Snowden's stream of leaked NSA secrets about classified surveillance programs shined the public spotlight on the clandestine government organization. Though the stream has now dissipated to a trickle, the impact to the intelligence community continues.
[...] Within NSA's Fort Meade, Maryland, headquarters, no one wants to face another Snowden. With NSA's widespread adoption of cloud computing, the spy agency may not have to.
NSA bet big on cloud computing as the solution to its data problem several years ago. [...] NSA's GovCloud - open-source software stacked on commodity hardware - creates a scalable environment for all NSA data. Soon, most everything NSA collects will end up in this ocean of information.
At first blush, that approach seems counterintuitive. In a post-Snowden world, is it really a good idea to put everything in one place -- to have analysts swimming around in an ocean of NSA secrets and data? It is, if that ocean actually controls what information analysts in the NSA GovCloud can access. That's analogous to how NSA handles security in its cloud.
NSA built the architecture of its cloud environment from scratch, allowing security to be baked in and automated rather than bolted on and carried out by manual processes. Any piece of data ingested by NSA systems over the last two years has been meta-tagged with bits of information, including where it came from and who is authorized to see it in preparation for the agency's cloud transition.
(Score: 5, Insightful) by AndyTheAbsurd on Monday April 13 2015, @08:04PM
NSA's GovCloud - open-source software stacked on commodity hardware
NSA built the architecture of its cloud environment from scratch, allowing security to be baked in and automated
Either they built something using open-source software, or they built the architecture "from scratch", but it CANNOT be both. These statements are literally incompatible.
Typical politicians, talking out of both sides of their mouth.
Please note my username before responding. You may have been trolled.
(Score: 2) by maxwell demon on Monday April 13 2015, @08:17PM
They can write their software from scratch, and open source that. Nothing incompatible about that.
Whether that possibility is compatible with reality is another question, of course.
The Tao of math: The numbers you can count are not the real numbers.
(Score: -1, Redundant) by Anonymous Coward on Monday April 13 2015, @08:47PM
YOU JUST GOT HIT BY
¶▅c●▄███████||▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅|█
▄██ OBAMACARE ███▅▄▃▂
█████████████████████►
(Score: -1, Spam) by Anonymous Coward on Monday April 13 2015, @08:46PM
YOU JUST GOT HIT BY
¶▅c●▄███████||▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅▅|█
▄██ OBAMACARE ███▅▄▃▂
█████████████████████►
(Score: 3, Interesting) by VLM on Monday April 13 2015, @08:52PM
Well, your architecture could depend on kerberos for auth and gpg encrypting file and storing the gpg keys using ssss to split the keys amongst people or somesuch.
Or they could be using NIS/YP for auth, that pig latin thing from bsdgames for file encryption, and store the files on NFSv1 unauthenticated servers on the internet. Or maybe using gopher to really confuse those leet hackers who've never heard of gopher protocol.
Using open source components doesn't mean they're doing it "right" or the whole system is open. It just means the components are free.
(Score: 3, Informative) by frojack on Monday April 13 2015, @09:04PM
Typical politicians, talking out of both sides of their mouth.
Careful. Remember there is a journalist standing between you and the truth. Its as likely to be a casual word choice by the journalist as anything meaningful from a politician.
Further the story sourced NSA Chief Information Officer Lonny Anderson, and SA cloud strategist Dave Hurry. Neither are politicians. Believe me, if we could vote for these guys they would have been long gone.
Its entirely possible to take opensource software, say something like Hadoop, and feed into that a historical collection of disparate and diverse datasets collected by a dozen different branches and build a new distributed database, adding metadata along the way.
That's a valid definition of "from scratch" in the data processing world, because you come out of it with the ability to scrap your old systems, or continue to use them as input mechanisms, while relying on the new cloud system for extraction and data crunching.
No, you are mistaken. I've always had this sig.
(Score: 5, Insightful) by Nerdfest on Monday April 13 2015, @09:38PM
There's a journalist standing between us and a politician. The truth is unlikely to enter into the process.