Tuesday, 18 June 2013

the ingredients of a bureaucracy induced security flaw

But who does represent these people? America?

It appears somebody has launched the holy hand grenade of Antioch. Sorry, I couldn't resist that one, especially after reading how ridiculous certain churches are getting. Don't worry too much about the 5-year-old, because she's been indoctrinated enough to know where she'll be if she protests. That's why we no longer have special classes for special needs children, because we want them to feel like they have a place in society as a whole.

Now that I've covered some of the varied topics that are bugging me, I guess I will focus on something for a while...

I haven't talked about Snowdon in a while, but I read this article that analyzes the message, the man's history, and compares him to other whistle-blowers. I am still up in the air about the whole thing at this point. The NSA spying capabilities don't sound all that far fetched unless they were on some tight budget, and I've read about many other programs by other names which border and even overlap 'PRISM'.

It's just that parts of the story really don't sit right with me. Hong Kong is chief among these elements not sitting right. I would have expected Russia to have been at the top of his list of places to hide out, yet it wasn't. The data is also an issue because automation can only go so far before there is tons of data to be reviewed by a human, and I suspect that much of that data is utterly useless in hunting terrorist organizations. Think about it for a moment, we have so many valid uses for some of the buzzwords, then there is slang like 'tha bomb' peppered about the English language alone... But is there any rule that even dictates that English even needs to be used? No. So do the computers translate other languages, because thus far I have yet to see one that's any good at that. These facts have bugged me about even the lesser known programs like the ones alleged in Hepting v. AT&T, which I first read about years ago. So, getting around these methods of monitoring wouldn't be all that difficult to 'foreigners' who do speak a different language to simply codify operational buzzwords into something innocuous like ingredients to falafel or chocolate chip cookies...

In many cases, these buzzwords are more difficult for a normal and presumably innocent person to avoid using them than it would be for a criminal or terrorist entity to simply call them something else outright... Try and talk about the weather without mentioning clouds, lightning, snow, blizzardhail, ice, storm warnings, tornados, hurricanes, or sleet which could cause interstate closures or your relief that none of those happened here but you'd gladly aid or help the neighouring community that was flooded, and you are fairly stuck trying to figure out what to talk about, aren't you? Sorry to burst your bubble, but I don't think it is about terrorism prevention if you are on a list for your failure in getting recruited for that job at Target, do you? Nope, this is all sounding like some hollywood creation with a terror/ble plot which simply gets me agrovated enough to drink until I black out because I refuse to watch it any longer. Smart people were beginning to choose Amtrak rather than be subjected to delays or cancelled flights due to airplane maintenance issues stranding them at the airport... I could go on, and I have more than likely used more than half of the words on this list more than once, like yesterday I mentioned the Metro more than once in my blog post called "Following No Leader Across The Bridge To Nowhere".

What I am not surprised about is that something as small as a stone could bring down Goliath. It is much more difficult to guard against the small internal threats than the large external ones in an organization of this magnitude. Mind you, it isn't impossible to prevent things like USB keys from being a problem.

The last company I worked for had rules built into the network which allowed only select people to use USB keys, not that this would have prevented much because there were gaping holes in physical security which I attempted to point out to many uninterested parties which combined with the fact that the number of 'select people' started to grow to encompass almost everybody. Then add to that that there was nothing to prevent documents leaving the network over the VPN, email, or even on paper for that matter... Yet I was being 'stupid' when I eluded to not needing this foolish rule at all since it was so easily bypassed by every other policy in existence. Even my demonstrations of how to bypass this rule failed to raise eyebrows in a relatively small company not containing thousands of bureaucrats, so I can see how that might work out on a larger scale.

-DIrtyKID©

No comments:

Post a Comment