Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NSA Hiring At Black Hat

Unknown Lamer posted more than 2 years ago | from the basement-or-cell dept.

Government 139

jfruhlinger writes "It may seem strange that the US government would be recruiting tech talent at Black Hat, a security conference whose participants have a notorious ambivalence about keeping within the letter of the law. But the NSA — a shadowy organization with its own reputation for dodgy behavior — is there recruiting, and pitching itself as a haven for geeks."

cancel ×

139 comments

Sorry! There are no comments related to the filter you selected.

Are the NSA really that stupid? (2)

elrous0 (869638) | more than 2 years ago | (#36965128)

It may sound like a great idea on the surface, but a leopard doesn't change its spots just because you give it a paycheck.

So either the NSA are really fucking stupid or this is some sort of honeypot trap to target some specific (or maybe even non-specific) hackers and bust them on an espionage charge when they inevitably leak some fake secrets you give them after they become "employees." If it's the latter, I'm impressed. Never seen anyone go that far with a honeypot operation. But maybe Anon and LulSec are making them desperate. Hell, maybe they're hoping they can just *luck* into busting some Anon/LulSec leaders by throwing a wide net.

So I guess it really comes down here to a question of who's more stupid--the NSA for thinking they can tame hackers or the hackers for possibly falling for a honeypot. I don't know which is the more scary possibility.

Re:Are the NSA really that stupid? (1)

Anonymous Coward | more than 2 years ago | (#36965176)

Like attracts like. Your reply implies that you don't think the NSA is an organization of black hats. Are you that stupid?

Re:Are the NSA really that stupid? (2)

elrous0 (869638) | more than 2 years ago | (#36965228)

There are black hats and then there are black hats.

Re:Are the NSA really that stupid? (1)

Jeng (926980) | more than 2 years ago | (#36965318)

Or as they put it in TFA.

There is a huge difference between hackers â" who tread the line of legality regularly and often step over, but not with the intent of doing great harm â" and criminals who happen to work online, Moss said.

One group you can train or encourage to focus on solving problems that affect national security, and trust to the same extent you would experts in other fields.

Re:Are the NSA really that stupid? (2)

causality (777677) | more than 2 years ago | (#36965534)

Or as they put it in TFA.

There is a huge difference between hackers â" who tread the line of legality regularly and often step over, but not with the intent of doing great harm â" and criminals who happen to work online, Moss said.

One group you can train or encourage to focus on solving problems that affect national security, and trust to the same extent you would experts in other fields.

It seriously doesn't help that most of the legitimate private-sector jobs available to those with strong computer/networking skills are thankless, offer little job security, tend to expand in scope with no matching expansion of pay, tend to demand overtime while paying salary, are dominated by managers who don't understand technology and (worse) refuse to listen to underlings who do, often require dealing with literate adults who fail to follow the simplest of instructions then blame the IT guy when it doesn't work, and don't treat their employees with anything resembling the amount of respect that should be due to people without whom the entire operation would grind to a halt.

If anything, it's a miracle that there is not more criminal activity from the numbers of people who have strong skills and few legitimate places in which to express it.

In a way it's like the highly intelligent kids who are bored to death in the public schools and start becoming disruptive "behavioral problems". Well yeah, no shit, you set up a situation that amounts to a formula for producing this. Shockingly, that's the result you obtained; be sure to act surprised! If this is analogous to the talent the NSA is reaching out for, this may be a good thing, assuming they really want to work for one of the more notorious government agencies.

Re:Are the NSA really that stupid? (1)

networkBoy (774728) | more than 2 years ago | (#36965914)

Honestly,
Had I no family ties out here on the left coast I would work for NSA.
There are a lot of things I can do (not that I'm a maestro by any stretch) that would help them, and since I'm really just a total nerd at heart, all they'd have to do is pay me enough to keep me in toys.
Sadly, I doubt they allow working remotely, and I really can't leave where I'm at. I have a good enough gig in a multinational corp in R&D/security already. It scratches most of the itches.
-nB

Re:Are the NSA really that stupid? (5, Insightful)

causality (777677) | more than 2 years ago | (#36966246)

Honestly, Had I no family ties out here on the left coast I would work for NSA. There are a lot of things I can do (not that I'm a maestro by any stretch) that would help them, and since I'm really just a total nerd at heart, all they'd have to do is pay me enough to keep me in toys. Sadly, I doubt they allow working remotely, and I really can't leave where I'm at. I have a good enough gig in a multinational corp in R&D/security already. It scratches most of the itches. -nB

To be blunt, the fact that I have a conscience would prevent me from working with such an organization. I don't really care what cool toys they can hook me up with. Toys are to be enjoyed after essentials (like not dealing with the devil) are established.

Re:Are the NSA really that stupid? (2, Interesting)

Anonymous Coward | more than 2 years ago | (#36965372)

There are black hats and then there are black hats.

Put another way... there are black hats (regular) who can be a real nuisance and make the life of one corporation or a few individuals really hellish for a while...

Then there are black hats (government-sponsored) who are totally fucking evil, amoral bastards who would slit their grandma's throat if their commander said it was in the interests of national security. They would of course have full immunity from any murder prosecution after having slit their grandma's throat. They don't feel evil and no one tells them they are evil because after all it's in the line of duty and that makes everything OK.

If you are willing to work for a shadowy unaccountable government agency that loves to violate the rights of its own countrymen, well, you didn't have much character or moral/ethical fiber to begin with. Compared to that, Anon/Lulzsec at least wait until a corporation or person acts like a total asshole and inconveniences many people before they give them a hard time.

Re:Are the NSA really that stupid? (1)

Paul Fernhout (109597) | more than 2 years ago | (#36965958)

"If you are willing to work for a shadowy unaccountable government agency that loves to violate the rights of its own countrymen, well, you didn't have much character or moral/ethical fiber to begin with."

AC, The problem with this line of argument is that if no good people work there for that reason, it is bound to be even worse. It's a general problem with the US DOD more broadly. I feel the US military is being horribly misused by US politicans to fight wars whose main point seems to be to line the pockets of those in the war racket (see Smedly Butler), but, if only the worst of the worst join the US security forces because they are being misused, where does that leave us as a country?

I wrote this about the CIA, but it applies equally well to a place like the NSA:
"On dealing with social hurricanes (like the US CIA) "
http://www.pdfernhout.net/on-dealing-with-social-hurricanes.html [pdfernhout.net]
"This approximately 60 page document is a ramble about ways to ensure the CIA (as well as other big organizations) remains (or becomes) accountable to human needs and the needs of healthy, prosperous, joyful, secure, educated communities. The primarily suggestion is to encourage a paradigm shift away from scarcity thinking & competition thinking towards abundance thinking & cooperation thinking within the CIA and other organizations. I suggest that shift could be encouraged in part by providing publicly accessible free "intelligence" tools and other publicly accessible free information that all people (including in the CIA and elsewhere) can, if they want, use to better connect the dots about global issues and see those issues from multiple perspectives, to provide a better context for providing broad policy advice. It links that effort to bigger efforts to transform our global society into a place that works well for (almost) everyone that millions of people are engaged in. A central Haudenosaunee story-related theme is the transformation of Tadodaho through the efforts of the Peacemaker from someone who was evil and hurtful to someone who was good and helpful. Another theme is exploring the meaning, if true, of a allegation by Wayne Madsen about President Obama's deeper connection to the CIA than was otherwise known."

The thing is, we all need security. The issue is how to go about getting it in a non-ironic way, whcih I suggest here means focusing on intrinsic security and mutual security:
http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html [pdfernhout.net]

One other alternative is for civilians to take on more of an interest in security and other public intelligence matters; see:
"The need for FOSS intelligence tools for sensemaking etc."
http://groups.google.com/group/openmanufacturing/msg/2846ca1b6bee64e1 [google.com]

Re:Are the NSA really that stupid? (2)

networkBoy (774728) | more than 2 years ago | (#36965962)

Really?
Seriously?
You realize that currently the government is obviously over its head WRT computer security. Having a team of grey hats that can see the challenge of hardening a massive network against a Chinese attack is being heartless?
Taking things to the extreme is never good in any argument. I'd like to think that I'm one of those black hats, but that doesn't mean I'd betray either my country or my personal morals. Where the two collide I likely would do nothing or flip a coin.
-nB

Re:Are the NSA really that stupid? (1)

Larryish (1215510) | about 3 years ago | (#36966890)

And then if you decide to leave the fold, they take everything you earned and give you a shit deal for being "reintroduced to society".

The abbreviated people eat their young.

Re:Are the NSA really that stupid? (1)

Anonymous Coward | more than 2 years ago | (#36965868)

There are black hats and then there are ARSE hats.

FIFY

Re:Are the NSA really that stupid? (2)

chemicaldave (1776600) | more than 2 years ago | (#36965186)

You don't get to work at the NSA (or any infosec govt. job) with access to classified information and power without a very thorough full-scope background check including polygraph. You're quite mistaken if you think otherwise.

Re:Are the NSA really that stupid? (1)

elrous0 (869638) | more than 2 years ago | (#36965286)

Yeah, I recall how well the CIA vetted Humam al-Balawi [wikipedia.org] . I hope the NSA is a little more thorough.

Re:Are the NSA really that stupid? (1)

vlm (69642) | more than 2 years ago | (#36965330)

You don't get to work at the NSA (or any infosec govt. job) with access to classified information and power without a very thorough full-scope background check including polygraph. You're quite mistaken if you think otherwise.

You don't get to work at the NSA (or any infosec govt. job) with access to classified information and power without a very thorough full-scope background check including polygraph. You're quite mistaken if you think otherwise.

Which includes credit checks. I wonder if they're running out of applicants, most of the locals bought $750K shacks and condos that have probably cratered back to normal by now. Think Vegas where the $1M condo wishing prices are now $50K foreclosure sales.

Re:Are the NSA really that stupid? (2)

Amouth (879122) | more than 2 years ago | (#36965382)

and yet some of the people i know that work there - i wouldn't hire...

Are you really that stupid? (0)

Anonymous Coward | more than 2 years ago | (#36965390)

Aside from the silo they are assigned to (which is probably classified itself), why would they have access to classified information? Most likely they'll be in an untrusted DMZ given very specific information on what to do. Find a way to crack X, then the crack is given to someone else who can be trusted. Don't underestimate them, they make mistakes and cultivate an mythos of superpowers, but they are also very good at what they do.

Re:Are you really that stupid? (1)

elrous0 (869638) | more than 2 years ago | (#36965496)

So the plan is to hire some Houdini's, put them in a cage, and tell them not to escape, huh? Hope that's a really good lock.

Re:Are you really that stupid? (1)

bluemonq (812827) | more than 2 years ago | (#36966156)

Solution: weld the cages shut. Alternatively, give him a few good punches in the abdomen.

Re:Are you really that stupid? (1)

renegadesx (977007) | about 3 years ago | (#36968344)

No, the plan is to hire some Houdini's, put them in a cage, tell them to escape and write down how they did it.

Re:Are the NSA really that stupid? (1)

Jah-Wren Ryel (80510) | more than 2 years ago | (#36965502)

You don't get to work at the NSA (or any infosec govt. job) with access to classified information and power without a very thorough full-scope background check including polygraph. You're quite mistaken if you think otherwise.

However, it is a truism that every single traitor in those agencies was cleared, some very extensively.

Meanwhile "secret" clearance is really nothing more than a credit and criminal records check, no poly required. "Top Secret" is the level at which they go around and talk to your neighbors and friends from college and that usually has only a basic poly. Plenty of SCI/SAP projects only need "secret" level clearance too.

Re:Are the NSA really that stupid? (1)

Anonymous Coward | more than 2 years ago | (#36965690)

Yes, to demonstrate that you're willing to commit illegal behavior under orders.

You *have* reviewed their history of criminal behavior, right?

Re:Are the NSA really that stupid? (3, Funny)

GameboyRMH (1153867) | more than 2 years ago | (#36966000)

Oh noes not a polygraph!!! Are they going to check my thetan levels too?

Re:Are the NSA really that stupid? (1)

TheGratefulNet (143330) | about 3 years ago | (#36967716)

polygraph?

you had me up until then.

in fact, I would just guess that anyone who cannot fake their own PG would NOT be good for an org who makes its whole business in deceipt and lying and betrayal. think about it! liars and psychopaths are their ideal employee type.

Re:Are the NSA really that stupid? (1)

rtb61 (674572) | about 3 years ago | (#36969378)

Would that be the polygraph of make believe, react to the question not whether you lie or tell the truth. The test that uniform fails with psychopaths (now that's going to be really useful) or that can simply be defeated by tensing you butt cheeks. As for the background check, derp, they are blackhats by definition they have done 'bad' things with computers on computer networks.

The best way to hire blackhats is to monitor all their activities, the employ hire them to conduct criminal activity without the, knowing they are being monitored and all over an extended period, say a year, then you reel them in and throw the key away (no excuses for them as they took money to conduct illegal activities). You might call it, permanent part time employment, the permanent coming after the part time.

Re:Are the NSA really that stupid? (1)

Anonymous Coward | more than 2 years ago | (#36965292)

It may sound like a great idea on the surface, but a leopard doesn't change its spots just because you give it a paycheck.

So either the NSA are really fucking stupid or this is some sort of honeypot trap to target some specific (or maybe even non-specific) hackers and bust them on an espionage charge when they inevitably leak some fake secrets you give them after they become "employees." If it's the latter, I'm impressed. Never seen anyone go that far with a honeypot operation. But maybe Anon and LulSec are making them desperate. Hell, maybe they're hoping they can just *luck* into busting some Anon/LulSec leaders by throwing a wide net.

So I guess it really comes down here to a question of who's more stupid--the NSA for thinking they can tame hackers or the hackers for possibly falling for a honeypot. I don't know which is the more scary possibility.

Of course that is an excellent place to be "recruiting" there arent that many places you can find bleeding edge techs all in one spot.

Re:Are the NSA really that stupid? (2)

nsaspook (20301) | more than 2 years ago | (#36965356)

No. Just try to double-cross the devil. These kids won't know that hit em if they get out of line.

Re:Are the NSA really that stupid? (1)

causality (777677) | more than 2 years ago | (#36965670)

No. Just try to double-cross the devil. These kids won't know that hit em if they get out of line.

No shit. These are seriously the wrong people to screw with.

The mafia would be more likely to show mercy.

Re:Are the NSA really that stupid? (1)

TheGratefulNet (143330) | about 3 years ago | (#36967738)

The mafia would be more likely to show mercy.

I have probably been watching too many movies. I admit that. but given the rep of both of those orgs, I would probably want to take my chances with a nice italian family job. (only half kidding; and that's a sorry statement about american life right now).

Re:Are the NSA really that stupid? (1)

blair1q (305137) | more than 2 years ago | (#36965666)

NSA wouldn't run a counterintelligence operation against Americans. That would be illegal and easy to beat.

FBI, on the other hand, could pose as NSA to do it.

As for who can be tamed, don't kid yourself. Everybody's human. Beat us hard enough and we start hating Beethoven.

Re:Are the NSA really that stupid? (1)

Anonymous Coward | more than 2 years ago | (#36965748)

NSA wouldn't run a counterintelligence operation against Americans. That would be illegal and easy to beat.

What are you smoking and can I have some?

Re:Are the NSA really that stupid? (1)

blair1q (305137) | more than 2 years ago | (#36966484)

>What are you smoking and can I have some?

Brisket, and no.

Re:Are the NSA really that stupid? (5, Insightful)

causality (777677) | more than 2 years ago | (#36965814)

NSA wouldn't run a counterintelligence operation against Americans. That would be illegal and easy to beat.

If they did, how would you ever prove it?

A FOIA request? Denied - national security.

A lawsuit? Denied - national security.

Asking nicely? Denied - "we can neither confirm nor deny..."

Without proof, well then, you'd just be a tinfoil-hat-wearing conspiracy nutter (and for major events like 9/11 you'll be called such names even with lots of proof). This is a roundabout, indirect way of saying that you're foolish and something is wrong with you if you don't blindly trust the goodwill of unaccountable government agencies with nearly unlimited budgets who certainly have the capability of spying on Americans and running operations against Americans.

Not because it's true or might be true or would fit in with the long history of past abuses, mind you, but because people who are in denial want to feel comfortable about their denial and your doubts make that more difficult. When faced with such a situation, small-minded people will attack your character.

At any rate, yes it would be "illegal" but without accountability and transparency that really doesn't mean anything. How would it be easy to beat? How would you ascertain that without intimate knowledge of the actual methods used? If you somehow attained such knowledge, why wouldn't they change the methods?

Re:Are the NSA really that stupid? (1)

blair1q (305137) | more than 2 years ago | (#36966502)

If they did, how would you ever prove it?

At some point, they have to admit it into evidence. At that point you show the judge the law against NSA conducting operations against Americans, and they go to jail instead of you.

not really. look at the Drake case (1)

decora (1710862) | more than 2 years ago | (#36966634)

the government was able to convince the judge to use an obscure 1959 NSA law to redact UNCLASSIFIED information from the defense exhibits, so that they would not be publically shown at trial.

there is a lot more to the Drake case regarding evidence, the CIPA, and the Silent Witness Rule.

Re:not really. look at the Drake case (1)

blair1q (305137) | about 3 years ago | (#36967092)

The judge saw that evidence and allowed it.

The judge would see how this evidence was gathered and order the gatherers arrested.

Re:not really. look at the Drake case (0)

Anonymous Coward | about 3 years ago | (#36967826)

Clearly, you've never been in a courtroom for anything other than traffic tickets.

Re:Are the NSA really that stupid? (0)

Anonymous Coward | about 3 years ago | (#36969586)

"Without proof, well then, you'd just be a tinfoil-hat-wearing conspiracy nutter"

The way things are going, no matter what you say, right or not, proof or not, you're likely to be drowned out by FAKE conspiracy nutters set up just to make you look like another one.

Re:Are the NSA really that stupid? (1)

HornWumpus (783565) | more than 2 years ago | (#36966312)

Why would they bother. That would be the English or Australian equivalents job.

One hand washes the other. Constitutions don't restrain your allies from spying on you citizens for you.

Re:Are the NSA really that stupid? (1)

blair1q (305137) | more than 2 years ago | (#36966514)

But the clicks on my cellphone recordings don't have accents.

Re:Are the NSA really that stupid? (0)

Anonymous Coward | more than 2 years ago | (#36965774)

Who's stupid?

You for not realizing that the NSA can buy bullets very very cheaply.

So? (0)

Anonymous Coward | more than 2 years ago | (#36965906)

Umm, they don't want em' to change their spots. Do you think the Chinese or Russians hire good little boys for their industrial espionage programs? If you're breaking the law, then you either hire criminals, or else try to make ordinary people into criminals (patriotism, ribbons, etc.).

Re:Are the NSA really that stupid? (4, Insightful)

conspirator23 (207097) | more than 2 years ago | (#36965916)

It may sound like a great idea on the surface, but a leopard doesn't change its spots just because you give it a paycheck.

You're suggesting here that most (if not all) Black Hat attendees who might join the NSA are destined to betray the organization at some point? Either by embarassing the agency through extra-curricular activities or outright acts of treason? The short answer to that assertion is that you are underestimating both the people already in the NSA, and also underestimating the IT security community in general. Black Hat != Bomb Throwing Anarchist, and NSA != Bush(II)-era political appointees.

So either the NSA are really fucking stupid or this is some sort of honeypot trap to target some specific (or maybe even non-specific) hackers and bust them on an espionage charge when they inevitably leak some fake secrets you give them after they become "employees."

Must. Resist. Grammar... flame. *whew* Okay so to summarize, your contention is that the only good reason for the NSA to recruit at Black Hat is as a "trap" of some sort for Black Hat attendees. Why if that weren't such a transparent, easily avoided ploy, you might have something there. Black Hat attendees who truly see themselves as enemies of the NSA aren't going to apply for jobs... unless they are foreign agents trying to infiltrate the organization. THOSE hypothetical people are going to apply for jobs at the NSA and other agencies no matter what happens at the Black Hat conference. OTOH, there is a tremendous amount of technical talent at Black Hat focused on both the offensive and defensive ends of IT security. If you want to hire the best and the brightest, you go to where the best and the brightest hang out. If they don't want to talk to you, fine, but at least you tried. In some sense it would be irresponsible for the NSA to attend and not even bother trying to recruit because they just assume nobody would be interested. Especially because there are surely Black Hat attendees who would be thrilled to work for the NSA. Don't get me wrong. If your idea of being an el33+ h@x0r is demonstrating the size of your e-peen through acts of vandalism, you probably don't want to work for the NSA. Whatever nefarious things they might encourage, you don't get to brag about it after on Twitter. Likewise if you've already been radicalized politically, then you probably don't want their job offers either. Beyond those two subsets you've got whole categories of people who would have a different outlook on an NSA job. There are the wannabees who think cloak and dagger stuff is cool but wouldn't dream of comitting criminal acts. There are aging vets of prior hacker eras who have wives, and kids, and have worked all that "you're not the boss of me" stuff out of their system already. There are members of the "loyal opposition" who have specific objections to US govt. actions but not the US govt. itself.

If it's the latter, I'm impressed. Never seen anyone go that far with a honeypot operation. But maybe Anon and LulSec are making them desperate. Hell, maybe they're hoping they can just *luck* into busting some Anon/LulSec leaders by throwing a wide net.

So I guess it really comes down here to a question of who's more stupid--the NSA for thinking they can tame hackers or the hackers for possibly falling for a honeypot. I don't know which is the more scary possibility.

Anonymous and LulzSec aren't even on the NSA's radar. NSA != LE. The NSA is interested in the next Stuxnet, whether that is authoring it or defending against it. They're interested in the cell tower intercepting UAV that was Slashdotted earlier today. They're interested in encryption algorithms, data mining algorithms, and language translation algorithms. Anon+Lulz primary weapons (SQL injections, voluntary DDOS) are as interesting to the NSA as gasoline bombs and homemade silencers.

Re:Are the NSA really that stupid? (1)

Ihmhi (1206036) | more than 2 years ago | (#36966220)

Will: Why shouldn't I work for the N.S.A.? That's a tough one, but I'll take a shot. Say I'm working at N.S.A. Somebody puts a code on my desk, something nobody else can break. Maybe I take a shot at it and maybe I break it. And I'm real happy with myself, 'cause I did my job well. But maybe that code was the location of some rebel army in North Africa or the Middle East. Once they have that location, they bomb the village where the rebels were hiding and fifteen hundred people I never met, never had no problem with, get killed. Now the politicians are sayin', "Oh, send in the Marines to secure the area" 'cause they don't give a shit. It won't be their kid over there, gettin' shot. Just like it wasn't them when their number got called, 'cause they were pullin' a tour in the National Guard. It'll be some kid from Southie takin' shrapnel in the ass. And he comes back to find that the plant he used to work at got exported to the country he just got back from. And the guy who put the shrapnel in his ass got his old job, 'cause he'll work for fifteen cents a day and no bathroom breaks. Meanwhile, he realizes the only reason he was over there in the first place was so we could install a government that would sell us oil at a good price. And, of course, the oil companies used the skirmish over there to scare up domestic oil prices. A cute little ancillary benefit for them, but it ain't helping my buddy at two-fifty a gallon. And they're takin' their sweet time bringin' the oil back, of course, and maybe even took the liberty of hiring an alcoholic skipper who likes to drink martinis and fuckin' play slalom with the icebergs, and it ain't too long 'til he hits one, spills the oil and kills all the sea life in the North Atlantic. So now my buddy's out of work and he can't afford to drive, so he's got to walk to the fuckin' job interviews, which sucks 'cause the shrapnel in his ass is givin' him chronic hemorrhoids. And meanwhile he's starvin', 'cause every time he tries to get a bite to eat, the only blue plate special they're servin' is North Atlantic scrod with Quaker State. So what did I think? I'm holdin' out for somethin' better. I figure fuck it, while I'm at it why not just shoot my buddy, take his job, give it to his sworn enemy, hike up gas prices, bomb a village, club a baby seal, hit the hash pipe and join the National Guard? I could be elected president. -Will, Good Will Hunting

just guy the who told them where it is not the one (1)

Joe_Dragon (2206452) | more than 2 years ago | (#36966258)

Who did the ground work to see what is really there and or the one to push the kill button.

Re:just guy the who told them where it is not the (1)

sjames (1099) | about 3 years ago | (#36968822)

Nobody does the ground work, that's HARD. Just drop the bombs and move on, so many targets, so little time.

Re:Are the NSA really that stupid? (0)

Anonymous Coward | more than 2 years ago | (#36966318)

Oh shut up you little weasel.

Re:Are the NSA really that stupid? (0)

Anonymous Coward | about 3 years ago | (#36967206)

Have you ever been to Black Hat? It's Defcon for responsible grownups with jobs.

Re:Are the NSA really that stupid? (0)

Anonymous Coward | about 3 years ago | (#36967254)

BlackHat is not a bunch of criminals.

Large companies like Cisco and Microsoft and large consulting groups like Accuvant are primary sponsors. It certainly has a shady underbelly, but for the most part, some of that attitude is a bit tongue-in-cheek these days.

Re:Are you really that stupid? (1)

kpyke (1873448) | about 3 years ago | (#36967446)

You make some pretty serious errors in logic here But the most egregious is the supposition that all who attend Black Hat are untrustworthy, bad people. The vast majority are actively engaged in cyber-defense related activities. They are there to gain a better understanding of what the potential threats are, what current techniques are used in exploitation and how to defend against them. There is, of course the standard spread of good/bad/indifferent people, but don't make sweeping assumptions about people out of ignorance. That being said, the United States has a very serious asymmetric threat issue in cybersecurity. No nation is more connected, more dependent or more vulnerable. It is in the best interest of this nation to have NSA recruit where the smart people are. And this week, that's in Vegas. p.s. You can be a "bad" hacker, one who builds attacks, exploits and payloads and still be a "good" American. Exploits and payloads are no different than bullets and missiles, it takes special talent to build them, they cause damage and they are exceptionally useful.

Re:Are the NSA really that stupid? (1)

jbp1 (1179795) | about 3 years ago | (#36968018)

Its not a scam. I heard their bringing in this fellow As Sange to head up the branch......

Re:Are the NSA really that stupid? (0)

Anonymous Coward | about 3 years ago | (#36969040)

..or this is some sort of honeypot trap to target some specific (or maybe even non-specific) hackers and bust them on an espionage charge when they inevitably leak some fake secrets you give them after they become "employees."

I think you're on the right track. My feeling is this is actually 'federalizing' of the hacking business.

When a state or corporation becomes bankrupt and then federal property, the assets become federal owned in a sense.

If a person is bankrupt and needs money and has highly desirable skills, that person can become owned by working for the NSA to put bread on the table.

It looks to me on the website as if blackhat is already co-opted by the government as Microsoft and IBM are sponsors. At least they're being honest.

Let's ignore them! ^-^

It doesn't seem strange at all (4, Interesting)

lordandmaker (960504) | more than 2 years ago | (#36965202)

That's exactly the sort of place I'd expect them to be recruiting.

Re:It doesn't seem strange at all (2)

vlm (69642) | more than 2 years ago | (#36965298)

That's exactly the sort of place I'd expect them to be recruiting.

Really? I thought they had an absolute fixation on mathematics, physics, and CS PHDs. Also computer engineer / electrical engineer types. Like, don't both applying unless you've got those diplomas.

Basically the same group the financial companies used to love.

Also I heard horrible things about their recruitment, like they jerk you around for months, if not years, multiple interviews, etc.

They had a rep for having the absolute highest ratio in the world of cool toys vs dilbertian bosses. Dinosaur pens measured in acres, paperwork to requisition a package of bic pens measured in inches, that kind of place.

Re:It doesn't seem strange at all (2)

gknoy (899301) | more than 2 years ago | (#36965710)

God help you if you want a metric pen, too.

Re:It doesn't seem strange at all (1)

Neil Blender (555885) | more than 2 years ago | (#36966032)

They're giving those out at 100 o'clock in the exhibit hall.

Re:It doesn't seem strange at all (0)

Anonymous Coward | more than 2 years ago | (#36965852)

It's a government job after all so yeah the bosses are PHB's but remember the bosses sometimes get their job by political appoinment thus breeding more PHB's. So yeah recruiting at Black Hat because they probably need some real talent to off set the stupid.

Re:It doesn't seem strange at all (1)

bradorsomething (527297) | more than 2 years ago | (#36966288)

Really? I thought they had an absolute fixation on mathematics, physics, and CS PHDs. Also computer engineer / electrical engineer types. Like, don't both applying unless you've got those diplomas.

I hear a diploma is required. But remember, they're not all number pushers. They need analysts, too.

Re:It doesn't seem strange at all (1)

Riceballsan (816702) | more than 2 years ago | (#36965364)

I'd think defcon as a more logical place, IE a mix of grey hats etc... Black hats are good and all, but if you want an organization, you want people who know to play by YOUR rules at least.

Re:It doesn't seem strange at all (2)

Tom (822) | more than 2 years ago | (#36966284)

Blackhat is the name of the conference. The people who are there are much closer to the industry than the Defcon people. If you're looking for people to hire, Blackhat is the better choice.

Re:It doesn't seem strange at all (1)

SecurityTheatre (2427858) | about 3 years ago | (#36967394)

Defcon is more akin to ComicCon... BlackHat is where the real industry heavyweights come out...

No Thanks (0)

Anonymous Coward | more than 2 years ago | (#36965278)

Sincerely,
Anonymous

Not that I (1)

Stargoat (658863) | more than 2 years ago | (#36965328)

Not that I know anyone working at the NSA, but it isn't exactly a geek paradise.

Most geeks that I know are none too fond of rules. This is exactly the opposite of what the NSA is about. There are many rules stemming from security. Of course, all rules get extended beyond their original purpose. This makes it difficult to get any work done, which of course is the antithesis of geek.

Re:Not that I (1)

Kildjean (871084) | more than 2 years ago | (#36965842)

Not that I know anyone working at the NSA.

There is No Such Agency... but trust me its more than a "haven" for geeks, specially the Lab at the Rock... There are far more notorious "hackers" working for HS and NSA than you could imagine... then again, there is a reason most people don't know about them or it... ;)

Re:Not that I (0)

Anonymous Coward | about 3 years ago | (#36967696)

It's like Google, you all sit on bean-bags and they come around and do back/neck massages. :)

NSA Joke (1)

Gunfighter (1944) | more than 2 years ago | (#36965358)

Q: How do you know who the extroverts are at the NSA?

A: They look at other peoples' shoes.

All kidding aside, the NSA does have quite a powerhouse team of mathematical geniuses, computer scientists, etc. and from everyone I talked to who worked there (I'm no longer in the intel game, so it has been a while), it is a great place to work with a lot of flexibility and innovation.

Re:NSA Joke (0)

Anonymous Coward | more than 2 years ago | (#36965638)

Q: How do you know who the extroverts are at the NSA?

The word is extraverts, you fucking idiot.

You see, it's "introvert" and "extravert." Yes one of those uses an "o." No, that doesn't mean the other word uses an "o." I know this is all very advanced and difficult for native English speakers to understand.

You can always express how much of a functionally illiterate fuck-up you are by confusing "where" and "were" if you want to follow the latest trend. Idiots love to follow a crowd, so I thought I'd mention that.

In America, less than 5% of adults read books. It shows. Damn, does it ever show.

Re:NSA Joke (2)

Gunfighter (1944) | more than 2 years ago | (#36965806)

Thanks for the feedback, but it is spelled both ways.

http://dictionary.reference.com/browse/extrovert [reference.com]
http://dictionary.reference.com/browse/extravert [reference.com]

"The spelling extrovert is common in general use (Merriam-Webster has extravert as a variant of extrovert), but extravert is more typical in psychology (The Penguin Dictionary of Psychology and Corsini's Encyclopedia of Psychology use the term "extravert")." http://bit.ly/p0wLlK

Don't forget these gems of confusion:

* your vs. you're
* their vs. there vs. they're

Cheers!

Re:NSA Joke (1)

screwzloos (1942336) | more than 2 years ago | (#36965898)

If you're going to be pedantic, at least check to make sure you're right. The two words (extrovert and extravert) are both correct and interchangeable.

Re:NSA Joke (0)

Anonymous Coward | more than 2 years ago | (#36966348)

You can always express how much of a functionally illiterate fuck-up you are by confusing "where" and "were" if you want to follow the latest trend. Idiots love to follow a crowd, so I thought I'd mention that.

Please look up "pedantic" and "arsehole" in the dictionary. Can you use them in a sentence?

talked to binney, wiebe, and loomis? (1)

decora (1710862) | more than 2 years ago | (#36966648)

how about thomas drake, did you talk to him?

Re:talked to binney, wiebe, and loomis? (1)

Gunfighter (1944) | about 3 years ago | (#36967788)

After my time, but I was happy to see them step up to the plate and call their colleagues out for their illegal actions.

maybe its changed. (1)

decora (1710862) | about 3 years ago | (#36967868)

maybe its changed alot.

Nope (1)

nilbog (732352) | more than 2 years ago | (#36965432)

Nope, that's not surprising at all. I'd be surprised if they weren't using it as a recruiting pool.

So was the FBI and NCIS and a couple others (0)

Anonymous Coward | more than 2 years ago | (#36965492)

The NCIS had some nice schwag too, the FBI was giving away cheap plastic cups =(. Problem is federal pay grades suck a**, private industry pays much better. So unless the person is patriotic or something it's probably tough for them. Plus us foreigners can't get a job with them, but we can in private industry pretty easy.

Re:So was the FBI and NCIS and a couple others (1)

blair1q (305137) | more than 2 years ago | (#36965696)

Well, NCIS has gone Hollywood. It's been a decade since the FBI was living up to a reputation someone else was building for it.

NCIS? Did you get to meet Ziva David? (0)

Anonymous Coward | more than 2 years ago | (#36965996)

She's the hottest NCIS cop around!!!

Re:So was the FBI and NCIS and a couple others (1)

Larryish (1215510) | about 3 years ago | (#36967192)

I don't think patriotism has much to do with FBI service.

It is more likely TDS.

Tiny Dick Syndrome.

I have a brother-in-law and a sister who work in emergency services and another sister who works as a med tech. They all say that in their experience, a statistically significant percentage of cops have smaller-than-average penises.

Re:So was the FBI and NCIS and a couple others (0)

Anonymous Coward | about 3 years ago | (#36968586)

Come on. Even if that were true shouldn't you consider the medical fact that flaccid length has little to do with erect length?

Or are you implying these loved ones deal with cop penii that are... standing at attention?

If you are interested in working for NSA (1)

the_B0fh (208483) | more than 2 years ago | (#36965516)

Send a copy of your resume to your grandmother...

Re:If you are interested in working for NSA (1)

Anonymous Coward | more than 2 years ago | (#36965592)

... Or speak it into any telephone in the country...

Re:If you are interested in working for NSA (1)

blair1q (305137) | more than 2 years ago | (#36965722)

Or encrypt it in MS Word. Don't send it anywhere. Just encrypt it.

real tech guy or HR doing hiring? auto screening (1)

Joe_Dragon (2206452) | more than 2 years ago | (#36965588)

real tech guy or HR doing hiring? auto screening / key words based resume screening?

It seems that in many big corporations and GOV it's who know and or who can best game the HR system to get the job or who can be the best suck up to the boss.

And I am not talking about dress codes and behaviors. I am taking about hiring base on degrees over real would work or based on TOP school as in overall VS top tech schools VS a non tech college CS degree. More then 4-6+ years degrees VS 2-4 year degrees.

TECH / IT so big that a theory based CS degree is to board and maybe even to much away from the hand on real work. Tech schools / apprenticeship are a REAL GOOD FIT for hardening a firewall, keep up software patches and updates up to date, do penetration testings also you want a team with people in skills in different parts and not just a team filled people who need to be able to do it all. Better to have a GOOD Tech GUY and poor coder then a sub par tech guy and sub par tech guy. Also need Good coders even if they suck at other IT skills.

Certifications is other area that is good and bad to based hiring on.

But hiring based on degrees only can give you people who know alot of theory but not much on the side of doing IT / hacking / coding. People who have any degrees Even NON TECH / CS ones getting jobs over some one with years of doing hands on work.

Also baseing hiring on degrees and Certifications can get you people who are good at taking tests and not knowing how use the stuff covered.

Saying no to it contractors, consultants over people with more a fixed at one place jobs is a other area that keeps good people out as well.

Re:real tech guy or HR doing hiring? auto screenin (0)

Anonymous Coward | more than 2 years ago | (#36965700)

real tech guy or HR doing hiring? auto screening / key words based resume screening?

Are you kidding me? Have you never applied for high profile jobs and got rejected? If it was not clear, then yes, real tech guys do go outside to find out what potential candidates know. HR is only for finding out when they are ready to join, and to negotiate the pay.

but does HR put roadblocks to what tech guys want? (1)

Joe_Dragon (2206452) | more than 2 years ago | (#36965876)

I head about the people that the tech guys want just to get shot down by HR for any number of things.

It's not wrong. (1)

blair1q (305137) | more than 2 years ago | (#36965618)

Most of these people are frustrated authoritarians.

It's how they can justify imposing their view of the legality of their actions on their victims.

Re:It's not wrong. (2)

causality (777677) | more than 2 years ago | (#36965924)

Most of these people are frustrated authoritarians.

It's how they can justify imposing their view of the legality of their actions on their victims.

I am curious about what makes you see it this way.

Almost all of the targets of Anonymous and Lulzsec have been large corproations who not only are never going to be seriously punished by the law, but in fact have the power to buy whatever laws they want to have on the books It is the corporations themselves who work to destroy the whole notion of "rule of law" and undermine the legitimacy of law. We are not all equal under the law if a few of us can remake the laws at will at the expense of the majority, all without ever running for election or holding a political office.

You may not like the vigilante actions. I find them distasteful myself. However, I see them as effects. Whenever I want a situation to change, I don't bother looking at effects. I examine causes. Sony and others thought they could be asshats with impunity. The punity finally caught up to them, it just didn't happen in the more legitimate form of government law enforcement.

But if your concern is "imposing their view of the legality of their actions on their victims", to whom does that more strongly apply? The corporations with politicians in their pockets who buy whatever laws they find convenient that never get repealed that everyone else has to live under for generations afterward? Or a couple of online groups who produced a handful of high-profile incidents in retaliation? At least Anonymous hasn't rewritten the law to make their tactics legal. That would place them on equal footing with the real authoritarians.

Re:It's not wrong. (1)

blair1q (305137) | more than 2 years ago | (#36966546)

The corportations may be wrong, but instead of pointing that out to the authorities repeatedly until something gets done, the black-hats decide they're the ones who are above the law.

If they ever actually accomplish anything, it just emboldens them, and they grab for more.

They may use the "but we're doing it for freedom" argument, but they're really just fucking up someone's business for their own gain, whether monetary or egotistical.

And ask the people whose accounts they've published how they feel about the corporation or the hackers.

Re:It's not wrong. (1)

ranpel (1255408) | about 3 years ago | (#36967714)

YOu said "If they ever actually accomplish anything, it just emboldens them, and they grab for more."

and now I've forgotten who "they" is...

Re:It's not wrong. (1)

TheGratefulNet (143330) | about 3 years ago | (#36967802)

when the system breaks down, you find ways to make things works.

you are complaining about the people trying to make things work; but you should actually be mad at the fact that this is the ONLY way they can try to make things work.

the 'right way' is broken and so its not valid so tell people to go that route. that route is expensive and common man has no say in things of law anymore. because common people are excluded (their will, at least) - vigilantism rises.

in fact, blame the system. if the system actually worked, V's would not have to be on the rise. think of it as a feedback or corrective effect.

Re:It's not wrong. (1)

gmhowell (26755) | more than 2 years ago | (#36966696)

Most of these people are frustrated authoritarians.

It's how they can justify imposing their view of the legality of their actions on their victims.

Are you talking about the NSA or Anonymous?

Sophomoric assumption (1)

Anonymous Coward | more than 2 years ago | (#36965772)

Black Hat is a security conference that, over the last decade or so, has become predominantly attended by security executives, government employees, etc. E.g. very few "black hats" and it never really was about that. DefCon has been more the open casting call for all color of hats. Black Hat is a professional conference that costs thousands of dollars to attend. So... why wouldn't you go to the one place that has top CISO/CSO and security researchers in it?

If the article was "NSA to open recruiting booth at DefCon..." then the rest of the article would be somewhat accurate... other than they forgot to talk about all the 12 year olds, rave fiends, clove cigarette smokers, scene wanna-be, etc.

To the extent that the hackers are criminals ... (1)

rlglende (70123) | more than 2 years ago | (#36966278)

They will fit right into NSA, the organization that is wire-tapping everyone in the US without a warrant.

Criminals, in other words.

obvious choice (1)

Tom (822) | more than 2 years ago | (#36966308)

Definitely the choice for recruitment.

Heck, I'd work for the NSA if I were an american. If you're a security freak, wouldn't you want to go work for someone who takes security serious for a change? Where your request for a firewall isn't overruled by marketing because they fear (without substantiating facts, of course) that it'll slow down the website and impact the "user experience" ?

Sure you have other pressures to bow to (politics) - but, as has become a frequent saying in several companies I worked for, often accompanied with a sigh: Working with professionals, just once.

Is it really a conference for black hats? (1)

i_want_you_to_throw_ (559379) | more than 2 years ago | (#36966620)

Sounds more like it should be "black hats" sponsored by Target. And that might even be funny if one of the sustaining partners of this conference didn't happen to be Microsoft. Anyone who's a real black hat probably wouldn't be caught dead here anyway.

Anyone else feel... (0)

tin.kidneys (2069262) | more than 2 years ago | (#36966626)

Anyone else feel like Defcon has lost it's potency? I could be wrong, but i feel like the more popular it gets, etc. There are some great presentations, but there's certainly less great presentations.

Also, with more popularity comes... lawyers. From what i can remember there were five presentations that were canceled due to court ordered gag orders.

Not to mention if you are a black hat, the last place you'd want to be is hanging out in a crowd full of law enforcement officials.

Obligatory joke (0)

Anonymous Coward | about 3 years ago | (#36966770)

The National Security Agency has many fascinating career opportunities for talented mathematicians, scientists, and engineers. If you're interested in working for the NSA, pick up the phone, call your mom, and ask for an application.

Why NSA and not NASA? (0)

Anonymous Coward | about 3 years ago | (#36967554)

Why does NSA have mountains of money and NASA none? Don't we have our priorities backward!

Hahahahahaha - nsa, dont ... (1)

unity100 (970058) | about 3 years ago | (#36968128)

even if you portray yourself as a 'haven for geeks' and recruit some of the people from black hat, eventually you will be asking those recruits to take actions against their own comrades in black hat world. and you will ask them to turn against some principles the underground world has. they will turn against on some of them sometimes. and sometimes, they wont. what is 100% guaranteed is that, there WILL be times they wont turn back - and thats not something you, as a secretive government organization, would want.

yes, its a dodgy, black underworld in which there is little law. but, it has its own principles that noone codified or maintains. and even if you can find one or two henry morgans to betray those, there will be endless number of blackbeards to do them in. not to mention that, even the henry morgans you can get, will occasionally and eventually turn on you. yeah, its not too much different than pirates of the earlier ages. however, there is much more social consciousness present in this era of piracy.

actually i shouldnt even be telling you that. any casual observer would have known these, if s/he had been interested in i.t. in any way since 1985 or so. you should probably already have some such people in your employ, and yet, you are still hiring at black hat. i guess you dont take on advice/recommendations from your employees .... bad for you. good for 'the people'.

let them hire you (0)

Anonymous Coward | about 3 years ago | (#36968496)

Be aware that they only hire you for a fixed period of time (18 months on average) with a strict contract, and they get all up in your shit, analyze your web browsing, learn about all your family friend networks and then add you to their database before ending your contract and wishing you well. Unless you are can dig up enough dirt on your superiors during the time you are there to blackmail them into keeping you around. That is how it works.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>