ZDNet had a good article today on the GCHQ in England admitting they don't always tell the vendors of equipment what the flaws are in their IT. This would be nothing much but GCHQ is an intelligence organization and it uses the term "equities" in describing the national interest involved in whether to tell or not. If the equities do not rank high enough for reporting, they won't report it.
When I first started in IT, I used to be outraged if the government failed to correct deficiencies in software that we discovered. There were so many, we could hardly keep up. It was rare that anyone said anything about the non-reporting of these flaws because we really had no reason to know unless someone told us. That is the way it should be. We reported them, so we did our job.
When I worked for the U.S. Senate a person explained why the intelligence guys did not report everything and I felt stupid. It wasn't really their job. Intelligence agencies are supposed to collect and analyze intelligence collected by a number of different means. We don't need to know those means and they have no obligation to tell us. The more they report, the harder it is to do their job. I didn't like that explanation, but grew to understand it as true. It just took awhile.
I'm always suspicious of press people who do stories on things that hurt their own country. The Russians seem to get a lot out of their relations with the press by working them around to questions that give answers to things they want to know about and want to publicize. We should be smart enough to not answer those questions, no matter who asks them. I'm a little disappointed in GCHQ on this one. No comment would have worked better.
https://dennispoindexter.blogspot.com/
No comments:
Post a Comment