Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Anonymous Releases 400 MB of FBI Contractor Data

Soulskill posted about 3 years ago | from the another-day-another-breach dept.

Security 130

An anonymous reader writes "Anonymous, as they have claimed they would, finally released 400 megabytes of files (NSFW language) allegedly stolen from ManTech, a cyber security firm contracted by the FBI. Anonymous stated, 'The FBI is outsourcing cybersecurity to the tune of nearly $100 million to a Washington-area managed services company. The deal shows a willingness in the federal government to place IT services more and more in the hands of third parties as agencies don't have enough staff on hand to do the job.'"

cancel ×

130 comments

Sorry! There are no comments related to the filter you selected.

No surprise (4, Insightful)

History's Coming To (1059484) | about 3 years ago | (#36932280)

Well that's embarrassing. Not entirely surprising, and not a big deal to be honest, but yet again we have it demonstrated that short of being physically disconnected from the internet and placed in a lead lined box there's no such thing as 100% security. If you want secure, don't put it on a computer and certainly don't plug the computer into the interwebs.

(Disclaimer: No, that's still not 100% secure.)

Re:No surprise (2)

Pieroxy (222434) | about 3 years ago | (#36932338)

The problem is that putting stuff in the hands of third parties is in my view the equivalent of saying "I don't care about it." The problem with that is that IT is at the heart of everything now. If you don't care about it, that's a problem. A big one.

Of course, that's not just true for government.

Re:No surprise (1)

Anonymous Coward | about 3 years ago | (#36932374)

Instead of an unaccountable law-enforcement agency, it's an unaccountable contractor. Not much difference for most citizens.

Re:No surprise (1)

Thad Zurich (1376269) | about 3 years ago | (#36932546)

"3. Management Security Policy [...] c. System and Services Acquisition. In accordance with DOJ IT Security Standard – System and Services Acquisition (SA) Control Family, Components shall: [...] (6) Ensure third-party providers are contractually required to comply with this policy to employ adequate security measures to protect information, applications and/or services outsourced from the Department." [http://www.justice.gov/jmd/publications/doj2640-2f.pdf] I've got a banana peel that says the ManTech contract didn't contain such clauses, nor any means of verification if it did.

Which gets back to the core problem. (2)

khasim (1285) | about 3 years ago | (#36932664)

They're outsourcing the IT department ... which leaves them with no one in-house capable of verifying that the outsourcing service is competent or even following data-security processes.

Re:Which gets back to the core problem. (0)

Anonymous Coward | about 3 years ago | (#36934532)

In some cases the "in house" verification is done by other contractors, who are designated to represent the government. Some contractors specialize in this role.

Re:No surprise (5, Funny)

Anonymous Coward | about 3 years ago | (#36932452)

But...but it's a contractor. They always know more about, well, EVERYTHING than dumb, stupid government employees who just sit around on my dime and do nothing productive. I'll bet contractors even use THE CLOUD and other really secure mysterious high-tech stuff like that which government people, who might even (gasp!) belong to a union have no clue about. That's what Fox News tells me, anyway.

Re:No surprise (1)

Truekaiser (724672) | about 3 years ago | (#36933834)

Thank you i needed that laugh this morning.

Re:No surprise (0)

Anonymous Coward | about 3 years ago | (#36934620)

Oh look a Fox News troll, how original.

Just to counteract the bullshit with a little reality, Fox is no different than ABC/CBS/NBC/CNN.

Re:No surprise (0)

Anonymous Coward | about 3 years ago | (#36935000)

What? Riiight. And anon *is* just a bunch of script kiddies. An anti-reality troll - how cute.

Re:No surprise (0)

Anonymous Coward | about 3 years ago | (#36935706)

The only defense fans of Fox have. All they can say is 'but the others are biased too' Fox is biased, and misleading, and they intentionally lie, intentionally set an agenda, don't correct blatant errors because it was generally on purpose in the first place. They appealed a decision that ruled they wrongfully fired reporters for refusing to report lies on the grounds that it was their first amendment right. When they won they reported that the case the reporters had brought alleging Fox wanted to lie was overturned. Fox was vindicated in court. They made it sound like the court ruled they were telling the truth. So follow along. Ring your bell to warn the British.

Re:No surprise (0)

Anonymous Coward | about 3 years ago | (#36936576)

that may not be far from the truth... what competent IT guru would want to work for a government wage? For example, employee gets ya at most 70k/year (someone who hasn't spent their whole life at the job), vs a contractor getting 170k/year doing exactly the same thing.

Re:No surprise (1)

Trepidity (597) | about 3 years ago | (#36932510)

That's true, but I don't think this case even rises to that level. This seems more like typical "inept IT contractor". While it's not really possible to have 100% security while your box is connected to the internet, it is possible to at least have better security than is the norm in IT contracting (and yes, that includes "cybersecurity" contracting).

Re:No surprise (1)

Anonymous Coward | about 3 years ago | (#36932540)

Embarrassing? Depends on who's embarrassed. Certainly not the government. It's devolved into a bunch of ladder climbers just like the corporate world. Your boss just wants a shiny red button that says "You're Fired" when you don't fill in all the technological blanks for their personal agenda. Outsourcing is already several steps into that abyss of losing any sort of control.

As IT centers grow, they become geometrically more complex and expensive to maintain. What do you think the gubbermint will sacrifice first, security or the ability to stalk their political enemies? It's all already over but the eulogies.

Re:No surprise (0)

Anonymous Coward | about 3 years ago | (#36933196)

A physically disconnected network did not stop the diplomatic cable leaks.

We have these already, and they have a function (4, Funny)

Kagura (843695) | about 3 years ago | (#36932294)

"a cyber security firm contracted by the FBI. . . . more and more in the hands of third parties as agencies don't have enough staff on hand to do the job."

No crap, you idiots. They're called contractors!

Re:We have these already, and they have a function (-1)

Anonymous Coward | about 3 years ago | (#36932370)

Hah hah, yeah man. You're a real COCK. COCK PENIS.

Re:We have these already, and they have a function (0)

Anonymous Coward | about 3 years ago | (#36932522)

Sure. But I'm sure someone thought they'd save plenty of taxpayer's money by cutting staff, having an inadequate recruitment program, or lowballing the salaries for qualified personnel. Then they make up the difference in staff by paying outside contractors that work for peanuts by comparison. Just imagine the savings!

Re:We have these already, and they have a function (1)

jonpublic (676412) | about 3 years ago | (#36932586)

contractors that are probably charging $300 an hour too.

Re:We have these already, and they have a function (0)

Wiarumas (919682) | about 3 years ago | (#36932886)

Yes, but that $300/hour is cheaper than hiring a government employee. The government will just hire someone unqualified because they pay 2/3s of what private industry pays, but they make up for it with benefits and job security... early retirement, 3 weeks off a year, pension, etc. So instead of paying $300/hour and getting someone half decent, you get someone who might be decent for a decade before they go obsolete and you are stuck with them until retirement. The article makes the contractors sound bad, but put the responsibility onto the FBI and watch a real shit show commence.

Re:We have these already, and they have a function (1)

hedwards (940851) | about 3 years ago | (#36932970)

Do you have any actual evidence of that? Or are you just repeating GOP talking points. The reason I ask is that everything I've read suggests that working in the public sector typically pays significantly less than what the private sector would offer.

Re:We have these already, and they have a function (2)

anegg (1390659) | about 3 years ago | (#36933002)

Government used to pay less than private industry... now it pays about the same, but with better benefits and job security, at least in the Washington, DC area. That started back when the government said they had to raise salaries in order to "remain competitive" with private industry. They raised the salaries, but kept the excellent benefits and the government union derived job lock-ins. The whole scene is a real mess. A shell of government employees filled with large amounts of creamy contractor filling. [Disclosure: I lived in the DC area and worked for government contractors at a variety of federal agencies for the last 15 years.]

Re:We have these already, and they have a function (0)

Anonymous Coward | about 3 years ago | (#36933372)

Government used to pay less than private industry... now it pays about the same, but with better benefits and job security, at least in the Washington, DC area.

The pay scales are public knowledge (http://www.opm.gov/oca/11tables/html/dcb.asp). When I was a DoD contractor to get paid what I took home would have put me well into Grade 14. That's not something anything but the most exceptional individual contributor is going to get. Now a few years down the road and back in the private sector, my current salary is even higher up the scale. Before coming back to the private world I did look at civillian positions in the DoD and some other places, but senior level positions were falling in Grades 10 - 11 (I did have one that was willing to try for a 12). Yes the benefits are big, but they don't pay rent or any of the other things I need/want to live my life the way that I want. One of them I really wanted, but a roughly 25% pay cut plus having to commute from Dulles to Gaithersburg is not what I consider a life improvement or even maintaining the status quo. I will admit, however, that I recognize that I can make that choice because I had a choice. Had it been a question of job vs no job, I would have happily taken it and made the needed adjustments to my life.

All that said, as a former contractor, I fully believe that contractors (the companies) are grossly overpaid (even more so when you consider the services rendered) and it has gotten to the point in many places where the federal employees are little more than figure heads to the operations they are involved in. In my case (because contractors have to make their billing rates public) I know that my company was charging the DoD 4x my actual salary. I recognize there are over head costs, but the DoD could have had 2 of me if they were willing to pay 100% of my salary (rather than the more likely 75ish% following the grade scale).

Re:We have these already, and they have a function (1)

thermopile (571680) | about 3 years ago | (#36934458)

Well said.

The only other comment I would make is that the government has made a stark change away from hard, technically inclined people to "soft," general-management types ... and by so doing, has lots its ability to properly manage the projects it seeks to execute.

Stories like yours above, where the DoD was paying 4x your salary for the services of one, are examples of where some government PM didn't know better. I suppose it's also possible that you were working on some super-classified system, for which the pay scale increases significantly.

I actually pine for the days when 50% of all government GS-15's have to have been prior contractors. Who better to manage the work than someone who has done it before? It has been spun as a bad thing in the press ("Oh Noes! Government official sends money to his prior employer!"), but in my experience, that happens because the government PM is experienced, knows what he or she wants, and the PM usually wrings out a good deal for the government in the process.

Take, for example, the program management of the F-35 fighter aircraft [anengineerindc.com] . The person in charge of managing a $300 BILLION weapon system had better have some serious acquisition chops.

Re:We have these already, and they have a function (0)

Anonymous Coward | about 3 years ago | (#36933376)

I also worked the contractor game for a half dozen years.

The real tradeoff *I* saw was that contractors gained access to a narrowly-defined pool of very good talent in exchange for losing any useful level of accountability.

Federal agency contracts out to politically-connected contractor A. Contractor A's owner/CEO encourages employees to make contract as profitable as possible by doing as little as possible to meet the contract's strictest definition. If you can do something to prevent Y but the contract doesn't cover Y, you don't do it (you try to get them to pay for an extension.) If you had been directly employed by the agency affected, you'd have more interest in doing more to keep that agency from major risk or embarrassment.

Now back to that contractor: Something really bad happens. If this had been an internal agency, a full audit trail could have identified what went wrong, where, and with who making the decisions, allowing very precise remedial action to take place, as you directly employ all parties involved. As it stands, all you can do is point to the contractor and rely on their explanation of what went wrong, along with the select few documents they provide to support this perspective. If you terminate the contract, many of the politically-connected members will form a new company and bid on the next contract.

Re:We have these already, and they have a function (1)

CodeBuster (516420) | about 3 years ago | (#36933586)

Government used to pay less than private industry... now it pays about the same, but with better benefits and job security

Here in California, government jobs not only pay better but have superior benefits; rivaling even the US Government. For example, there are at least several hundred pensioners, retired from state employment, here in California that collect more the $250,000 per year in pension benefits, not including health care which further increases the value of the pension, and pensions of $100,000 and up are not at all uncommon. The vaunted job security has been on the decline in recent years, in tandem with California's credit rating, but it still beats the private sector in most comparable occupations. Many state and local governments are contemplating massive tax increases to pay for these unfunded pension obligations, but I doubt that taxpayers will stand for it. Indeed, if they raise taxes here in California to pay for gold plated government pensions while unemployment hovers in the double digits and people continue to loose their homes, they're going to have a revolution on their hands.

Re:We have these already, and they have a function (1)

Wiarumas (919682) | about 3 years ago | (#36933600)

You must have misread. I said that the government pays less than the private sector (about 2/3rds of what you can get in the private sector). The difference is that you pay $300 for specialized labor for the duration of the project or system (let's day 2-10 years then you end the project) versus hiring an employee until retirement (2/3rds the pay but for 40 years, plus pension and benefits). So contractors are expensive, but specialized and disposable making them cheaper.

Re:We have these already, and they have a function (1)

guruevi (827432) | about 3 years ago | (#36934954)

Trust me, those contracting agencies will just hire the same person the company (or Fed) would've hired. The only benefit is that management can now claim the contractor did it and wash their hands of any blame. The contractor (or at worst, the contracting company) gets fired and another one gets hired with the same or even less qualifications, rinse and repeat.

The only things it does circumvent is unionization (which is the biggest problem in other departments among large companies and government). That's one thing you don't want, a unionized IT staff. IT people past help desk and management jobs (the actual sysadmins, network engineers) are more like doctor's - you want them to be responsible and be able to get and take the blame and not be shielded.

Re:We have these already, and they have a function (0)

Anonymous Coward | about 3 years ago | (#36933130)

The rates are available to the public. Take a look at this table of rates, starting at around page 40: https://www.gsaadvantage.gov/ref_text/GS35F4660G/0JHOV8.2B6H1U_GS-35F-4660G_GS35F4660GSIP.PDF

For example SENIOR SECURITY ENGINEER is $158/hr (onsite). The job description is around page 85.

Re:We have these already, and they have a function (1)

Ryanrule (1657199) | about 3 years ago | (#36933776)

yeah, ive worked for one. the people doing the work are salary, get 30-40k. some exec get a fat bonus. probably friends with some appropriations asshole in the fbi.

Re:We have these already, and they have a function (1)

elucido (870205) | about 3 years ago | (#36934820)

contractors that are probably charging $300 an hour too.

Contractors are hired to save money for the US government. No healthcare. No benefits. The contractor has to buy these themselves.

There are pro's and con's to being a contractor and the lack of benefits is one of the cons. The pro is you wont have to answer to a boss and you wont be micromanaged.

Re:We have these already, and they have a function (0)

Anonymous Coward | about 3 years ago | (#36935572)

So the government folks have unions, and that might make things more expensive. But contractors have employees too, and I'm willing to bet that "The Profit Motive"(tm) for the contractor might cost more than paying an employee directly (even a union employee). See, with having an employee directly, you pay them directly. With a contractor, you have the contractors employee, but you also have the management (usually not the same people), and the management wants money too, and its more than just paying a union employee. "We need to pay a lot to keep top talent"(tm) says the contracting company, so they like to pay their managers a lot of money, even though those managers contribute nothing to the solution. Those managers still insist on being paid! Ultimately you could have 3 government (yukky union types), for a single --paid less-- contractors employee, plus the management of that contracting company. And worse, if they hapless employee working for the contractor decides to leave and work for better pay at a fast food outlet, then the contractor has delays while they grouse about finding good help and wait for the local community college to have a convocation.

Default (2)

kc9jud (1863822) | about 3 years ago | (#36932308)

I'm pretty sure that the government shutting down on Tuesday isn't going to help this at all. :P

Re:Default (4, Interesting)

KiloByte (825081) | about 3 years ago | (#36932442)

To the contrary. Nothing in this data is really interesting, except for the fact that the FBI is paying mountains of taxpayers' money to their friends for basically nothing. What AnonSec proved here (yet again) is that these "security contractors" have nothing to do with security.

Re:Default (1)

ShakaUVM (157947) | about 3 years ago | (#36932676)

>>Nothing in this data is really interesting

Really? I found it quite interesting that a company called "Man Tech, Inc." can get millions in government funding.

Re:Default (0)

Anonymous Coward | about 3 years ago | (#36934230)

I would wait until I sift through the data before making that judgement. I would be willing to wager that examining some of the contracts, etc. will show who the friends are who the money is being funneled to. Its one thing to speculate that government officials are funneling U.S. national security dollars based on friendship, its another thing to actually see it and know who the people are that are doing it.

Imagine if the American public had evidence to show that both parties in their government were making decisions based on the ideal methods of increasing their stock. Of course the real challenge will be the media aspects and how to use this information to inform the public. You know the story for most major media outlets will be how "hackers" are threatening national security and not how national security and government officials are robbing the people blind.

from the piratebay comments (0)

Anonymous Coward | about 3 years ago | (#36932318)

looks like there is nothing, but
I am not going to touch it just to see. :)

Re:from the piratebay comments (1)

rbrausse (1319883) | about 3 years ago | (#36932354)

I don't know, one of the commenters at piratebay wrote "Wow, what a worthless bunch of crap...pictures, purchase orders, resumes, rosters, inventories. *Yawn*."

probably boring for the sensationalistic bay-crowd but not "nothing" in the sense of "unimportant".

Re:from the piratebay comments (0)

Anonymous Coward | about 3 years ago | (#36932754)

Pirate Bay. If only we could round them all up, put them in a house, and burn it to the ground.

But they're Cyber Contractors! (3, Funny)

todrules (882424) | about 3 years ago | (#36932330)

But they used the word cyber on their website 3 times describing their mission! They must be good!

Mission and Cyber Support

We tackle some of the most challenging cyber security problems facing our nation, including identifying and neutralizing external cyber attacks, managing security operations centers (SOCs), developing robust insider threat detection programs, and creating enterprise vulnerability management programs.

Re:But they're Cyber Contractors! (2)

mmcuh (1088773) | about 3 years ago | (#36932384)

Ironically, the word "cybernetic", the original use of the cyber- prefix in English, comes from the Greek ÎÏ...ÎÎÏνÎÏÎÎÏOEÏ (kybernetikos) meaning "skilled in governing".

Re:But they're Cyber Contractors! (0)

mmcuh (1088773) | about 3 years ago | (#36932396)

That was meant to be greek letters. Stupid Slashdot doesn't appear to handle UTF-8 input.

Re:But they're Cyber Contractors! (1)

FreakyGreenLeaky (1536953) | about 3 years ago | (#36932470)

speak ascii or die.

utf8 shmutf8 ;)

Re:But they're Cyber Contractors! (1)

Samantha Wright (1324923) | about 3 years ago | (#36932858)

Technically we have Latin-1, you just need to use the æntities—correctly.

Re:But they're Cyber Contractors! (0)

Anonymous Coward | about 3 years ago | (#36932558)

That was meant to be greek letters. Stupid Slashdot doesn't appear to handle UTF-8 input.

Considering that the only purpose of writing it in Greek would be to show off that you could do it, I think in this case Slashdot has done us a favor.

for lookup it's useful (0)

Anonymous Coward | about 3 years ago | (#36932826)

If his/hers native language is greek and gives you the exact spelling then that gives you an opportunity to look it up yourself

Re:But they're Cyber Contractors! (0)

Anonymous Coward | about 3 years ago | (#36932884)

You must be new here.

Re:But they're Cyber Contractors! (2)

rbrausse (1319883) | about 3 years ago | (#36932536)

not only Cyber but they use in the Excel sheets Comic Sans as default font.

They are so professional!

Re:But they're Cyber Contractors! (0)

Anonymous Coward | about 3 years ago | (#36932634)

not only Cyber but they use in the Excel sheets Comic Sans as default font.

They are so professional!

This is a patented security feature! Most people are so put off by Comic Sans, that they will focus on the font instead of the content of the document. This keeps information safe from prying eyes!

Re:But they're Cyber Contractors! (1)

Iamthecheese (1264298) | about 3 years ago | (#36932976)

I think it's safe to say font choice is the single least important aspect of their proven unprofessionalism.

Um, this has nothing to do with computers (0)

Anonymous Coward | about 3 years ago | (#36933988)

They're talking about cyborgs obviously...

When will window admins learn?! (0)

Anonymous Coward | about 3 years ago | (#36932372)

If you closely inspect this package you'll also come across several items which make me conclude that anonymous has basically overrun (several?) Windows servers (default.rdp anyone?).

So I think its safe to conclude that this is the result of your average (and very poor) Windows administrators. Window servers can be secured and I'm also leaning to say that while they probably won't be able to match Solaris, BSD and even Linux, they sure can go a long way. IF you know wtf you're doing. Sure; general popular opinions are of course against me, but that's your problem and not mine ;-)

I wonder if we get to see some admins being layed off, they sure would deserve it IMO.

Oh well; look on the bright side you ManTech guys; now there are also a lot of resume's out in the open. Who knows; maybe some people can get a new job at a firm which takes security more seriously.

Re:When will window admins learn?! (1)

Larryish (1215510) | about 3 years ago | (#36934558)

The new firm will be called WomanTech.

Every 28 days they will do an intensive audit of everyone else.

i would download it, but... (2)

FudRucker (866063) | about 3 years ago | (#36932408)

i wont want a knock on my door, or have it kicked in by a government goon squad, i will wait until someone else downloads sorts through it for all the best parts and read about it on some conspiracy nut's website :)

they wont bother (0)

Anonymous Coward | about 3 years ago | (#36932468)

its already in the wild....and unless you go run up to a fbi agent and start throwing printouts i doubt they care

Re:i would download it, but... (0)

Anonymous Coward | about 3 years ago | (#36932590)

Even more reason to get it and look for yourself; while also keeping the torrent alive.

I assume you live in the "Land of the Free" ? That would be kinda ironical IMO...

Re:i would download it, but... (0)

Anonymous Coward | about 3 years ago | (#36932600)

Read it at an internet cafe or an airport.

Re:i would download it, but... (0)

Anonymous Coward | about 3 years ago | (#36932674)

Use a socks proxy.

Re:i would download it, but... (1)

Anonymous Coward | about 3 years ago | (#36932856)

I'm not a lawyer (I feel compelled to point this out, even though only an idiot would assume I am one without me saying so), but here is what I've learned from other leaks of US government documents in the last few years:

Downloading it is not illegal, the document has now been released to the public. The public has no obligation to protect the secrecy of documents. 'Classified' simply means, if your job gives you permission to access the document, you can't leak it. That's why Bradley Manning is in trouble: he used the privileges granted by his security clearance to leak classified documents. As a member of the public (assuming you are), you are allowed to access and distribute documents you come across.
What is illegal, is acquiring documents through illegal means, such as hacking the FBI's servers (what Anon did). If you download it from a torrent, you are not doing anything illegal as far as I understand.

Depending on your job, it may be a bad idea to download these documents or give them to someone else; for example, if you work for the FBI or military, even though the documents are now public, your superiors probably would not be happy that you help other people access the documents or that you access them yourself without a valid reason. That would still not be illegal, but it could have a bad effect on your career. If you work for the government, but not in a military or law enforcement agency, I doubt your superiors would care about it.

To keep it simple: it's legal for your to download these documents unless someone told you otherwise.

Some things to consider... (0)

Jawnn (445279) | about 3 years ago | (#36932428)

  • Honey pots
  • Disinformation
  • False flag

This whole thing reeks of these types of charades.

Re:Some things to consider... (0)

Anonymous Coward | about 3 years ago | (#36932534)

You give our government way too much credit.

I really really wish they were that cunning and intelligent. I do. I really do.

But regardless of who's in the Whitehouse, the Executive branch shows stupidity, incompetence and many times malice.

And there's Congress - at least they have an excuse - they're pai ... lobbied by corporate America to act like complete sub-human sacks of shit.

Re:Some things to consider... (0)

Anonymous Coward | about 3 years ago | (#36932570)

Possible, but I think it highly unlikely... Nobody would set up a honey pot and then let it look to the outside as if it was an actual security breach. The worst thing that can happen to agencies or companies here is actually the loss of trust in public - and the public does not care if it is actually a honey pot or something real that got hacked.

Lowering Tax (1)

MM-tng (585125) | about 3 years ago | (#36932466)

So you don't hire enough people to do the job. This to save money. Then you realize, you need some help. You hire a contractor to do the job for 4 times the money. I don't get it. If you don't work with consultants the smart people who like a challenge realize. Hay if I want to do the cool stuff, I need to be in government.

Will this lead me to... (3, Funny)

kenh (9056) | about 3 years ago | (#36932476)

Neil Caffery, the White Collar crimes consultant that works with the FBI?

Re:Will this lead me to... (0)

Anonymous Coward | about 3 years ago | (#36932528)

You should know the answer yourself. They hacked ManTech, not the FBI. So if he's not related or working for ManTech the answer is obviously "no".

send in mulder and scully (2)

Joe_Dragon (2206452) | about 3 years ago | (#36932496)

and then you can find out the real FBI is like.

ManTech colleague sits on his ass -all day- (0)

Anonymous Coward | about 3 years ago | (#36932518)

I know a person very well who works for ManTech. He is paid a well above-avarage salary right out of college to answer perhaps two help desk phone calls a day. He is not allowed a cell phone or any means to surf, so he tells me how he counts ceiling tiles all day. He is literally paid to sit on his ass.

Re:ManTech colleague sits on his ass -all day- (1)

TheLink (130905) | about 3 years ago | (#36934152)

I don't know about the rest of you but if I'm going to waste my life, reading Slashdot and surfing the rest of the Internet is still better than counting ceiling tiles...

So how much more is he being paid? If it's a million dollars a year, I'd skip slashdot and do that job for a year or maybe two :).

Mantech college sits on his ass all day (0)

R3PUBLIC0N (972656) | about 3 years ago | (#36932538)

They pay these people for doing literally nothing. A very well known college of mine is paid a well above-average salary by ManTech to answer perhaps one help desk call a day. He does literally nothing, all day long, most of the year. He is not allowed a cell phone or a laptop or browsing access for security reasons, so he tells me he just counts ceiling tiles.

Re:Mantech college sits on his ass all day (0)

R3PUBLIC0N (972656) | about 3 years ago | (#36932562)

They pay these people for doing literally nothing. A very well known college of mine is paid a well above-average salary by ManTech to answer perhaps one help desk call a day. He does literally nothing, all day long, most of the year. He is not allowed a cell phone or a laptop or browsing access for security reasons, so he tells me he just counts ceiling tiles.

Wow, COLLEAGUE. It's Saturday morning, I claim immunity.

Wow, COLLEAGUE. (0)

Anonymous Coward | about 3 years ago | (#36932694)

Was wondering about that. Thanks for clarifying, hehe ;)

Re:Mantech college sits on his ass all day (0)

Anonymous Coward | about 3 years ago | (#36932894)

They pay these people for doing literally nothing. A very well known college of mine is paid a well above-average salary by ManTech to answer perhaps one help desk call a day. He does literally nothing, all day long, most of the year. He is not allowed a cell phone or a laptop or browsing access for security reasons, so he tells me he just counts ceiling tiles.

Wow, COLLEAGUE. It's Saturday morning, I claim immunity.

well done - though it was much more interesting as a "very well known college".

Re:Mantech college sits on his ass all day (0)

Anonymous Coward | about 3 years ago | (#36932964)

I hope your famous, um, coworker, has better spelling skills than you.

ManTech's Friend (2)

poena.dare (306891) | about 3 years ago | (#36932566)

Apparently ManTech and HBGary work together ( http://publicintelligence.net/hbgary-mantech-internet-and-social-media-reconnaissance-presentation/ [publicintelligence.net] ), so this could be more fallout from the HBGary/Aaron Barr/Anonymous story.

WHICH, as a matter of fact, I just wrote a small journal article about (sorry to shill, but I really think it's relevant!) http://slashdot.org/journal/269108/Aaron-Barr-amp-The-Jester [slashdot.org]

One day the complete Anonymous story is going to make a great book and several bad movies.

Re:ManTech's Friend (1)

poena.dare (306891) | about 3 years ago | (#36933288)

Hey Richard Armitage is on the board of directors!

http://www.mantech.com/about/board.asp [mantech.com]

We haven't seen that ol' spookette in a while.

significance? (1)

pinkeen (1804300) | about 3 years ago | (#36932576)

Since when we measure significance of a breach by the raw amount of data?

Re:significance? (0)

Anonymous Coward | about 3 years ago | (#36932660)

Yeah, tell me about it.

"So what did we get?"
"About 400MB of data sir!"
"what's in it?"
"three 4KB text documents, and a 399MB HD video of some schmuck at his kids birthday party."
"well, call it 400MB and get it online! mission accomplished!"

What could go wrong? (1)

HangingChad (677530) | about 3 years ago | (#36932622)

Faceless corporations with nothing in the way of accountability and very little oversight with the keys to the FBI and other government data systems. I don't see how anything could go wrong with that arrangement.

Why pay attention to that when you have those darn teacher's unions trying to live high off the taxpayer hog?

the most pathetic part (1)

sixsixtysix (1110135) | about 3 years ago | (#36932670)

is that the fbi has to contract out for this. all government agencies should be completely self-sufficient. none of these third party money grabs. this is where most of the government waste lies. all those industries jockeying for a piece of the pie while demonizing the poor and disheveled. this is the real problem. no one should profit of the government.

Over a decade in the making (5, Interesting)

BenEnglishAtHome (449670) | about 3 years ago | (#36932730)

Start with the "Re-Inventing Government" initiative under Gore during the Clinton administration, where some idiot decided that government should be run "more like a business." (Protip - Anytime someone says "Government should be run more like a business" you've just received perfect proof they're an idiot. Govt and business aren't the same and cannot/should not be run the same way.)

Add 8 years of "We hate government. We hate government workers. Government is incompetent at everything it does and, by the way, too-often prevents us from funneling contracts to the big-money corps that help us get elected." under the Bush administration.

Stir in the fact that IT is in the middle of everything nowadays.

Bake a while and what do you get? Everything being outsourced, even to people who have no idea what they're doing and don't give two shits about the concept of "public service."

A couple of months ago, I retired from a once-wonderful IT position with a major U.S. three-letter-agency. I just couldn't stand the whole "Do more with less. Don't worry about all the new, critical changes; they'll be admin'd by contractors, anyway. Bump the efficiency metrics; forget about actually keeping the field guys functioning."

For the first 20 years I was there, we were allowed to do good work, help officers and agents do their jobs, and serve the public. Over the last 10 years, that whole notion of public service got lost in an orgy of fiefdom creation and repayment of favors.

U.S. govt IT is going to hell. It's happening slowly but, I fear, inexorably.

I agree... (1)

novar21 (1694492) | about 3 years ago | (#36933022)

If I had mod points, I would give +1 insightful. From a slightly different perspective, I work in IT for a State Government. The Feds and the States are very similar, except that they are reducing compensation at the State level. So recent graduates are not even looking for employment with the State. It is so bad now that we have permanent job postings for IT positions. But the benefits and pay are no where near private sector. They have to have contractors now that so many have retired. The contractors cost far more than State Employees. But you still read articles in the local papers about how over paid State Government workers are. Plus the same mantra over and over that government workers just sit around and do nothing all day. I guess if they keep this crud in the press, then the populace will accept it as fact. I know of many contractors who have failed in the day to day duties, yet they are still employed. Many of the government contracts are poorly written. Add to that management not holding the contractors to the signed contract and properly monitoring progress of the projects. Over all it is very sad to be in government IT unless you are a contractor. And if you are a contractor, your only benefit is in knowing that you are better compensated than the government employees around you. Either way you are still told: "Do more with less" which has never made sense to me. Following those instructions means that you have to loose quality or quantity. There really is no other choice. Throw in the furlough days, bank leave time, and all of the other compensation reducing schemes, and our compensation has been reduced by thousands of dollars per year. All of those savings are going to pay for contracts. In my state the contracts total over 15 billion. That is more than what it costs to pay for the state employees. They privatize different functions more and more. Costing the tax payers more and more. Sorry for the long rant. I will get off the soap box now and let someone else have it.

Re:Over a decade in the making (2)

gl4ss (559668) | about 3 years ago | (#36933192)

Fake efficiency.

that's the scourge of modern way business way of handling things. as things are just bits and bytes, it's easy to lie about the efficiency without anyone noticing and starting to bitch, as the metrics can be chosen and created accordingly, showing advancement even when nothing is being actually done. when holding meetings become checkpoints on the project instead of working pieces solutions. multiple sourcing does nothing to help it, then just that someone thinks for 6 months which company might get the job becomes a checkpoint. it's the new IT-bubble, the illusion that things are expensive. they're not, the guys who are left to implement the things still don't get much of the money - it's just the middle layers and their processes which eat up the money, it wouldn't be SO bad if specifications and what the system is supposed to do wouldn't get lost in that same process - so the guys implementing don't even know what's it supposed to do and the timetable with which they have to work ends up being so tight they don't have a time for rewrite after they've designed what the system should do- because it took so long for the process to even choose these guys who implement things that they're late already when they arrive to work on the first day.

I really wish IT was more like in late '80s, too bad I was too young to work then. now everyone wants people to spend their time on metrics which tell nothing of what was done or what should be done next.

Re:Over a decade in the making (1)

Anonymous Coward | about 3 years ago | (#36934198)

Yeah, that's why the people who rant about "Big Government" and that there should be less Government, are barking up the wrong tree.

It's quality not quantity that matters.

You could just have the president and everything outsourced and things could still be bad. Or even worse, since the contractor's contractor's contractors might not even pretend to follow inconvenient stuff like FOIA.

Trouble is the lack of good people at the top. You need to elect better people and convince the good people to run for elections. And keep doing it for a few cycles - I'm sure it'll take a while for whoever gets in to even start building a shortlist of what needs to be fixed and what can actually be fixed first.

This all started with Reagan (1)

mbone (558574) | about 3 years ago | (#36932762)

While it is certainly true that the US Government has used contractors for a long time, this pernicious reliance on contractors (to the point where many US government agencies have basically no in-house expertise on mission-critical elements of their functioning) started with Ronald Reagan. Remember that he started out with a massive RIF (Reduction in Force), which was followed with (civil service) hiring freezes. If you can't hire permanent employees, and you are tasked with doing more, you have to engage contractors. It's just that simple. I was working for the Government at the time, and the increase in contractors (and the decrease in in-house expertise) was striking.

Of course, the ironic thing is that

- contractors are almost always much more expensive than doing the same thing in civil service and
- contractors can lobby the Congress to get more money what they are doing

At the time, I thought this was a bug; now I am sure it was a feature.

oh the irony (1)

Sebastopol (189276) | about 3 years ago | (#36932832)

It is kinda funny how people claim the government is too stupid to get things right (i.e., post office, DMV, roads), but then bitch at them when they try to contract out. Granted, they could do a much better job vetting the contracts, but government is always in a lose-lose.

Re:oh the irony (1)

TheLink (130905) | about 3 years ago | (#36934220)

Coz the voters are the stupid ones. Most voters don't realize that ultimately they are part of government.

If the reasoning that less government is always better, than it should also apply to voters: e.g. Fewer voters = better.

But that's not true right? Quality matters more than quantity.

Great 100M (1)

Osgeld (1900440) | about 3 years ago | (#36932972)

For these asswipes to install norton and upgrade to IE8 on some dell contract pc that will be thrown away next year

I'm sure this is shock news if ... (1)

Viol8 (599362) | about 3 years ago | (#36933076)

... you're some basement dwelling teenage virgin whose "friends" are other similar losers that he's never met IRL. Which , lets face it, is the demographic that makes up the self righteous bunch of script kiddies that call themselves anonymous, lulzsec or whatever self agrandising name they've thought up this week.

For your average tax paying adult the fact that government contracts out services is neither news nor shocking. Next...

Re:I'm sure this is shock news if ... (0)

Anonymous Coward | about 3 years ago | (#36933442)

The only shocking thing here is that the high priced computer security contractors can't secure their systems against the basement virgins.

Re:I'm sure this is shock news if ... (1)

ranpel (1255408) | about 3 years ago | (#36933716)

While I think I understand what you're driving at I'm not quite sure I understand your oversimplification of these events. That and your assignment of a generalized 90's adventure grouping of script kiddies is slightly off the mark. Either you're attempting to suppress your inner child and failing, could truly care less, are quite happy with the nonsense of forced consumer news issue number one that is the debt limit, are a self righteous basement virgin your damn self or you're a perfectly content citizen whose mere existence is naught but a passing nuisance of a thought.

A 400MB data file (currently available free of charge), another page of the secret ops book possibly revealed, an implication of access and/or possession of a significant horde of similar data, a picture perfect example of your tax dollar at work, a target whose client list is a majority consumer of that dollar no less and you want "Next..."?

This kind of "Next"?

* Defense Intelligence Agency,
* National Geospatial-Intelligence Agency
* National Reconnaissance Office
* National Security Agency
* Department of Homeland Security
* U.S. Navy, Air Force, Army, Marine Corps
* Missile Defense Agency and DARPA
* Department of Justice
* Department of State
* Environmental Protection Agency
* NASA, NATO, state and local governments

Or this kind of "Next"?
http://www.cnn.com/2011/WORLD/europe/07/30/uk.royal.wedding/index.html?eref=rss_topstories&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+rss%2Fcnn_topstories+(RSS%3A+Top+Stories) [cnn.com]

At the very, very least is this not a mildly interesting distraction in the form of entertainment? Perhaps NASCAR or comic book heroes are your cream of the crop? I'm sorry but your passive aggressive brush off of an idea is disturbing at several levels.

Re:I'm sure this is shock news if ... (0)

Anonymous Coward | about 3 years ago | (#36935414)

The news that they contract out security to a company that can't secure it's own servers isn't really news either. We all knew these types of contractors were incompetent and overpriced. Should we just keep on accepting it though?

Re:I'm sure this is shock news if ... (0)

Anonymous Coward | about 3 years ago | (#36936076)

Well this till china uses the data they collected the same way but were more discreet about it.

Getting "bad path file info" on the torrent... (0)

Anonymous Coward | about 3 years ago | (#36933104)

Getting an error on that torrent when using Bittorrent.

Got bad file info - path .**** disallowed for security reasons

The torrent contains files that start with a period (.). Stop your client and set it not to download the bad files.

If your client supports the selection of files, there you go. Just deselect the files that are borking the download. Or you can try using a different client? I decided to give Vuze a try, and before I could even finish configuring my ports, it has slurped the file down lickety-split.

So Vuze apparently ignores the error.

Still, I don't have a login for PirateBay-for obvious reasons-and I'll be posting this AC? But if someone could put a note up there for the mods or Anon to correct the problem, it'd be appreciated. Or Anon might just read about it here. HI GUYZ!!

Failure in security is due to commercial software (0)

Anonymous Coward | about 3 years ago | (#36933252)

Failure in security is due to closed commercial software in combination with a lack of acceptable security coding standards and design problems. We are constantly told that it would be too expensive to code everything securely and yet we send robots to mars which have to be perfect in every regard and tons of money is spent adding unnecessary new features and making changes without good cause.

No. I don't see how we sit by and accept new features at the expense of security where the security of the system matters. There should be a core set of standardised, peer reviewed, open hardware components with publicly vetted source code. The citizens should demand the government be held to account for hiring and for vetting the source code of all critical components. This isn't just a software issue though. Security critical hardware should be produced in the USA and in other countries where governments can validate all code and designs. Yes- a computer might run into the $10k plus range or more especially given the nature of what we're trying to secure.

From TCIP protocols to encryption algorithms and randomisation components.Drivers that interact with the hardware for these standardised components need to reviewed and set in stone for 10 to 15 year spans (except for potential security fixes). Debian and similar based GNU/Linux distributions have security down right in this regard even if there is way more code than is needed.

Databases need to be coded securely too and made more challenging to interact with in insecure ways. Encryption AND redundancy all need to be part of these standards. GUI's and other non-essentials should not be part of a standard installation. On the desktop a minimal secure, simple, and minimalist GUI needs to be written which fits into the security policies (can only do a minimal set of things without further approval from a security department). Those security policies should be easily set through a simple GUI and command line (for the servers) and well documented tutorials explaining how, what, and why to set things up for particular tasks (web servers, databases, and similar, and depending on the type of platform management system in use). Virtual private networks too need to be reviewed.

Secure destruction devices should be common place for media. The media should be specific (non-USB), hardened, redundant, and wear resistant. Our current standard is weak and unreliable. We use MLC where SLC should be used in flash based media and USB and similar connectors that fail frequently. Ideally a new secure media designed today for tomorrow would be designed with GPS tracking built-in, encryption (with two authentication mechanisms where you enter it before connecting it to a computer and again on the computer itself), have satellite or at least radio communications of some sort, and be resistant to tampering. If the media loses satellite communications for any length of time it should send a warning sound to the user to alert them they need to enter a password to avert self-destruction.

3rd Party IT (0)

Anonymous Coward | about 3 years ago | (#36933484)

The government has put themselves into this position, as anyone who works government IT/IA knows. The processes involved are so laborious and tedious that there is no way that government IT workers can handle the load themselves. IT procurement is a good example. It takes about $3 in effort for every $1 spent on procurements.

Simplify the processes and security will get better when people stop pencil whipping the reports because they can't currently keep up.

Security Contractors (0)

Anonymous Coward | about 3 years ago | (#36934018)

To the contrary. Nothing in this data is really interesting, except for the fact that the FBI is paying mountains of taxpayers' money to their friends for basically nothing. What AnonSec proved here (yet again) is that these "security contractors" have nothing to do with security. Really! :)

- Admin Forum Perniagaan Internet Malaysia
http://PerniagaanInternet.my/forum

Fascinating (0)

Anonymous Coward | about 3 years ago | (#36934936)

I find it very interesting that a group of people can post data on the internet and tell folks where they got it from and that it was some big deal, horrible security, stupid contractor's etc. and folks just believe everything they say. I mean, why would an "Anonymous" group of people have any motivation to stretch the truth or outright lie about their point of view?

Re:Fascinating (0)

Anonymous Coward | about 3 years ago | (#36935058)

Exactly! And why would any upstanding and well heeled Senator representing you put your interests above their own?

Contracting government functions has to stop! (1)

Vitriol+Angst (458300) | about 3 years ago | (#36936204)

First, the "small government" acolytes, starve regulatory agencies -- and the funding for this, comes from companies that Don't want regulation.

Then the "big government agency" downsizes, because it cannot afford to keep people on staff.

For some reason, the Contracting Agency, gets paid about 10 times per employee that we paid for each "big government" worker. You know, like the Mercenaries in Iraq who got $100,000 PLUS to do KP duty and make food for the soldiers.

Eventually, the lack of oversight, means that the FDA has an inspector visit a company once every few decades -- or the Oil company oversight fails to make BP put adequate devices on their drilling platforms. We certainly "saved" a lot of money, deregulating banks and having them lose $70 Trillion!

>> Bush and Republicans have increased the SPENDING on government -- the ONLY reductions have come from reducing SERVICES provided from Government, and oversight of Billionaires.

>> We now have a "feedback" loop with many "profitable" business that contract for Government services. The Prison corporations, make money from more prisoners and by cutting costs -- meaning, a more demeaning life for prisoners -- but also, that they LOBBY for longer sentencing and to make more things illegal.

It seems to me, that we DON'T want profits to be made in some parts of our economy -- we DO NOT WANT a business approach. If a Corporation makes money on war -- they want MORE war. It's that simple. Anything we want to redistribute, or make LESS likely should be a government function -- period.

>> And it's CRAZY to have private weapons manufacturers -- what do we do when they set up shop and take their technology to China because the USA is NOT the great source of "War Profits?" We are much less safe, and much less well off because corporations made a bundle on our needless invasion of Iraq -- and the Oil Companies benefitted while lobbying for Tax Breaks. The people BENEFITTING from Government are making it bigger -- that's just doesn't happen to be the working poor.

Re:Contracting government functions has to stop! (0)

Anonymous Coward | about 3 years ago | (#36936546)

> And it's CRAZY to have private weapons manufacturers -- what do we do when they set up shop and take their technology to China because the USA is NOT the great source of "War Profits?"

lol. clearly you've never heard of ITAR. It sounds like you really don't know what you're talking about... typical slashdot these days.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>