Both These Things Cannot Be True

Last Friday, NSA’s Compliance Director John DeLong assured journalists the violations NSA reported in 2012 were “miniscule.” (I noted that the report showed some of the most sensitive violations primarily get found through audits and therefore their discovery depend in part on how many people are auditing.)

Today, as part of a story describing that NSA still doesn’t know what Edward Snowden took from NSA, MSNBC quotes a source saying NSA has stinky audit capabilities.

Another said that the NSA has a poor audit capability, which is frustrating efforts to complete a damage assessment.

(We’ve long known this about NSA’s financial auditing function, and there have long been signs they couldn’t audit data either, but apparently MSNBC’s source agree.)

For the past several months, various Intelligence officials have assured Congress and the public that it keeps US person data very carefully guarded, so only authorized people can access it.

Today, MSNBC reports NSA had (has?) poor data compartmentalization.

NSA had poor data compartmentalization, said the sources, allowing Snowden, who was a system administrator, to roam freely across wide areas.

Again, there have long been signs that non-analysts had untracked access to very sensitive data. Multiple sources agree — and possibly not just non-analysts.

While I’m really sympathetic for the people who are reportedly “overwhelmed” trying to figure out what Snowden took, we’re seeing precisely the same thing we saw with Bradley Manning: that it takes a giant black eye for intelligence agencies to even admit to gaping holes in their security and oversight.

And in NSA’s case, it proves most of their reassurances to be false.

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

18 Responses to Both These Things Cannot Be True

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
Emptywheel Twitterverse
JimWhiteGNV RT @ZaidJilani: As America gets actually safer its officials have to reach further and further into the realm of hysteria
emptywheel @normative Actually, that itself relies on trusting past claims abt NK hacks, no? And not just NK but NK govt.
JimWhiteGNV RT @CliveSSmith: Its not PK v. West. Don't forfeit all that is good about PK. US rushed to throw out the rule of law in the wake of a horri…
emptywheel @Krhawkins5 Link not working for me. @attackerman
emptywheel RT @GEsfandiari: North Korea Is Not Funny by @adrianhong
emptywheel @TyreJim Actually doubt mine will be very effective. I'm still behind on NSA what with 2 weeks of torture. @kurtopsahl
emptywheel @JAMyerson I don't think he was doing that and I don't mind the convo. Just think @GomesBolt misinterpreted what I was getting at.
emptywheel @TyreJim Again, who goes to court minutes before Christmas vacation starts? @kurtopsahl
emptywheel @GomesBolt Well, apparently we're now looking for a proportionate response. So it'd be nice to think that, but that's not thec case
emptywheel @GomesBolt No, Brennan is in charge of the CIA. He's in charge of most of the IC, which includes far more than CIA. @JAMyerson
emptywheel @GomesBolt You'll note that NSA also appears there. @JAMyerson