

General Alexander: NSA to implement two-man rule for sysadmins - 23david

General Alexander mentions that NSA is now in process of implementing a two-man rule for NSA system administrators. 
At 1:08:10, http:&#x2F;&#x2F;www.c-spanvideo.org&#x2F;event&#x2F;220343<p><pre><code>    A system administrator is one that actually helps operate&#x2F;run, 
    set the conditions, the auditing and stuff on a system or portion 
    of the network.

    When one of those persons misuses their authorities this is a 
    huge problem.

    So, working with the director of National Intelligence, what 
    we are doing is working to come up with a two-person rule and 
    oversight for those and ensure that we have a way of blocking 
    people from taking information out of our system.

    This is work in progress. We&#x27;re working with the FBI on the 
    investigation. We don&#x27;t have all the facts yet. We&#x27;ve got to get 
    those. And as we&#x27;re getting those facts, we are working through
    our system.

    Director Clapper has asked us to do that, and providing that 
    feedback to the rest of our community.
</code></pre>
Initially I thought it meant something like pair programming. But it seems more like some kind of linux plugins to enable two-factor auth, where sysadmins will need another sysadmin to approve every `sudo`? How else can they implement this?
======
amalag
So in other words, they have access to everything but the sysadmins could
access things without the court order. Now they will try to adhere to the
court orders by instituting some sort of two-person rule. We don't know how
much data they are storing either.

------
pkinsky
Remember Assange talking about how the presence of organizations like
wikileaks would impose additional operating costs on institutions operating
under conditions of secrecy?

This is that.

------
gesman
NSA also plans to deploy company cars for NSA personnel with two steering
wheels. Both drivers will need to agree upon the direction before car will
obey.

And none of the drivers will not be allowed out of the car unless someone from
outside will open the door.

~~~
makerops
The problems start when they say fuck it, and start driving motorcycles to and
from work.

------
ColinWright
More discussion:
[https://news.ycombinator.com/item?id=5901540](https://news.ycombinator.com/item?id=5901540)

------
w_t_payne
Don't trust the geeks! They can use those computery-thingamajigs to do stuff!

------
thesmileyone
So in other words, they don't really care about someone with PRISM access
"misusing" their authority, all they care about is someone with PRISM access
becoming a whistleblower. Suprise, suprise...

