Which Odds Makers Will Get today’s College Bowls Wrong?

Which Odds Makers Will Get today’s College Bowls Wrong?

Again, I am against betting on college sports in the first place. It is unconscionable to put these young people in harm’s way and then to wager money on them.

A more crass perspective is that the odds makers get so much wrong, anyway, that betting on the bowls would be foolish as well as ethically flawed.

 

A holiday for accuracy

As of day before yesterday, it will be remembered, the odds on yesterday’s football bowls were as follows:

Monday, Dec. 30:

  • Middle Tennessee picked over Navy in the Armed Forces Bowl, except when Navy is picked over Middle Tennessee:  Final score: Navy 24, Middle Tennessee 6
  • #10 Oregon favored over Texas in the Alamo Bowl:  Final score: Oregon 30, Texas 7
  • Ole Miss favored, somewhat, over Georgia Tech in the Music City Bowl:  Final score: Mississippi 25, Georgia Tech 17
  • In the Holiday Bowl, #16 Arizona State favored to beat Texas Tech by two touchdowns:  Final score: Texas Tech 37, Arizona State 23

Spread predictions here.

That’s four bowl games. As to win-loss, the sports experts and numbers whizzes guiding movement of dollars in places like Sri Lanka got two wrong. That’s a fifty percent error rate. The predictions were wildly wrong on Texas Tech, almost as wildly wrong on Navy.

Even when the odds makers picked the winner correctly–twice out of four tries–they got the depth of the win wrong once–that would be once out of two tries. Oregon’s score and win were substantially underestimated. For the pickers who correctly chose Navy, Navy’s score and win were also under-predicted.

So as of today, nineteen games have been played on the NCAA football bowl schedule. Out of nineteen, six picks have been wrong. Of the winning teams and right picks, six or seven of the favored, depending on how you count them, were favored too narrowly to be realistic. The prognosticators’ ratio has gotten worse since yesterday morning.

Going forward

So–on to the next college bowl games: How will the next picks hold up?

Today’s bowl games:

As to yesterday’s picks, the tentative hypotheses sketched in yesterday’s post only partly hold up. The most remotely, wildly wrong projection for yesterday’s bowls was that Arizona State would beat Texas Tech. This one was way off in spite of the fact that a lot of people cared about/paid attention to the game (compared to several other bowls), and in spite of the fact that TT (Big 12) and Arizona State (Pac-12) are both members of highly rated conferences. On the other hand, the game between Ole Miss (SEC) and Georgia Tech was competently predicted, bearing out the hypotheses.

Conjecture aside, the Holiday Bowl had downsides and upsides. One plus, among others, was  Reginald Davis, with an inspiring biography. He is also from my late parents’ tiny home town (mispronounced on air), although the only time I have been back to Tenaha in recent years was for my mother’s funeral. (Law enforcement personnel in Tenaha, Texas, were in the news in a much less joyous context recently, to my horror and amazement.)

 

Davis in high school

On the down side, Tre Porter was injured, out with a concussion. I hope Texas Tech does everything it can for his recovery.

 

Porter helped off field after concussion

Meanwhile, the Holiday Bowl is sponsored by online National University, one of the numerous digital diploma mills proliferating in the U.S. Another example of cognitive dissonance in the news media: on one hand, we have a torrent of news stories about tech surveillance by the NSA, CIA, and the military-technological-industrial conference over-all, particularly after the document conveyances by Edward Snowden. On the other hand, we have a torrent of digital universities–and of traditional universities pushing to get more online all the time. No thought or fear of the inevitable loss of privacy in cyberspace is allowed to intrude on the commerce of getting money from students and parents. One by-product of reverencing all that is ‘digital’ is that faculty are ever more reduced in the university big picture. Another is that our students are losing more and more of the social interaction with faculty that they come into college desperately needing. Mammals, including humans, are social creatures. These are larger topics for another time. For now, it is worth pointing out that anyone who knows the word ‘keystroke’ should know that there is no guarantee of privacy or of secure information in getting your education online. The headline focus on Snowden has not yet illuminated this point.

Today’s question: Who will get today’s bowls wrong?

 

More to come.

What Bezos got when he bought the Washington Post

What Bezos got when he bought the Washington Post

The new purchaser of the Washington Post, Jeffrey Bezos of Amazon, has stated publicly that when he takes the Post private the newspaper will be a stand-alone business, separate from the company of which Bezos is CEO. Bezos has also assured Post employees that he is committed to quality journalism, even suggesting a new golden era at the Post. There is no reason to doubt the statements, but independence from Amazon is hardly the sole concern raised by this remarkable purchase.

Bezos

Consider the concerns raised by the equally remarkable material leaked by former NSA employee and Booz Allen Hamilton contractor Edward Snowden. While Snowden may not have carried “four laptops” laden with documents, as first reported, he left Booz Allen loaded with information, and what he turned over to the Washington Post, the Post now owns.

 

Snowden

Not that you can accuse the Post of bragging about it. The exact extent of material provided by Snowden to the Post has not been fully reported. The material may not even be catalogued, although there have been hints in print that it is secure.

Still, according to the Post’s own reporting, the NSA material includes information on the U.S. intelligence budget; extrajudicial killings in Pakistan; CIA investigation of applicants seeking jobs in the U.S. intelligence community; an estimated 4,000 recent NSA internal probes of staff activity; information about the investigation of the 2009 Detroit ‘underwear bomber’; “231 offensive cyber-operations” by U.S. intelligence in 2011; the GENIE program, where “U.S. computer specialists break into foreign networks so they can be put under surreptitious U.S. control”; major expansion of the CIA’s Information Operations Center (IOC); information on NSA bulk collection of hundreds of millions of Americans’ phone records under a program started in 2006; construction and expansion of NSA data storage facilities in Ft. Meade and Utah; the official “178-page budget summary for the National Intelligence Program,” which “details the successes, failures and objectives” of the intelligence community with its (reported) “107,035 employees”; and “cutting-edge technologies, agent recruiting and ongoing operations.” This in just a quick overview, with presumably more revelations to come.

And all of this invaluable material will now be owned by one man, Jeffrey Bezos. Or looking at it another way, the trove of material will no longer be owned by Post Company shareholders including the Graham family, and will be owned instead by the private company Bezos sets up, whose management will have corporate authority to call the shots on the foregoing. In short, Mr. Bezos now owns documents concerning NSA metadata.

 

Amazon book sales

Not to be accused of being anti-business, and in the interest of full disclosure, I should clarify that I am an Amazon customer myself. I am generally a fan of delivery in commerce, saving time, travel, traffic and the nation’s energy resources–UPS, eBay, Amazon, FedEx, etc. As such, I deplore Texas Governor Rick Perry’s slapping an 8.25 percent sales tax on online sales to Texas customers. So much for that anti-tax, anti-Big Brother, pro-‘growth’ Red State policy we hear so much about. EBay sellers have to stick on an extra eight-and-a-quarter-per-cent for customers in Texas.

Amazon’s service has been generally okay, if nothing to write home (to Texas) about. Amazon makes millions from selling books, and the process seems to be getting smoother. However, the company has been no help whatsoever for individual authors trying to track the sales of their books, when publishers fail to pay royalties owed under contract to their authors. Perhaps that will improve over time, but I have found what a company does in one direction to be a pretty accurate gauge of its quality in another. It is a reasonable working hypothesis, for example, that federal contractor Booz Allen’s faulty vetting of Snowden was not the company’s only lapse.* (For what it’s worth, Amazon Web Services partners with Booz Allen on ‘data science’ and ‘cloud infrastructure’, and Booz Allen has rolled out a cloud computing service using Amazon SQS elements.)

Speaking of intellectual property, Bezos is now also the proud owner of information about data encrypting by competitors Apple, Facebook, Google, Hotmail, Microsoft, and Yahoo. In other words, the CEO of Amazon now owns a trove of NSA information about Amazon’s top competitors.

The Washington Post is not Amazon, of course. But it is ironic that Bezos’ Amazon cut off services for Wikileaks in 2010 after Wikileaks’ famous document dump, mostly from recent years, and now Amazon’s CEO owns copious information on “data from American technology companies, including Google,” collected by PRISM. The Post reported September 6 that the NSA “has made great strides in foiling encryption techniques used to protect Internet communications, and has established back doors to some companies’ encryption software,” according to Snowden documents.

Encryption, NSA bring the world together

By the way, we now also know via Snowden and the Post that under the Corporate Partner Access Project, NSA has paid “hundreds of millions of dollars a year to U.S. companies for clandestine access to their communications networks.” Not all of the companies compensated are Amazon competitors, although some are. Presumably Amazon was not among those compensated.

One final note. It is intriguing that the above story has been so little reported, i.e. not at all. No one pointed out the Snowden acquisition when Bezos purchased the Washington Post. No one has pointed it out since, either, until this writing. Arguably the two biggest names in the Post’s orbit this year were, one, Snowden, and two, Bezos, and until now, no one has connected the two.

 

This lacuna may be the power of narrative–the arc of the story dominates its content. Two flamboyant stories, one about Snowden and the NSA, and the other about the sale of the Washington Post to the CEO of Amazon, have been completely two different and separate stories.

The stories were separate for me also, as a reader; reading about them separately, I was slow putting them together, although presumably the lawyers doing due diligence for the sale took them into account. Exact dates for the chronology of the newspaper sale have not been reported. Edward Snowden’s first releases came the first week of June; the Post went quietly on the market, or put out feelers, reportedly early this year. I for one cannot help wondering whether Snowden would have given his information to the Post if he had known the newspaper was going to be sold. He was not in a position to hire due diligence attorneys.

*We now know that the same contractor who vetted Snowden, USIS, also vetted Washington Navy Yard shooter Aaron Alexis.

 

BOOZ ALLEN ETC and the Washington Post

BOOZ ALLEN ETC and the Washington Post

 

The Washington Post has extensively covered Edward Snowden, the 29-year-old hacker hired by prime contractor Booz Allen Hamilton to work for the National Security Agency, who was given global access to online information that he then leaked. One question still unanswered, however, is how much material if any Snowden gave to the Post itself. Follow-up: what if anything does the Post have from Snowden, or from the NSA?

 

Future plans

According to the Guardian interview with Snowden, in the extensive June 9 article revealing Snowden’s identity, he had “copied the last set of documents he intended to disclose” three weeks earlier. Snowden then packed and boarded a plane for Hong Kong.

Questions for the press: Where are those documents? What is in them?

Snowden, as quoted in the Guardian interview, distinguishes himself from Daniel Ellsworth and Bradley Manning thus:

“”I carefully evaluated every single document I disclosed to ensure that each was legitimately in the public interest,” he said. “There are all sorts of documents that would have made a big impact that I didn’t turn over, because harming people isn’t my goal. Transparency is.””

The quoted statement comes in a long article written mostly in third-person paraphrase. Along with the previous question–what is on the documents Snowden turned over to the press?–it raises another. What is on the documents he has not disclosed?

 

Former Booz Allen executive and now DNI, testifying

Among the items of information paraphrased third person:

  • Snowden broke both his legs training in the U.S. Army Special Forces, at some time between 2003 and 2007
  • he then got his first NSA job, as a security guard in a covert NSA facility at the University of Maryland
  • “From there, he went to the CIA, where he worked on IT security.”
  • he rose quickly in the CIA because of his computer skills, without a high school diploma
  • “By 2007,” the CIA stationed him in Geneva, “with diplomatic cover”
  • in 2009 he went to work for a private contractor for NSA, on a military base in Japan

Edifice wrecks

It would be good to know the exact date on which Snowden began working for Booz Allen Hamilton. The company’s publicly released statement and news reports put it at about three months before Snowden leaked the NSA material–the company says “less than three months.” That would be early March, 2013. The Guardian’s first exclusive, based on contacts with Snowden, appeared June 5. In an online chat, Snowden subsequently said he had taken the Booz Allen job for the purpose of collecting proof of NSA surveillance activities.

“”My position with Booz Allen Hamilton granted me access to lists of machines all over the world the NSA hacked,” he told the [South China] Post on June 12. “That is why I accepted that position about three months ago.”

The surveillance license was approved on April 25. In other reports, The Guardian’s Glenn Greenwald and documentary film maker Laura Poitras began working with Snowden back in February 2013.

 

Poitras

Questions about the documents and other NSA material are by no means the only questions. They are just the biggest, the weirdest, and the most immediate elephant-in-the-room. What if anything is the Post sitting on? As a Washington Post subscriber and faithful reader, I would like to be alerted beforehand, if my paper plans to run a series based on primary sources from inside the NSA. I would think Post reporters not in the loop would be curious themselves. Where if anywhere is the Post housing these materials, if any? Who is responsible for them, if anyone? Are there backup copies, and if so, where? According to The Hindu, Snowden left carrying “four laptop computers.”

 

Further questions, as mentioned, are not as big–less global–but still intriguing. Here are a few, categorized for convenience into first, the question of particular fact, and second, the broader questions stemming from the fact.

Fact question one:

As we know, Reuters reported days ago that Booz Allen hired Snowden despite “discrepancies” on his resume. What were the discrepancies?

Broader question/s one:

Why is it not policy to deny a security clearance to any job applicant, anyone without exception, whose resume or job application contains “discrepancies”?  Has acceptance of middle-class, white-collar lying on the job gotten so broad that anything goes, even in high-level clearance work? Have four-plus years of relentless press trashing the national economy taken such a toll that no (white-collar) job can be denied or removed, even justifiably?

 

Fact question two:

Aside from the Booz Allen job, how long, exactly, had Snowden been working for or on NSA facilities? Snowden told the Guardian four years; NSA Director Keith Alexander testified to Congress that Snowden had held a position at the NSA for twelve months.

Broader question/s two:

Are there any safeguards in place [YES, FUNNY WAY TO START A QUESTION], so that red flags go up when a subcontractor jumps from job to job, especially in high-level clearance positions? Have the broader attacks on 1) company pensions and 2) “government jobs” taken such a toll nationally that job-jumping is now assumed to be a resume brightener, even in high-level clearance positions?

 

Fact question three:

How, exactly, did Snowden get his series of NSA jobs? Did he apply through regular channels? Was it through someone he knew? We already know that he was ‘vetted’ for Booz Allen by USIS. Who recommended him? Who if anyone were his references, for a string of six-figure high-level security jobs?

Broader question/s three:

Is there such a thing as ‘regular channels’ when you apply for a job as a security contractor for the NSA? Are there any protocols in place [YES, YES, I KNOW; FUNNY WAY TO BEGIN A QUESTION] applied uniformly to every applicant? Or are the hoops just something to be sidestepped, rather than jumped through, for someone who knows someone?

 

As both a U.S. citizen and a journalist, I am eager not to jump to conclusions. We have an ethical obligation to use our judgment to the best of our ability. I cannot see Snowden as either a ‘hero’ or a ‘traitor.’ I have no desire to see him hounded into prison or chased around the globe, let alone worse. There is far too much passive complicity at multiple levels in the quasi-private, excessively outsourced, limply ‘privatized’ intelligence-security realm that hired Snowden and basically bred him, to make him a person of interest in isolation.

Both as a person and a journalist, however, I cannot help being curious. As indicated in the previous posts, I continue to be curious about the multi-billion layers of private contracting–an ironic term, at this point–as well as about government surveillance. So questions will continue to arise.

Back to that press coverage. The Guardian, unlike the Washington Post, has published aptly on Booz Allen. See here and here and here, for example.

To be continued

 

BOOZ ALLEN ETC and subcontractors

BOOZ ALLEN ETC and subcontractors

 

Part of the fallout from the spectacular security breach at Booz Allen Hamilton itself–when its contractor Edward Snowden, hired at age 29 to monitor global classified security from inside a National Security Agency station in Hawaii, revealed the capabilities–is that the subcontractor who vetted Snowden for Booz Allen is being investigated.

Quis custodiet ipsos custodes?

Snowden

The subcontractor is northern-Virginia based US Investigations Services (USIS). The company is not connected to the federal United States Information Service. The USIS web site bills it as “the leader in federal background investigations.” From a recent media release comes this announcement that USIS has won a contract from the Department of Homeland Security:

“FALLS CHURCH, Va., – US Investigations Services Professional Services Division, Inc. (USIS PSD), a subsidiary of US Investigations Services, LLC (USIS), the largest commercial provider of background investigations to the federal government, has been awarded a prime contract by the Department of Homeland Security, U.S. Citizenship and Immigration Services (USCIS), to provide biometric capture services in support of applications for a variety of immigration benefits and U.S. citizenship. The indefinite-delivery/indefinite-quantity contract is for one base year with four one-year options and has a potential value of $889 million over a five-year period.”

More good news for immigrants. Further information on USIS, from the company:

“USIS provides services under more than 100 contracts. It is the largest commercial provider of background investigations to the federal government. It has more than 6,000 employees providing services in all 50 states and U.S. territories and overseas. USIS offers a variety of adjudication support, including background checks, litigation support, records support, investigative analytics and biometric services, as well as customized solutions that help government clients manage records, information and documents. Learn more at www.USIS.com.”

Also provided is the company’s statement on the June 20 Senate Homeland Security Subcommittee hearing–Yes, we are being investigated–but it was not about Snowden, at least not last year–Nobody knew about Snowden then, including us:

FALLS CHURCH, VA, June 20, 2013 — At a Senate hearing today, questions were raised as to whether USIS is under “criminal investigation.” USIS has never been informed that it is under criminal investigation. In January 2012, USIS received a subpoena for records from the U.S. Office of Personnel Management’s (OPM) Office of Inspector General (OIG). USIS complied with that subpoena and has cooperated fully with the government’s civil investigative efforts.

In the same Senate hearing, questions were raised as to whether USIS had conducted the initial background investigation, or a periodic reinvestigation, for the security clearance of Edward Snowden. USIS conducts thousands of background investigations annually for OPM and other government agencies. These investigations are confidential and USIS does not comment on them.”

The federal investigation into USIS itself was first reported by the Wall Street Journal:

“USIS, a Falls Church, Va., company owned by private-equity firm Providence Equity Partners LLC, has more than 7,000 employees and conducts 45% of OPM investigations done by contractors, officials said. Last year, USIS received $200 million for its work, Ms. McCaskill said.”

The Washington Business Journal faults lack of competition in contracting for problems:

“So what is this type of work worth? In 2011, USIS was awarded a multiyear contract by OPM to conduct background investigative fieldwork for government agencies. The estimated total value of the contract was about $2.45 billion over five years. And USIS held the same contract before that award.”

Bloomberg News blames the outsourcing on Al Gore:

“The revelation that Snowden disclosed two classified U.S. surveillance programs after being vetted by USIS may have damaged the company’s reputation and prompted questions about the wisdom of outsourcing security reviews.”

Olbermann on Countdown

Bloomberg has a point. I, for one, also blame Al Gore for firing Keith Olbermann from CurrentTV.

But I digress.

 

Tom Lehrer, mathematician, humorist and song writer

Moving away from humor, Sourcewatch, among other sites, noted much earlier that the company was involved in the 2004 assault on Fallujah, in Iraq, and in an investigation on the assault connected to the death of Col. Ted Westhusing in 2005.

The company that owns USIS, Providence Equity Partners LLC, focuses according to its web site and company filings on investing in “media, communications, education and information.” More information:

“Established in 1989, the firm pioneered a sector-based approach to private equity, convinced that a dedicated team of industry experts could build companies of enduring value in the dynamic communications industry. Guided by this commitment, we have led some of the most exciting and successful companies in our sectors, generating superior investment returns across economic cycles. Today, having invested in more than 130 companies over our 23-year history, Providence is one of the world’s premiere private equity firms and a dominant global franchise in the media, communications, education and information industries. . . .

Our team actively seeks investment opportunities on a global basis from offices in Providence, New York, London, Hong Kong, Beijing and New Delhi. We partner with companies across different stages in their development, from growth capital and complex recapitalizations of family-owned businesses to large buyouts and take-privates. We can employ a variety of financing structures and target equity investments of $150 million to $800 million. We prefer to lead our investments, serve on company boards, and work collaboratively with company management. From broadband to broadcast, music to film, wireline to wireless, publishing to Internet, we bring unparalleled industry, financial and operational expertise to each of our portfolio companies.”

Sounds secure, doesn’t it? Who would imagine that a global company, its offices around the world connected by thousands of electronic messages and transactions weekly, could have any problems–even indirect–with security breaches on its watch?

When again did satire die, exactly?

Among those companies is Altegrity, the parent company of USIS. Altegrity is among other things the holding company for Kroll Ontrack Inc. and London-based Kroll Advisory Solutions, spin-offs from the former Kroll Inc, which provided security services in Iraq. Kroll, like Booz Allen Hamilton with which it had significant interchange, was up to its eyeballs in boosting war with Iraq, a war for which it also helped prepare and from which it received substantial government contracting business. Kroll was previously owned by Marsh & McLennan, also involved both in boosting the invasion of Iraq and in Iraq war business once the war was underway. So once again–not to hammer a point that should be sufficiently obvious by now–we have security and investigation companies participating in monitoring, oversight, or investigation of what amounts to their own previous work. The companies, furthermore, having won government contracts for their previous work, are now winning government contracts to retrace the steps–so to speak–on a global scale.

 

Another company held by Altegrity, by the way, is HireRight, “the commercial employment screening business of Altegrity that serves more than 30,000 commercial customers in the U.S. and overseas, including more than 25 percent of the Fortune 500.”

 

It remains to be seen whether the vetting for those 30,000 commercial customers rises to the standard of the vetting that gave us Edward Snowden.

 

To be continued

 

BOOZ ALLEN ETC Continued

BOOZ ALLEN ETC Continued

 

Again, the point of the reminders below is not that the more things change, the more they stay the same. The point is that previous lessons need to be re-learned. Next-to-the-top echelons in the defense and security contracting world, effectively ensconced in government, do not tend to head for the door when an administration changes. The recent news that 29-year-old Edward Snowden, employed by a major government contractor, wielded global cyber intrusions and then revealed them is another reminder that we are still dealing with the problems.

 

At home in Washington

The NSA contractor, of course, is Booz Allen Hamilton, the giant ex-spooks and black-hats company with government ties at federal, state and local levels. With Snowden, the company deviated from its strengths, hiring not an ex-spook but a future spook who seems to have decided he had gotten onto the wrong career path. Again ironically, in light of recent events, Booz Allen’s services include monitoring other surveillance programs. The recent predictable problems are now part of a well established track record.

 

Snowden

Take the 2006 flap over Booz Allen’s monitoring the SWIFT project. This, to recap briefly, was the George W. Bush administration’s examination of records of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), headquartered in Belgium. The government eyeballing gave the Bush administration access to millions of financial messages per day involving payments, securities transactions, etc., between thousands of banks and other financial entities around the world. SWIFT touted its safety and security as a financial messaging system. (For what it’s worth, Booz Allen itself uses SWIFT.) Such financial surveillance being too much for Wall Street to stomach even from a super-friendly administration, uproar ensued. Thus Booz Allen was said to be monitoring it. This was less than reassuring, to Wall Street as well as to the ACLU (linked above), given the contractor’s numerous and profitable ties to the feds it was supposed to oversee.

 

Vox populi

The ties were pointed out again in 2011 by, among others, Anonymous. The notorious cyber vigilantes gleefully hacked–wait for it–Booz Allen, apparently with ease, getting access to among other things thousands of military emails. Here for fun is Anonymous‘ own take on the exploit:


"Hello Thar!

Today we want to turn our attention to Booz Allen Hamilton, whose core business is contractual work completed on behalf of the US federal government, foremost on defense and homeland security matters, and limited engagements of foreign governments specific to U.S. military assistance programs.


So in this line of work you’d expect them to sail the seven proxseas with a state- of-the-art battleship, right? Well you may be as surprised as we were when we found their vessel being a puny wooden barge.


We infiltrated a server on their network that basically had no security measures in place. We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!).


We also added the complete sqldump, compressed ~50mb, for a good measure. We also were able to access their svn, grabbing 4gb of source code. But this was deemed insignificant and a waste of valuable space, so we merely grabbed it, and wiped it from their system.”

No clarification yet on whether SWIFT or, for that matter, Booz Allen will be involved if complicated extradition proceedings get underway for Edward Snowden. But then exactly what material Snowden had access to in general has not been clarified–and presumably will not be. How much Snowden got from SWIFT specifically has also not been clarified. The footprint of the financial messaging service is large on the internet, given the nexus of the NSA, private contracting, and foreign policy. SWIFT was among the levers used against Iran.

 

Before SWIFT, there was TIP, or the Total Information Awareness program, run by Admiral John Poindexter, back in 2002. To recap very briefly, Booz Allen was also in this one up to the eyeballs (along with SAIC among others). The TIP or TIA program was short-lived because of the uproar–although one of its leading lights, Mike McConnell, stayed in the administration as George W. Bush’s second Director of National Intelligence, before returning to Booz Allen to serve as Senior Vice Chairman.

Summing up, ties between administrations and Booz Allen have been numerous and have been written about by a number of authors. The ties between Booz Allen, its brothers in arms in the contracting world, and the now-cyber-ghost-town PNAC, or Project for the New American Century, alone have been more than friendly. When PNAC-er Dov Zakheim left the Pentagon, in April 2004, he became a partner at Booz Allen. Former CIA director R. James Woolsey, another PNAC signatory, was a vice president at Booz Allen.

Thus signatories fervently bent, by their own hand, on war with Iraq rotated through the intelligence-security industry revolving door, to become part of a company frequently paid for monitoring intelligence and security work–including some of their own previous work.

The way a good corporate candidate for major contracts is chosen continues to baffle. One fundamental problem is the lack of protection against potential conflicts of interest. It is anomalous that a major military contractor and a major security contractor for the federal government could be given oversight or a supervisory role in surveillance conducted by the federal government. The potential conflict of interest is too large. Suppose, hypothetically, that the sifting through discloses some previous lapse by the contractor itself?

To be continued

 

BOOZ ALLEN ETC Continued

BOOZ ALLEN ETC Continued

 

The June 2013 news that Booz Allen Hamilton entrusted a 29-year-old disaffected cyber-geek with oxymoronic global secrets, stationed him in Hawaii, and placed him under the supervision apparently of his girlfriend, should come as a surprise. Instead it comes as part of a familiar pattern.

Ironies are too easy to find. To avoid belaboring the obvious, I’ll quote just one Booz Allen press release, this one from February 2013 headed “Booz Allen Hamilton Launches Cyber4Sight Threat Intelligence Services.” 

The gist:

“Booz Allen Hamilton today launched Cyber4Sight™ Threat Intelligence Services, which uses multiple data sources to identify and monitor an organization’s unique cyber security profile, determine its “attack surface,” and deploy military grade predictive intelligence to anticipate, prioritize and mitigate cyber threats 24/7. This anticipatory service produces real-time, practical indications and warnings so that commercial organizations can take defensive actions against cyber attacks long before they occur.”

Taking the PR statement at face value, one might be inclined to ask whether Booz Allen considered itself a commercial organization or whether “cyber attacks” include someone inside giving away the store. As said, too easy.

It’s the take-aways that matter. Among them, the following:

1) When you’re talking about the business of the U.S. government, every privatizing, off-shoring or outsourcing is potentially a security breach. This is particularly the case when the government contractors are extremely well-connected, and when the business involved–surveillance, cyber security, etc.–is extremely sensitive or top-secret. The potential intensifies when the contractor is a behemoth and starts to fall into the Too-Big-to-Expose category. These are not factors that enhance oversight, transparency and accountability. Anti-labor types should bear in mind that the ‘privatizing’ mindset that devalues loyalty in favor of big-bucks contracts opens the door to similar security breaches. As ever, when you work with a security firm, what’s on your computers is on their computers.

2) When people start thinking they are above or beyond the law, trouble looms. This principle should be obvious, maybe, but some obvious applications–as they say in R & D–seem not to have been developed. I am not talking so much about Edward Snowden here, as about the mentality that led his corporate employers to hire him. Snowden was not picked from a stack of resumes in Human Resources. He billed himself as special in ways that appeal to the anti-egghead echelon of executive leadership–a de-emphasis on time and labor, including time spent in school; a certain pride in skirting the rules or at least the guidelines, including valuable principles; and a devaluing of serious non-commercial education. Thus he walked in through a side door, figuratively located just the other side of Executive Men’s Toilet. They’re paying for it now.

3) Anti-‘government’ rhetoric is not a solution. ‘Small government’ types in certain circles are exactly the people building mega-billion corporate complexes, bulldozing the Bill of Rights at work and in the community, and then being breached in one way or another. In political circles and in finance circles and in military-and-security technology circles, ‘small government’ types are people simply asking for less supervision and more money for themselves, under the headings of ‘less government’ and ‘lower taxes.’ These are not people who tend to be reflective types, regularly questioning and examining their own motives, leaning over backward to give the other guy his due. Booz Allen Hamilton, one of the biggest contractors in Washington, benefiting from government at all levels–more on that later–donates copiously to politicians who shriek ‘less government’ and ‘lower taxes.’ “Smaller government”? From the corporate allies of our Chamber of Commerce? Typically they avidly solicit and receive contracts from Uncle Sam, to such an extent that the cyber-security sector has become one of the biggest harbors of corporate welfare.

4) Macho corporate swagger is not a solution. The bigger they come, the harder they fall. Not all of Booz Allen’s extensive ties in the intelligence community, the American military, civilian government agencies and beyond saved it from mistakes so elementary that, literally, many eighth-graders would have known enough to avoid them. The price of democracy is constant vigilance. That means not just state-of-the art technology, but a close eye on human values. Too much careerist games-playing is incompatible with genuine security.

These are all lessons repeatedly illustrated over recent decades and/or since the year 2000. The point, as previously written, is that previous lessons have not been learned thoroughly enough. The incoming Obama administration had a lot on its plate in January 2009, but it still needed to clean house thoroughly. Unfortunately, having ensconced private security and private ties to military capabilities in government at the highest levels, the national political establishment was little able to mitigate some of the problems.

Thus, as the Booz Allen press release has it,

“Today’s cyber threats are increasingly targeting corporations and governments to conduct industrial espionage, undermine business and financial operations and sabotage infrastructure. A perimeter defense alone is no longer sufficient protection–adversaries are too many, too fast and too sophisticated. Organizations need a new paradigm that combines real-time security resources with a rigorous method of mitigating cyber risks. Booz Allen has combined its deep functional cyber expertise from the intelligence community with its operational military experience to create Cyber4Sight.”

Potential ‘adversaries’ include, you might say, your own people who are less than entranced with many aspects of what you’re doing. Potentially that might encompass much of the United States population.

 

Going forward, there are questions to be addressed, humorous or otherwise:

Isn’t it possible to vet contractors to prevent giving more government contracts to–for example–a company with its own cyber-security problems?

Big Green

Is anyone moving to review Booz Allen Hamilton’s current federal contracts or other contracts, at least those involved with security, surveillance, or monitoring security or surveillance, etc?

Is anyone moving to reduce the shoulder-rubbing between government agencies and some of our extensively breached contractors?

State as well as federal

Back to that press release:

“Booz Allen’s Cyber4Sight provides clients–from banks to insurance companies to energy utilities–with anticipatory cyber threat intelligence that allows them to cultivate a proactive security posture, get ahead of an attack, assess risks and take appropriate actions to mitigate future attacks. Cyber4Sight combines the science of Big Data with the art of analysis and information gathering to give clients a holistic, forward-looking cyber security program. This service is the result of a significant multi-year investment Booz Allen has made to create an infrastructure that globally integrates data collection, aggregation and analysis and engages cyber analysts from a myriad of disciplines.”

Including high-school dropouts.

Leaving the Snowden matter aside–

As said before, due diligence should be routine in federal contracting. This is especially true in security. Aside from other measures, tightening up disclosure requirements for lobbying would help. It is not enough just to require ‘registered’ lobbyists to provide certain information. We need to require everyone who lobbies to ‘register.’

 

to be continued