National News

October 31, 2013

Feds proving Internet-adept and inept at same time

WASHINGTON — When it comes to computers, the Obama administration appears simultaneously to be a bungling amateur and a stealthy wizard. The same government that reportedly intercepted the communications of America’s leading consumer technology firms, Google and Yahoo, without leaving a trace is scorned because it can’t build a working federal website for health insurance.

In a single day in the nation’s capital, extremes of the impressive successes and stunning failures of the Internet age were on full display.

Computer professionals said the government can be both adept and inept at the same time because the tasks are so different and for reasons involving who is doing it, for how much money, how long it takes and how publicly it is done.

Under a classified project called MUSCULAR, the National Security Agency has secretly broken into the main communications links that connect Google and Yahoo data centers around the world, The Washington Post reported Wednesday, citing documents obtained from former NSA systems analyst Edward Snowden. In the past 30 days, the NSA swept up and processed more than 180 million new records, including metadata indicating who sent and received emails and when it happened, the Post reported.

Across town, Health and Human Services Secretary Kathleen Sebelius was apologizing to Congress over the bungled healthcare.gov website. New documents obtained by The Associated Press showed that officials had worried that a lack of website testing posed a potentially high security risk. In yet another conflict-riddled Capitol Hill hearing, a congressman told Sebelius that she had put Americans’ personal financial information at risk.

The difference? National priorities, including big differences in how much the government spends, plus the talent and expertise of the people the government hires.

The NSA’s annual budget was just over $7 billion in fiscal 2013, according to budget documents leaked by Snowden. The budget for the entire Health and Human Services Department was less than $1 trillion, and it spent $118 million on the website plus about $56 million on other IT to support the website, Sebelius said Wednesday.

The NSA is famous for employing small focused teams of highly talented, highly recruited experts with special skills, said Chris Wysopal, a former hacker who is chief technology officer for Veracode in Burlington, Mass. But the Health and Human Services Department’s website designers? “They are sort of your average developers,” he said.

Ex-hacker Marc Maiffret, who once wore his hair green in spikes and is the chief technology officer at BeyondTrust of San Diego, said Beltway contractors who work on civilian technology projects usually are over-budget and under-performing.  Teams putting together large IT systems are complex and must coordinate across different government agencies, insurance companies, states and contractors.

“They may have underestimated the complexity when they started on it, which is again not surprising,” said Purdue University computer science professor Gene Spafford.

Motivation is important too. Patriotic hacking on behalf of the NSA is exciting, especially among the mostly young and mostly male demographic.

“Breaking in, it feels like special ops,” Wysopal said. “Building something feels probably like you’re in the Corps of Engineers. You’re just moving a lot of dirt around.”

It’s also widely understood to be easier to break something down than to build it. Siphoning the Google and Yahoo data is simpler to do than building a secure website for millions of people to get health care, Wysopal and Maiffret said.

Besides, if the NSA had failed to collect all the data it wanted during a classified mission, few people would learn about it — unlike what happened almost immediately when the health care website was launched and immediately experienced problems, said Matt Green, a computer science professor at Johns Hopkins University.

“If the NSA doesn’t do something, you and I don’t hear about it,” Green said.

The government generally spends more money researching how to attack, not defend, computers, said Spafford, director of the Center for Education and Research in Information Assurance and Security at Purdue.

The apparent contradiction between health care and the NSA, Spafford said, “is what makes computers magical.”

———

Center for Education and Research in Information Assurance and Security:  http://www.cerias.purdue.edu/site/about

———

Follow Seth Borenstein on Twitter at http://twitter.com/borenbears

 

1
Text Only
National News
  • Ukraine, Russia trade blame for shootout in east

    Within hours of an Easter morning shootout at a checkpoint manned by pro-Russia insurgents in eastern Ukraine, Russia’s Foreign Ministry issued a statement blaming militant Ukrainian nationalists and Russian state television stations aired pictures of supposed proof of their involvement in the attack that left at least three people dead.

    April 20, 2014

  • In West Bank, teen offenders face different fates

    The boys were both 15, with the crackly voices and awkward peach fuzz of adolescence. They lived just a few minutes away from one another in the West Bank. And both were accused of throwing stones at vehicles, one day after the other.

    April 20, 2014

  • Study: Fuels from corn waste not better than gas

    Biofuels made from the leftovers of harvested corn plants are worse than gasoline for global warming in the short term, a study shows, challenging the Obama administration’s conclusions that they are a much cleaner oil alternative and will help combat climate change.

    April 20, 2014

  • Fracking foes cringe as unions back drilling boom

    After early complaints that out-of-state firms got the most jobs, some local construction trade workers and union members in Pennsylvania, Ohio and West Virginia say they’re now benefiting in a big way from the Marcellus and Utica Shale oil and gas boom.

    April 20, 2014

  • In Colorado, a pot holiday tries to go mainstream

    Once the province of activists and stoners, the traditional pot holiday of April 20 has gone mainstream in the first state in the nation to legalize recreational marijuana.

    April 20, 2014

  • ‘Capt. America’ tops box office for third week

    Captain America continues to vanquish box office foes, triumphing in ticket sales for the third consecutive week and dominating over megastar Johnny Depp’s new movie.

    April 20, 2014

  • Probe could complicate Rick Perry’s prospects

    Texas Gov. Rick Perry has spent a record 14 years in office vanquishing nearly all who dared confront him: political rivals, moms against mandatory vaccines for sixth graders, a coyote in the wrong place at the wrong time.

    April 20, 2014

  • NASA’s space station Robonaut finally getting legs

    Robonaut, the first out-of-this-world humanoid, is finally getting its space legs.

    April 19, 2014

  • Documents detail another delayed GM recall

    Government documents show that General Motors waited years to recall nearly 335,000 Saturn Ions for power steering failures despite getting thousands of consumer complaints and warranty repair claims.

    April 19, 2014

  • Captain of sunken SKorean ferry, 2 crew arrested

    The captain of the ferry that sank off South Korea, leaving more than 300 missing or dead, was arrested Saturday on suspicion of negligence and abandoning people in need. Two crew members also were taken into custody, including a rookie third mate who a prosecutor said was steering in challenging waters unfamiliar to her when the accident occurred.

    April 19, 2014