Pentagon Halts Chinese Coders Affecting DOD Cloud Systems (defense.gov) 27
DOD: Defense Secretary Pete Hegseth said the Pentagon has halted a decade-old Microsoft program that has allowed Chinese coders, remotely supervised by U.S. contractors, to work on sensitive DOD cloud systems. In a digital video address to the public posted yesterday, the secretary said DOD was made aware of the "digital escorts" program last month and that the program has exposed the Defense Department to unacceptable risk -- despite being designed to comply with government contracting rules.
"If you're thinking 'America first,' and common sense, this doesn't pass either of those tests," Hegseth said, adding that he initiated an immediate review of the program upon learning of it. "I want to report our initial findings. ... The use of Chinese nationals to service Department of Defense cloud environments? It's over," he said. Additionally, Hegseth said DOD has issued a formal letter of concern to Microsoft, documenting a breach of trust, and that DOD is requiring a third-party audit of the digital escorts program to pore over the code and submissions made by Chinese nationals. The audit will be free of charge to U.S. taxpayers, he said.
"If you're thinking 'America first,' and common sense, this doesn't pass either of those tests," Hegseth said, adding that he initiated an immediate review of the program upon learning of it. "I want to report our initial findings. ... The use of Chinese nationals to service Department of Defense cloud environments? It's over," he said. Additionally, Hegseth said DOD has issued a formal letter of concern to Microsoft, documenting a breach of trust, and that DOD is requiring a third-party audit of the digital escorts program to pore over the code and submissions made by Chinese nationals. The audit will be free of charge to U.S. taxpayers, he said.
It's kind hard to argue against this (Score:4, Insightful)
Re: (Score:2)
China intends to conquer the world. Once they do, you're their property, to be treated the same as every other (non-Chinese) serf.
Best to avoid that as early on as possible.
Re: (Score:3)
It's a great thing. Even better if they would tighten up the whole economy by fixing the H1B system. Unfortunately this government is both (1) bought by the tech industry, and (2) incapable of coherent, long-term strategic planning. There will continue to be Norks, .RUs and .CNs peppered throughout the supply chain because of that.
The real question is? (Score:4, Insightful)
Everything touched must be considered 100% compromised..
Re: (Score:2)
Who thought this was a good idea and what else have they touched?
And why aren't they facing criminal charges right now?
Re: (Score:2)
Re:The real question is? (Score:4, Interesting)
must be getting desperate (Score:2)
Doing something that actually makes sense instead of just effectively committing arson? They must be desperate to look like they are helping
Better make sure there are good backups! (Score:3)
Hopefully not just focusing on CCP coders (Score:3)
Any non-US person(and H1B) should be off limits to all sensitive government and critical infrastructure systems.
Re:Hopefully not just focusing on CCP coders (Score:5, Interesting)
Any non-US person(and H1B) should be off limits to all sensitive government and critical infrastructure systems.
Reminds me of Elon Musk facing the conflicting requirements from the Biden administration that SpaceX was to hire some percentage of immigrants/aliens or face punishment, and the requirement from the DOD/DOE/etc. that prohibits non-citizens from having access to technology concerning anything that could be remotely considered a weapon delivery system like a rocket that can reach orbit. SpaceX chose to hire only citizens and so faced fines for it. Musk was not pleased about this, and stated such publicly. I can only suspect what was going through his mind. I guess he chose to pay the fine than try to fight this in court and take on more costs with lawyers and such.
I have to wonder if Microsoft faced the same conflicting requirements and chose to employ non-citizens and hope nobody noticed that this violated the rules on international trade in arms so as to avoid those fines. I'll stress that I'm guessing on what was going on, I'm just pointing to a possible parallel in conflicting rules with SpaceX. I'm also guessing that some rule or regulation was broken, maybe not but it looks bad regardless.
This is still only about 8 months since Biden left the White House, we could still face some of the same issues of conflicting rules from the White House. How long has this gone on? Who thought this was a good idea? Maybe if this was contracted out to some "5 eyes" nation there would be some justification on foreign employees but that's still something that should cause concern.
Re:Hopefully not just focusing on CCP coders (Score:4, Insightful)
The thing to note is that US persons is a broader category than US citizens and includes lawful permanent residents and those granted asylum or refugee status. According to the DoJ suit against SpaceX, asylees and refugees were rejected solely on their nationality, which cannot be justified solely on the basis of export controls. Moreover, according to the suit, SpaceX hired only US citizens for ALL positions for a span of many years. Positions like janitors are sometimes fuzzy, because they would often have access to spaces with export controlled articles, but it's pretty hard to argue that your cafeteria workers have to be US citizens.
If the national weapons labs like Los Alamos can manage to hire foreign nationals, so can SpaceX.
Re: (Score:2)
The thing with SpaceX doesn't pass the smell test. I work for a contractor to DOE.
The term "contractor to the DOE" can mean a lot of things. I can mean you mow their lawns. Or work in the cafeteria. Maybe this means operating the centrifuges that enrich uranium. Or operate the fusion reactor. Maybe it means patrolling the perimeter with binoculars and machine guns. Or it can mean manufacturing nuclear bombs. I don't know what to make of that statement.
If the national weapons labs like Los Alamos can manage to hire foreign nationals, so can SpaceX.
The Los Alamos Lab does more than make weapons. It appears that in recent years they've been investigating technology for detectin
maybe we need more H1Bs? (Score:2)
As the job market keeps getting smaller ant the layoffs keep getting bigger maybe just as a cherry on top we could allow more H1B visa?
Holy crap! (Score:2, Funny)
Pete Kegsbreath said something sensible and did something useful! Must have been a mistake...
Re: (Score:2)
Re: (Score:2)
Whereas a stopped clock, like Kegsbresth, is completely fucking useless. Even though both are occasionally correct.
Re: (Score:1)
Re: (Score:3)
Pete Kegsbreath
I'll never be able to remember his real name now.
Re: (Score:2)
Handing Hegseth a free W (Score:3)
The system hates the American worker so much that they vetoed hiring cleared Americans to do the coding.
The system hates the American worker so much that they vetoed hiring cleared Americans to oversee uncleared Americans to do the coding.
The system hates the American worker so much that ONLY hiring cleared Americans to oversee foreign nationals working remotely was considered acceptable. And only, I'm sure, because they couldn't talk everyone out of needing cleared Americans to do the supervising. That was probably what they were trying to work on next lol.
That's the level of hatred. That's absolutely wild.
Anyway, way to hand Hegseth a big fat win, whomever you are and whenever you were when you implemented this shitbag policy. At least it's gone now.
For now.
Good (Score:2)
Sometimes you have to outsource or rely on subcontractors to get an actual expert involved, there is not always an expert on [whatever] on staff.
Relying on subcontractors of an outsourced service to perform day-to-day work is bad planning.
Relying on foreign subcontractors of an outsourced service for something that is potentially of national security interest is holy-shit stupid.
" pore over the code" (Score:2)
Anybody over there have access to what they call a "Dictionary"?