NSA Firing 90% of Its Sysadmins 634
sl4shd0rk writes "NSA Director Keith Alexander has decided that the best way to prevent illegal data leaks is to reduce the number of ears and eyes involved. During a talk at a cybersecurity conference in New York this week, Alexander revealed his plans to cut 90% of the System Administration workforce at the NSA. 'What we're in the process of doing — not fast enough — is reducing our system administrators by about 90 percent,' he said. Alluding to an issue of mistrust, Alexander further clarified: 'At the end of the day it's about people and trust ... if they misuse that trust they can cause huge damage.' Apparently, breaking the law and lying about it leaves one without a sense of irony when speaking in public."
Hmm (Score:5, Insightful)
So having a huge amount of very disgruntled people with at least previous access to large amounts of classified data isn't a security risk?
Re:Hmm (Score:5, Insightful)
Previous access to stuff that really isn't secret any more.
Re:Hmm (Score:5, Interesting)
How do you know Snowden got everything worth spilling? He was only one low level guy.
Dear de facto Dictator for Life Putin,
May I suggest you hang out a big "Welcome former NSA sysadmins" sign on your country. Tell 'em the weather is cold but the girls are hot (and something for the women sysadmins too - we Yanks frown on sexism). Your country may be a sewer due to its government, but as an American I'd be very grateful for anything you can do to help expose the use of our Constitution as toilet paper.
Re:Hmm (Score:5, Insightful)
Re:Hmm (Score:5, Interesting)
"I'm from the government, and I'm here to help you..."
Re:Hmm (Score:5, Insightful)
If some guy with a GED who had been on the job for 3 months got as much as Snowden did, what makes you think a real spy ring wouldn't just get everything?
Re:Hmm (Score:5, Insightful)
He makes America look like a foolish and ineffectual power mad state. Part of the Great Game is marketing, after all.
Re:Hmm (Score:4, Insightful)
No, AMERICA makes America look like a foolish and ineffectual power-mad state. Putin is just doing a bit of political judo, using our own actions against us. . .
And the REALLY sad thing ? Lately, I've had far more respect for Putin than I've had for Obama. . .
Re:Hmm (Score:5, Insightful)
You're aware of this stuff, right?
http://www.policymic.com/articles/58649/russia-s-anti-gay-law-spelled-out-in-plain-english [policymic.com]
Is it possible to admit that all leaders have problems and none of them are only "Bad" or only "Good"?
Re:Hmm (Score:5, Insightful)
America: Branches of the government growing out of control now revealed to be snooping on all sorts of our private data.
Russia: Literally killing gays and advocating for homosexuals to have their lives made miserable.
I'm fine with calling bullshit on both of them - nobody has to win here.
Re:Hmm (Score:5, Insightful)
What motivation does Putin have to do that?
Cheaper than hiring and inserting spies, for starters.
Re:Hmm (Score:5, Insightful)
Isn't Obama the one who has said a LOT of things over the past couple years that have had nothing to do with reality?
Remember, this is all just a bunch of "phony" scandal/controversy.
Re:Hmm (Score:4, Insightful)
More precisely, is there anything Obama has said since he gained the public eye in 2007 which hasn't been 180 degrees from the actual truth?
I think the only thing he's been honest about at this point is his intention of making gas/diesel/etc. more expensive and a couple slip-ups about healthcare not being available for everyone.
Re:Hmm (Score:5, Funny)
More precisely, is there anything Obama has said since he gained the public eye in 2007 which hasn't been 180 degrees from the actual truth?
Yes. He said he was going to get his daughters a dog, and he did. A promise was made, and a promise was kept.
Re:Hmm (Score:4, Insightful)
Something doesn't have to be A SECRET in order to still be CLASSIFIED AS A SECRET
Re:Hmm (Score:5, Insightful)
That's called denial an one should have their mental health evaluated.
If you're looking for mental health in government, you're going to have a bad time.
Re:NSA-National Storage Agency? (Score:5, Funny)
Can't we use FOIL to recover lost files?
(5 - a)(a + 3) = 5a + 15 - a^2 - 3a = -a^2 + 2a +15
Not seeing how I can recover lost files...
Re:Hmm (Score:5, Interesting)
Re: (Score:3)
So having a huge amount of very disgruntled people
Depends how it's done. Contractors come and go. So if those 900 people were contractors, like Snowden, it might not make a difference in outcome (though in that case, the NSA was probably already creating some number of disgruntled contractors).
Or they might move these people into other decent paying work. If the ex-workers aren't experiencing a big decline in wages and no longer fall under those heavy security rules, then it's possible that most of them might see it as a promotion.
Danger (Score:3)
Re:Hmm (Score:5, Insightful)
Re:Hmm (Score:5, Insightful)
That is the incorrect question. The correct question is: "Why aren't you firing 100%?"
Re:Hmm (Score:4, Insightful)
I'm pretty sure he has no idea how many he needs. He just knows he doesn't trust the people that can see all the data.
Re: (Score:3)
I'm pretty sure he has no idea how many he needs. He just knows he doesn't trust the people that can see all the data.
Then... I don't see a solution. Sysadmins traditionally have access to everything. You need to hire admins you can trust, and be careful not to piss them off. Or you could outsource to a foreign country. That always works out well.
Re: (Score:3)
Pissing them off CAN be outsourcing to a foreign country.
So, REALLLY try not to do that.
Re:Hmm (Score:5, Insightful)
> My initial question was, if you can do the work with 90 people, why the FUCK were you paying 900?!?
Having been present when a company fired 88% of their IT staff, (and came to *really* regret it later) I have come to the conclusion that the real question would be "how the FUCK do you think everything is going to get done with 90 people?"
Re: (Score:3)
Re: (Score:3, Informative)
A better question is, "You have 900 people doing WHAT?!".
That's actually a good point, but not, perhaps, in the way you meant it. The powers that be almost certainly do not know what those admins are doing or the value thereof, even if they were (or were not) vital to the organization. Their true value (if any) will be discovered after they're dismissed.
"We have to fire the employees to find out what they did."
Re: (Score:3)
Re:Hmm (Score:4, Funny)
We will outsource it to China or India. They have full access to the systems anyhow, they might as well keep the systems running ;-)
Re:Hmm (Score:4, Insightful)
Re:Hmm (Score:5, Insightful)
Re:Hmm (Score:5, Informative)
And even worse, letting it slip in advance? None of them ever read slashdot!
Partitioning and reducing the number of eyes on data is a good idea. Re-checking the people with access to the most sensitive information is a good idea. Blanket orders from higher up administration who do not understand the problem, BAD IDEA. 'Automation' that could allow one person (with access legit or not) to get to even more information than before, recipe for disaster.
Seems like someone from upper management saw a presentation on this subject (from a vendor) and now thinks they know everything.
Re: (Score:3)
Sounds like a good attempt to bait others in to leaking information. Having your job security and trust put in to doubt will encourage those inclined to pilfer information.
Re:Hmm (Score:4, Funny)
>plans to cut
>previous access
I'm not sure you understand the difference between past and future tense. Basically. ALL sysadmins there now know there's a 90% chance their job is about to go away. As they sit there at their desks. With their computers. And access.
On the bright side though, does this mean American corporations will finally have a pool of qualified domestic tech talent to pick from rather than H1-Bs?
Re:Hmm (Score:5, Funny)
No! Never! There's always an IT skills shortage until every American in IT has been replaced with an H1B!
Re: (Score:3, Insightful)
Previous access?
Let's think about this. You're a sysadmin for the NSA; you're not actually all that fond of what's going on there at this point. You catch wind that there's a 90% likelihood you will lose your job, and if you don't lose your job, you will have 10 times as much work hoisted onto your shoulders - so you're looking for a new job regardless.
This is true for every one of your coworkers as well, many of which will likely be pre-emptively disgruntled about their firings, and many will have at least
Re: (Score:3)
Not only that, but firing 90% of your sysadmins indicates that either:
A) You were grossly overstaffed to begin with. And I mean *grossly* overstaffed, because 90% of your workforce is simply unnecessary. That's not just, "we're a bit overstaffed, so let's let some people go." That's at the level of, "We're totally incompetent and have no idea what we're doing." Frankly, it would be terrifying ot think that this program is being run by such incompetent people. --or--
B) Once you're done firing people, y
ever hear of best practices?! (Score:5, Insightful)
During a talk at a cybersecurity conference in New York this week, Alexander revealed his plans to cut 90% of the System Administration workforce
DERP
holy shit, why not give them a warning that you're going to kick their ass to the curb before security comes to their desk with a brown cardboard box. Yeah, that's not gonna piss any of them off before you cut off access. At least the private sector has that one figured out.
Alexander needs to go, yesterday. He's more inept than Ballmer.
Re:ever hear of best practices?! (Score:5, Insightful)
Alexander needs to go, yesterday. He's more inept than Ballmer.
Hang on a second. Do we *really* want a competent person running the NSA?
Re:ever hear of best practices?! (Score:5, Funny)
Yes?
Re: (Score:3, Insightful)
I think you need some qualifiers on 'competent' first. Like 'moral', or 'good person', or 'not a dick'. If you have a competent, ruthless person running it... It'll just be worse, instead.
Re:ever hear of best practices?! (Score:5, Insightful)
Re: (Score:3)
Competent and less trying to get laws passed that go around the constitution. Even outright ignoring those laws.
Re:ever hear of best practices?! (Score:5, Funny)
At this point, I'm all for someone that is a bit more honest and straightforward and stable....like Charlie Sheen.
Re: (Score:3)
DERP
holy shit, why not give them a warning that you're going to kick their ass to the curb before security comes to their desk with a brown cardboard box. Yeah, that's not gonna piss any of them off before you cut off access. At least the private sector has that one figured out.
Yes, that is something the private sector figured out decades ago.
When people with important information are let go, they are invited to a private discussion without notice, told the sad news, and escorted out. They return after-hours with an escort to collect their personal belongings. Where x-weeks notice is appropriate or required, those weeks are paid with the official termination date that far out from the date that they were removed from the building.
Giving notice like this lets them ask questions li
Re:ever hear of best practices?! (Score:5, Interesting)
At the end of the day (Score:5, Funny)
"At the end of the day it's about people and trust"
I... it's.... but...
*pop*
Re:At the end of the day (Score:5, Insightful)
From TFA:
Using technology to automate much of the work now done by employees and contractors would make the NSA's networks "more defensible and more secure," as well as faster, he said at the conference.
Which sounds eerily like:
The strategy behind Skynet's creation was to remove the possibility of human error and slow reaction time to guarantee a fast, efficient response to enemy attack.
Skynet was originally activated by the military to control the national arsenal on August 4, 1997, at which time it began to learn at a geometric rate. On August 29, it gained self-awareness, and the panicking operators, realizing the extent of its abilities, tried to deactivate it. Skynet perceived this as an attack and came to the conclusion that all of humanity would attempt to destroy it.
Be afraid. Be very afraid.
Re:At the end of the day (Score:5, Interesting)
The thing is, see, that Skyne.., er, Colossus.., er, the NSA's system has already reached that point, and it's the one telling Alexander to fire most of the people who might be able to turn it off...
It's already too late.
Re:At the end of the day (Score:4, Funny)
Are we sure Keith Alexander isn't a cylon?
So firing 90% of their admins (Score:5, Interesting)
Re:So firing 90% of their admins (Score:5, Insightful)
And announcing that you are going to fire 90% of them ahead of time. So they have lots of time to collect what they want to leak.
Re:So firing 90% of their admins (Score:5, Insightful)
Re: (Score:3)
They probably started compiling a list of prospects as soon as those words came out of his mouth.
What an utter fucking moron this guy is.
Re:So firing 90% of their admins (Score:5, Insightful)
Or, they just set up massive auditing everywhere and aren't really going to fire anybody. Now they just sit back and watch which admins start accessing stuff they aren't supposed to. A bunch of little snively Snowdens we'll grab before they can flee justice.
Re: (Score:3)
How would they know who it will be?
Who would know if someone took a tape to ensure its validity and copied that data onto something else?
What says the new muscle won't be the source of these attacks? I bet a lot of folks would now love to be the next one of these leakers and would jump at the chance to take these jobs.
The actual deterrent (Score:3, Interesting)
So firing 90% of their admins and pissing them all off, giving them no job to lose, is going to somehow *prevent* further leaks?
I'm pretty sure the threat of life imprisonment for revealing "secrets" was and is a bit more of a deterrent than the loss of wages ever could hope to be. If someone kicks you while holding a gun to your face are you worried about their foot or the gun?
Re:The actual deterrent (Score:5, Funny)
Re:The actual deterrent (Score:4, Funny)
Wanted to go see a freer society?
Re:The actual deterrent (Score:4, Insightful)
So firing 90% of their admins and pissing them all off, giving them no job to lose, is going to somehow *prevent* further leaks?
I'm pretty sure the threat of life imprisonment for revealing "secrets" was and is a bit more of a deterrent than the loss of wages ever could hope to be. If someone kicks you while holding a gun to your face are you worried about their foot or the gun?
And if you pull a gun on someone with nothing to lose? They just might decide to take you with them.
Re:The actual deterrent (Score:5, Interesting)
You forget Maslow's hierarchy of needs [wikipedia.org]. If you don't have a job, you could lose your food and the roof you sleep under, both things which are provided in prison. Besides, what are the chances of getting caught, some time in the future, compared to getting even, today?
Re: (Score:3)
Re: (Score:3, Funny)
Re:So firing 90% of their admins (Score:5, Funny)
Re: (Score:3)
It couldn't be that St. Snowden saw the writing on the wall and was acting more as a disgruntled employee about to be canned, than as the patron saint of government transperency?
Re:So firing 90% of their admins (Score:5, Informative)
Even better is what happens a few months down the line, when they realize software can't fix hardware and they just fired the people that knew how the systems actually worked.
"So, yeah, we HAD all this data, but..."
Exactly. They just lost a massive amount of tribal knowledge. Even if they haven't made the cuts yet. Because those admins have no motivation to cooperate.
When my company announced outsourcing 6 months before the date, they told us that we were all to document our jobs thoroughly so that admins with absolutely no experience in some poverty stricken town in Asia could do our jobs by reading our procedures. And that worked just about as well as you are imagining right now. After cutover, things started melting down almost immediately, and the outsourcing company blamed it on the laidoff employees, for not documenting their jobs well enough. Which was partly true, because none of these people had any motivation whatsoever to do so, and were busy looking for a job anyway. The other part, of course, was the business model itself; that you can pull in street vendors, hand them a stack of written procedures and turn them into sysadmins for a dollar a week.
In this particular case, it sounds like they're depending on the soon-to-be-dismissed employees to have a hand in automating their jobs, or at least giving someone an understanding of what their job entails so it can be automated. This has two problems:
1) Assuming employees will cooperate after you've told them you're going to let them go.
2) Assuming that the job is of a nature that lends itself to automation. Anyone who has managed a large, complex installation knows the answer to this. (The answer being, automation can help and should be pursued, but there is no substitute for knowledge, insight, and experience. You rapidly find that a system simple enough to not need admins is a system too simple to do the job.)
Re: (Score:3)
> The other part, of course, was the business model itself; that you can pull in street vendors, hand them a stack of written procedures and turn them into sysadmins for a dollar a week.
You know, I just had an epiphany.
The above quote, (which I wrote) is wrong. That isn't the business model. The business model is: Lead clients to BELIEVE that you can pull in street vendors, hand them a stack of written procedures and turn them into sysadmins for a dollar a week. That's all that's really necessary.
Re:So firing 90% of their admins (Score:5, Insightful)
So then, this is the way you secure your systems (Score:5, Insightful)
You fire all the people who are responsible for the security of your systems. Wait, what?
Re:So then, this is the way you secure your system (Score:5, Funny)
Don't worry, they've already got subcontractors in Hong Kong lined up for the job.
Subcontractors (Score:5, Funny)
Don't worry, they've already got subcontractors in Hong Kong lined up for the job.
I think he's in Russia now...
Question.... (Score:5, Interesting)
Can we fire 90% of the NSA?
Re:Question.... (Score:5, Funny)
As long as we imprison the other 10%
Re:Question.... (Score:5, Insightful)
Can we fire 90% of the NSA?
. . . and hire more detectives, instead. The government doesn't need more SIGINT, they need HUMINT. Like, if Russia warns you that you have a potential terrorist living in Boston, go check him out . . . but thoroughly, please!
Start checking out places where these terrorist folks hang out . . . like radical Mosques.
Recording folks like me calling their mothers in the US from Europe is a waste of time and resources. Cut the NSA budget. Hire detectives.
Re:Question.... (Score:5, Funny)
It's not a waste of time - you're the target.
You don't agree with the government.
Re: (Score:3)
Alternatively... (Score:5, Insightful)
Re:Alternatively... (Score:5, Funny)
Oh sure. Just ask for the world on a plate while you're at it, why don't you? What next? Ask us to stop lying to Congress or sharing intelligence on foreign citizens of countries that agree to do the same for our citizens?
-- NSA
Re: (Score:3)
So... (Score:4, Interesting)
Is he saying that sysadmins are particularly untrustworthy? Why not reduce the entire workforce by 90% to reduce the number of ears and eyes involved. Reducing 90% of just the sysadmins won't reduce the total "population" by much (unless I am mistaken in my assumption that NSA is not just a data center). Also, you could try reducing the number of people who know too much - i.e. could do most damage. If the sysadmins fit that category and not, say, the directors or management then you are doing it wrong...
Re:So... (Score:5, Interesting)
I assume that sysadmins score particularly badly on the 'amount of access vs. degree of trust' metric.
Barring really elegant, or unbearably onerous, system design, (which the NSA apparently didn't bother with, since one comparatively junior sysadmin at a contracting company, not even in house, apparently had massive access to the juicy details) sysadmins tend to have enormous power over your systems, access (because somebody has to run backups) to your files and email, etc, etc.
Not the mistrust issue we were thinking of (Score:5, Insightful)
Am I reading this right? The NSA think that the issue of mistrust around PRISM is that we worry some whistleblower will leak our information, and not that it's being harvested in the first place? They're deep into cognitive dissonance land over there I see.
Re:Not the mistrust issue we were thinking of (Score:5, Interesting)
I'm surprised that Keith's head didn't explode when he said "people who have access to data as part of their missions, if they misuse that trust they can cause huge damage.”
He is sort of Public Enemy #1 on that score right about now, with any lackeys who have nontrivial authority right behind him.
Re: (Score:3)
His head did not explode because this is a deliberate tactic of misdirection. If he can just get the public to focus on the leaker, instead of the content of the leak......
This is more of the same: he is trying to say that the problem is leakers, not the core activity of the NSA.
Great, now NSA will have mismanaged IT (Score:4, Interesting)
Re: (Score:3)
total stupidity (Score:5, Insightful)
He is going to increase the work of each sysadmin by 10x... ->
Making what is perpetually an overworked position 10x worse ->
Making it not worth the stress for the amount of pay ->
Making every sysadmin in the NSA a ripe target for various bribes...
BRILLIANT!
The people in leadership positions in the USA (government and corporate) are all idiots.
Umm (Score:4, Insightful)
Amazing (Score:5, Insightful)
If they don't need them, fire them (Score:4, Interesting)
If they don't need 90% of their sysadmins, they should have fired them long ago.
But I suspect that they aren't all redundant, so how are they going to maintain their systems? It would be interesting to see their server-to-sysadmin ratio and compare to other companies.
Without the sysadmins to maintain and secure their systems, they may be making their data even easier for hackers to access, so the NSA may end up being a huge liability to the security of the country. I don't see why no lawmaker understands this - data breaches happen every day, even to large companies that follow best practices to secure their data. Why do they think that the NSA's vast data warehouse is not going to be breached when it's such a huge target to non-friendly governments and hackers throughout the world - even governments of countries where most computer hardware is made that have the resources to hide backdoors in that hardware.
Re:If they don't need them, fire them (Score:5, Insightful)
the NSA may end up being a huge liability to the security of the country
Wrong tense - they are a huge liability to America's security, because our real security is dependent on adhering to the Constitution and the faith of the people in their government.
Ahem, Mr Alexander. (Score:3)
"If you're doing nothing wrong, you have nothing to worry about." Does that sound familiar, Mr. Alexander?
Obviously, you are very worried.
Wow (Score:3)
In other news (Score:3)
Four star general in the United States Army and head of U.S. National Security Agency discovers after 62 years that there are some humans that can not be trusted. After an intense investigation, it was uncovered that director of the NSA Keith Alexander in fact changed his name from Adam Weber shortly after crawling out of a bomb shelter he was sequestered in to by his father and mother at the tender age of 10. Famous actor Brendan Fraser is well known for portraying Keith Alexander a.k.a. Adam Weber in the lesser known 1999 documentary A Blast from the Past [imdb.com] that follows the real life of Keith Alexander, his father, and his mother during their self imposed quarantine and the emergence of Keith Alexander in to a modern and morally questionable society.
Strategic goal of the NSA -- ERROR (Score:4, Funny)
So, I was researching to comment/argue with a previous post and typed into google "goal of the nsa"- and the first link was: http://www.nsa.gov/about/strategic_plan/ [nsa.gov]
Coincidentally that returned "Internal Server Error...unable to complete your request."
HAH!
Re: (Score:3)
Re: (Score:3)
Well, at least it will be secure there.
Re: (Score:3)
Congress already knew, they do not care.
If you think people deserved to hear this then Snowden was right. Otherwise you think the american people should not know.
Re: (Score:3)