News in Brief

Sole-source woes, Silk Road security flaws and more nominations

Image from Shutterstock.

Sole-source rules not well understood, says GAO

A recent addition to Federal Acquisition Regulation regarding sole-source awards for contracts worth more than $20 million is poorly understood, according to the Government Accountability Office, and could be reducing the use of such contracts for small businesses.

According to GAO, the new FAR measure, included in the 2010 defense authorization act and implemented in 2011, requires a written justification of 8(a) sole-source awards over $20 million. Previously, no justification had been required.

GAO found that the number and value of such contracts awarded by the Department of Defense through the Small Business Administration's 8(a) Business Development program remained low in fiscal year 2013 after a significant decrease from fiscal years 2009 through 2012. According to the agency, DOD awarded 27 of the contracts, valued at more than $2 billion, in fiscal year 2009, and four contracts, valued at about $221 million, in fiscal year 2013.

Between April 2012 and June 2014, GAO said the Pentagon awarded five 8(a) sole-source contracts valued at more than $20 million. All five contained justifications, it said, but not all of the justifications fully met FAR requirements.

GAO said it had recommended that the administrator of the Office of Federal Procurement Policy clarify the circumstances in which an 8(a) justification is required, to help mitigate confusion. OFPP, it said, generally agreed with GAO's recommendations and has started the process to amend the FAR.

How did the FBI crack Silk Road's anonymity?

The FBI claims it found the physical location of the host server for the online drug emporium Silk Road through a simple security flaw.

Investigators typed in "miscellaneous entries" in the network's login page, and discovered that the CAPTCHA prompt that was used to divert spam traffic was poorly configured, and leaked information despite being connected to the Tor network, which is designed to anonymize web traffic.

But some are asking whether the FBI didn't employ more advanced exploits to get the information, and question whether such a flaw could have gone unnoticed, given the amount of scrutiny Silk Road and Tor generate from security experts.

In a Wired article, two experts following the case speculate that the FBI could have used information about an existing Silk Road flaw that was discussed on Reddit to make the Silk Road's server accept FBI inputs as commands. If such a "remote code execution" technique was used by the FBI, it could complicate prosecution of alleged Silk Road creator Ross Ulbricht, whose trial is approaching.

Deyo, Marti nominations sent to the Senate

The White House has submitted to the Senate its nominations of Russell Deyo to be the Department of Homeland Security's under secretary for management and Daniel Marti to be the Executive Office of the President's intellectual property enforcement coordinator.

If confirmed, Deyo -- a longtime Johnson & Johnson executive -- would replace Rafael Borras, who left DHS in early 2014 and is now with the management consulting group A.T. Kearney. Marti, who is the managing partner at the Washington D.C. office of the law firm Kilpatrick Townsend, would succeed Victoria Espinel. Espinel, who was the first person to hold the intellectual property enforcement coordinator post, is now president and CEO of the Business Software Alliance.

The White House made the official submissions on Sept. 8. The planned nominations had both been announced in late August.

About the Author

Connect with the FCW staff on Twitter @FCWnow.


  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.