Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Monday April 13 2015, @07:20PM   Printer-friendly
from the trusted-cloud-module dept.

Snowden's stream of leaked NSA secrets about classified surveillance programs shined the public spotlight on the clandestine government organization. Though the stream has now dissipated to a trickle, the impact to the intelligence community continues.

[...] Within NSA's Fort Meade, Maryland, headquarters, no one wants to face another Snowden. With NSA's widespread adoption of cloud computing, the spy agency may not have to.

NSA bet big on cloud computing as the solution to its data problem several years ago. [...] NSA's GovCloud - open-source software stacked on commodity hardware - creates a scalable environment for all NSA data. Soon, most everything NSA collects will end up in this ocean of information.

At first blush, that approach seems counterintuitive. In a post-Snowden world, is it really a good idea to put everything in one place -- to have analysts swimming around in an ocean of NSA secrets and data? It is, if that ocean actually controls what information analysts in the NSA GovCloud can access. That's analogous to how NSA handles security in its cloud.

NSA built the architecture of its cloud environment from scratch, allowing security to be baked in and automated rather than bolted on and carried out by manual processes. Any piece of data ingested by NSA systems over the last two years has been meta-tagged with bits of information, including where it came from and who is authorized to see it in preparation for the agency's cloud transition.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by AndyTheAbsurd on Monday April 13 2015, @08:04PM

    by AndyTheAbsurd (3958) on Monday April 13 2015, @08:04PM (#169951) Journal

    NSA's GovCloud - open-source software stacked on commodity hardware

    NSA built the architecture of its cloud environment from scratch, allowing security to be baked in and automated

    Either they built something using open-source software, or they built the architecture "from scratch", but it CANNOT be both. These statements are literally incompatible.

    Typical politicians, talking out of both sides of their mouth.

    --
    Please note my username before responding. You may have been trolled.
    Starting Score:    1  point
    Moderation   +3  
       Insightful=2, Informative=1, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 2) by maxwell demon on Monday April 13 2015, @08:17PM

    by maxwell demon (1608) on Monday April 13 2015, @08:17PM (#169955) Journal

    They can write their software from scratch, and open source that. Nothing incompatible about that.

    Whether that possibility is compatible with reality is another question, of course.

    --
    The Tao of math: The numbers you can count are not the real numbers.
    • (Score: -1, Redundant) by Anonymous Coward on Monday April 13 2015, @08:47PM

      by Anonymous Coward on Monday April 13 2015, @08:47PM (#169974)

      YOU JUST GOT HIT BY

      ¶▅c●▄███████||▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅|█
      ▄██ OBAMACARE ███▅▄▃▂
      █████████████████████►

  • (Score: -1, Spam) by Anonymous Coward on Monday April 13 2015, @08:46PM

    by Anonymous Coward on Monday April 13 2015, @08:46PM (#169973)

    YOU JUST GOT HIT BY

    ¶▅c●▄███████||▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅|█
    ▄██ OBAMACARE ███▅▄▃▂
    █████████████████████►

  • (Score: 3, Interesting) by VLM on Monday April 13 2015, @08:52PM

    by VLM (445) Subscriber Badge on Monday April 13 2015, @08:52PM (#169983)

    Well, your architecture could depend on kerberos for auth and gpg encrypting file and storing the gpg keys using ssss to split the keys amongst people or somesuch.

    Or they could be using NIS/YP for auth, that pig latin thing from bsdgames for file encryption, and store the files on NFSv1 unauthenticated servers on the internet. Or maybe using gopher to really confuse those leet hackers who've never heard of gopher protocol.

    Using open source components doesn't mean they're doing it "right" or the whole system is open. It just means the components are free.

  • (Score: 3, Informative) by frojack on Monday April 13 2015, @09:04PM

    by frojack (1554) on Monday April 13 2015, @09:04PM (#169991) Journal

    Typical politicians, talking out of both sides of their mouth.

    Careful. Remember there is a journalist standing between you and the truth. Its as likely to be a casual word choice by the journalist as anything meaningful from a politician.

    Further the story sourced NSA Chief Information Officer Lonny Anderson, and SA cloud strategist Dave Hurry. Neither are politicians. Believe me, if we could vote for these guys they would have been long gone.

    Its entirely possible to take opensource software, say something like Hadoop, and feed into that a historical collection of disparate and diverse datasets collected by a dozen different branches and build a new distributed database, adding metadata along the way.

    That's a valid definition of "from scratch" in the data processing world, because you come out of it with the ability to scrap your old systems, or continue to use them as input mechanisms, while relying on the new cloud system for extraction and data crunching.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 5, Insightful) by Nerdfest on Monday April 13 2015, @09:38PM

      by Nerdfest (80) on Monday April 13 2015, @09:38PM (#170015)

      There's a journalist standing between us and a politician. The truth is unlikely to enter into the process.