
Cyber memo warns of new risks to White House network - hsnewman
https://www.axios.com/scoop-cyber-memo-warns-of-new-risks-to-white-house-network-9aa19c6c-77a3-485b-919b-1dd9bd691514.html
======
throwaway5752
_" Senior staffer quits over "highly concerning" lack of security practices."

[...]

"It is my express opinion that the remaining incumbent OCISO staff is being
systematically targeted for removal from the Office of Administration,"
departing White House network defense branch chief Dimitrios Vastakis wrote in
the memo. The security team had seen incentive pay revoked, scope of duties
cut, and access to systems and facilities reduced, Vastakis noted. Staffers'
"positions with strategic and tactical decision making authorities" had also
been revoked. "In addition, habitually being hostile to incumbent OCISO staff
has become a staple tactic for the new leadership... it has forced the
majority of [senior civil servant] OCISO staff to resign."_

This is the story.

~~~
rubbingalcohol
I don't think it's a complete story either way. It's just some bureaucrats
complaining that they've been made redundant and from there we are lead by the
author to conclude that the White House has inadequate IT security going
forward. This is unrealistic.

It's a reorganization. That shit happens all the time in organizations
everywhere. Of course the people losing their jobs are unhappy, and it's their
right to complain about it, but not necessarily a bad thing that the DoD is
now in charge of White House security.

I'm curious if I'm being downvoted because something about my comment was
wrong, or simply because "orange man bad." Maybe share some insight about the
right chain of command for government IT security operations? I'm not saying
that the reorganization is a good thing, only that there is insufficient
evidence provided to conclude that it's a bad thing.

~~~
EpicEng
>The security team had seen incentive pay revoked, scope of duties cut, and
access to systems and facilities reduced, Vastakis noted. Staffers' "positions
with strategic and tactical decision making authorities" had also been revoked

You consider this a re-org?

~~~
tropo
If you were running the show, how would you get rid of those people?
Regulations make it slow and expensive to get rid of horrible employees. These
people could be actively hostile and thus a security risk, which wouldn't be
surprising if they were hired by political opponents.

Options are limited. One idea would be to relocate their offices to central
Alaska. Another idea is rotating shift work.

If this were normal at-will employment, then they would quickly be replaced.

------
RcouF1uZ4gsC
> But in a July reorganization, the OCISO was dissolved and its duties placed
> under the White House Office of the Chief Information Officer, led by CIO
> Ben Pauwels and Director of White House IT Roger L. Stone. Stone was pulled
> from the ranks of the National Security Council where he was deputy senior
> director for resilience policy. (Stone is not related to indicted Republican
> political consultant Roger J. Stone.)

I wonder if Roger L. Stone feels any sympathy for people who have similar
names to those on the No Fly List. I wonder if people ask him about
indictment, and he says "No, it is the other Roger Stone in the Trump
administration, Roger J. Stone who was indicted. I am Roger L. Stone"

~~~
schoen
I remember reading about how were _two_ Stephen R. Bournes working at Bell
Labs at the same time (only one of whom was the author of the Bourne shell).

[https://www.sendmail.org/~ca/email/README.cf.8.8.html](https://www.sendmail.org/~ca/email/README.cf.8.8.html)

> [...] and at one time Bell Labs had two Stephen R. Bournes with offices
> along the same hallway. Which one will be forced to suffer the indignity of
> being Stephen_R_Bourne_2? The less famous of the two, or the one that was
> hired later?

------
kelnos
> _[The Office of Administration 's general counsel] added that it also puts
> information required to be preserved by the Presidential Records Act outside
> of the Executive Office of the President's oversight._

The rest of the article seems really bad, but isn't this bit a _good_ thing?
Shouldn't a somewhat-independent body be responsible for ensuring that
presidential records are properly preserved?

~~~
velcrovan
I may be wrong, but just because they are outside the oversight of the
“Executive Office of the President” does not mean they have been transferred
_into_ the oversight of some equally competent authority. The president is
probably still in control of this info but he doesn’t want it formally handled
by this office. (Realistically there's a 50/50 chance it’s being managed by
Rudy Giuliani at this point.)

~~~
jonfw
> outside of the Executive Office of the President's oversight

> The president is probably still in control

What you're saying is directly contrasting the quote you responded to

~~~
shantly
"Executive Office of the President"

"President"

Not the same thing.

------
mmanfrin
Why was this post nuked? It was at the top, then all of a sudden it was merged
in to another lower post and has very quickly dropped to the bottom.

~~~
callmeal
It's a technique to control public discourse and provide the illusion of free
speech. Read this[0] and weep.

[0]: [https://cryptome.org/2012/07/gent-forum-
spies.htm](https://cryptome.org/2012/07/gent-forum-spies.htm)

------
zenpaul
It's another indication of the danger of the incompetency of the current
administration as outlined in Michael Lewis' excellent book "The Fifth Risk".
The Fifth Risk being "Project management", or lack thereof.
[https://en.wikipedia.org/wiki/The_Fifth_Risk](https://en.wikipedia.org/wiki/The_Fifth_Risk)

------
typeformer
This will surely end well...

------
personjerry
They should hire Alex Stamos

~~~
throwaway5752
Are you serious? If you read the article, it's quite clear this is a
coordinated effort within the administration to gut this group (OCISO). They
don't want to improve things by hiring Stamos. That is the opposite of their
goal.

------
dang
Url changed from [https://arstechnica.com/information-
technology/2019/10/white...](https://arstechnica.com/information-
technology/2019/10/white-house-guts-infosec-team-posturing-itself-to-be-
compromised-again/), which points to this.

