Forgot your password?
typodupeerror

Submission + - How Microsoft's "Little Workaround" Created a Major Pentagon Threat (propublica.org)

joshuark writes: ProPublica Reporter Renee Dudley heard Microsoft was running tech support for the U.S. Defense Department through China, the country’s biggest cybersecurity adversary.

The arrangement was called “digital escorting.” She thought it sounded like a conspiracy theory — until she started looking into it. This is the story of what she found and how her investigation changed government policy.

Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel — leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found.

The arrangement, which was critical to Microsoft winning the federal government’s cloud computing business a decade ago, relies on U.S. citizens with security clearances to oversee the work and serve as a barrier against espionage and sabotage.

National security and cybersecurity experts in the Trump administration contacted by ProPublica were also surprised to learn that such an arrangement was in place, especially at a time when the U.S. intelligence community and leading members of Congress and the Trump administration view China’s digital prowess as a top threat to the country.

Microsoft uses the escort system to handle the government’s most sensitive information that falls below “classified.” According to the government, this “high impact level” category includes “data that involves the protection of life and financial ruin.” The “loss of confidentiality, integrity, or availability” of this information “could be expected to have a severe or catastrophic adverse effect” on operations, assets and individuals, the government has said. In the Defense Department, the data is categorized as “Impact Level” 4 and 5 and includes materials that directly support military operations.

“If someone ran a script called ‘fix_servers.sh’ but it actually did something malicious then [escorts] would have no idea,” a former Microsoft engineer who worked on the escort system, told ProPublica in an email. That said, he maintained that the “scope of systems they could disrupt” is limited.

In an emailed statement, the Defense Information Systems Agency said that cloud service providers “are required to establish and maintain controls for vetting and using qualified specialists,” but the agency did not respond to ProPublica’s questions regarding the digital escorts’ qualifications.

It’s unclear whether other cloud providers to the federal government use digital escorts as part of their tech support. Amazon Web Services and Google Cloud declined to comment on the record for this article. Oracle did not respond to requests for comment.

A spokesperson for the inspector general — whose office is supposed to operate independently in order to investigate potential waste, fraud and abuse — told ProPublica they were not authorized to speak about the issue and directed questions to DISA public affairs.

Comment Re:Why do you hate yourself? (Score 1) 100

I don't actually use Apple Store all that often. A fair portion of the software I have installed, like LibreOffice and Firefox is just installed via DMG images. It kicks up a window about unrecognized source, but then just works. iOS devices are definitely more locked down, but the Macs are really no different as far as installing software than Windows or Linux.

Comment Re:For Insiders on the Experimental channel (Score 1) 100

I imagine the Mac Neo is the real source of their panic. Right now RAM prices are probably saving them from even more losses, but the hegemony is coming to an end. If a credible useful, at least for average users, non-Windows platform using smart device level hardware can sell as well as the Neo has, I'd say Microsoft's reckoning is finally upon them.

Comment I wonder (Score 2) 100

At what point in this long and seemingly endless list of fixes to even the most basic usability features in Windows do its users finally admit it is really a shitty and badly maintained operating system. I use Gnome or MacOS, which are streamlined and uncluttered, and then I head over to Windows and it's like looking into the mind of someone with severe ADHD. It's a colossal mess where nothing particular makes sense, there's no coherent approach, everything is slow and inundated with advertising, context menus that worked for decades don't function right or at all, even the simplest tasks just seems to land you in the wrong place.

I suppose under the hood it's still a fairly decent operating system, although tools like Powershell, which can be achingly slow itself, demonstrate that there's a lot of layers of cruft.

I don't play video games, and frankly Office isn't that much better for my needs than LibreOffice, and Outlook is a bloated pile of crap, so I rarely even access the Windows desktop I have at work via RDP, save for two applications I rarely use. Windows is rapidly becoming irrelevant in my world.

Comment Re: Wait...? (Score 2) 100

I would say that any kind of substantial level of investment in a jurisdiction is a reasonable indicator of an expectation of a return on investment, and thus confidence in the economic growth of at least some industries in that jurisdiction. I'm not sure why people are trying to hand wave away that kind of an indicator, unless the fact of it creates some problem for some narrative they have bought into, creating a level of cognitive dissonance necessitating peculiar denials.

Comment Re:LLMs = human extinction? (Score 1) 69

So it's interesting that the summary mentions Geoffrey Hinton, with his 10% or 20% estimate of AI ending the world. In the consensus of the ML community 10 years ago, neural nets had less than a 10% probability of becoming as artificially intelligent as they are right now. Making a useful estimation of risk is impossible when probability is near 0 and consequence is near infinity.

Comment Re:Unprecedented (Score 3, Insightful) 39

Leaded gasoline is estimated to have killed over 100,000,000 people, reduced the collective IQ of the entire planet and permanently polluted most waterways over the course of 50-60 years, all based on lies by General Motors and some others.

The demonization of cholesterol has lead to the sickest generation in human history with the highest rates of diabetes ever recorded and a massive increase of heart disease, cancer, stroke, despite claiming to reverse these conditions. We're then told its genetic to cover the lie, as if our genes somehow changed so significantly over the last 40 years that the rates of these diseases increased orders of magnitude. We now have the lowest levels of cholesterol in human history and the highest rates of disease, yet they continue to lie.

There are analogs to this. This is not new to humanity. It's just the tip of the iceberg.

Slashdot Top Deals

Optimization hinders evolution.

Working...