Keith's 15 Nov 4:00 pm EST note: NASA will announce soon that Glenn Research Center Director Ray Lugo and Johnson Space Center Director Mike Coats are leaving their respective positions. All-hands meetings have reportedly been scheduled for tomorrow (Friday) at JSC and GRC. As was reported on NASAWatch in August, these departures, which will be described as "retirement", are part of a larger attempt by NASA Administrator Charlie Bolden to rearrange field center management at NASA. Bolden is still attempting to replace several other NASA field center directors including Ames Research Center Director Pete Worden - despite repeated pressure on Bolden from the White House and Congress not to do so.

Bolden Seeks To Replace Multiple Center Directors, earlier post

NASA Announces Leadership Changes at Glenn Research Center and Johnson Space Center

"NASA Administrator Charles Bolden announced leadership changes Friday for the agency's Glenn Research Center in Cleveland and Johnson Space Center in Houston. James Free will succeed Ramon (Ray) Lugo as Glenn's center director when Lugo retires in January. Free has served as Glenn's deputy director since January 2011. Ellen Ochoa will succeed Michael Coats as Johnson's center director when Coats retires at the end of the year. Ochoa has served as Johnson's deputy director since September 2007."

- Ochoa Named Johnson Space Center Director; Coats to Retire

- Free Named Glenn Research Center Director; Lugo To Retire

NASA Glenn director Ray Lugo to retire in January, Cleveland Plain Dealer

"In an interview with The Plain Dealer in August in response to those rumors, Lugo said he had gotten personal assurance from Bolden "that he is not planning to replace me or move me. To the best of my knowledge - and I've talked to the boss - there's no truth to the rumor."

Categories:

• Personnel News

Keith's note: I just got this email from the NASA OIG:

The NASA Office of Inspector General (OIG) today released its Semiannual Report to Congress highlighting the OIG's activities and accomplishments from April 1 -September 30, 2012. View the full report and video summary at: oig.nasa.gov/SAR/sar0912.pdf and oig.nasa.gov/Video/OIGPaulMartin_SAR_10-26-12.html

Renee N. Juhans
Executive Officer
NASA Office of Inspector General

! WARNING ! This email including any attachments is intended only for authorized recipients. Recipients may only forward this information as authorized. This email may contain non-public information that is "Law Enforcement Sensitive," "Sensitive but Unclassified," or otherwise subject to the Privacy Act and/or legal and other applicable privileges that restrict release without appropriate legal authority and clearance. Accordingly, the use, dissemination, distribution or reproduction of this information to or by unauthorized or unintended recipients, including but not limited to non-NASA recipients, may be unlawful.

Did anyone stop and think about adding this legal language to emails sent to the media - or the public? How am I supposed to interpret the scary and somewhat threatening warning? Seriously.  Am I an "authorized recipient"? If so when did I become one? Who are "unauthorized or unintended recipients"?  I am going to post this on a website read globally by people I will never be able to identify.  I did not agree to these security issues - indeed, this email was sent to me unsolicited.  The warning also says "may contain ..."  Well, does it or doesn't it - how am I supposed to know? Can the sender change their mind after it is sent?

Categories:

• News

NASA breach update: Stolen laptop had data on 10,000 users, ComputerWorld

"Personally identifiable information of "at least" 10,000 NASA employees and contractors remains at risk of compromise following last month's theft of an agency laptop, a spokesman told Computerworld via email Thursday. ... Responding to questions from Computerworld today, NASA spokesman Allard Beutel acknowledged that agency waited nearly two weeks to publicly disclose the breach. He said that in the interim, NASA was working with law enforcement personnel to recover the laptop, and was working to determine exactly whose personal data was stored on it."

Keith's note: There is no common sense evident in the NASA CIO organization. Why on Earth would anyone allow information on this many people to leave the agency on a single laptop - without sufficient encryption/protection - and then leave it unattended in a car? What baffles me is that NASA waited 2 weeks to tell the people affected. I guess that means that NASA had no idea what was on the laptop in the first place - but they allowed it to leave the building anyway - and that the person taking the laptop off site either had no idea what was on the laptop (not good) or knew what was on the laptop and did not care to treat the contents the way that they should have been protected. This borders on sheer negligence.

NASA OIG: NASA's 2012 Top Management and Performance Challenges

"The year was not without challenges, however. For example, due to cost overruns in the James Webb Space Telescope and other projects, NASA had to reprogram funds away from several Agency initiatives. This resulted in developmental delays in some ongoing projects and cancellation of other planned projects, including the ExoMars/Trace Gas Orbiter missions to Mars. Moreover, the congressional decision to provide NASA's Commercial Crew Program (CCP) with less than half the funding requested by the President in FY 2012 extended to 2017 the earliest date that NASA expects to obtain commercial crew transportation services to the ISS, which is significant if NASA is unable to maintain and utilize the Station beyond its currently scheduled retirement date of 2020."

Categories:

• News,
• Workforce

NASA Headquarters Common Instrument Interface Guidelines for Hosted Payload Opportunities Working Meeting

"One day before the Common Instrument Interface working meeting, on December 12, 2012, the Hosted Payload Alliance (HPA) is hosting a Working Meeting from 8:00 a.m. to 5:00 p.m. at the James E. Webb Auditorium at NASA Headquarters, 300 E Street, SW, Washington, DC, the same location as the CII meeting. The Hosted Payload Alliance is a satellite industry alliance whose purpose is to increase awareness of the benefits of hosted government payloads on commercial satellites. This meeting focuses on the policy and business issues concerning the commercial hosting of government payloads. Organized as a series of moderator-led panel discussions, the agenda includes: the planning and decision process; mission-dependent architectural considerations; procurement practices, acquisition models, and contracting guidelines; policy enablers and inhibitors; and the path forward for hosted payloads. NASA is not affiliated with the HPA, but is providing the facilities for this meeting to facilitate this mutually beneficial and productive discussion."

Keith's note: According to the HPA website this event is "for HPA members only". I find it rather odd that NASA uses its resources to put out a formal, official, government solicitation notice - one that includes an announcement for this meeting - one that uses public (government facilities) but that the public and media will not be allowed to attend. Moreover NASA doesn't even bother to tell anyone that this is a closed meeting or why it is closed.

Categories:

• Commercialization

NASA Suffers "Large" Data Breach Affecting, IEEE Spectrum

"Why it has taken so long for NASA to finally decide to fully encrypt its laptops remains a mystery, given its long-time poor record on IT security. As noted at NASA Watch, NASA has a history of laptops with personally identifiable information being stolen, one as recently as March. Maybe NASA decided to act this time because it involved a NASA Headquarters' person who in all likelihood is very senior and should have known better than to possess a laptop with no data encryption."

NASA finally demands encryption on employee machines after another laptop is stolen, The Verge

"Why the concern? Well, the laptop's hard drive wasn't encrypted, and nor were any of its sensitive documents. The theft, which was revealed to employees in an agency-wide email obtained by SpaceRef, is being spun as a wake up call for NASA to beef up its security standards on employees' laptops."

NASA scrambles to encrypt laptops after major breach, Computer World

"Gant Redmon, general counsel and vice president of business development at Co3 Systems, an incident management company, said the issue is why NASA didn't take measures to encrypt all of its systems sooner. "I have two questions. Why didn't they have it before the [March] incident? Why didn't they have it after that first breach?"

NASA Says Staff Information Was on Stolen Laptop, New York Times

"This is not the first time NASA has suffered a serious breach. The agency has long been a target for cybercriminals looking to pilfer sensitive research."

Laptop with NASA workers' personal data is stolen, Reuters

"The laptop theft is the latest in a string of NASA security breaches over the past few years. In March, a Kennedy Space Center worker's laptop that contained personal information on about 2,300 employees and students was stolen."

Yet Another NASA IT Blunder, earlier post

Categories:

• IT/Web

Summary of Rules and Requirements, Google Lunar X Prize

"The competition's grand prize is worth $20 million. To provide an extra incentive for teams to work quickly, the grand prize value will change to $15 million whenever a government-funded mission successfully explores the lunar surface, currently projected to occur in 2013."

China's Chang'e-3 to land on moon next year, China Daily

"Ma said the Chang'e-3 would probe and explore the lunar surface, and carry out various environmental and space technology related tests. It will spend 15 days on the moon to lay the foundations of what he called, further deep space exploration."

Chang'e 3, Wikipedia

Keith's note: None of the Google Lunar X Prize competitors will be capable of landing on the Moon during 2013, so it is a foregone conclusion that the prize will drop in value. Add in the lack of real (existing) flight hardware, firm and fully-funded launch contracts, and all other funding required to cover other mission aspects of launch and operations, and it is becoming increasingly unlikely that any of the teams will be able to meet the Prize's requirements by 31 December 2015. I would most certainly like to be proven wrong when someone lands on the Moon.

Categories:

• China,
• Commercialization

House Passes Bill to Extend the Commercial Space Transportation Liability Regime

"Today, H.R. 6586, a bill that provides a two-year extension to the existing commercial space launch indemnification regime, passed the House by voice vote under suspension of the rules. Under the Commercial Space Launch Act Amendments of 1988, a system was established that spreads the risk from a commercial space launch mishap or failure between the launch provider and the government for potential damages or losses concerning uninvolved public or property. It has been extended five times since its original enactment."

House Approves Bill to Extend Risk-Share Protection of Commercial Launch Companies

"Administration and industry witnesses provided compelling evidence that indemnification for third-party claims is needed to preserve a US commercial launch market," said Subcommittee Chairman Palazzo."

Keith's note: This action yesterday is rather important news for commercial space sector. Not a word from the Commercial Spaceflight Federation. What is it that they do again?

Categories:

• Commercialization

NASA Decides to Adopt Boeing SIMAC Design for Docking and Retiring the iLIDS Design

"Obviously, this is a disappointing outcome. But while iLIDS may not have been the right solution for the ISS Program, the technology that has been developed for this program remains very impressive and the work that everyone has done to bring it this far has been outstanding. While there are many docking system concepts out there, this is the only US system which has actually put hardware together and shown that it functions."

The NASA Docking System (NDS)

"The NASA Docking System (NDS) is NASA's implementation of the newly adopted International Docking System Standard (IDSS). The NDS blends state-of-the-art low-impact docking technology which has been under development for many years by the Engineering Directorate at the NASA Johnson Space Center with the heritage Russian Androgynous Peripheral Assembly System (APAS) hard mating interface. The NDS design will be made available as a common design for use by future NASA and United States Commercial Crew vehicles."

Categories:

• ISS News

Keith's note: I'll was on HuffPostLIve at 11:00am ET today, talking about China's space program.

Earlier post on China

Categories:

• China

Agencywide Message to All NASA Employees: Breach of Personally Identifiable Information (PII)

"On October 31, 2012, a NASA laptop and official NASA documents issued to a Headquarters employee were stolen from the employee's locked vehicle. The laptop contained records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors, and others. Although the laptop was password protected, it did not have whole disk encryption software, which means the information on the laptop could be accessible to unauthorized individuals. We are thoroughly assessing and investigating the incident, and taking every possible action to mitigate the risk of harm or inconvenience to affected employees."

Keith's note: Look at the links below from the past several years. When things like this happen again and again you have to wonder whether the people entrusted with sensitive information - and/or the people who manage these individuals - are required to exhibit common sense in the performance of their duties. For that matter, you have to wonder if the people running NASA's IT security actually know what they are doing. This advisory contains "changes and clarifications in NASA policy". How many times do things like this have to happen before NASA finally figures out how to fix this obvious problem? Why was information like this on a laptop to begin with?

Lets just hope this laptop doesn't contain any inappropriate emails to U.S. Army soccer moms or socialites ...

- Stolen KSC Laptop Has Employee Personal Info On It (Update), earlier post
- NASA IT Security is a Mess - Stolen Laptops and Hacking JPL, earlier post
- OIG: NASA Information Security Does Not Fully Meet DHS Requirements, earlier post
- NASA OIG: Facilities and Spacecraft Vulnerable to Attack, earlier post
- OIG Finds Problems in NASA IT Management and Implementation, earlier post
- NASA OIG: Audit of Cybersecurity Oversight of [A NASA] System, earlier post
- GAO Cites Ongoing NASA IT Security Vulnerabilities, earlier post

Categories:

• IT/Web

The Vision for Space Exploration: After the Vision, What Next? (Part 5), Paul Spudis

"Many of us working in or with NASA recognized that the 2004 Vision for Space Exploration (VSE) was a breakthrough, the necessary fulcrum needed to change our approach and direction to spaceflight. It was a program that would have opened the door to a wide variety of previously unobtainable missions. In this five-part series to establish and clarify the history and intent of the VSE, I've shared my insider's perspective on why and how it was conceived, executed and eventually terminated - a cautionary tale, if you will, and hopefully, an instructive one. In this last post, I want to examine what lessons should be drawn from this history and how we should move forward in a positive way to have and to build a U.S. space program truly "worthy of a great nation."

Categories:

• Exploration,
• News,
• Policy