Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
NSA’s Big Surprise: Gov’t Agency Is Actually Doing Its Job
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
SachinEE
50%
50%
SachinEE,
 User Rank: Apprentice
4/14/2014 | 7:21:46 AM
Re: NSA is doing its Job
@ JULY, there is no question about the importance of intelligence activities for the very survival of the country, but it doesn't make everything fair. We can better protect our country by putting cameras in every citizen's home. Does this mean that we should? If NSA is smart enough and has the required technology, it should find a better way to gather useful intelligence than what they are doing.
SachinEE
50%
50%
SachinEE,
 User Rank: Apprentice
4/14/2014 | 7:21:31 AM
Re: False dichotomy
GeoffreyL842, these are very good points and very logical assessment of a seemingly emotional article. NSA and Hackers can't be compared in any way. Hackers don't use our tax money for doing bad things to us, NSA does. What I would like to add is that if China does something worse than the US, it doesn't serve as a justification for the US to do anything.
securityaffairs
50%
50%
securityaffairs,
 User Rank: Ninja
4/7/2014 | 4:40:31 PM
Re: Not Doing the Job You Think
No doubts cyber espionage is a common practice, but US has crossed the red line. You have to demonstrate that allies spied on you ... at the time I'm writing the facts show a disturbing reality. This arrogance bothers common opinio in my country as elsewhere, and probably US companies will pay in terms of image for these revelations.

Who will use US cloud infrastructures? Who will pay for your encryption solutions?

Nobody, no more.
agriffin08
100%
0%
agriffin08,
 User Rank: Apprentice
4/7/2014 | 4:22:18 PM
Re: Not Doing the Job You Think
Go ahead and let me know when our allies aren't doing the EXACT SAME THING to us here in the US...

Don't worry, I won't hold my breath.
securityaffairs
0%
100%
securityaffairs,
 User Rank: Ninja
4/5/2014 | 8:48:44 AM
Re: Not Doing the Job You Think
The Intelligence activities are necessary to protect Homeland security from attacks of any type, but NSA has abused of its technologies to spy on allies and failed to keep the activities secret. Now US enterprises will pay a great price, lost of trust means business failure and reputation damage.

In Europe, and far east, many companies are no more interested to security solutions proposed by Us companies.
Thomas Claburn
100%
0%
Thomas Claburn,
 User Rank: Ninja
4/4/2014 | 4:55:38 PM
Define The NSA's Job
From the NSA website:

"Each employee takes a solemn oath to support and defend the Constitution of the United States against all enemies, foreign and domestic."

The NSA cannot both defend and violate the Constitution. If it's violating the Constitution, it's not doing its job.
JULY
50%
50%
JULY,
 User Rank: Apprentice
4/4/2014 | 4:26:46 PM
NSA is doing its Job
The NSA's job is one that is always behind the scenes doing their job.  It's a silent but critical one that needs to be done for the country.  Being a "do gooder " didn't get the USA to be the strongest and best in the world.  There has always been spying of some form ocurring by different governments in the world on each other. I've been around DoD since 1971 and can tell you stories of evasdropping from back then that has kept us informed of situations that could've become explosive.  

Maybe its because I come from the older generation who supports our government and know that we cannot be "liliy white" to survive in this vicious world of ours.  I was brought up with a different set of values and patriotism for my country.  The younger generation has been pampered and spoiled thinking that they know better that us old folks.  

Its sad that my grandchildren may end up seeing another World War because of what "do gooders" like Snowden and Wiki-Leaks have done.  I'll be dead and gone with others having to fight the conflict.

What Snowden has done is committed treason and given the enemies of the US an upper hand as to what our technology is and how it was being used to gather information. It will takes years to correct all the damage that he has done to the US and untold amount of lives that will be lost because of him.
Randy Naramore
50%
50%
Randy Naramore,
 User Rank: Ninja
4/4/2014 | 3:17:02 PM
Re: Missing the obvious
Excellent point, in the private sector the amount of money you spend will usually affect the retailers actions but unless you are in an election year the politicians do really care about your opinions. Politicians must understand that there is a fine line between privacy and monitoring security and if the rights of citizens are being violated then it is their job to uphold the constitution and protect our rights.
IMjustinkern
100%
0%
IMjustinkern,
 User Rank: Strategist
4/4/2014 | 12:28:12 PM
Re: Not Doing the Job You Think
People are willing to surrender their believed right to privacy for a sense of security. While this may piss off those in other countries, people unjustly on security monitoring lists or people with a heightened sense of civil liberties (present poster included), the NSA dragnets will carry on -- in secret or otherwise -- until their incompetence outweighs some sense of accomplishment. The Boston Marathon bombing brought up by "geriatric" is a great example. I think only when the NSA doing its job turns into "doing its job poorly" will we see true outrage and change.
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
 User Rank: Strategist
4/4/2014 | 11:23:34 AM
Re: Missing the obvious
"When people vote at the polling place, or contact their senator/representative, they do not get immediate action, partly because they don't have enough money individually to influence congress. Their influence is very small unless the congressman is flooded with millions of phone calls and emails."


Can't argue with your point that the political process is cumbersome and painfully slow. But in today's day of instant email and social media, it's pretty easy to commnicate how we feel about a government policy to the elected officials who have Constitutional oversight over national security practices.

The old adage (attributed to Alexis de Tocqueville in the 19th century) "We get the government we deserve" has never been more relevant. If we expect the NSA to be accountable, we need to elect public officials who are knowledgeable about the underlying technology, and capable of the rigorous monitoring we need to preseve our civil liberties while protecting our national security.
Page 1 / 2   >   >>


Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Sure you have fire, but he has an i7!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27217
PUBLISHED: 2021-03-04
An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device. Out-of-bounds reads performed by aes_remove_padding() can crash the running proce...
CVE-2021-22128
PUBLISHED: 2021-03-04
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
CVE-2021-23126
PUBLISHED: 2021-03-04
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
CVE-2021-23127
PUBLISHED: 2021-03-04
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
CVE-2021-23128
PUBLISHED: 2021-03-04
An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat.