Love how DoD work requires sec+ certification but as you are learning the material you realize they don’t follow any procedures or practices.

It's an excuse to extract information about you that's normally protected by privacy laws.

By getting a security clearance you're effectively trading your right to privacy as a citizen for a paycheck.

To anyone who fancies themselves a "spy", congrats, you played yourself.

Worked on some random DoD contract, had to have a sec+ cert, and a CASP+ cert, didn’t even work on anything classified secret. Moved on to a DoD contractor for aviation, then they were like “of course we don’t require our devs to have Sec+, you are devs focus on software”. Everything was secret.

Do you get questions regarding how to properly bomb innocents, or is that a different department?

@sariel When getting Top Secret clearance, there is (was?) the requirement to gather black mailing material for the DoD.
So one has (had) to provide former and current relationships, friendship, aliens (from other countries, not outer space) one meets regularly, affairs, homosexual actions, finances and debts and a lot more.

The whole black mail material about everyone with Top Secret clearance was then stored at a central location - stolen by China.

@sbiewald source on the China part?

@jeeper I found this anecdote in Ross Anderson's "Security Engineering", 3rd Edition, Chapter 2, which can be found here: https://cl.cam.ac.uk/~rja14/Papers/... It's on page 14.

I must correct myself, not the DoD was hacked, but the Office of Personnel Management (OPN), but AFAIK this was their job.

Anderson doesn't name a source, but it was also reported by media https://washingtonpost.com/news/...