1,000 Sys Admins Can Copy Any NSA Document Without Anyone Knowing About It; Think Only Snowden Did?
I worked as a Unix sysadmin for about ten years (1991-2001) officially and unofficially, and I can state that this is the default situation, the default power that Unix sysadmins hold, to impersonate any other user, to change anything on the computer to say whatever they choose. It's not easy, it takes some knowledge, but it's also not hard, the tools lie ready to hand, and they can be used on Windows machines too.Following on our earlier story about how Ed Snowden covered his tracks -- showing that the NSA's vaunted "auditability" of its systems is a complete joke -- comes the news that there are approximately one thousand sys admins with Snowden's authority, who can basically go through any document without any trace. Even more incredible: they can "appear as" anyone else when doing things on the system. In other words if a sys admin wanted to frame an NSA analyst, it sounds like that would be quite easy. The report also notes that, for all of the talk about how great the NSA is at cybersecurity, and the fact that part of the point of CISPA was to try to have the NSA in charge of the nation's cybersecurity, the agency does a piss poor job protecting itself:
Jason Healey, a former cyber-security official in the Bush Administration, said the Defense Department and the NSA have frittered away years trying to catch up to the security technology and practices used in private industry. The DoD and especially NSA are known for awesome cyber security, but this seems somewhat misplaced, said Healey, now a cyber expert at the Atlantic Council. They are great at some sophisticated tasks but oddly bad at many of the simplest.
---
As for the thousand or so sys admins on staff, it appears that they have no restrictions or tracking of what they do:
He was also able to access NSAnet, the agencys intranet, without leaving any signature, said a person briefed on the postmortem of Snowdens theft. He was essentially a ghost user, said the source, making it difficult to trace when he signed on or what files he accessed.
If he wanted, he would even have been able to pose as any other user with access to NSAnet, said the source.
http://www.techdirt.com/articles/20130826/12223124315/1000-sys-admins-can-copy-any-nsa-document-without-anyone-knowing-about-it-think-only-snowden-did.shtml
fasttense
(17,301 posts)suck up info on a Congressman's mistress, or the dead hooker in a CEO' bed. Then use that info to make a huge fortune in blackmail. Instead, he revealed this awful mess to the American people.
Just think about this. Men motivated by nothing more than greed, some of them psychopaths, have access to some very sensitive information that if used correctly, can bring in lots of blackmail money. And NO ONE is checking up on them. It's a criminal conspiracy just waiting to happen, or already happened.
bemildred
(90,061 posts)many times. People are quite naive about the illusion of privacy on a computer. It is not by design or by intention a private space. Protections are intentionally, necessarily, weak. You risk locking yourself out too, if you get too anal about security, and people are lazy, and it was always considered necessary to keep the machines "easy to use": marketing marketing marketing.
Downwinder
(12,869 posts)how weak our security really is.
bemildred
(90,061 posts)---
His job as a system administrator gave Snowden the power to access the NSA servers with various user profiles, thus impersonating others when accessing files.
It seems that the NSA whistleblower also had the right to download files from his computer to an external storage device, which helped him take about 20,000 documents onto thumb drives.
The damage, on a scale of 1 to 10, is a 12, a former intelligence official told NBC.
This proves, once more, that Snowden is even smarter than US officials believed. As one US official told the aforementioned source, this is why you dont hire brilliant people for jobs like this. You hire smart people. Brilliant people get you in trouble.
http://news.softpedia.com/news/NBC-Snowden-Impersonated-NSA-Officials-to-Get-Files-379152.shtml
Uncle Joe
(58,355 posts)Thanks for the thread, bemildred.
bemildred
(90,061 posts)I've seen lots of spin and hand-waving, very little about how things actually work, and why.
The Stranger
(11,297 posts)bemildred
(90,061 posts)The upshot of the Manning adjustments was Snowden, i.e. even more and bigger "leaks".
The problem is not the lack of proper procedures. Sysadmins are the guys that implement "proper procedures", and they can do as they like. It has been customary up to now to treat sysadmins as a special case because:
1.) People who are willing and able to do the job well are not common.
2.) So they are expensive and overworked.
3.) Because, let's face it, there are way the heck more computers out there than sysadmins.
4.) Which is why, if one must have this sort of operation at all, it must be kept small.
5.) And is also why if you have thousands of sysadmins, some will not take direction well.