News in Brief

Sole-source woes, Silk Road security flaws and more nominations

Image from Shutterstock.

Sole-source rules not well understood, says GAO

A recent addition to Federal Acquisition Regulation regarding sole-source awards for contracts worth more than $20 million is poorly understood, according to the Government Accountability Office, and could be reducing the use of such contracts for small businesses.

According to GAO, the new FAR measure, included in the 2010 defense authorization act and implemented in 2011, requires a written justification of 8(a) sole-source awards over $20 million. Previously, no justification had been required.

GAO found that the number and value of such contracts awarded by the Department of Defense through the Small Business Administration's 8(a) Business Development program remained low in fiscal year 2013 after a significant decrease from fiscal years 2009 through 2012. According to the agency, DOD awarded 27 of the contracts, valued at more than $2 billion, in fiscal year 2009, and four contracts, valued at about $221 million, in fiscal year 2013.

Between April 2012 and June 2014, GAO said the Pentagon awarded five 8(a) sole-source contracts valued at more than $20 million. All five contained justifications, it said, but not all of the justifications fully met FAR requirements.

GAO said it had recommended that the administrator of the Office of Federal Procurement Policy clarify the circumstances in which an 8(a) justification is required, to help mitigate confusion. OFPP, it said, generally agreed with GAO's recommendations and has started the process to amend the FAR.

How did the FBI crack Silk Road's anonymity?

The FBI claims it found the physical location of the host server for the online drug emporium Silk Road through a simple security flaw.

Investigators typed in "miscellaneous entries" in the network's login page, and discovered that the CAPTCHA prompt that was used to divert spam traffic was poorly configured, and leaked information despite being connected to the Tor network, which is designed to anonymize web traffic.

But some are asking whether the FBI didn't employ more advanced exploits to get the information, and question whether such a flaw could have gone unnoticed, given the amount of scrutiny Silk Road and Tor generate from security experts.

In a Wired article, two experts following the case speculate that the FBI could have used information about an existing Silk Road flaw that was discussed on Reddit to make the Silk Road's server accept FBI inputs as commands. If such a "remote code execution" technique was used by the FBI, it could complicate prosecution of alleged Silk Road creator Ross Ulbricht, whose trial is approaching.

Deyo, Marti nominations sent to the Senate

The White House has submitted to the Senate its nominations of Russell Deyo to be the Department of Homeland Security's under secretary for management and Daniel Marti to be the Executive Office of the President's intellectual property enforcement coordinator.

If confirmed, Deyo -- a longtime Johnson & Johnson executive -- would replace Rafael Borras, who left DHS in early 2014 and is now with the management consulting group A.T. Kearney. Marti, who is the managing partner at the Washington D.C. office of the law firm Kilpatrick Townsend, would succeed Victoria Espinel. Espinel, who was the first person to hold the intellectual property enforcement coordinator post, is now president and CEO of the Business Software Alliance.

The White House made the official submissions on Sept. 8. The planned nominations had both been announced in late August.

About the Author

Connect with the FCW staff on Twitter @FCWnow.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.