Friday, July 12, 2013

Two interesting posts related to NSA

Lots of intel community inside baseball in this, but this part dovetails with my advice to study computer security:
Now we get to one of the things that a lot of people have said: “how did a guy with no college degree and just a GED get hired to work in IT security?” But there’s a basic misunderstanding there: not everyone “working in IT security” is doing research. CIA has a bunch of computers, and they need a bunch of systems administrators.

Would CIA hire someone with a clearance and some computer skills, but no degree? You bet your ass they would. Especially for a sysadmin job. But it’s also the sysadmin job that explains what Snowden may have been able to get access to (and what he probably didn’t really have access to).
There's a lot of information there, most of which I won't confirm nor deny.

Also, Chris Byrne has some interesting thoughts on encryption.  Cleaning Up My Crypto.  Worth a read.

7 comments:

Dave H said...

So that's what happened to Solaris. I talked to a Sun rep a few decades ago about software development systems but for our little shop their solutions were pricey. (I also talked to an Apollo rep at the time, if that gives you a clue about how long ago it was.)

Interesting information about what Snowdon might have actually been capable of, and an interesting take on his possible motive. I get the feeling he was inspired by Julian Assange, who I noticed also came out of the woodwork recently. Gotta get that attention fix.

Unknown said...

Some of your remarks on this blog have got me looking seriously at a set of certifications, as well as an AS in IT, with an emphasis in network security, at the local community college. My company will reimburse tuition, so why not?

Regarding security clearances, there's a lot of anecdotal evidence to suggest that a clearance with no degree will get your foot in a lot more doors than a degree with no clearance will do.

Dave H said...

Jeremy Brock: Considering that an employer has to foot the bill for you to get a clearance, that's not surprising. As I understand it a clearance isn't portable from one employer to another. But if you already had a recent clearance it's a lot cheaper for your new employer to get the background checks for your new clearance done.

Maybe BP can neither confirm nor deny that.

Old NFO said...

Thanks for the update(s) and Chris' points are good ones too!!!

Borepatch said...

Dave, my first Internet email address was on Dockmaster, which was (IIRC) MULTICS. A1 (or was it A2?) FTW!

Jeremy, I'm glad you're going there. For sure there's a big demand. A clearance will open doors, but it's a pain to get and a pain to keep. Dave describes how it's usually done.

Unknown said...

Compared to many these days, I'm downright privileged with a military background in fast attack subs and a subsequent track record with a series of defense contractors over the past couple of decades. My biggest employability problem is age, and in the semi-public sector that hasn't hurt me as badly as it would have in, say, Silicon Valley.

Getting a handle on network security, aside from pushing several of my geek buttons, is a way of maintaining agility, and agility is job security. One won't always have the same job, but will generally have a job. (The previous sentence could also apply to military support contracting in general, as long as one is consistently willing to relocate on short notice.)

Regarding security clearances, it's very true that they're "a pain to get and a pain to keep". Still--and leaving out a few caveats for now--I'd append " ... but worth getting if you can."

BTW, Borepatch: MULTICS? Wow, that's a generation or two beyond me! I got into *n*x almost by accident, but it has paid off well even though I'm no guru.

lee n. field said...

"
Also, Chris Byrne has some interesting thoughts on encryption. Cleaning Up My Crypto. Worth a read. "

OK, that answered a question I had. 4096 bit keys it is, then.

At some point over the years when I wasn't paying GnuPG options changed, and broke stuff. . More reading.