Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Government Databases Open Source Security Software

NSA Mimics Google, Angers Senate 193

An anonymous reader writes "In a bizarre turn of events, the Senate would prefer that the DoD use software not written by the government for the government. Quoting: 'Like Google, the agency needed a way of storing and retrieving massive amounts of data across an army of servers, but it also needed extra tools for protecting all that data from prying eyes. They added 'cell level' software controls that could separate various classifications of data, ensuring that each user could only access the information they were authorized to access. It was a key part of the NSA’s effort to improve the security of its own networks. But the NSA also saw the database as something that could improve security across the federal government — and beyond. Last September, the agency open sourced its Google mimic, releasing the code as the Accumulo project. It's a common open source story — except that the Senate Armed Services Committee wants to put the brakes on the project. In a bill recently introduced on Capitol Hill, the committee questions whether Accumulo runs afoul of a government policy that prevents federal agencies from building their own software when they have access to commercial alternatives. The bill could ban the Department of Defense from using the NSA's database — and it could force the NSA to meld the project's security tools with other open source projects that mimic Google's BigTable.'"
This discussion has been archived. No new comments can be posted.

NSA Mimics Google, Angers Senate

Comments Filter:
  • by BVis ( 267028 ) on Wednesday July 18, 2012 @10:01AM (#40685503)

    You know, I've never bought that argument. Let's say that you take the position, for example, that the ACA forces you to buy something that you might not choose to buy yourself (but if you don't buy it, you're an idiot, but that's beside the point.) Let's take the pros and cons:

    1) You have to buy health insurance.
    2) Private companies have to provide services to people that they otherwise would not choose to do business with.

    1) Everyone has access to more affordable health insurance, regardless of employment status.
    2) Everyone has access to more affordable health insurance, regardless of employment status.
    3) Your employer cannot force you into indentured servitude by providing the health insurance that you or a family member need to continue breathing. This gives you the freedom to start your own business without worrying that you'll be unable to purchase health coverage, and therefore, say it with me now, CREATE JOBS AND GROW THE ECONOMY.
    4) Insurers can't deny you coverage because of a 'pre-existing condition'.
    5) Insurers can't drop your coverage when they decide you're costing them too much money.
    6) People can stay on their parents' health coverage longer, giving them time to establish themselves and be able to get health insurance on their own, either through their employer or purchased independently.
    7) Insurance companies cannot just raise premiums whenever the wind blows, and if they do, they have to pay you back.
    8) Without

    Things that are not true:
    1) There are no "death panels." This is an invention of the radical right who (willfully) misinterpreted a requirement by your insurer that they pay for a visit with your (independently) chosen physician in which you privately discuss your wishes should you no longer be able to make your own decisions about end-of-life topics, such as a DNR order. The government would NOT have any say in those wishes, just that your insurer has to pay the doctor for having the discussion. (And the regulation in question was dropped from the bill before it was passed, in any event. Which is too bad, since requiring you to pay for that visit out-of-pocket presents an obstacle for being able to make your own decision about your life and the end thereof. Essentially, it makes you less free.)
    2) This is NOT a government takeover of health care. Hospitals and insurers are still private companies, albeit slightly more regulated ones.
    3) America will not fall apart as a result of passing this bill. There are far bigger threats to the country (and your freedoms) at the moment.
    4) It is not the 'end of liberty'. You cannot be thrown in jail if you refuse to buy health insurance. You cannot be prosecuted for failing to pay the penalty for doing so. The enforcement of the individual mandate is so toothless that it's laughable. All the government can do, basically, is shake their finger at you and call you a bad person.

    Essentially you're trading being beholden to a private company that you have no influence on, in exchange for an obligation under the law that you have some say over (through our representative government) that essentially cannot be enforced. I'm OK with that.

  • Re:Nah... (Score:4, Interesting)

    by SuricouRaven ( 1897204 ) on Wednesday July 18, 2012 @10:28AM (#40685815)
    Most of the political conservatives I've debated seem to favor smaller government, except for... something. The something varies. The biggest conflicts seem to be in the slightly awkward alliance between political conservatives who want the government as small as possible and the social conservatives who view the government as societies way of enforcing public morality. Thus they end up campaigning for small government, except where abortion is concerned, or pornography, or drugs, or broadcast obscenity or indecency, or government-erected religious monuments, or a hundred or so other exceptions to the point where the small-government call begins to look empty.

    I'm sure the social and political conservative factions would be at each other's throats by now if they didn't have a common enemy to fight in the liberal faction.
  • by RaceProUK ( 1137575 ) on Wednesday July 18, 2012 @10:54AM (#40686065)

    To be fair, the United States was founded by puritan nutjobs who wanted to out of a liberal and free Europe so they could continue to enslave and opress at will. I've probably exagerrated a little, but not as much as you'd think.

    *gets modded Flamebait in 3..2..1..*

  • by billstewart ( 78916 ) on Wednesday July 18, 2012 @12:41PM (#40687535) Journal

    Remember $500 hammers? Back in the 1980s, there was a big push to reduce government purchasing costs, especially for military projects, through the use of "Commercial Off-The-Shelf" technology, so whenever possible you'd buy COTS products instead of specially-made customized government-market products. It didn't always make sense, but in many cases it could save a huge amount of money, and realistically a large fraction of the stuff the government bought had commercial equivalents that already had economies of scale keeping the costs down. Sometimes the hammer costs $500 because it's made of MIL-SPEC Titanium, sometimes it's because you spend $490 setting up your hammer-making machine to run off two Left-Handed Jet Engine Hammers for the Air Force, sometimes it's because you spend $600 in contact-lawyer time writing an addendum to a ten-year-old contract to sell two more off-the-shelf hammers to replace the MIL-SPEC ones that got lost.

    Government procurement has always had a lot of "check the box on the contract" requirements. Sometimes they make sense, like using COTS to save money when there are commercial products available (especially if that means forcing the organization that wants the stuff to be realistic about what they need.) Sometimes they're theoretically required, but in practice the agency can get a waiver (so everything needs IPv6, but they actually use IPv4, and POSIX was required from mid-80s on but everybody got a waiver and used MS-DOS for office equipment.) Sometimes they increase the costs because the purchasing department puts all that stuff in the contract even though the users don't actually need it.

    I did work on some projects where COTS didn't make sense. We were bidding on a communications system that used X.25 (which wasn't yet obsolete :-), but the civilian agency that wanted it had asked the NSA for help specifying a system that would be secure. So yes, it was X.25, but with dozens of special options that no commercial equipment used more than a few of. And the contract specified COTS. How do you reconcile the problem and let the agency check off the "COTS" box on their contract? Make the device, offer it for sale to the market, have a couple of your subcontractors buy boxes from you for "testing" or "evaluation".

    Another part of that project not only wanted special-flavor X.25 off the shelf, and POSIX, but also wanted a B1-secure operating system (but it was communication gear, so it would have to be Red Book B1, which was still way-future research, and we had one of the first Orange Book B1 Unix boxes), and GOSIP (the OSI networking stack, though nobody had a GOSIP stack that worked with that particular flavor of X.25 options.) A later project I worked on wanted B1 Secure, POSIX, Ada, POSIX Real-Time (even though the spec wasn't baked yet, and the B1 Secure Unix system didn't support it, and getting that re-evaluated would cost $250K even if we could figure out how to make it work :-)

1 1 was a race-horse, 2 2 was 1 2. When 1 1 1 1 race, 2 2 1 1 2.