Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Bauglir]

Interesting that the NSA is claiming incompetence rather than malice here - this is something they really ought to have known about, although given its scale they also should've gotten it fixed rather than exploiting it in that case, for reasons lots of people have discussed at length. I actually am not sure whether or not to give them the benefit of the doubt - it's true that Snowden couldn't have leaked everything, but if this was standard operating procedure at any point before he left, I'd expect this to have been one of the first things to go public. In any case, there's no way they come out of this looking good, surprising no one.

[MorleyDev]

I wouldn't call it a lack of morality as a...very weirdly slanted one. A lack of morality is rare and whilst people who just want money and power are found everywhere, a whole organisation of them wouldn't exactly thrive. It's when you have incompetence, power, and the belief that what you're doing is morally right that more problems arise. There's a saying, "Everybody is the hero of their own story."

When the interests of a nation are seen as more important than the rights of the majority of the people within that nation, and the life of a soldier worth more than the rights of the people that soldier is supposed to be risking their life to protect the rights of...

[palsch]

On the NSA angle.

This discussion is relevant, obviously, to the question of whether Cybercommand should be closely associated with, or separate from, NSA, or, more generally, whether we want the same entity doing cyber offense and cyber defense.  One possible reason why the same entity should be in charge of both is to enable that entity to better understand how offense and defense relate to one another, and thus potentially to enable more intelligent tradeoffs.  But I can easily imagine a very different argument to the effect that, depending on one’s normative commitments, the tasks should be separated and the tradeoffs should be managed by an independent offense chief, or an independent defense chief, or by an independent third party.  But further complications arise.  If offense and defense are separate, would they tell one another about the vulnerabilities they discover or engineer?  What would the sharing rules be?  Who would decide and by what criteria whether to horde or patch the vulnerability?  It is not obvious that separating offense and defense assists with the underlying problem of how to resolve the tradeoff, although of course it might skew the outcomes in certain ways.  These are hard and deep questions of institutional design.  (Note that after an extensive review, and contrary to a recommendation by the President’s Review Group, the White House decided to keep the NSA Director in charge of Cyber Command.)