NY Times: N.S.A. Leak Puts Focus on sysadmins

An arti­cle in yesterday’s New York Times exam­ines the threat that “rogue” sysad­mins pose to gov­ern­ments and corporations.

(But what if all sysad­mins are rogue sysad­mins, deep down? What if that’s how they got to be sysad­mins in the first place? Just a thought.)

A few notable quotes from the Times article:

Edward J. Snow­den, the for­mer National Secu­rity Agency con­trac­tor who leaked details about Amer­i­can sur­veil­lance, per­son­i­fies a debate at the heart of tech­nol­ogy sys­tems in gov­ern­ment and indus­try: can the I.T. staff be trusted?

“The scari­est threat is the sys­tems admin­is­tra­tor,” said Eric Chiu, pres­i­dent of Hytrust, a com­puter secu­rity com­pany. “The sys­tem admin­is­tra­tor has god­like access to sys­tems they manage.”

“This is a dirty lit­tle secret that’s being revealed,” said Robert Big­man, a for­mer chief infor­ma­tion secu­rity offi­cer at the Cen­tral Intel­li­gence Agency. “When you log on with a root account, it doesn’t know if you’re staff employee or a con­tract employee. It just knows you’re root. You’re known as a supe­ruser. You have all privileges.“

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>