
Pentagon contractor leaves social media spy archive wide open on AWS - georgecmu
https://arstechnica.com/information-technology/2017/11/vast-archive-from-pentagon-intel-gathering-operation-left-open-on-amazon/?amp=1
======
tryingagainbro
Strong as the weakest link...NSA with virtually unlimited budget brought to
its knees:

 _" Inside the agency’s Maryland headquarters and its campuses around the
country, N.S.A. employees have been subjected to polygraphs and suspended from
their jobs in a hunt for turncoats allied with the Shadow Brokers. Much of the
agency’s arsenal is still being replaced, curtailing operations. Morale has
plunged, and experienced specialists are leaving the agency for better-paying
jobs — including with firms defending computer networks from intrusions that
use the N.S.A.’s leaked tools.

“It’s a disaster on multiple levels,” Mr. Williams said. “It’s embarrassing
that the people responsible for this have not been brought to justice.”_
[https://www.nytimes.com/2017/11/12/us/nsa-shadow-
brokers.htm...](https://www.nytimes.com/2017/11/12/us/nsa-shadow-brokers.html)

~~~
joering2
Revolving door.

Gee, wonder if eventually someone will come to conclusion that the whole thing
was not needed in the first place.

Unless, you know - there is some proven intel that this agency actually
stopped mass-terror attack on a US soil; something that supposed to be their
main task.

But hey! So long as military industrial complex find just another good-enough-
for-public reason to spend more of tax-payers money, then there is nothing to
see here...

~~~
ringaroundthetx
I was going to say something, but then I realized this already conformed to my
world views

It is surprising that the Shadow Broker leaks are seemingly being so effective
at the NSA questioning itself.

There is so much cognitive dissonance about the NSA's acumen. People view
software engineers hired at Google and Facebook with so much regard, and the
schools they come from with so much regard, while simultaneously putting the
theoretical NSA engineers above even those guys without realizing the NSA
hires from state schools in the Maryland, DC, VA area.

My main point here is that software engineering programs aren't better or
worse at Ivy League vs Tier 3 universities, and isn't much of an indication of
the prowess of the engineer.

The NSA's unlimited budget, loss leading tasks of finding exploits, and
immunity to execute these exploits is the only thing that sets it apart.

~~~
Retric
School 'Tier' has close to zero relationship to engineering talent at the high
end.* Effectively sifting though large numbers of applicants, training them,
and most importantly retaining them is far more important. NSA is very good at
retention and training while still attracting vast numbers of applicants
resulting in a world class work force.

Google/Facebook/etc suffer as people want them on their resume more than they
want to work for them which hurts retention. The upside is this forces them to
pay very well, but the downside is the average team is surprisingly poor.

*AKA a randomly selected Stanford/etc. grad is likely better than a randomly selected Virginia Tech/etc. grad, but the best at each institution is a toss up. If you want a large talented workforce you can't be selective in terms of schools as their simply are not enough of them.

------
teapot01
Given the quote "influence high risk youth" and the fact that they were
critical of ISIS I'd guess these posts are copies of posts created by the
company to influence online communities.

~~~
mirimir
That's one aspect, I'm sure. But they probably archived entire threads. For
context, at least.

This is just too funny :)

------
Gaelan
Do we know if anything here was private? "Scraped" suggests it's already
public content, in which case I don't see much of a problem.

~~~
btgeekboy
Assuming the content was already public, the leak is the knowledge of what was
scraped.

------
Eliezer
The alleged-foolish focus of the NSA on offense is perhaps a bureaucratic
corollary of successful attacks getting lots of attention and funding and
promotions within the org; and successful defenses fading quietly into the
void, except when they fail and collect blame.

------
Gustomaximus
> raising questions about the collection of data from people located in the US

Isn't this the big item here. If this is evidence the govt is spying on US
citizens this should create significant legal ground for civil
rights/constitution protection groups.

~~~
kevin_thibedeau
This isn't intrusive spying. Collecting publicly available data is fair game
and legal. Commercial data aggregators have prevented us from having any data
privacy laws. The government may as well take advantage of a good deal too.

~~~
ikeboy
Is the government freely allowed to break Facebook TOS in the way that got
others in trouble (see
[https://en.wikipedia.org/wiki/Facebook,_Inc._v._Power_Ventur...](https://en.wikipedia.org/wiki/Facebook,_Inc._v._Power_Ventures,_Inc.))?

~~~
kaoD
> collected user information from Facebook and _displayed it on their own
> website_

I think that's an important distinction.

~~~
ikeboy
As opposed to letting anyone who bumped into the bucket see it?

------
nielsbot
Quick, someone make a copy.

------
SomeStupidPoint
This is what happens when you force the military to outsource core functions
to fleece taxpayer money for your buddies.

For a long time, there's been a push to not let the military develop
capabilities in-house, despite repeated contractor fuckups and huge
overspends.

Can we just admit privatization is a failure?

It's literally destroying national security.

~~~
wolf550e
The military cannot pay the salaries that are required to keep qualified
people of certain professions/specialties. Surgeons and hackers, but also some
other things too. so they must outsource to the private sector. But they
certainly can require the contractor to use military provided/mandated
security oversight. Mandate and verify good security practices, not tick
checkboxes.

~~~
SomeStupidPoint
How -- conceptually -- does the military being unable to afford the salary of
person A get fixed by subcontracting to hire person A through corporation B?

That literally just makes person A cost more money.

~~~
TheCondor
When you pay the contractor, you pay all your buddies that run and
administrate the company too. It is all a staggering money grab, what better
job is there than federal contractor that works on stuff so secret that
congress doesn’t even really have oversight? That stuff is free money for
ever. Plus I think they do it to evade rules, there are different penalties
for the government breaking rules and laws than for these secretive companies.
Foobar secret LLC could totally just target Muslims if they actually did work
and it wouldn’t have to be a constitutional issue if they were ever caught.

