NASA’s IT Archaeology: A Re-Analysis of the Dust
Note: Dr. Jones is available through e-mail at William.H.Jones@grc.nasa.gov and also reads the grc.talk newsgroup regularly; however, he reserves the right to say nothing at his convenience.
NASA Administrator Sean O’Keefe recently went so far as to respond to a previous article of mine, “IT Archaeology: A Word from the Dig Site“. Before anything else is said, I think the Administrator must be congratulated: this is the first time that I can remember an Administrator actually taking time and thought to respond to an unpleasant issue being unpleasantly raised by the troops in a setting other than the manufactured, managed, pre-scripted media-op that has become the standard of modern times. Regrettably, no good deed goes unpunished, and Mr. O’Keefe will probably live to regret this one.
The Administrator, in his third sentence, gets straight to one of the core issues: the previous article was indeed based on incomplete information, and that is putting it mildly. One of the things he and Mr. Strassmann, his recently-appointed Chief Information Officer, might want to draw out of this experience is that incomplete, incorrect information is all we get out here in the parking lot. Not a single thing in that article was drawn from an official communication; it was all news bits, sound bytes, rumors, and the like gleaned from NASA Watch, people in the hall, and other sources that provide the communication function that is missing from the official system. If there is an internal web site documenting Mr. Strassmann’s tentative thinking on this issue or that, giving his detailed view of the whole he is striving to achieve, soliciting feedback on what will this do to your computing operation, I don’t know about it; neither does anybody in this hall.
Let us take the recent Outsourcing Desktop computing Initiative (ODIN) as an example of our IT planning and communication system. One of the small changes ODIN brought on was the concept that being your own root administrator on your own computer system was bad – ODIN-supplied experts would become root and you would be reduced to just a plain, unprivileged user. For secretaries and managers just getting out memos, filling out project plans, composing presentations, and the like, perhaps that is fine. For somebody trying to push one of these beasts through the next planet-shattering technology barrier, that might not be so fine. And for somebody responsible for sensitive data of one of our many kinds, that can be outright scary. This “small change” of policy wasn’t mentioned to the IT community at large (at least at Glenn) until the strapping, jack-booted, contracted, root administrator showed up with his smile at your office door (and in one case I know of personally, not even then!). There was a general-attendance meeting provided at which this policy change was sort of mentioned, but wasn’t really quite spelled out in simple words that we lesser folks could understand. Of course, that meeting (which I did attend) was after the fact: the contract was signed, the policy was carved in stone, there was no discussion to be had. If I hadn’t had the good fortune to sit next to one of the participants in the endless teaming effort leading to ODIN (who, though he screamed good sense incessantly, was never noticeably listened to), I would have been completely unaware of that small policy change.
The Administrator, I am afraid, comes a little close to putting some words into my mouth that perhaps aren’t really there. For one thing, I don’t think our current IT infrastructure is perfectly fine and dandy. As Mr. Strassmann reportedly realized at the very beginning, there are a great many messes to be dealt with; however, I see a unified disaster (that Mr. Strassmann’s incomplete reported remarks suggest he is taking us to) as only philosophically better than a fragmented disaster. If Mr. Strassmann actually has the Promised Land up his sleeve, all the better. But if he is looking at an IT land flowing with milk and honey, why isn’t he using the words that make us see it? Why do the concepts not mesh with what we see everywhere else? Why do the products he trumpets as front-line achievements have six places to double-click and die?
Another word that ought not to be put in my mouth is that I have even the remotest disdain for Mr. Strassmann’s zeal for security; indeed, if it came to a horse race on cyber security, I very much doubt that Mr. Strassmann could keep up with me. If we disagree, it is not on the need, but on the method: I truly cannot understand a central Mission Control in Alabama as being particularly effective in terms of securing my boxes in Cleveland: discounting all sorts of overheads, Mission Control will be milliseconds behind the action and those milliseconds can be disastrous. I would be much more impressed with comprehensive assistance on everything your box is willing to do, why you would or wouldn’t want it to do that, how to turn it off if you don’t want it, and how to tighten it up if you must have it. Instead, we get yearly, mandatory training: if a man with a thick Arab accent calls up and wants your password, don’t give it to him. Really.
Finally, as I did in the last paragraph of the last article, let me again say that I suspect Mr. Strassmann is actually much more competent than his reported remarks suggest. He does indeed have an impressive resume, as I mentioned last time. The fact that he was picked by Administrator O’Keefe speaks well of him, too. As near as I can count on my fingers, for the last 35 or 40 years Mr. Strassmann has managed computing and computing people at some impressive places. He pounded keys (or, perhaps, he toggled switches) for some years before that. But lest I seem too solicitous, I do point out that I pounded keys today, I pounded them yesterday, and I’ll pound them again tomorrow. I have pounded keys, designed circuits, wrapped wires, and strung cables, at home and at work, day and night for the last 35 years. Some people in this hall think there is a discernable difference between those two lifelines.
Dr. Jones is available through e-mail at William.H.Jones@grc.nasa.gov and also reads the grc.talk newsgroup regularly; however, he reserves the right to say nothing at his convenience.
Related links
