top | item 37251074

(no title)

> For SpaceX to internally segment ITAR from non-ITAR is a huge bureaucratic overhead for them which leads to a possibility of mistakes.

They decided to become an aerospace engineering firm in the US. ITAR security is part of the cost of doing business.

If the typical e.g. janitor or cafeteria worker at SpaceX has access to ITAR, as SpaceX seem to have alleged before they got caught, then their ITAR security is pure theater.

discuss

xoa|2 years ago

>If the typical e.g. janitor or cafeteria worker at SpaceX has access to ITAR, as SpaceX seem to have alleged before they got caught, then their ITAR security is pure theater.

Why? And why the smarmy elitist discrimination and condescension towards janitors or cafeteria workers? Why would they not be an important part of an organization, professionals capable of getting background checks, appropriate training, and being trusted to keep their mouths shut too?

collinmcnulty|2 years ago

The principle of least privilege is table stakes for security, and is not a sign of disrespect.

dragonwriter|2 years ago

> ITAR security is part of the cost of doing business.

To amplify this: so is compliance with non-discrimination law, and, to the extent the two interact, the cost created by the interaction.

SpicyLemonZest|2 years ago

Sure, but shouldn't the government design them to minimize the cost created by the interaction? It seems silly that it's illegal to discriminate against some categories of non-citizens and illegal not to discriminate against other categories of non-citizens.

thebooktocome|2 years ago

Yes, exactly; thanks.

extraduder_ire|2 years ago

It's probably not the case in most places, but the custodians/building managers should be cleared to work with sensitive or restricted data.

From what I know about pentesting, they usually have the most physical access regardless.