These are all valid points, and I defer to your expertise in the matter. Now do you think that Snowden (who was a contractor, not an in-house “high-level sysadmin”, and certainly not an application programmer) cleverly evaded the logging and flagging software and human audit for some time, or that the software in question was never there to begin with? Consider:
“My position with Booz Allen Hamilton [in Hawaii] granted me access to lists of machines all over the world the NSA hacked,” he told the Morning Post in a June 12 interview that was published Monday. “That is why I accepted that position about three months ago.”
You say
I’m pretty sure that securing a network against its own sysadmins—or even against any single rogue sysadmin—is a doomed effort.
Against the top-level in-house guys, probably. Against a hired contractor? I don’t think so. What do you think are the odds that his job required accessing these lists and copying them?
I’m sorry, I assumed he was a sysadmin or equivalent. I got confused about this at some point.
A contractor is like an ordinary user. It’s possible to secure a network against malicious users, although very difficult. However, it requires that all the insiders be united in a thoroughly enforced preference of security over convenience. In practice, convenience often wins, bringing in insecurity.
What do you think are the odds that his job required accessing these lists and copying them?
Well, his own words that you quote (“that is why I accepted that position”) imply that this access was required to do the job, since he knew he would have access before accepting the job. The question then becomes, could he have been stopped from copying files outside the system? Was copying (some) files outside the system part of his job? Etc. (He could certainly have just memorized all the relevant data and written it down at home, but then he would not have had documentary proof, flimsy and trivially fakeable though it is.)
It’s possible to defend against this, but hard—sometimes extremely hard. It’s hard to say more without knowing what his actual day-to-day job as a contractor was. However, the biggest enemy of security of this kind is generally convenience (the eternal trade-off to security), followed by competence, and then followed distantly by money.
These are all valid points, and I defer to your expertise in the matter. Now do you think that Snowden (who was a contractor, not an in-house “high-level sysadmin”, and certainly not an application programmer) cleverly evaded the logging and flagging software and human audit for some time, or that the software in question was never there to begin with? Consider:
You say
Against the top-level in-house guys, probably. Against a hired contractor? I don’t think so. What do you think are the odds that his job required accessing these lists and copying them?
I’m sorry, I assumed he was a sysadmin or equivalent. I got confused about this at some point.
A contractor is like an ordinary user. It’s possible to secure a network against malicious users, although very difficult. However, it requires that all the insiders be united in a thoroughly enforced preference of security over convenience. In practice, convenience often wins, bringing in insecurity.
Well, his own words that you quote (“that is why I accepted that position”) imply that this access was required to do the job, since he knew he would have access before accepting the job. The question then becomes, could he have been stopped from copying files outside the system? Was copying (some) files outside the system part of his job? Etc. (He could certainly have just memorized all the relevant data and written it down at home, but then he would not have had documentary proof, flimsy and trivially fakeable though it is.)
It’s possible to defend against this, but hard—sometimes extremely hard. It’s hard to say more without knowing what his actual day-to-day job as a contractor was. However, the biggest enemy of security of this kind is generally convenience (the eternal trade-off to security), followed by competence, and then followed distantly by money.