* NSA's internal infrastructure runs on Unix. (Linux is a branch of Unix.) Their analysts log in to Unix machines with logins and passwords, as we do, and they use the standard Unix/Linux file access controls ("user, group, and other" permissions).
* They use web servers and web browsers and HTML and URLs to deliver their data to their "customers" at the FBI, CIA, and NCTC.
* NSANET, their internal Internet, is not encrypted! (It is almost certainly protected by link encryption and fiber signal strength monitoring when it crosses from one place to another, but not inside their secured buildings.) It's just a bunch of machines plugged into Ethernets, running standard protocols, like what all of our infrastructure uses.
* I'm guessing the reason NSANET isn't encrypted is because they don't seem to have any better encryption protocols for general use inside NSA than we do outside. E.g. they don't seem to have automatic end-to-end encryption. So in order to be able to buy standard machines and plug them in and use them, they have to run their whole net unencrypted. (I think it's funny that because my old effort to embed automatic Opportunistic Encryption in Linux and IPSEC failed, therefore NSA's internal network isn't encrypted. Like they couldn't do it themselves!)
* They use a "PKI" (public key infrastructure) to control access to some databases inside NSANET. When they wanted to stop one part of NSA's tech infrastructure from accessing the telephone metadata, hey removed the "certificate" that gave it access credentials.
In other words, when it comes to general purpose computing, they are running on almost exactly the same kind of infrastructure we are -- nothing better. This makes sense, but I had expected that with billions of tax dollars every year they had made some improvements in the security, authenticity and integrity of their protocols and software. (But, I worked at Sun, which spent billions of dollars a year on engineering their hardware and software, and Sun's machines weren't much better than their competitors' at security, authenticity or integrity either.) We in the outside world *invented* all of NSA's infrastructure. They buy it from us, and are just "users" like most computer users. (Yes, they have programmers and they write code, but their code seems mostly applications, not lower level OS improvements or protocols. I'm not talking about the parts of NSA that find security holes in other peoples' infrastructure, nor the malware writers.)
So go read the document anyway! Don't believe what I tell you... draw your own conclusions.
Also it seems that:
* The vast majority of the information that they are squirting around inside NSA, searching and correlating, comes with no particular restrictions other than those that they impose internally (like not revealing things that disclose their sources and methods) and the general restrictions on releasing information about US persons. They got that data "legally", or anyway, "fair and square", by stealing it from signals in other countries, and they can do what they want with it. Having to deal with a judge who can put arbitrary restrictions on what they can do with a large database is a novel experience for them, and one that neither their personnel nor their infrastructure is properly set up to handle. That's why they found that data was "leaking" from the telephone metadata database nine or ten ways that they hadn't yet noticed until they did an end-to-end review. The leaks were mostly fairly minor, but if they hadn't been forced to do the review, it's clear that more and more of NSA would have just been treating the telephone metadata like any other piece of stolen data.
* Their "need to know" culture and the maze of classifications and code words often prevents the right hand from knowing what the left hand is doing. This is deliberate and is to help figure out who the insider threats ("moles") are, based on who had access to what info before it leaked outside NSA. But the result is also that nobody is really in charge. There are too many details that don't percolate up and down the chain of command, so stuff happens that isn't supposed to happen. Like, the programmers who wrote the code for accessing the stored database of telephone metadata knew that it could only be accessed with a search term ("selector") that met the court's standard for "RAS" ("Reasonable Articulable Suspicion"), so they coded the software to check for that. But the separate programmers who wrote the code for IMPORTING new data into the database from the telcos, didn't know that, so they wrote an "Alert list" (renamed "Activity Detection List" during the review) that would send a note to an analyst whenever new data came in for any selector on the list (e.g. when someone of interest to that analyst made a phone call). These selectors were not restricted to those that met the court's standards, and indeed most of the selectors on the list did NOT meet the standard (it had 1,935 RAS approved selectors and 15,900 unapproved ones). This is not because they tried to get around the court -- but because they were not in control of their own infrastructure, because of lack of internal sharing of relevant information. Free cultures really do outperform authoritarian ones!
