• Defender (unregistered)

    You can never take security to seriously. One method I favour is to split the task into three, and assign to three coders. Each writes their code on paper, to hand to a fourth worker, who has no coding knowledge, to enter into the system. That way no one individual can sabotage the project. Using this method, I have never delivered anything that has undermined national security.

  • Primary Key (unregistered)

    This is yet another example of people/companies/governmental departments that take themselves too serious. Sure, it is might be important that Tony Stark is Iron Man or something, but I think that there aren't that many secrets ;-) And if you would find the secrets, there are most likely trivial.

    Weird that people think that working in this way is in any way efficient, rewarding or fun except for the fun in dysfunctional.

  • GFK (unregistered)

    There's one more verse to be added to Imagine about how the world of developers would be so much more beautiful with peace on earth.

  • Sentient parabola (unregistered)

    The most secure systems use mechanical RAM comprised of huge arrays of padlocks, where open = 0 and closed = 1. Obviously there is an additional secure-RAM computer dedicated to managing the keys so that no instruction can unlock a bit without the correct clearance level.

    The lower-budget systems use those heart-shaped padlocks you get in christmas crackers, but those are a little less secure because you can go in with a dinner fork and wreak havoc.

  • MiserableOldGit (unregistered) in reply to Primary Key

    Usually it's because they fail miserably when the try to compartmentalise and distinguish between "real" secrets and the other stuff that happens to share an office. Of course, the biggest weakness being the human factor, people at any level can be guaranteed to screw up and put things in the wrong place. So they take a blanket approach and the whole site needs top level clearance, together with anyone on it. Even with all that, there are still breaches, some of which tell you that you do have bad guys in your perimeter.

    It is bonkers though, and turns simple 2 or 3 day tasks into massive projects with bus loads of oxygen-wasting project managers and others. Don't think anyone is under any illusions about efficiency or fun, more depressing is the realisation it is probably counter-productive in terms of security and can actually make delivery impossible.

  • Mr. B (unregistered)

    " If you play your cards right, your company may find itself milking a 30-year-long fighter jet development project for all it’s worth with no questions asked."

    Ah, yes, those were the days... the F-35 paid my bills for several years. But you left out the part where the primary and the subcontractor haggle for a year or two over the requirements and insist that everything is absolutely perfect before development can even begin. Because everyone knows that actually writing software is not really an important part of the development process; if your requirements are perfect, it naturally follows that your design will also be perfect, so then you can hire a bunch of monkeys, er, contractors to mechanically translate that perfect design from your "systems engineer" into perfect code.

    That was the job that taught me the difference between code monkeys and software engineers (the latter of which were sorely lacking at that place).

  • my name is missing (unregistered)

    This is actually a good WTF, but it's standard practice in so many government contracts. In the late 90's I worked for a consulting firm, two of my coworkers talked about a prior project for DoD on some healthcare thing where our company was the sub-sub-sub-sub-sub-sub contractors. Yes six levels down. Of course the project was a dismal failure but lots of money was spent, which I think is the usual end result.

  • Clint (unregistered)

    I, too, am an "esperienced" lead.

  • Oliver Jones (google)

    Been there. Done that. Me and Robbie (not his real name) got contracted to develop a toolchain (assembler, linker, loader) for an oddball microprocessor.

    The loader punched the code onto mylar tape. (tty style 8-bit frames).

    Then Steve (not his real name) took the tape to the doublesecret microprocessor lab, ran it, came back, and said "yup" or "nope".

    Our business people did a good job of contingencies, though. So we got this thing done on time and in budget. That was good, because Robbie and I were sick of being escorted everywhere -- lunchroom, restroom -- by Jack (not his real name).

  • NonDeliverer (unregistered) in reply to Defender

    "You can never take security to seriously. One method I favour is to split the task into three, and assign to three coders. Each writes their code on paper, to hand to a fourth worker, who has no coding knowledge, to enter into the system. That way no one individual can sabotage the project. Using this method, I have never delivered anything."

    FTFY.

  • me (unregistered)

    onlc scum works for military projects. period.

  • Onlc Scum (unregistered) in reply to me

    Sounds good, where do I sign?

  • Sheriff Fatman (unregistered) in reply to NonDeliverer

    "Using this method, I have never delivered anything."

    That's the joke.

  • Whoever (unregistered) in reply to Defender

    "You can never take security to seriously."

    So where can you take it?

  • D-Coder (unregistered) in reply to Defender

    "You can never take security to seriously. One method I favour is to split the task into three, and assign to three coders. Each writes their code on paper, to hand to a fourth worker, who has no coding knowledge, to enter into the system. That way no one individual can sabotage the project. Using this method, I have never delivered anything that has undermined national security."

    That's not-undermining national security the hard way. I could not-undermine national security for 20% less.

  • Old SCI hand (unregistered)

    If the article author thinks TS work has hard security constraints he should try working in the SCI field - that's TS plus more restrictions. I had to argue with security over my blood glucose monitor since it calculated averages using the test results as inputs - that meant that it was a "recording device" and thus verboten. To be fair if you brought in a cell phone they'd always give it back, but in the meantime they'd 'processed' it into 1mm fragments.

    All that being said there's a certain charm in working in a windowless room inside a Faraday cage and needing a keycard+code to get to and from the bathroom in the same building. Working in a hall where maybe 6 people were cleared to access was handy as we had a meeting room that no one else could access.

  • Paxlofon (unregistered) in reply to Defender

    Much more secure if you DON'T give the requirements to the developers in the first place

  • Vexorg (unregistered)

    At that point it might be more efficient to just wait for your stack traces to show up on Wikileaks.

  • Calli Arcale (unregistered)

    Security should be taken seriously, BUT . . . .

    This is a customer who does a lousy job of compartmentalizing. This is why you build multiple SCIFs within your facility, instead of trying to get the whole damn thing classified. Sure, it's more paperwork at the start (plus a significant facilities investment, building all the faraday cages and whatnot), but being able to properly compartmentalize your work means you don't have to go through all this rigmarole for everything.

    Forcing this effort to be done in a SCIF by an uncleared person is the real WTF here. Either the customer should've been willing to pay to have a cleared person do the work, or they shouldn't have had this suppliers' stuff classified in the first place.

  • B K (google)

    I feel for anyone who has to traverse the ridiculous security protocols of the government. In the late 90's I worked help desk at the US D of Commerce. While there I was asked to troubleshoot a hardware issue on a PC I was not allowed to touch or see. I told the operator what to type from around a corner, and after clearing it with his security monitor, he read me the results from the screen. Fixing a video issue on a DOS/Windows 3.11/Novell system took 2 hours this way. I could have accomplished the same thing in 10 minutes on my own.

  • Zenith (unregistered)

    Sounds like my usual experience in government. They're great at locking you out of doing your job with firewalls and group policy and obfuscation. And then they let H1Bs write the code so SSNs and passwords and whatever else are broadcast in plaintext.

  • Sounds About Right (unregistered)

    I wish everyone had to work in a US Government environment for a few months. That would end most of the whining for higher taxes, more regulations, and for government to take over health care or anything else from all but the dullest of cretins.

  • mott555 (unregistered) in reply to Old SCI hand

    I had to argue with security over my blood glucose monitor since it calculated averages using the test results as inputs - that meant that it was a "recording device" and thus verboten.

    I believe it. I heard about a time we sold some hardware to a secured facility. During their inquiries, they discovered our hardware had a flash chip on it and wanted it removed because it was a security risk. Hackers (inside the cleared facility!) could theoretically use the flash chip to smuggle out sensitive information. They couldn't understand that the flash chip contained the FPGA firmware load that made the hardware work...

  • linepro (unregistered)

    Back in the day when I worked in defence we discovered document security the hard way.

    Our UK project was taken over by NATO meaning that our Australian team member had to leave the project and removing his security clearance for the specification he had written (and only he had the knowledge to update).

    And that was only a small part of the crazy.

  • ABS (unregistered) in reply to GFK

    As long as people like Nikko sell out for a few bucks, peace on earth is on hold.

  • A (unregistered) in reply to D-Coder

    20% less not to undermine national security? Is national security so unimportant to you that you're willing to save on it? Why do you hate Democracy?

  • Nakke (unregistered)

    The real WTF is the lack of commitment of Nikko and the other developers. I would never hire these guys.

  • Dave (unregistered) in reply to mott555

    I'm sure they did understand that, but it didn't mitigate the security risk. Make no mistake, that kind of vector is used by black hats.

    Back in the days when I had access to this kind of thing, I saw the report on a chap who (it was eventually discovered) had been fitted with a 'pacemaker' that was capable of recording the number of heartbeats between two blood pressure spikes of the kind that can be easily controlled/created by the operator by e.g. coughing. And that was just to feed info to an insider trading ring, nothing to do with nat-sec.

  • Kyth (unregistered) in reply to Dave

    At that point, how much doublethink do these "security experts" need to forget that humans are capable of remembering stuff without that kind of low-bandwidth mechanical aids?

    A spy might perfectly well commit secrets that size to memory, go home, and write them down. No electronic storage media has moved across a security boundary, yet classified information certainly has. And this movement happens every time the people who work there leave for the day!

  • Dave (unregistered) in reply to Kyth

    No doublethink involved. People who take security seriously are well aware of that vector. It's quite limited, though, if you want to move large amounts of data in a finite time, under monitored conditions. Anyone with a reasonable degree of training can memorise (what appear to be) random numbers, but it takes time - and it's quite easy to spot, or rather, much harder to learn to do it without e.g. closing your eyes for a while.

    Do also bear in mind that it's quite plausible for data to be removed from a secure area by a different person to the one who accessed it. Hard to transfer memories. Pretty easy to transfer data.

  • Wade (unregistered) in reply to Sounds About Right

    Sounds About Right (unregistered) 2017-07-12 "I wish everyone had to work in a US Government environment for a few months. That would end most of the whining for higher taxes, more regulations, and for government to take over health care or anything else from all but the dullest of cretins"

    Yeah because the other side is sooo brilliant because they want a further bloated military budget instead (where all of this nonsense actually happens) ... I detect an ID10T error.

  • Kyth (unregistered) in reply to Dave

    If we're worrying about someone sneaking information out in their pacemaker's pressure log... well, I'd worry more that someone has a good memory and conflicting morals, since presumably they're in the classified facility in order to work on something secret. Even an unimproved mk1 brain is going to retain some of those secrets, and probably better than those other marginal channels.

  • TheCPUWizard (unregistered)

    The real WTF was left out.... The first developer to leave was MALE and went to extreme lengths to give birth.

  • (nodebb) in reply to Old SCI hand

    Re: Top Secret / Top Secret+SCI

    Pretty much this. My late wife spent time in the USAF in teletype maintenance (that's part of the clue as to how long ago it was, the other being that George AFB was still a thing, as were TAC, SAC, and AFCC), and her comments went something like this:

    Top Secret isn't monstrously hard to get. It mostly involved making sure the Air Force knew about things that were really irrelevant, but could be interpreted as super-minor indiscretions, and therefore used as blackmail-levers by a foreign alphabet-soup agency. A woman in the same group as her had something more ... serious ... in her past that she hadn't previously mentioned, and was taken away by the police.

    TS+SCI was, indeed, a little harder to get, but not much.

    And then there was a temp assignment, after she got out of the "real" Air Force and transferred to the ANG (via a program called Palace Chase, another clue about time-frames), at a major defence contractor that shall remain nameless. My wife still had her TS+SCI, but the job required a Secret clearance. Just Secret. And they wouldn't accept her TS+SCI, because it "wasn't a Secret". Her comment was that Secret clearances are almost given away in Crackerjack boxes, but never mind that, so she ended up with a Secret as well as her TS+SCI.

    The clearance you have, by the way, defines the most-sensitive things you are allowed to be given access to. It does not, in and of itself, give you access to them. That access is given, in theory, on a need-to-know basis. What it does mean, however, is that if a sensitive document is lost somewhere, you can be roped in to help find it if you have a high enough clearance.

    So overall, I'd say that the article was written either by someone who doesn't know about this stuff, OR for an audience that expects it to be like that, OR to overdramatise things.

  • Paul Neumann (unregistered) in reply to Oliver Jones

    Been there. Done that. Me and Robbie (not his real name) got contracted to develop a toolchain (assembler, linker, loader) for an oddball microprocessor.

    The loader punched the code onto mylar tape. (tty style 8-bit frames).

    Then Steve (not his real name) took the tape to the doublesecret microprocessor lab, ran it, came back, and said "yup" or "nope".

    Our business people did a good job of contingencies, though. So we got this thing done on time and in budget. That was good, because Robbie and I were sick of being escorted everywhere -- lunchroom, restroom -- by Jack (not his real name).

    I am starting to wonder if Oliver Jones is your real name.

  • tlhonmey (unregistered) in reply to Wade

    The fact that you assume that the opposite of "The government taking over healthcare and other, large sections of the economy," is "The government building a huge military and blowing up random people on the other side of the world," just goes to show how thorough the brainwashing in this country is.

    Most sane people don't want the government doing either of those things. We're offered those two options by the powers that be as a false dichotomy to keep us fighting with each other instead of focusing on the actual problem.

  • Wade is a Moron (unregistered) in reply to Wade

    Go soak your head, cretin.

Leave a comment on “The Defensive Contract”

Log In or post as a guest

Replying to comment #:

« Return to Article