowledge/Skills/
    Abilities Profile"

    IT seems kindof obvious that they might want to know what the skills of their own members are if they need assistance on something. Not like the FBI knows anything about technology [wikipedia.org].

    Perhaps they're looking for resources for the next time they have an IT issue/project they need to not fuck up. According to their website, you need a background check to join. Seems like a good way to build a database of IT professionals that you don't need to do background checks on after the fact.

    • by Svartalf (2997) on Sunday January 10, 2010 @10:59AM (#30714786) Homepage

      Most people didn't. They panicked when they saw the headline.

      I've known about InfraGard for a while now. It's more of a group of security consulting people, gathered together to try to get a solid handle on securing the infrastructure of the country.

      I might be in the minority here, but this request is probably more in line with gathering a list for the FBI to go contact when they need an independent contractor for something. Like you said...while there's some aspects of tech they've got a handle on, there's others including this sort of thing that they just simply don't- and I'm thinking they thought it might be useful to get a list of that class of individual and what they do so they know who to turn to for help when they need it.

      • by Tisha_AH (600987) <Tisha.Hayes@gmail.com> on Sunday January 10, 2010 @01:51PM (#30715936) Journal

        I have taught classes to an InfraGuard chapter in my area, it is quite different than the scary statements that have been made by many.

        It is about being aware of your vulnerabilities and developing contingency plans and fairly basic security procedures to make it less easy for someone to mess with your infrastructure. Most of the folks who attend the InfraGuard monthly meetings are already in middle management and have been tasked with the chore of improving security. While pretty much anyone can participate there are levels to it. Some information is compartmentalized on a need to know basis when it comes to specific incidents or threats.

      • I might be in the minority here, but this request is probably more in line with gathering a list for the FBI to go contact when they need an independent contractor for something.

        You've got to put in terms that Slashdot users understand.

        The FBI are looking for IT Security Pros [imdb.com] without having to send out a cop [imdb.com] to shake down an informant [imdb.com] during an actual emergency. Bonus points if the Security Pro has his own Command Center and is familiar with CB technology.

  • So? (Score:4, Informative)

    by Anonymous Coward on Sunday January 10, 2010 @10:32AM (#30714674)

    Disclaimer; I'm an Infragard member (have been for about 7 years). Why are they collecting this? Easy, they're public/private partnership that focuses on emergency response. "In the event", they want to know who within there membership has skills that may be needed. Don't like it, don't join (or quit). Don't want them to have your data, make them remove it (you have the legal right to do so). No conspiratorial aspect here.

    • Re: (Score:3, Interesting)

      by Svartalf (2997)

      Shame you had to post anon there, but I understand. And I'd have to concur- that was the read I got on this whole thing once I saw the request text on Cryptome.

      Because of all the BS that went on prior to today within the Government, people are unfortunately hypersensitive of this sort of thing. What's sad about that, though, is that there ARE things to be up in arms about, even now, with stuff that the Government is doing (and in some cases, isn't...) in regards to "security" that goes unnoticed because w

    • Re: (Score:2, Interesting)

      by littlewink (996298)
      Did they also give you permission to shoot to kill [projectcensored.org] when martial law is declared?
  • by PolygamousRanchKid (1290638) on Sunday January 10, 2010 @10:33AM (#30714682)

    The Stasi were very good at collecting information. In fact, they were too good. They collected so much that their analysts couldn't effectively evaluate even a fraction of it. They lacked IT resources (when compared to Western agencies) and the Stasi leadership should have shifted more manpower from spying to analyzing.

    The FBI has access to unlimited IT resources, and the US intelligent community if very effective at evaluating the information that they have collected. Just look at how they stopped the underwear bomber . . .

    . . . uh-oh . . . never mind . . .

    • by Mashiki (184564)

      The only reason that they switched from spying to analyzing is because half of the population was spying on the other half. That was also the reason that they got so much information, speaking of which if you have or did have a family member who lived or visited E.Germany at the time they were in operation you can view their STASI records if they weren't destroyed. My mother visited 2 times since she left as a child, on her first trip back they had 15 banker boxes full of information on her, her habits, a

      • by AHuxley (892839)
        The Stasi (early version) lost their records in the in the early days thanks to a defector.
        They split all the data up, so a walk out would be very hard.
        Want a spies details, its paper work and face to face with a few top people.
        The system worked well until they thought about nuclear war.
        How could the reach their sleeper agents in the West, if the paper work was ash?
        So they made digital records and placed them in a safe.
        The CIA got a copy and did not share with the Germans :)
        In the end the west injecte
  • Now we know where he got the rank of Commander.
  • The FBI has no need or right to know about my IT skills, but I would certainly like to know more about their IT skills, given all of the obvious and avoidable breaches in silicon-based security, document controls and methodologies lately.
  • by wonkavader (605434) on Sunday January 10, 2010 @11:20AM (#30714938)

    I note that the web developers of InfraGaurd don't know how to change their favicon.ico from the sun logo.

    Nice to see they're using Sun and Unix, I suppose, but who leaves the sun logo there?

    • by b4dc0d3r (1268512)

      You should sign up and put a checkmark in the box labeled "knowing to change the favicon from the default". There's a separate box for knowing *how* to do that, check that one too if it applies.

  • Would it concern being able to surf pron with only one hand?

    Just wondering what mad skills they might be looking for....

    -Goran
  • Don't suspect a Friend.

    Report Him.

  • They say that every medium or larger sized company in China has a spy in it reporting to the government. This sounds exactly the same, unfortunately. But then again, did you really expect it to be any different over here?

    • by dwye (1127395)

      > They say that every medium or larger sized company in China has a spy in it reporting to the government.

      Only one?!? Someone clearly has been falling down on the job, over there.

      A company for which I worked had four scientists from the PRC, and one of them was a narc.

      • by Plekto (1018050)


        Only one?!? Someone clearly has been falling down on the job, over there.

        A company for which I worked had four scientists from the PRC, and one of them was a narc.

        I should have said *at least* one. :)

        But that's what all governments do when they become concerned about security, be it their own against political rivals or they are worried about the security in a broader sense. I'm not saying it's bad or making any judgment here, either. It's just what always has happened throughout human history. Of course

  • Under the 1974 Privacy Act the US Government needs to notify we the people whenever they collect information about them. So the FBI needs to know what IT people they can contact for different areas of expertise to help them with investigations. In order to put together so much as an Excel spreadsheet with names and phone numbers they need to examine the privacy considerations. A nationwide database has similar considerations, usually a Privacy Impact Assessment, and if the assessment warrants it, a System
  • Obviously, this is just the first step. First, they register everyone with IT skills. Then they'll impose a tax on bits. Eventually, we'll be denied our constitutional right to keep and bear keyboards.

    Is Slashdot now Fox News?

  • For some strange reason it's controversial here to mention the formation of an organisation that acts on behalf of it's members but wouldn't part of the function of an IT Union be to asses and represent the interests of it's members when it comes to organisations like these? Seems to me IT professionals need an organisational structure to support them from bureaucrats.

    Asides from a bidding war lowering IT professionals pay rates towards slavery there is the matter of protecting our interests amongst many

  • If information is voluntarily given to DHS, then no constitutional problems. How Nazi Germany Hitler youth of them.

  • What's so wrong for a government to want to know who they can call on in case of cyber emergency?
    I know people are afraid of big brother now, but not everything is done out of fear or terrorism....sometimes doing a head count of
    a trade or career that can or is important to society is a good thing, else we would not have doctor's lawyers or engineers being
    asked to register to let the government know who they are.

    I guess we could view this as a compliment to the IT industry being promoted to being important e

  • by Dman33 (110217) on Monday January 11, 2010 @01:44PM (#30726154)

    I am an Infragard member. I was working for a university research group and was required to join Infragard as a part of this research. I did not like the idea of being forced to join an organization I knew little to nothing about so I did research into the organization first. I read up on all of the conspiracy theories about Infragard and spoke with some members before joining.

    The conspiracy theories link this organization to "big brother" programs that encourage people to spy on their neighbors. This is not actually the case with Infragard - as far as I can tell.

    From what I can see, this organization is put into place for very good reasons. Look into the Russian action in Georgia last year - a large component of that military action was cyber-based. The Russians took over the Georgian infrastructure (electric, news and radio) far before tanks rolled into Georgian territory. If the US is ever attacked on a large scale, our infrastructure will be the first strike. Infragard allows a secured group of IT professionals to be "in the loop" on potential threats that cannot be made widely public yet. It also allows these professionals to collaborate on security issues in real time - as they happen.

    Say a new worm was propagating across major infrastructure networks. An administrator at the water company finds evidence of this worm and sends a message to Infragard asking if anybody else has seen it. A person working at the electric company reads that message and notices that it matches something they are addressing as well. The issue may be quickly escalated and addressed appropriately. If these individuals had to deal with conventional reporting then the link between two critical infrastructure networks experiencing the same problem at the same time may be missed.

    In my experience Infragard does not care a bit about individuals ripping a CD or something. This is about bridging the gap between law enforcement and IT professionals in order to minimize the time it takes to address a potential cyber threat on critical infrastructure.

    Registering your IT skills with Infragard is optional, not mandatory. This is not as evil as it sounds and I see much more upside to this than downside.

You don't have to know how the computer works, just how to work the computer.

Working...