News in Brief

Sole-source woes, Silk Road security flaws and more nominations

Image from Shutterstock.

Sole-source rules not well understood, says GAO

A recent addition to Federal Acquisition Regulation regarding sole-source awards for contracts worth more than $20 million is poorly understood, according to the Government Accountability Office, and could be reducing the use of such contracts for small businesses.

According to GAO, the new FAR measure, included in the 2010 defense authorization act and implemented in 2011, requires a written justification of 8(a) sole-source awards over $20 million. Previously, no justification had been required.

GAO found that the number and value of such contracts awarded by the Department of Defense through the Small Business Administration's 8(a) Business Development program remained low in fiscal year 2013 after a significant decrease from fiscal years 2009 through 2012. According to the agency, DOD awarded 27 of the contracts, valued at more than $2 billion, in fiscal year 2009, and four contracts, valued at about $221 million, in fiscal year 2013.

Between April 2012 and June 2014, GAO said the Pentagon awarded five 8(a) sole-source contracts valued at more than $20 million. All five contained justifications, it said, but not all of the justifications fully met FAR requirements.

GAO said it had recommended that the administrator of the Office of Federal Procurement Policy clarify the circumstances in which an 8(a) justification is required, to help mitigate confusion. OFPP, it said, generally agreed with GAO's recommendations and has started the process to amend the FAR.

How did the FBI crack Silk Road's anonymity?

The FBI claims it found the physical location of the host server for the online drug emporium Silk Road through a simple security flaw.

Investigators typed in "miscellaneous entries" in the network's login page, and discovered that the CAPTCHA prompt that was used to divert spam traffic was poorly configured, and leaked information despite being connected to the Tor network, which is designed to anonymize web traffic.

But some are asking whether the FBI didn't employ more advanced exploits to get the information, and question whether such a flaw could have gone unnoticed, given the amount of scrutiny Silk Road and Tor generate from security experts.

In a Wired article, two experts following the case speculate that the FBI could have used information about an existing Silk Road flaw that was discussed on Reddit to make the Silk Road's server accept FBI inputs as commands. If such a "remote code execution" technique was used by the FBI, it could complicate prosecution of alleged Silk Road creator Ross Ulbricht, whose trial is approaching.

Deyo, Marti nominations sent to the Senate

The White House has submitted to the Senate its nominations of Russell Deyo to be the Department of Homeland Security's under secretary for management and Daniel Marti to be the Executive Office of the President's intellectual property enforcement coordinator.

If confirmed, Deyo -- a longtime Johnson & Johnson executive -- would replace Rafael Borras, who left DHS in early 2014 and is now with the management consulting group A.T. Kearney. Marti, who is the managing partner at the Washington D.C. office of the law firm Kilpatrick Townsend, would succeed Victoria Espinel. Espinel, who was the first person to hold the intellectual property enforcement coordinator post, is now president and CEO of the Business Software Alliance.

The White House made the official submissions on Sept. 8. The planned nominations had both been announced in late August.

About the Author

Connect with the FCW staff on Twitter @FCWnow.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.