I saw this new headline regarding Edward Snowden, discussing his NSA hacking training. Don’t be impressed.
For several years, I lived in that same world Snowden lived in. I’ve gone out of my way to avoid mentioning this, but from 2005-2012, I was a consultant. I worked for several different companies, due to contracts changing hands and companies merging, but my client was the United States Air Force. And from 2011-2012, I even had direct dealings with the NSA. I attended NSA meetings in the Washington, D.C. area. I received NSA training–in person–in a security discipline called threat modeling. My job was to represent NSA to the Air Force three weeks out of the month, and represent the Air Force to the NSA on the fourth week.
Just don’t ask me anything about UFOs. Unlike some people, I didn’t snoop around on classified networks. Whenever possible, didn’t look at the data at all. If I had to look at data, I preferred to look at dummy data. If I actually did look at real, honest-to-goodness classified data, it was because I needed to know that information to do my job. I was a pretty good contractor, I think.
I also know about this training that Snowden put on his resume. Read more
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.