Both These Things Cannot Be True

Last Friday, NSA’s Compliance Director John DeLong assured journalists the violations NSA reported in 2012 were “miniscule.” (I noted that the report showed some of the most sensitive violations primarily get found through audits and therefore their discovery depend in part on how many people are auditing.)

Today, as part of a story describing that NSA still doesn’t know what Edward Snowden took from NSA, MSNBC quotes a source saying NSA has stinky audit capabilities.

Another said that the NSA has a poor audit capability, which is frustrating efforts to complete a damage assessment.

(We’ve long known this about NSA’s financial auditing function, and there have long been signs they couldn’t audit data either, but apparently MSNBC’s source agree.)

For the past several months, various Intelligence officials have assured Congress and the public that it keeps US person data very carefully guarded, so only authorized people can access it.

Today, MSNBC reports NSA had (has?) poor data compartmentalization.

NSA had poor data compartmentalization, said the sources, allowing Snowden, who was a system administrator, to roam freely across wide areas.

Again, there have long been signs that non-analysts had untracked access to very sensitive data. Multiple sources agree — and possibly not just non-analysts.

While I’m really sympathetic for the people who are reportedly “overwhelmed” trying to figure out what Snowden took, we’re seeing precisely the same thing we saw with Bradley Manning: that it takes a giant black eye for intelligence agencies to even admit to gaping holes in their security and oversight.

And in NSA’s case, it proves most of their reassurances to be false.

Tweet about this on Twitter39Share on Reddit0Share on Facebook29Google+0Email to someone

18 Responses to Both These Things Cannot Be True

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18

Emptywheel Twitterverse
bmaz The NCAA quietly proposed a major structural reform yesterday. It's still horrid and here's why: http://t.co/kRKTgn5FDF
58mreplyretweetfavorite
bmaz Did Northwestern Unionizing Just Cause Real NCAA Reform? No, Not At All http://t.co/kRKTgn5FDF
1hreplyretweetfavorite
bmaz RT @SpyTalker: More on "Murder in Juarez" http://t.co/DNdOQl1ei2
1hreplyretweetfavorite
bmaz @MonaHol Little known fact: my wife and I went as Al and Peg Bundy one Halloween. Pretty funny.
1hreplyretweetfavorite
bmaz @MonaHol This is true!
1hreplyretweetfavorite
bmaz @yeselson Me too. Also shove on the hip during the shot.
2hreplyretweetfavorite
bmaz Tough blocking call in that situation, looks like a bad call.
2hreplyretweetfavorite
bmaz @ericisbeautiful Yes. And for all his reputation, it's about time he came thru in playoff clutch situation.
2hreplyretweetfavorite
bmaz .@misterdevans No question. And Cliven Bundy is a pernicious and racist dolt at that. But he didn't murder 30 young girls like Ted Bundy.
2hreplyretweetfavorite
bmaz RT @Olivianuzzi: Kelly Bundy > Ted Bundy > Cliven Bundy http://t.co/nuxmNUhT8p @thedailybeast
2hreplyretweetfavorite
bmaz Listen, Cliven Bundy is a horrible human being, granted; but if you are cute tweeting that he's worse than Ted Bundy, just get out.
2hreplyretweetfavorite
bmaz @BradMossEsq I have seen approximately none in the jurisdictions I practice in.
2hreplyretweetfavorite