Long-Term Effects of the Snowden Saga on the NSA
More than a few of my previous posts reference a very important, but often ignored, observation about the behavior of large human systems. It can be briefly stated as:
The responses of large human systems to small injuries almost always amplifies the damage caused by said injuries, and frequently results in the development of hitherto non-existent pathologies.
So how is this observation playing out in the aftermath of the Snowden saga? Let us begin by going through what has occurred to date and what will almost certainly occur in the near future.
Yesterday, we learned that the NSA, and probably all the private contractors employed by it, have begun implementing a ‘two person rule‘. They are trying to convince the rest of the world that such a rule would stop the ‘next’ Snowden.
The rule required that anyone copying data from a secure network onto portable storage media does so with a second person who ensures he or she isn’t also collecting unauthorized data.
Now, this rule might sound comforting to retards and other people without any background in IT or computing. They might believe that such a rule could prevent something like what Snowden did from happening again. But it won’t- as any person with a reasonably devious mind, a couple of years in the organisation and ‘sys admin’ level access could do exactly what Snowden did without breaking any rules or policies. But also ask yourself.. why was such a “common sense” sounding rule not implemented in the first place?
The answer is two-fold. The first and most obvious reason is that it is inconvenient, costly and not particularly effective against a determined insider like Snowden. The second and less obvious, but more important, reason is that organisations lacking a certain level of internal trust among its members are unable to function properly. To be extra clear- I am not saying that such trust-less organisations cannot function well enough to exist or appear somewhat competent. My implication is that they are cannot operate at anywhere near the level that they advertise or is expected of them.
To put it another way, the NSA and its contractors are now going to be spending a lot of their abilities, time, energy on hunting moles in a manner that will cause considerable inconveniences, cost overruns and lowered internal morale.
Which brings us to the next major long-term effect of the Snowden saga. How can they identify others like Snowden who are already employed by the NSA or its many contractors? How can they stop hiring people who are like Snowden or could become the ‘next’ Snowden? Can they profile people who are like Snowden and, more importantly, at what cost?
I believe they will do all of the above and it is these actions, rather than anything that Snowden leaked, which will ultimately cause the most damage to the long-term functionality of the NSA. Here is how..
Ask yourself a simple question: Is there anything about Snowden that makes him odd, unusual or otherwise profile-able? The simple answer is- NO! There is really nothing atypical, unusual or particularly odd about Snowden. He successfully passed multiple intensive security checks, had no criminal record of significance, exhibited no evidence of especially radical beliefs and had no evidence of financial problems. Sure, he could be a bit of a snarky elitist with some libertarian-type beliefs- but that is the pretty much the standard personality profile of competent people in IT and computer programming.
The scariest part of the Snowden saga is that he was pretty mainstream, as far as people in his area of work are concerned.
But that is not going to stop the administration-type people who run NSA or its numerous subcontractors from trying to identify the ‘next’ Snowden. However, in doing so they will also end up harassing and driving out the most competent people, in addition to not recruiting any more of them. They will end retaining and hiring more docile ‘yes-men’, office-smart bullshitters, cunning courtiers and all the other types who look good on paper and talk the talk. Unfortunately almost none of these ‘team-players’ will be capable, competent or innovative enough to get things done properly. Consequently the operational ability of the organisation and overall system will suffer and the end result will be not unlike the iconic scene from the Wizard of Oz is exposed as an old circus carnie manipulating a few levers and dials.
What do you think? Comments?