Ironically, I believe that if the US ever does deschedule marijuana, it won't be because the people demand it, but rather because it makes it impossible to give security clearances to an enormous percentage of practicing software engineers.
I very nearly ended up in the military in Canada. Somewhat far along in the interview process I admitted to having used marijuana within the last year (maybe it was 3 months, I can't recall). I make it a point to be an honest person.
Boom. That was the end of that process. I went on with life and ended up quite glad.
A few years later I am working with some government (mostly RCMP) information security experts and I realized - holy shit - these people are not exactly the cream of the crop. I recall not having much luck getting them to understand some very basic C and what a buffer overflow was.
Not to say there aren't some very competent people in the RCMP and CSIS/etc in Canada. But I can't help but think they are missing out on some of the best because of policies like that.
I understand the potential risks with someone who might be involved in illegal activities, but, to be honest the supposed straight shooters don't have a great track record themselves. See Cameron Ortis as a fine example.
Of course, talking to some military guys about this years later they all laughed and wondered why I didn't just lie.
I imagine intelligence agencies like the NSA also siphon off from the three same "talented but willing to work for the government" pool.
As mentioned further down:
> The persistent structural problems render CYBERCOM unable to provide for itself. It continues to rely on the military services and, in some circumstances, the NSA for personnel, funding, foundational intelligence support, procurement and acquisition activities for cyber-specific capabilities, research and development for tools, and infrastructure supporting cyber operations.
> I’ve witnessed vendors sell the same $100M offering to two services under a different name so those services could independently lobby for resources. I’ve witnessed one service sabotage another’s cyber operation (both under the same ‘Joint’ Force Headquarters) simply because that service did not receive credit. I’ve seen the services’ acquisition communities spend over $1B on poorly defined and duplicative cyber requirements to deliver tools that will never be used. Every effort to unify resources and address national priorities is undermined and resisted by the services who perceive no benefit to their domains.
That sounds exactly like I would expect the world of defense contracting to work. I bet the same kind of thing happens when Raytheon sells the same missile to the Air Force, Army, and Navy
I think the major's point is that it doesn't happen otherwise - this stands out as a problem. My impression is that's because of the expertise and organization around missiles, while 'cyber' lacks expertise, commanders who understand it, and an organization built to manage it.
Imagine working in this organization, with Silicon Valley or just about any other IT job available to you.
Lieutenant Colonel, United States Air Force
... “Few, if any, qualified offensive cyber operators have graduated to positions of command, Colonels, and Generals. This is comparable to an Air Force in which none of the Colonels and Generals have ever been qualified pilots.”
AND
Colonel (Ret.), United States Army
“I’ve seen senior warfighting leaders dismissively call cyber research ‘book reports,’ cyber operators ‘nerds,’ and cyber capability development ‘science projects.’ These … leaders who make critical cyber operational, resource allocation, and risk assessment decisions control promotions to choose people that look like themselves.”
AND
A U.S. Army colonel noted that the individuals on service promotion boards struggle to differentiate between “officers with advanced, skilled degrees in computer science from esteemed institutions” and “those who received online degrees in information management. … This is akin to equating a brain surgeon with a field medic.”
