Rather Than Not Spying On Everyone, NSA Is Getting Rid Of 90% Of Its Sysadmins

from the you're-doing-it-wrong dept

The latest NSA plan to stop the next Ed Snowden is to get rid of 90% of their sysadmins and automating many of their jobs. I would imagine that more than a few sysadmins might have an opinion or two about the ability of the NSA to really automate away their jobs, but that's an interesting move nonetheless. Here's NSA boss Keith Alexander:
"What we're in the process of doing - not fast enough - is reducing our system administrators by about 90 percent."
Considering that sophisticated techies aren't very interested in working for the NSA these days, perhaps it all works out for them. But, really, another option for avoiding an Ed Snowden like situation might be -- and I'm just tossing this out for suggestion -- is to not spy on everyone and then not lie to Congress and the American public about it. Just a little tiny suggestion.

Also, this more or less confirms what was fairly obvious (due to the NSA leaks by Snowden) that sysadmins have near universal access in the NSA's system, and the recent claims that "only 35 analysts" had access to key information was -- as James Clapper liked to say -- one of those "least untruthful" claims coming out of the intelligence community.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    arcan, Aug 9th, 2013 @ 11:23am

    watch, they outsource all their tech support to the chinese.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 11:26am

    Not just them

    All large enterprises are moving this way, using new automated technologies combined with virtualization to eliminate admin and engineering positions. Its the next step in the technological revolution. The jobs they are able to replace with automation at this point are a step or two higher then the last 20 years. Cant wait to see what happens next.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Aug 9th, 2013 @ 11:30am

      Re: Not just them

      Its the next step in the technological revolution


      Yeah, that's what the cloud providers keep telling us, but it's far from clear that it's actually true. We'll see.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Aug 9th, 2013 @ 1:16pm

      Re: Not just them

      I've been saying this for a long time, tools like Puppet https://puppetlabs.com/ and Chef http://www.opscode.com/chef/ WILL reduce the need for system administrators.

      Facebook uses chef, they have teams of 2-4 people that manage each cluster of ~10k servers. source: http://www.youtube.com/watch?v=SYZ2GzYAw_Q

      Now that we have tools that allow four people to manage 10k machines where will all the unneeded sysadmins work? I guess we will still need people working minimum wage to swap broken parts at the datacenter.

      Of course the NSA is automating, all large orgs and many small ones are doing the same thing. The sysadmins who do not learn these new automation technologies are the ones who will be looking for jobs.

      In response to John Fenderson these automation tools work just as good on physical servers as they do virtual servers in the "cloud"

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        John Fenderson (profile), Aug 9th, 2013 @ 1:31pm

        Re: Re: Not just them

        Yes, but the NSA says it is laying off sysadmins because they're moving to the cloud, not because they're using these tools in-house.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    John Fenderson (profile), Aug 9th, 2013 @ 11:32am

    Scapegoats

    So, they're implying that the sysadmins are the problem? The sysadmins under their employ should take grave exception to this. Here's hoping against hope that they'll leave the NSA en mass.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      LivingInNavarre (profile), Aug 9th, 2013 @ 1:10pm

      Re: Scapegoats

      It was my thought that there's a 90% chance that more info will be leaked. Nothing like having a soon to be terminated sysop looking for revenge. My guess is every one of them are loading up thumb drives as we speak.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    Chris-Mouse (profile), Aug 9th, 2013 @ 11:35am

    So at the same time as they are building up the world's biggest database of private information, they are also pissing off hackers around the world, and getting rid of 90% of the people who maintain their computer security. What could possibly go wrong with that.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      CK20XX, Aug 9th, 2013 @ 12:58pm

      Re:

      “We live in a society exquisitely dependent on science and technology, in which hardly anyone knows anything about science and technology.” –Carl Sagan

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 11:49am

    The end is on the horizon...

    Automation is fine and all but who's going to fix the automation when it screws up? I think we are witnessing beginnings of the actual end to the NSA's programs. It will eventually eat itself and no one will be around that can fix it when it does.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      DCX2, Aug 9th, 2013 @ 11:52am

      Re: The end is on the horizon...

      Correction - the people who can fix it will have been laid off. Whether they would take their old job back once it became apparent that they are necessary is a good question.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Aug 9th, 2013 @ 11:57am

        Re: Re: The end is on the horizon...

        That is exactly what I meant. Furthermore, they will have effectively alienated 90% of the pool of new talent that they can hire from to replace them when they realize they need them again.

         

        reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Aug 9th, 2013 @ 11:52am

    More propaganda that NSA is supposedly changing,

    hurt, and disgraced. But IF anyone read the original -- instead of the intended take as Mike parrots it -- then it's plausibly planned long before. -- Oh, and surveillance is NOT being reduced, just turned over to more computers. Happy day, indeed.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Aug 9th, 2013 @ 12:02pm

      Re: More propaganda that NSA is supposedly changing,

      What are you even responding to? Can you even be called a troll at this point?

      I know senile grandparents that sound like you.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 11:53am

    This is another admission that the NSA lied

    If they don't -- which is what the NSA has repeatedly claimed -- there is no increase in security by laying off 90% of them.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Michael, Aug 9th, 2013 @ 11:56am

    Admin automation

    Either:

    1) The NSA has thrown out a percentage of a certain type of job they would like to automate with very little plan

    or

    2) They have been employing people in positions with a great deal of information access that they did not have to have and they are just now deciding that it would be a good idea to stop doing that

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 12:00pm

    So, the NSA is announcing it's going to blame 90% of the people with the same job as Edward Snowden for what Snowden did by firing them for Snowden's actions.

    Well, what could POSSIBLY go wrong there? Surely none of those 90% will get pissed off enough to say, leak more documents. And surely none of the 10% will decide to do so either when they see the NSA decide punishing 90% of the people with the same job wasn't good enough.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Michael, Aug 9th, 2013 @ 12:08pm

      Re:

      This has nothing to do with stopping additional leaks.

      The actions by the NSA and the executive branch right now are about making enough noise to distract the people from removing Obama from office and forcing a change to the laws that are allowing them to continue these programs.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 12:09pm

    i would have thought an even better option would have been to get rid of 100% of the sysadmins, after getting rid of everyone else in the NSA starting from the top and working down. after all, if we started at the bottom and worked up, we might be lied to and told that the top brass have gone when they are really still there, hidden behind a false FISC report or a 'secret interpretation of a spying law'!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 12:13pm

    Moving to the cloud

    In the ArsTechnica article, they said they could do this because they're going to "move everything to the cloud."

    I think someone should tell this uninformed douche-canoe that the "cloud" ALSO consists of servers (that likely have sysadmins; at least one would think).

    For fuck's sake...is there ANYONE in that agency who has something of a clue?

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Aug 9th, 2013 @ 12:24pm

      Re: Moving to the cloud

      Sure, the cloudy servers has sysadmins -- but those aren't sysadmins the NSA has to hire. The entire point of going to the cloud is to save cash by being able to get rid of your in-house IT staff.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Aug 9th, 2013 @ 12:29pm

        Re: Re: Moving to the cloud

        That makes PERFECT sense, then!

        Per the Ars article:
        http://arstechnica.com/information-technology/2013/08/nsa-directors-answer-to-security-fir st-lay-off-sysadmins/

        "Moving to an automated cloud provisioning system, he explained, would cut the number of hands that touch the NSA's internal systems and address vulnerabilities—such as a sysadmin loading data onto a thumb drive and walking out with it."

        So now instead of NSA sysadmins having the ability to walk away with vital data, you've now outsourced that responsibility to a cloud provider!

        MUCH, MUCH safer.

        I think I've answered my original question about anyone there having a clue. It's clearly "no."

         

        reply to this | link to this | view in chronology ]

      •  
        icon
        Wally (profile), Aug 10th, 2013 @ 10:48am

        Re: Re: Moving to the cloud

        Given that...I am beginning to wonder what sort of damage the Smith-Amash Amendment would have done considering part of it was shaving the NSA's budget.

        The company my mother works for (the one that audits hospital Medicare and Medicaid insurance forms and bills) recently cut all the nursing staff under her that manually do the systematic reviews of the audits...this was done in favor of saving money and automation. In her line of work, the states that contract the company and this contract require human eyes to do the review work sent over to the auditor's database by law for a specific reason...in an automated systems environment for auditing, there is no way to tell if someone accessed the information to alter what to look for. The main issue is that humans are not as calculated and are better suited towards handing statistical anomalies.. We don't crash.

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Chris Brand, Aug 9th, 2013 @ 12:31pm

      Re: Moving to the cloud

      The good news is that the cloud providers have plenty of spare capacity now that the NSA has driven all their non-US customers away.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    kenichi tanaka (profile), Aug 9th, 2013 @ 12:26pm

    The NSA isn't all that bright. By automating those jobs they leave themselves wide open to renegade hackers and other potential problems. At the end of the day, you need actual people monitoring those systems not to mention the rabid fervor that this is going to cause with American voters.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Rikuo (profile), Aug 9th, 2013 @ 12:30pm

    Oh god no. Anyone with even the slightest hint of intelligence in a managerial position knows that you NEVER piss off the guys maintaining your computer systems. NEVER!!! How long until one of the guys being laid off "accidentally" fucks up the entire system?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    assemblerhead (profile), Aug 9th, 2013 @ 12:36pm

    What could go wrong?

    ( Warning : Sarcasm Alert! )

    Anyone think about those wonderful DMCA takedown systems used by ( MPAA / RIAA ) to name a few?

    Do they ever get anything wrong?
    Never a false accusation, right?
    Always target the right person, correct?
    Never once have ID'd content wrong, have they?
    So perfect that Error Correction was never implemented or needed.

    What could possibly go wrong?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    TDR, Aug 9th, 2013 @ 1:31pm

    What those sysops could do, aside from leaking more data, is to wipe out the whole database before they leave and put in some code to make the system unable to be restored. In other words, cause a complete system failure. And craft the code so it can spread to all the backups and wipe them out too.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Aug 9th, 2013 @ 1:41pm

      Re:

      1) That'd be a great way to get arrested on a variety of charges, and you'd actually be guilty of them, and have little moral high ground to work with.

      2) Proper disaster recovery and back up procedures should preclude anything resembling "spread to all the backups". Worst case they lose like a week of data, tops.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Aug 9th, 2013 @ 1:54pm

      Re:

      It's really hard to imagine sysops that would be willing to do such a thing aside from the single wacko here and there. It goes against the grain of what it means to be a sysop -- a bit like expecting a doctor to intentionally kill a patient because the patient is a bad guy.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 1:36pm

    Crazy but to me this sounds like an evolution of the thinking.. "if we just get rid of those evil protocols..."

    You can make improvements in sysadmin load, but you can't fix stupid.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 2:23pm

    PRAGMA writable_schema = 1;
    delete from USDatabase where type = 'table';
    PRAGMA writable_schema = 0;
    VACUUM;
    PRAGMA INTEGRITY_CHECK;

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 2:40pm

    Crackers start your Engines

    That is the exact opposite of security. Wouldn't leaving less sys-admins mean that is easier to exploit your way in with far less eyes watching things? That's not even getting into the whole anonymous tips from disgruntled ex-sysadmins of "The IP address is vvv.xxx.yyy.zzz and the access is based on foo version a.b port number is cccc, good luck". Suddenly a world record breaking in traffic and size torrent is out there to everyone.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Wally (profile), Aug 9th, 2013 @ 2:49pm

    The ability of automation...

    "The latest NSA plan to stop the next Ed Snowden is to get rid of 90% of their sysadmins and automating many of their jobs. I would imagine that more than a few sysadmins might have an opinion or two about the ability of the NSA to really automate away their jobs, but that's an interesting move nonetheless."

    The most disturbing part of this is not whether they are capable of it...but the simple fact they are doing it. To quote Denis Nedry...

    "You think that this type of automation is easy to come by? Or Cheap? Because if you can find a cheaper guy than me John, I would like to see you try..I really would"

    Jurassic Park automation is easily muddied up and clogged.

    I'm also reminded of the methods used by the IRS to target Conservative groups filing for non-profit status....using key word searches...imagine that type of targeting on all US citizens...then automate it!

    When this system is finally in place I'm half tempted to repeatedly copy and paste the word "bomb" to see what happens to it as a comment to one of these threads.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 9th, 2013 @ 5:05pm

    I work on a team of 20 sysadmins at a govt agency, and we were discussing this and just started laughing. So if they cut 90% of our staff they would be left with 2 sysadmins. We wondered how anything would get done at all, I mean from the daily putting out "fires", to the patching and remediation of systems to all the other bs that comes up regularly, not to mention projects, upgrades, testing etc etc. We figured whoever the 2 left were would quit within a week.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Aug 12th, 2013 @ 6:32am

    Another Possible Interpretation

    They gave a lot of people sysadmin privileges, so they've decided to look at who really should be a sysadmin. In this version, the whole automation thing is a red herring to avoid admitting their system security is lax.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This