Hacker News new | comments | show | ask | jobs | submit login
CIA is largest US spy agency, according to black budget leaked by Edward Snowden (washingtonpost.com)
152 points by wj 1305 days ago | hide | past | web | 74 comments | favorite

It should be noted especially clearly that the CIA is the only independent US intelligence agency[1][2], where others fall under the following:

* Defense Department

* Department of Energy

* Department of Homeland Security

* Justice Department

* State Department

* Treasury Department

Now, the above mentioned departments directly fall under the purview of the executive branch (through presidential appointment of directors, administrators, or secretaries) whereas independent agencies have a commission or a committee of some kind.

Whether or not this should concern you is up to you, and one thing to note is that the independent agency's commissions have longer appointment terms than the usual four-year presidential terms.

It should also be noted that the CIA is the go-to agency for clandestine operations that involve reconnaissance, espionage, or subversive operations -- both domestically and abroad.

[1] http://en.wikipedia.org/wiki/Independent_agencies_of_the_Uni...

[2] http://en.wikipedia.org/wiki/US_intelligence_community#Membe...

No. The Central Intelligence Agency is not run by a commission. It is run by the Director of the Central Intelligence Agency, who is directly appointed by the president with the advice and consent of the senate (50 USC § 403–4a(a)), as much a part of the executive branch as any department secretary, with no special term appointment.

Indeed, I stand corrected.

> It should also be noted that the CIA is the go-to agency for clandestine operations that involve reconnaissance, espionage, or subversive operations -- both domestically and abroad.

I thought the CIA had limits placed on what they could do within the US?

And the NSA is limited to not collecting details on Americans.

The NSA, unlike the CIA, does not have such legal restrictions.

Well I'm glad you cleared that up. Perhaps you could go to Washington and clear this whole thing up for everyone.

This is correct. The CIA cannot operate domestically, that's the FBI's job.

The CIA has no police authority domestically, but their reconnaissance and espionage duties have no such restrictions.

I wasn't surprised (the CIA ran the drone program), but apparently it is a common myth that the NSA is larger.

More importantly though.. what purpose does leaking this serve? It shows nothing illegal, or even questionable. It has nothing to do with the documents leaked previously. I just don't understand why he thought this needed to be leaked.

> More importantly though.. what purpose does leaking this serve? It shows nothing illegal, or even questionable. It has nothing to do with the documents leaked previously. I just don't understand why he thought this needed to be leaked.

Maybe it's about taxpayers knowing where their dollars are going? First you show that your government is spying on you, and then you show how much of your own money that costs..?

If it were $100b+ or some other outrageous number, then perhaps... but the CIA is $14.7b.. It's a drop in the bucket in the budget. It's even less than NASA, and you can see how much the general public cares about that.

Well, it is less expensive to build data-centers and tap fiber-optic lines than to send rockets to orbit and probes to Mars... (especially the way NASA does it compared to, say, SpaceX.. but that's another discussion)

But in any case, I think it's fine to get these numbers public because it's still taxpayer money. I think it would've been worse of Snowden NOT to release numbers just because they aren't as shocking as they could've been.

Transparency should be about showing you what's there, not about cherry-picking things to form a narrative that distorts what is there.

"A whistleblower is a person who exposes misconduct, alleged dishonest or illegal activity occurring in an organization." [0]

I support Snowden, but this document is none of those things.


Is your argument that because the wikipedia definition of whistleblower seems to exclude this type of disclosure, it doesn't qualify as whistleblowing? If someone amended the wikipedia definition to include "disclosures of information which is of a compelling nature and of significant interest to the voting public", would you change your opinion?

Shouldn't the question of the value of this disclosure be determined on its merits (does its value in furthering democracy outweigh any potential harm), not whether or not it qualifies under some dictionary definition?

I think it is quite clear that he is not saying his quarrel is with dictionary definitions. You should [re]read what he wrote, particularly the second paragraph of it.

If it was the only thing he ever released, I would agree with you. But in the context of what has been shown before, I think it fits for reasons I stated up-thread.

None of what he has released qualifies him as a whistleblower, because it is classified information (which has strictly regulated ways to handle impropriety) and the activities are not illegal (ignoring tenuous Constitution arguments).

I am sorry, but even if you absolutely ignore everything else, Clapper's lying to Congress was illegal. He has also exposed the fact that NSA has violated the constitution many times.

What is "classified" anyways? Some guy sitting somewhere decides that it is "classified". So why can't some other guy decide that it is in the public interest to not classify it?

So, a court already declared it illegal, and one of the things he leaked was information about illegal things NSA admitted it has done...

How it is not illegal?

Perhaps there is more to be understood here: Snowden didn't blow the whistle on the US Government, he blew the whistle on the US People, and what they have allowed their government to become.

Big difference.

"No single raindrop believes it is responsible for the flood".

Similarly what singled out line item in the budget isn't just a "drop in the bucket" when compared to the entirety of the government budget? Just because some program or item doesn't "cost" much compared to everything combined doesn't mean we shouldn't scrutinize spending money on it.

The armed forces, or interest payments would be pretty substantial all by themselves. (And so would social security, probably, but I don't know enough about the USA to make that comment.)

The armed services as a whole is large... continue breaking it down into finer line items and soon... it's just a bunch of "drops in the bucket".

ADD: interest payments is probably large too and more difficult to break into smaller lines... so let's quickly scrutinize that item... "Yeah, we probably should continue to make those payments unless we want everyone to lose trust in the U.S. backed dollar."

Yes. So if you want to scrutinize the budget, you should prioritize by cost / value instead of by cost alone.

The ~$50B black budget is well over 1% of federal spending ($3.8T says http://en.wikipedia.org/wiki/2013_United_States_federal_budg... ). Considerably more than a drop.

Well who uses all the spy satellites because its the air force that pays for them.

Taxpayer dollars get returned to the issuer. It's like asking where all your movie tickets are going.

Because there is no reason for it to be secret?

Bull-pucky. Seeing budgets can give foreign governments a very good idea of how many people work there, what sorts of equipment is being bought, etc.

These are allocations on the size of multi-billion dollars, it can not give anybody an idea "what sorts of equipment is being bought". And the information that the NSA employs tens of thousands of employees is likewise useless.

No, this should obviously not be classified.

You might be surprised what an intelligence agency can tell you about your country based off of those "larger" indicators. Especially when tied to other data points. Knowing what another state is capable of is by far the most important part of intelligence gathering.

The DIA has models to determine food supplies in China based off of the number of farm tractors and price fluctuations of dog food in the USA. It amazing how accurate they are considering the data points.

Really isn't a question of whether the information is a security risk or not. It is a question of freedom vs security.

Planes that cost in the billions? Equipment for the government is never cheap, mostly because they can't get economies of scale pricing. And not to mention that year-to-year changes can give you excellent information too. For example: say last year they spent $10b, and this year they spent $20b -- holy crap they clearly expanded something or bought some crazy expensive gear.

It's an intelligence agency. Most of what they do should be classified.

Here's a thought. We don't need them and they do much more harm than good. They didn't protect us against 9/11, mislead us into Iraq, took 10 years to capture Osama Bin Laden, didn't foresee the collapse of the Soviet Union, and now are mucking about with Syrian "rebels" (and indirectly supporting Al-Qaeda) fomenting the start of WWIII.

If they just didn't exist we would all be safer and we'd get to keep more money. By falsely leading us into war in Iraq for absolutely nothing, they effectively cost the US over $10^12. The cost of the CIA and other agencies is much higher than their yearly cost. They can't even manage their sys admins, why should we trusting them so much?

> Most of what they do should be classified.

Which leads to the current abuses.

Foreign governments already know this.

i would guess this decision depends on many details - it's going to involve weighing costs v benefits of making available for public inspection. the risks don't seem huge for a budget doc (compared to something with more operational details) while there are already possible gains - this report suggests that the CIA has misled the public, for example http://www.news.com.au/breaking-news/world/dna-test-verified...

I'm confused, why is it surprising that the CIA is the largest spy agency?

Because the myth was that the NSA was many times larger than the CIA. The reality is they pumped money into their Special Activities Division, which is a paramilitary division that gets involved in a lot of clandestine military actions. Usually they work side by side with DoD assets to accomplish military missions. This basically changes the notion that the CIA is simply a bunch of agents working out of embassies around the world to handle HUMINT assets that do the real spying. They still do that of course but they've become a much more hands on agency.

Half-jokingly, I will posit an alternative theory: The NSA is still the largest (has the most personnel), they just pay their people crap compared to CIA.

Because of Good Will Hunting: http://www.youtube.com/watch?v=UrOZllbNarw

"You guys handle 80 percent of the intelligence workload. You're seven times the size of the CIA."

Haha. Well, I wouldn't be all the surprised if the the NSA was bigger employee wise. But budget wise, no way.

Yeah if they are paying administrators 150k/year can you imagine how much a contractor for their SAD division makes? Probably a huge amount compared to the average modern mercenary.

NCS does not employ contractors for SOD (which I assume is what you meant by "mercenary", SAD includes non-tactical units too). Pay is relatively modest compared to other lines of work within the Agency.

Edit: I realized after I commented that I dropped alphabet soup all over the uninitiated. NCS is the National Clandestine Service, which is the division of the CIA responsible for covert operations. Most people assume the Special Activities Division (SAD) is only the Special Operations Group (SOG). There are no "mercenaries" within SOG, only Specialized Skills Officers, whom are recruited and transfered from other Special Forces branches.

Why is this surprising? the CIA deals with people. the NSA deals with math. shipping a shitload people around the world costs way more than running a shitload of servers.

Also a big budget, most likely towards warfare related spying, such as figuring out how many main battle tanks a particular bridge in China can hold.

It's kind of staggering that a contractor like Snowden had access to information like this. What possible reason could someone at his level have for looking this up?

Thats what happens when you outsource your administrators. If i remember correctly the CIA made a hosting deal with Amazon. So every high level Amazon administrator can access highly classified informations.

And for Snowden he saw the black hole and everything they are planning he must have seen some very scary stuff, hopefully he wont be the guy in jail or death with a mark on his head "Told you so." and we did not act.

There is no difference in the amount of scrutiny given to contractors' background checks vs. government employees.

Take for example the fact that all weapons used in the military are designed and built by private contractors. Would you say it's a risk to allow contractors to have full access to weapons data when they are the ones that design and build it?

You know I keep hearing this myth. As if a real employee/agent could never leak information. TS/SCI clearance is the same for everyone. Cleared is cleared.

No it's not. All classified material is provided on a "Need to Know" basis. You can't just have a clearance and get access to every classified document out there, that's ridiculous.

Just to expounded. Once you get passed Secret almost everything is compartmentalized.

To speak to the Snowden leaks, in there entirety they now are clearly, far outside the scope of any single user, unless that user was a multi-department head or higher. It is more likely that the leaks are from multiple users now. The story posted yesterday about the access level of the information lends this theory some credibility, although none to the means of access.

More info on that, the press rumor that he gained access to other user credentials:


Yes I'm aware of that. I never said that one would gain access to all information simply because they have a clearance..

>> Thats what happens when you outsource your administrators.

Wait, I understand that he was a contractor. But wasn't he previously an NSA employee too. So he basically stayed in the same chair, but just got a bigger pay check. Revolving door and all that. I wouldn't go so far as to call it outsourced, his work was still 'in-house'.

I believe he worked at both the NSA and the CIA but I don't think in the same capacity.


Amazon will be developing it, and probably managing it, but it is not part of the primary Amazon infrastructure so outside of those contracted to work specifically on the CIA system, Amazon employees shouldn't have access.

Regarding Amazon, I highly doubt that. As an Amazon employee, I know that only staff administrators with government clearance/certification can access AWS-GovCloud systems for maintenance. And the auditing of maintenance is pretty intense too.

Actually, he probably didn't:


Well, in which case, it's staggering that security was so weak that he could do that!

It is a pretty good indicator of effectiveness of the clearance process, in my mind. I'd hate to be the person that signed off on granting Snowden's clearance.

It was a total failure of the 'compartmentalization' mode of thought, probably by Snowden's own design. He had the somewhat unique authorization to take files off-facility on a thumb drive, then used other clearance-level user information to pull 'juicy to leak' intel.

He was also a sysadmin, so... Quis custodiet ipsos custodes? if you're in charge of user authorities, you're probably in a pretty good position to get into stuff you shouldn't.

I like the quote NBC News [1] used from their 'former intelligence official' :

The damage, on a scale of 1 to 10, is a 12

lol, whoops.

[1] - http://investigations.nbcnews.com/_news/2013/08/29/20234171-...

EDIT - typo

The real issue is why did they have human L/P access on their PKI system. Usually unclass systems require PKI regardless of L/P. Even the DOD contracting system requires both.

And if they did not have L/P then the issue is far more concerning in that PKI was compromised.

Perhaps the real value of the leaks was to show how vulnerable the spy agencies are?

In your face, NSA!

How is this news? I don't need a budget, or Snowden to tell me the obvious.

A budget was leaked in the 1990s that showed the NSA receiving more dollars and the CIA having a 3 billion dollar budget. I don't understand you guys saying this reversal was in any way obvious. Not only that but the leak indicates that the budgets are in flux now. It's also long been assumed that the NSA isn't running just some "big ass data center", but rather expensive cutting edge technology.

It's more news than what honey booboo ate yesterday or whatever is in your country's newspapers today.

Or what hannah montana did at an entertainment award show.

I understand you might be implying the relative size or budgets of the organizations may have been obvious. But, how are/were their actual budget's obvious?

uh... no shit Sherlock. Are there even any other "spy" agencies? Does the NSA count as spying? Invasion of privacy, warentless and possible unlawful search, yes. But the word "spy" implies people on the ground collecting information, does it not? Does the NSA makes the tools that facilitate CIA spying? Perhaps. Even so, of course the CIA spends more than anyone else, it costs a lot lot LOT more to run and maintain huge network of humans planted throughout the globe than it does to run a big ass data center.

Heh, this is some real movie stuff. Do you think some Yale grad with blonde hair is hanging around cafes in the Middle East or China trying to blend with a disguise too?

Human collection work is done by that Yale grad paying some locals for info, putting that info into a product (powerpoint) and sending up the chain where no one ever looks at it again. The information is probably bad because the local just wanted to feed his family and took money to rat on some guy he just doesn't like.

That's why the CIA's budget is huge. All the payouts and bribes. I know couriers grift plenty in the process too.

> But the word "spy" implies people on the ground collecting information, does it not?

It does not. http://www.merriam-webster.com/dictionary/spy

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact