Google Asks NSA to Help Secure Its Network
- Dirttyrabbit
-
- Posts: 1643
- Joined: Sun Oct 04, 2009 1:31 am
You might like:
Fri Feb 05, 2010 5:01 pm » by Dirttyrabbit
Google Asks NSA to Help Secure Its Network
Google is teaming up with the National Security Agency to investigate the recent hack attack against its network in a bid to prevent another assault, according to The Washington Post.
The internet search giant is working on an agreement with the controversial agency to determine the attacker’s methods and what Google can do to shore up its network.
Sources assured the Post that the deal does not mean the NSA will have access to users’ searches or e-mail communications and accounts. Nor will Google share proprietary data with the agency.
But the move is raising concerns among privacy and civil rights advocates.
The Electronic Privacy Information Center filed a Freedom of Information Act request on Thursday, shortly after the agreement was made public, seeking more information about the arrangement (.pdf).
Executive Director Marc Rotenberg believes the agreement covers much more than the Google hack and that the search giant and intelligence agency were in talks prior to Google discovering that it had been hacked.
“What they’ve told you is that this is about an investigation of a hack involving China,” he told Threat Level in a phone interview. “I think and have good reason to believe that there’s a lot more going on.”
Google declined to comment.
“At the time [of the hack announcement], we said we are working with the relevant US authorities, but we don’t have any comment beyond that,” wrote spokesman Jay Nancarrow in an e-mail.
The FOIA request also seeks NSA communications with Google regarding Google’s failure to encrypt Gmail and cloud computing services. Rotenberg says EPIC wants to know what role the NSA has played in shaping privacy and security standards for Google’s services.
EPIC also filed a lawsuit against the NSA and the National Security Council, seeking a key document governing the government’s broader national cybersecurity policy, which has been shrouded in secrecy.
“We can’t afford to have secret cybersecurity policy that impacts the privacy rights of millions of internet users,” he said.
Google announced earlier this month that it had been the target of a “highly sophisticated” and coordinated hack attack, since dubbed Operation Aurora, against its network and other companies in the defense, technology and finance industries. Google said the hackers had stolen intellectual property — presumed to be its source code — and sought access to the Gmail accounts of human rights activists. The attack originated from China, the company said.
Computer security firm iDefense has said that 34 companies were targeted by the attackers, who were primarily after source code.
A recent report has provided details into the nature of the persistent espionage attack that mirrored attacks on thousands of companies over the last few years, which have largely gone unpublicized.
The agreement between Google and the NSA, still being finalized, would allow Google to share critical information with the NSA about the attacks and its network — such as the malicious code that was used and its network configurations — without violating Google’s policies or laws that protect the privacy of users’ communications, the sources say.
The NSA’s general counsel began drafting the cooperative research and development agreement the day that Google announced it had been hacked, according to The Wall Street Journal. The agreement was finalized within 24 hours, but the information sharing at that time was limited, and only allowed the NSA to examine some of the data related to the hack. Most of the data that was shared concerned the nature of the data that was stolen, the paper said. Both the FBI and NSA worked directly with Google on the investigation.
The agreement between Google and the NSA would reportedly be the first time Google entered into such a formal information-sharing relationship — apart from its general cooperation with subpoenas and national security letters.
Matthew Aid, NSA historian and author of The Secret Sentry, said the move troubled him.
“I’m a little uncomfortable with Google cooperating this closely with the nation’s largest intelligence agency, even if it’s strictly for defensive purposes,” he told the Post.
The NSA has been embroiled since 2005 in allegations that the agency violated federal laws in conducting illegal surveillance of Americans’ phone and internet communications. Giving the agency authority over coordination of the government’s cybersecurity plan — which would include working with telecoms and other critical companies in the private sector — could put the agency in the position of surreptitiously monitoring communications.
Last year Director of National Intelligence Admiral Dennis Blair raised a ruckus when he told the House intelligence committee that the NSA, rather than the Department of Homeland Security which currently oversees cybersecurity for the government, should be in charge of securing cyberspace for government and critical infrastructures.
“The National Security Agency has the greatest repository of cybertalent,” Blair said. “[T]here are some wizards out there at Fort Meade who can do stuff.”
NSA Director Lt. Gen. Keith Alexander later balked at claims that his agency wanted to control the government’s cybersecurity plan and said it wanted to partner with DHS and others in securing networks. Speaking at the RSA Security Conference in San Francisco, he told the audience of security professionals that the NSA does “not want to run cybersecurity for the United States government.”
This week Blair, commenting on the Google hack, said cyberspace could not be secured without a “collaborative effort that incorporates both the U.S. private sector and our international partners.”
“As part of its information-assurance mission,” NSA spokeswoman Judi Emmel told the Post, “NSA works with a broad range of commercial partners and research associates to ensure the availability of secure tailored solutions for Department of Defense and national security systems customers.”
See also:
* Report Details Hacks Targeting Google Others
* Google Hackers Targeted Source Code of More Than 30 Companies
* Google Hack Attack Was Ultra Sophisticated, New Details Show
* Whistleblower Outs NSA Spy Room
* AT&T Sued Over NSA Eavesdropping
* In Spy Case, Obama’s Justice Department Holds Fast to State Secrets Privilege
* NSA Should Oversee Cybersecurity, Intel Chief Says
* Put NSA in Charge of Cybersecurity, Or the Power Grid Gets It
* NSA Chief: ‘We Do Not Want to Run Cybersecurity’
Read More http://www.wired.com/threatlevel/2010/0 ... z0efqJ08og
Google is teaming up with the National Security Agency to investigate the recent hack attack against its network in a bid to prevent another assault, according to The Washington Post.
The internet search giant is working on an agreement with the controversial agency to determine the attacker’s methods and what Google can do to shore up its network.
Sources assured the Post that the deal does not mean the NSA will have access to users’ searches or e-mail communications and accounts. Nor will Google share proprietary data with the agency.
But the move is raising concerns among privacy and civil rights advocates.
The Electronic Privacy Information Center filed a Freedom of Information Act request on Thursday, shortly after the agreement was made public, seeking more information about the arrangement (.pdf).
Executive Director Marc Rotenberg believes the agreement covers much more than the Google hack and that the search giant and intelligence agency were in talks prior to Google discovering that it had been hacked.
“What they’ve told you is that this is about an investigation of a hack involving China,” he told Threat Level in a phone interview. “I think and have good reason to believe that there’s a lot more going on.”
Google declined to comment.
“At the time [of the hack announcement], we said we are working with the relevant US authorities, but we don’t have any comment beyond that,” wrote spokesman Jay Nancarrow in an e-mail.
The FOIA request also seeks NSA communications with Google regarding Google’s failure to encrypt Gmail and cloud computing services. Rotenberg says EPIC wants to know what role the NSA has played in shaping privacy and security standards for Google’s services.
EPIC also filed a lawsuit against the NSA and the National Security Council, seeking a key document governing the government’s broader national cybersecurity policy, which has been shrouded in secrecy.
“We can’t afford to have secret cybersecurity policy that impacts the privacy rights of millions of internet users,” he said.
Google announced earlier this month that it had been the target of a “highly sophisticated” and coordinated hack attack, since dubbed Operation Aurora, against its network and other companies in the defense, technology and finance industries. Google said the hackers had stolen intellectual property — presumed to be its source code — and sought access to the Gmail accounts of human rights activists. The attack originated from China, the company said.
Computer security firm iDefense has said that 34 companies were targeted by the attackers, who were primarily after source code.
A recent report has provided details into the nature of the persistent espionage attack that mirrored attacks on thousands of companies over the last few years, which have largely gone unpublicized.
The agreement between Google and the NSA, still being finalized, would allow Google to share critical information with the NSA about the attacks and its network — such as the malicious code that was used and its network configurations — without violating Google’s policies or laws that protect the privacy of users’ communications, the sources say.
The NSA’s general counsel began drafting the cooperative research and development agreement the day that Google announced it had been hacked, according to The Wall Street Journal. The agreement was finalized within 24 hours, but the information sharing at that time was limited, and only allowed the NSA to examine some of the data related to the hack. Most of the data that was shared concerned the nature of the data that was stolen, the paper said. Both the FBI and NSA worked directly with Google on the investigation.
The agreement between Google and the NSA would reportedly be the first time Google entered into such a formal information-sharing relationship — apart from its general cooperation with subpoenas and national security letters.
Matthew Aid, NSA historian and author of The Secret Sentry, said the move troubled him.
“I’m a little uncomfortable with Google cooperating this closely with the nation’s largest intelligence agency, even if it’s strictly for defensive purposes,” he told the Post.
The NSA has been embroiled since 2005 in allegations that the agency violated federal laws in conducting illegal surveillance of Americans’ phone and internet communications. Giving the agency authority over coordination of the government’s cybersecurity plan — which would include working with telecoms and other critical companies in the private sector — could put the agency in the position of surreptitiously monitoring communications.
Last year Director of National Intelligence Admiral Dennis Blair raised a ruckus when he told the House intelligence committee that the NSA, rather than the Department of Homeland Security which currently oversees cybersecurity for the government, should be in charge of securing cyberspace for government and critical infrastructures.
“The National Security Agency has the greatest repository of cybertalent,” Blair said. “[T]here are some wizards out there at Fort Meade who can do stuff.”
NSA Director Lt. Gen. Keith Alexander later balked at claims that his agency wanted to control the government’s cybersecurity plan and said it wanted to partner with DHS and others in securing networks. Speaking at the RSA Security Conference in San Francisco, he told the audience of security professionals that the NSA does “not want to run cybersecurity for the United States government.”
This week Blair, commenting on the Google hack, said cyberspace could not be secured without a “collaborative effort that incorporates both the U.S. private sector and our international partners.”
“As part of its information-assurance mission,” NSA spokeswoman Judi Emmel told the Post, “NSA works with a broad range of commercial partners and research associates to ensure the availability of secure tailored solutions for Department of Defense and national security systems customers.”
See also:
* Report Details Hacks Targeting Google Others
* Google Hackers Targeted Source Code of More Than 30 Companies
* Google Hack Attack Was Ultra Sophisticated, New Details Show
* Whistleblower Outs NSA Spy Room
* AT&T Sued Over NSA Eavesdropping
* In Spy Case, Obama’s Justice Department Holds Fast to State Secrets Privilege
* NSA Should Oversee Cybersecurity, Intel Chief Says
* Put NSA in Charge of Cybersecurity, Or the Power Grid Gets It
* NSA Chief: ‘We Do Not Want to Run Cybersecurity’
Read More http://www.wired.com/threatlevel/2010/0 ... z0efqJ08og
.
- Dirttyrabbit
-
- Posts: 1643
- Joined: Sun Oct 04, 2009 1:31 am
Fri Feb 05, 2010 5:03 pm » by Dirttyrabbit
AT&T Sued Over NSA Eavesdropping
http://www.wired.com/science/discoverie ... 6/01/70126
The Electronic Frontier Foundation filed a class-action lawsuit against AT&T on Tuesday, accusing the telecom company of violating federal laws by collaborating with the government's secret, warrantless wiretapping of American citizens' phone and internet usage.
The suit (.pdf), filed by the civil liberties group in federal court in San Francisco, alleges AT&T secretly gave the National Security Agency access to two massive databases that included both the contents of its subscribers' communications and detailed transaction records, such as numbers dialed and internet addresses visited.
"Our goal is to go after the people who are making the government's illegal surveillance possible," says EFF attorney Kevin Bankston. "They could not do what they are doing without the help of companies like AT&T. We want to make it clear to AT&T that it is not in their legal or economic interests to violate the law whenever the president asks them to."
One of AT&T's databases, known as "Hawkeye," contains 312 terabytes of data detailing nearly every telephone communication on AT&T's domestic network since 2001, according to the complaint. The suit also alleges that AT&T allowed the NSA to use the company's powerful Daytona database-management software to quickly search this and other communication databases.
That action violates the First and Fourth amendments to the Constitution, federal wiretapping statutes, telecommunications laws and the Electronic Communications Privacy Act, according to the complaint.
The suit, which relies on reporting from the Los Angeles Times, seeks up to $22,000 in damages for each AT&T customer, plus punitive fines.
AT&T did not immediately respond to a request for comment.
The lawsuit comes a little more than a month after The New York Times reported that in 2001, President Bush ordered the NSA to begin warrantless monitoring of Americans' overseas phone calls and internet usage.
The administration defends the eavesdropping program, saying it is only targeting communications to and from suspected terrorists, that government lawyers review the program every 45 days and that Congress authorized the president to track down 9/11 co-conspirators, thereby giving the president the ability to bypass wiretapping laws.
Some Senate Democrats and Republicans, along with civil libertarians and former government officials, counter that the wiretaps are simply illegal and that wiretapping warrants can be acquired easily if the government has probable cause to believe an American is affiliated with terrorists.
The government is not named in the lawsuit, though it is already being sued by the American Civil Liberties Union over the surveillance program.
Bankston estimates that millions of people nationwide would be eligible to join the class action, pushing the possible total fines into the billions. However, he expects the administration will try to kill the lawsuit by invoking the rarely used state secrets privilege.
"If state secrecy can prevent us from preserving the rights of millions upon millions of people, then there is a profound problem with the law," says Bankston.
http://www.wired.com/science/discoverie ... 6/01/70126
The Electronic Frontier Foundation filed a class-action lawsuit against AT&T on Tuesday, accusing the telecom company of violating federal laws by collaborating with the government's secret, warrantless wiretapping of American citizens' phone and internet usage.
The suit (.pdf), filed by the civil liberties group in federal court in San Francisco, alleges AT&T secretly gave the National Security Agency access to two massive databases that included both the contents of its subscribers' communications and detailed transaction records, such as numbers dialed and internet addresses visited.
"Our goal is to go after the people who are making the government's illegal surveillance possible," says EFF attorney Kevin Bankston. "They could not do what they are doing without the help of companies like AT&T. We want to make it clear to AT&T that it is not in their legal or economic interests to violate the law whenever the president asks them to."
One of AT&T's databases, known as "Hawkeye," contains 312 terabytes of data detailing nearly every telephone communication on AT&T's domestic network since 2001, according to the complaint. The suit also alleges that AT&T allowed the NSA to use the company's powerful Daytona database-management software to quickly search this and other communication databases.
That action violates the First and Fourth amendments to the Constitution, federal wiretapping statutes, telecommunications laws and the Electronic Communications Privacy Act, according to the complaint.
The suit, which relies on reporting from the Los Angeles Times, seeks up to $22,000 in damages for each AT&T customer, plus punitive fines.
AT&T did not immediately respond to a request for comment.
The lawsuit comes a little more than a month after The New York Times reported that in 2001, President Bush ordered the NSA to begin warrantless monitoring of Americans' overseas phone calls and internet usage.
The administration defends the eavesdropping program, saying it is only targeting communications to and from suspected terrorists, that government lawyers review the program every 45 days and that Congress authorized the president to track down 9/11 co-conspirators, thereby giving the president the ability to bypass wiretapping laws.
Some Senate Democrats and Republicans, along with civil libertarians and former government officials, counter that the wiretaps are simply illegal and that wiretapping warrants can be acquired easily if the government has probable cause to believe an American is affiliated with terrorists.
The government is not named in the lawsuit, though it is already being sued by the American Civil Liberties Union over the surveillance program.
Bankston estimates that millions of people nationwide would be eligible to join the class action, pushing the possible total fines into the billions. However, he expects the administration will try to kill the lawsuit by invoking the rarely used state secrets privilege.
"If state secrecy can prevent us from preserving the rights of millions upon millions of people, then there is a profound problem with the law," says Bankston.
.
- Dirttyrabbit
-
- Posts: 1643
- Joined: Sun Oct 04, 2009 1:31 am
Fri Feb 05, 2010 5:06 pm » by Dirttyrabbit
‘Don’t Be Evil,’ Meet ‘Spy on Everyone’: How the NSA Deal Could Kill Google
The company once known for its “don’t be evil” motto is now in bed with the spy agency known for the mass surveillance of American citizens.
The National Security Agency is widely understood to have the government’s biggest and smartest collection of geeks — the guys that are more skilled at network warfare than just about anyone on the planet. So, in a sense, it’s only natural that Google would turn to the NSA after the company was hit by an ultrasophisticated hack attack. After all, the military has basically done the same thing, putting the NSA in charge of its new “Cyber Command.” The Department of Homeland Security is leaning heavily on the NSA to secure .gov networks.
But there’s a problem. The NSA and its predecessors also have a long history of spying on huge numbers of people, both at home and abroad. During the Cold War, the agency worked with companies like Western Union to intercept and read millions of telegrams. During the war on terror years, the NSA teamed up with the telecommunications companies to eavesdrop on customers’ phone calls and internet traffic right from the telcos’ switching stations. And even after the agency pledged to clean up its act — and was given wide new latitude to spy on whom they liked – the NSA was still caught “overcollecting” on U.S. citizens. According to The New York Times, the agency even “tried to wiretap a member of Congress without a warrant.”
All of which makes the NSA a particularly untrustworthy partner for a company that is almost wholly reliant on its customers’ trust and goodwill. We all know that Google automatically reads our Gmail and scans our Google Calendars and dives into our Google searches, all in an attempt to put the most relevant ads in front of us. But we’ve tolerated the automated intrusions, because Google’s products are so good, and we believed that the company was sincere in its “don’t be evil” mantra.
That’s a lot harder to swallow, when Google starts working cheek-to-jowl with the overcollectors. The company pinkie-swears that its agreement with the NSA won’t violate the company’s privacy policies or compromise user data. Those promises are a little hard to believe, given the NSA’s track record of getting private enterprises to cooperate, and Google’s willingness to take this first step.
Google may need help in fighting off these hacks. But turning to Ft. Meade could wind up permanently damaging the company’s image — and the foundation of its incredible success. Already, the Russian press are talking about Google’s decision to spy with NSA, for instance. Hackers might be able to compromise some of Google’s services, for a little while. The association with the NSA could permanently cripple the company. The telegram companies and the old-school telcos were virtually monopolies; customers had nowhere to turn, if they wanted private communications. Bing and Yahoo Mail are just a click away.
Read More http://www.wired.com/dangerroom/2010/02 ... z0efriSrb5
The company once known for its “don’t be evil” motto is now in bed with the spy agency known for the mass surveillance of American citizens.
The National Security Agency is widely understood to have the government’s biggest and smartest collection of geeks — the guys that are more skilled at network warfare than just about anyone on the planet. So, in a sense, it’s only natural that Google would turn to the NSA after the company was hit by an ultrasophisticated hack attack. After all, the military has basically done the same thing, putting the NSA in charge of its new “Cyber Command.” The Department of Homeland Security is leaning heavily on the NSA to secure .gov networks.
But there’s a problem. The NSA and its predecessors also have a long history of spying on huge numbers of people, both at home and abroad. During the Cold War, the agency worked with companies like Western Union to intercept and read millions of telegrams. During the war on terror years, the NSA teamed up with the telecommunications companies to eavesdrop on customers’ phone calls and internet traffic right from the telcos’ switching stations. And even after the agency pledged to clean up its act — and was given wide new latitude to spy on whom they liked – the NSA was still caught “overcollecting” on U.S. citizens. According to The New York Times, the agency even “tried to wiretap a member of Congress without a warrant.”
All of which makes the NSA a particularly untrustworthy partner for a company that is almost wholly reliant on its customers’ trust and goodwill. We all know that Google automatically reads our Gmail and scans our Google Calendars and dives into our Google searches, all in an attempt to put the most relevant ads in front of us. But we’ve tolerated the automated intrusions, because Google’s products are so good, and we believed that the company was sincere in its “don’t be evil” mantra.
That’s a lot harder to swallow, when Google starts working cheek-to-jowl with the overcollectors. The company pinkie-swears that its agreement with the NSA won’t violate the company’s privacy policies or compromise user data. Those promises are a little hard to believe, given the NSA’s track record of getting private enterprises to cooperate, and Google’s willingness to take this first step.
Google may need help in fighting off these hacks. But turning to Ft. Meade could wind up permanently damaging the company’s image — and the foundation of its incredible success. Already, the Russian press are talking about Google’s decision to spy with NSA, for instance. Hackers might be able to compromise some of Google’s services, for a little while. The association with the NSA could permanently cripple the company. The telegram companies and the old-school telcos were virtually monopolies; customers had nowhere to turn, if they wanted private communications. Bing and Yahoo Mail are just a click away.
Read More http://www.wired.com/dangerroom/2010/02 ... z0efriSrb5
.
- Dirttyrabbit
-
- Posts: 1643
- Joined: Sun Oct 04, 2009 1:31 am
Fri Feb 05, 2010 5:27 pm » by Lowsix
The potential for abuse is huge, but i do ask this..ina serious and NON countering way..
Becuase like i said..huge potential abuse..
A while back , there was talk of the Electircal grids having code embeddedin them, and no one knoew what it was, what it did, or what was in it, and that it was small, but encryted into all these regional powerstations, and the only thing they knew for certain..was that it had come from China..
Ok, so lets assume that that part instearmongering or pandering, that we have had legit attacks on different structures, whether it be simple feeling out of networkds, or planting maliciouscode.
I ask this in all serioousness..
Doesnt it behoove us to allow some of these defense agenciies to actually defend us in certain areas...sort of a neccessarry evil? do we want our grid, and all of the thngs they were tryin gto get into..wide open? WHo lloks after that stuff? I know state Dept computers and systems are old as shit, like Windows 2000ME and shit...
Anyhow, im on the fence, because i know whats possible from both sides.
i dont want the chinese fiddlin in our electric and infrastructure frids..period.
Thats scary shit.
And most of the DOS attacks that have slowed certain sections of the web, are ALL basically sniffing operations from the east..all across the board. Every forum i know has experienced some form of large scale, low intensity 'poking around'. Its effected us here...and my two others.
Anyhow..just thinking..
Becuase like i said..huge potential abuse..
A while back , there was talk of the Electircal grids having code embeddedin them, and no one knoew what it was, what it did, or what was in it, and that it was small, but encryted into all these regional powerstations, and the only thing they knew for certain..was that it had come from China..
Ok, so lets assume that that part instearmongering or pandering, that we have had legit attacks on different structures, whether it be simple feeling out of networkds, or planting maliciouscode.
I ask this in all serioousness..
Doesnt it behoove us to allow some of these defense agenciies to actually defend us in certain areas...sort of a neccessarry evil? do we want our grid, and all of the thngs they were tryin gto get into..wide open? WHo lloks after that stuff? I know state Dept computers and systems are old as shit, like Windows 2000ME and shit...
Anyhow, im on the fence, because i know whats possible from both sides.
i dont want the chinese fiddlin in our electric and infrastructure frids..period.
Thats scary shit.
And most of the DOS attacks that have slowed certain sections of the web, are ALL basically sniffing operations from the east..all across the board. Every forum i know has experienced some form of large scale, low intensity 'poking around'. Its effected us here...and my two others.
Anyhow..just thinking..
warløckmitbladderinfection wrote:blasphemous new gehenna inhabitant makes god sad...
- Dirttyrabbit
-
- Posts: 1643
- Joined: Sun Oct 04, 2009 1:31 am
Sun Feb 07, 2010 6:55 am » by Dirttyrabbit
http://news.cnet.com/8301-13578_3-10448 ... riesArea.1
The FBI is pressing Internet service providers to record which Web sites customers visit and retain those logs for two years, a requirement that law enforcement believes could help it in investigations of child pornography and other serious crimes.
The FBI is pressing Internet service providers to record which Web sites customers visit and retain those logs for two years, a requirement that law enforcement believes could help it in investigations of child pornography and other serious crimes.
.
-
- Related topics
- Replies
- Views
- Last post
-
- Banks are being told to obtain secure storage for new curren
by savwafair2012 » Tue Dec 01, 2009 12:20 am - 3 Replies
- 598 Views
- Last post by sw33tlou
Tue Dec 01, 2009 4:00 am
- Banks are being told to obtain secure storage for new curren
-
- BA Asks Its Staff To Work For Nothing
by drjones » Tue Jun 16, 2009 9:01 pm - 0 Replies
- 66 Views
- Last post by drjones
Tue Jun 16, 2009 9:01 pm
- BA Asks Its Staff To Work For Nothing
-
- queen asks permision to go in the city
by truthseeker » Tue Aug 16, 2011 12:25 am - 2 Replies
- 346 Views
- Last post by emeraldtruth
Tue Aug 16, 2011 12:54 am
- queen asks permision to go in the city
-
- Supervisor Asks Woman To Take Down American Flag
1, 2, 3by dirtyrabbit » Thu May 28, 2009 4:04 pm - 20 Replies
- 323 Views
- Last post by clawspiracy
Sun May 31, 2009 10:15 am
- Supervisor Asks Woman To Take Down American Flag
-
- Financial Crisis - The NY Times asks the right questions
by songhai » Tue Jan 12, 2010 7:52 pm - 0 Replies
- 114 Views
- Last post by songhai
Tue Jan 12, 2010 7:52 pm
- Financial Crisis - The NY Times asks the right questions