Competence (2013)

This now seems alarmingly prescient.

I think this is more evidence for what is probably the NSA's biggest problem: competence.

We already know that they were not competent to prevent a fairly junior person having access to an enormous amount of sensitive data, and walking off with it, which does not say anything good about their internal security practices. Now we know that this person successfully used a really obvious social-engineering attack on other people in the organisation: you don't have to be very security-conscious to realise that letting someone have your password is a really bad idea.

And this isn't very surprising in fact. If you were a smart CS / maths person interested in working with large-scale computing and applications of maths then you probably have three serious career options: you could work for the NSA, an enormous government organisation full of crippling bureaucracy where you'll never be able to talk about what you do, and possibly run a not-insignificant risk of something nasty happening to you if you decide you don't like your job; you could work in finance where you stand a chance of getting very rich; or you could work for googlebook where you also have a chance of getting rich and can also work on lots of seriously cool stuff and snoop on people if you like that sort of thing. I know which of these options I would not take.

So it's probably safe to assume that the NSA is staffed by people who googlebook and the financial people didn't want. Some of them might be brilliant-but-fractious (the maths people in particular: I can say this because I'm a maths person some of the time), but most of them are probably just not that good, unfortunately: the kind of people who give other people their passwords.

And the whole NSA thing remains a huge distraction therefore: now we all think that they're the bad guys, when they're probably merely bad-guy wannabes: we should spend a lot more time worrying about the data and power that people who sell us advertising are accumulating.

– tfb, 20131108


You'll only receive email when they publish something new.

More from 100 suns
All posts