On Thu, Jul 11, 2013 at 2:28 AM, Richard Brooks <r...@acm.org> wrote: > 1. The NSA center of excellence program is not really that > important. If you look carefully, they are mainly 2 year > community colleges located near Army bases that give > basic sysadmin training. This is good and necessary, but > don't get fooled into thinking that they are training > the highly skilled cyber operations people. They are > training low level IT support mainly.
I have no illusions wrt. quality of higher education in USA, but these colleges definitely do not aim for “basic sysadmin training”. You can read more about their approach here: [1]. Maybe you are thinking about NSA Information Assurance programs [2], with many participating colleges. [1] http://dx.doi.org/10.1109/MSP.2012.117 [2] http://www.nsa.gov/ia/academic_outreach/nat_cae/institutions.shtml > 2. There is a growing outsourcing of intel and cyber work. You > could look at some of the Washington Post articles on the large > number of companies and facilities doing classified work. Northern > Virginia has more tech workers now than silicon valley. There > are lots of SCIFS available for cyber work. If I understand correctly, expansion of outsourcing in NSA started post-9/11. The guy in the interview is supposed to have been doing this for much longer. But it's a possibility, sure, although I still find a team of 5000 expert exploit writers hardly a believable figure. > 3. 0-days are not bought to deny them to the enemy. They are > bought for integration into things like stuxnet. Which had four 0-days. With the outstanding importance assigned to the project, I would expect them to lose count of 0-days stuffed inside if they really had “tens of thousands” of those. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
