What’s Involved in Vetting a Security Protocol: Why Ray Ozzie’s Proposal for Exceptional Access Does Not Pass Muster

Because Susan Landau is a true Architect, Ray Ozzie never was.

Ray Ozzie’s proposal for exceptional access has the virtue of being simple. But security can be subtle, and simple solutions often miss critical aspects. This one has.

Source: What’s Involved in Vetting a Security Protocol: Why Ray Ozzie’s Proposal for Exceptional Access Does Not Pass Muster

Advertisements

DARPA multidomain program to focus on ‘kill webs’

If the U.S. is serious about bringing a greater capability to bear on the adversary, how can the military plan and manage across domains?

Source: DARPA multidomain program to focus on ‘kill webs’

Building on Sand Isn’t Stable: Correcting a Misunderstanding of the National Academies Report on Encryption

The National Academies’ report on “Decrypting the Encryption Debate” says some computer-security experts have ideas for implementing secure exceptional access to encrypted systems—but that’s a far cry from saying they’re “trying to build” them.

Source: Building on Sand Isn’t Stable: Correcting a Misunderstanding of the National Academies Report on Encryption

War Cloud: JEDI To Deploy Backpack Servers To Front Line

In a world where knowledge increasingly matters more than physical power, US troops can’t quickly access vital information in a labyrinth of often incompatible and inaccessible databases. The Joint Enterprise Defense Infrastructure — archly acronymized as JEDI — aims to fix all that.

Source: War Cloud: JEDI To Deploy Backpack Servers To Front Line

ODNI Shifts Reponsibilities As 90% Of IC Programs Hit Green

“Philosophy”,  stoplight charts? 90% of IC programs hit green … fudging … no! Like any one is going to put #2 in orange or red. And conspiracy theorists think there are a bunch of gong ho sneaky spies running around (the water cooler) McGuyvering stuff. And that screen projection makes no sense. 

INSA HQ: Drive milestone decision authority down as low as is possible. Speed decision-making. Let the Intelligence Community agencies create simple and clear requirements and manage their programs, as long as everything goes along swimmingly.

Source: ODNI Shifts Reponsibilities As 90% Of IC Programs Hit Green

Protecting the Future of Cross-Border Data Flows

Very nice thought through paper. The challenge is in the details and implementation. Practically impossible to arrive at common baseline standards, implement and monitor/ensure compliance and change.

A new paper from New America introduces a novel framework for data flow controls.

Source: Protecting the Future of Cross-Border Data Flows

Staying Competitive in a Crowded Open Source World

“How can traditional open source intelligence professionals compete in what is quickly becoming an environment in which non-intelligence individuals and organizations, with quite different motivations and objectives, are also participating? More importantly, what does this mean for U.S. intelligence community’s ability to maintain strategic advantage in the open source world?”

As a former Information Architecture practitioner I see this as more of the first question career advice than the second one about strategic advantage.

Like most industries, the value added will be moved up the value chain from raw collection to making sense of more data with more noise — which she talks about — but a good deal of the stuff will AI’d soon and, finding/sorting-skills and tools will become services rather than internal silos. Kiss that career and turf goodbye either way.

What does strategic advantage in the open source world mean? Open source rarely, if at all, gives away a well kept mosaic let alone interrelated ones needed to be understood side by side with other analysis in specific contexts that change over time.

Technological advancements in the past 30 years have in many ways democratized access to information and disrupted countless industries – from journalism to national security. Increasingly, intelligence-rich assessments are being made by non-intelligence professionals.

Source: Staying Competitive in a Crowded Open Source World

The Next New Military Specialty Should Be Software Developers

Deja Vu. Not unique to the military and I can imagine how much worse as it sounds.

Each military service is the size of a Fortune 100 company, but collectively they have zero software developers — an impossibility in the private sector. How could this happen?

Source: The Next New Military Specialty Should Be Software Developers