How To Stop the Next WikiLeaks 191
Hugh Pickens writes "Eli Lake reports that the U.S.'s 16 intelligence agencies are using a program called SureView that makes it easier to spy on the spies and catch whistleblowers early in the act. SureView is a type of auditing software that specializes in 'behavior-based internal monitoring' that monitors the intelligence officer's computer activity. If the officer acts like a potential leaker, sending an encrypted email or using an unregistered thumb drive, the analyst might push a button and watch a screen video of the officer's last hour of work. Once a case is made that a leak might be imminent, it is checkmate: the agent is thwarted. 'Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,' says Ryan Szedelo, manager for Raytheon's SureView software. The intelligence community has had auditing software for years. SureView came on the market in 2002. But the programs were buggy and often prone to false positives, alerting a network administrator too often to routine behavior. 'The technology has gotten substantially better in the last year,' says Jeffrey Harris, a former head of the National Reconnaissance Office. 'The problem with audit files was it took an army of people to understand them. Now we have rule-driven systems and expert systems that help us reason through the data.'"
Comment removed (Score:5, Insightful)
Re: (Score:2)
Indeed. They might as well say "If it had been on Bradley Manning's machines, no one would know about some of the crimes we've been covering up."
Re: (Score:2)
A good thing is relative.
For example, Harrisburg was just assigned to be in control of an appointed person by the Governor. Powers include being able to sign the city to contracts and sell what he/she chooses.
The idea of a governor declaring they can pick a person to be a dictator to our state capital seems bad to me. My relatives of his party see it is a good and needed thing to fight the corruption there.
Re: (Score:3)
From the article:
the analyst might push a button and watch a screen video of the officer's last hour of work
Hmmm, so it would need 'cleverness' like a closed shell window:
$ sleep 3600 ; cp /path/to/secret.file /mnt/thumbdrive
Then wait half an hour, insert your thumbdrive to be mounted to the proper location; open a completely harmless (but non-work document) from it, say - an invitation to a garden party, and print it -- all the while leaving the thumbdrive mounted, so that the sleep-job can write the document in the background after in the next hour...
Then ensure the thumbdrive is only ejected
Re: (Score:2)
Re: (Score:2)
Oh, btw, stuxnet 2 has been spotted, gathering intelligence about various networks vulnerabilities, just saying...
Re: (Score:2)
Re: (Score:2)
Just saying...
Re: (Score:2)
Bradley Manning's life (for one) has been destroyed by his naivete in his participation in this activity. You can not think that he really got into all of this with his eyes open.
Had this security system been in place, Manning would have probably done a couple of years in military prison (for attempt, and for stupidity) and then been booted to civilian life. Because it was not he will spend decades in the worse conditions allowed by military law.
Re:Stay classy! (Score:4, Insightful)
Re: (Score:2)
Mindless minions serving evil overlords. Holy shit there must be some really convincing arguments, oh wait they sign away all rights to information.
CNN is so biased it's unbelievable, CIA edited CNN must be even worse!
Re: (Score:2)
Re: (Score:2)
Exposing military misconduct is obviously moral behavior. A system that punishes moral behavior is immoral. It does't matter whether he knew there would be consequences. It's the consequences that are the problem.
moral... (Score:2)
Exposing military misconduct is obviously moral behavior. A system that punishes moral behavior is immoral. It does't matter whether he knew there would be consequences. It's the consequences that are the problem.
Behavior that I disagree with, which makes me uncomfortable, or that I don't like is not necessarily (or even probably) misconduct. But even if it was...
Doing 'whatever I want' with information that I do not own after agreeing not to do so is not a moral act. Stealing information is not a moral act. Imposing my discomfort or dislikes on you; making you conform to my personal likes; is not a moral act. Trying to avoid responsibility for committing an immoral act... is not a moral act. Committing immor
Re: (Score:2)
Killing journalists, then lying to cover it up is misconduct.
Re: (Score:2)
Killing anyone - probably - is not a moral act. I propose that self righteous journalists may be the exception that proves the rule. I am certain that anyone who actually calls themselves a "journalist" deserves no protection, sympathy, or remorse.
That said... I am aware of a video that seems to show individuals killed by a helicopter. The one or more of the individuals were probably journalists but may have looked like something else from the air (Press passes are hard to read from 1500 ft in a war z
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
help prevent..selling secrets to the North Koreans (Score:2)
And there you have it: the North Koreans represent such a definitive immenent high level threat that we must be prepared to destroy the earth to stop them!!! By the way, where is this 'North Korea' that you speak of?
Re:Stay classy! (Score:4, Interesting)
From a security perspective, yes it is a good thing. But at the same time the level of secrecy and classification has become absurd. It is undermining our democracy because the citizenry cannot find out some basic stuff that their government is doing. It is (or should be) common knowledge that the three letter agencies (and a bunch you've never heard of) spy on Americans on an ongoing basis. We can't find out just what they are doing because it is classified, and if we try to sue we have no standing because we can't prove we were spied upon because it's classified. That is absurd and Kafkaesque. These days leakers are the only way we find out about the shenanigans our agencies pull.
On a side note "senior white house officials speaking on the condition of anonymity" leak classified material all the time. But they are never prosecuted. I wonder why.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Please respond with your full name, address, date of birth, SSN, bank details and credit and debit card details, a summary of your medical conditions, the themes of your last five masturbatory fantasies, and what you had for breakfast.
Nothing is so important...
Re: (Score:2)
Re: (Score:3)
Do you understand things that are done individually and things that are done as a group?
Government/economy is what we do as a group. My name, address, etc are what I do individually.
Maybe if we didn't have so many secrets in the first we wouldn't need so many in the second.
So
Re: (Score:2)
Re: (Score:2)
You better hold off.
It's the weekend and I'm certain to become less sensible pretty soon.
Detection and rules (Score:2, Interesting)
Re: (Score:2)
Recursion (Score:4, Funny)
If a spy spies a spy who spies, who spies the spy who spies the spy?
In italian is funnier because both "spy" and "spies" translate into "spia".
Se una spia spia una spia che spia, chi spia la spia che spia la spia?
The real purpose (Score:5, Insightful)
'Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,' says Ryan Szedelo, manager for Raytheon's SureView software.
And nobody would have evidence of the serious crimes he told the world about. That's what they're really worried about.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
And nobody would have evidence of the serious crimes he told the world about. That's what they're really worried about.
Manning just copied everything and Wikileaks spewed it all over. The noise to signal ratio is so high in that mess that it's hard to say he told the world anything...
Re:Noise and Signals (Score:2)
Absolutely not true in the modern age of computers.
Given a juicy chunk of data, a smart guy with a few software tricks will dig that info out. The power of the internet is it only takes ONE smart guy, (or gal!) and then the results are rebroadcast in sound bite form.
Re: (Score:2)
Re: (Score:2)
Good, we have the evidence, and what have we done with it?
Nothing, of course.
At least we can point at it and call it bullshit. They'll still deny it, but we "know" that it is. That is worth something.
Re: (Score:2)
Arguably not, because anyone familiar with the history of the Vietnam War learned not to trust anything the US military said about its own operations.
What many people know is no secret (Score:2)
Don't give millions of government employees access to confidential documents. The Manning documents were likely already in the possession of all major powers.
Re: (Score:3)
Don't give millions of government employees access to confidential documents. The Manning documents were likely already in the possession of all major powers.
That may very well be true. However, that isn't what he is really in trouble about. He's in trouble because he was instrumental in the documents being released to the public !
Re: (Score:2)
True, I get the feeling that leaks are only a problem when they are to the public.
Another solution (Score:5, Insightful)
Or, you could stop committing and covering up crimes and routinely classify any and all information regardless if it's needed or not. Then nobody would feel the need to leak the things that are rightfully secret.
Just a thought.
Re: (Score:2)
What he said x 1000. Why on earth do we need to redact 80% of what gets 'declassified' in 50 year old documents and re-classify the rest? Whomevers dirty laundry this is is long since gone, but clearly your tax dollars are hard at work... [gwu.edu]
"Washington, D.C., February 21, 2006 - The CIA and other federal agencies have secretly reclassified over 55,000 pages of records taken
Re: (Score:2)
"These acts are evil, we won't do them": At least then we'd have a hope of reacting appropriately.
News of horrors coming out of the U.S. comes out every day and heads never seem to roll. Your country looks more and more like a fascism every day with bread and circuses fueling a bizarre patriotism that sees everyone else as inferior and less free. Even though the U.S. comes in at the lowest end of every statistic on overall quality of life (in the developed w
Hmmm (Score:2)
"Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,"
This quote sends shivers down my spine.
Imagine if King George III had had this kind of technology. Then no one would know who George Washington is today. Why would anybody think this is a bad thing?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Yes, but since they were not employees of the crown, they would not have been working on computers with this technology.
In ten years or so, every single citizen of the UK will be working on computers with this technology.
Re: (Score:2)
Which secret documents did George Washington steal and / or publish?
Re: (Score:2)
None but he helped "rebel" against the king.
In those days that was treason.
But thanks to SureView, all his plans and "accomplices" were "dealt with"...
Awe, cute (Score:2)
Another fly-by-night software developer conned some tech-ignorant government institute into buying their shit-software under the guise that it would stop their latest .
Go America! I'm sure this will work out just fine for everyone.
Re: (Score:2)
I think Dr Seuss said it best (Score:5, Informative)
Out west, near Hawtch-Hawtch,
there's a Hawtch-Hawtcher Bee-Watcher.
His job is to watch...
is to keep both his eyes on the lazy town bee.
A bee that is watched will work harder, you see.
Well... he watched and he watched.
But, in spite of his watch,
that bee didn't work any harder. Not Mawtch.
So somebody said,
"Our old-bee-watching man
just isn't bee-watching as hard as he can.
He ought to be watched by another Hawtch-Hawtcher!
The thing that we need
is a Bee-Watcher-Watcher!"
WELL...
The Bee-Watcher-Watcher watched the Bee-Watcher.
He didn't watch well. So another Hawtch-Hawtcher
had to come in as a Watch-Watcher-Watcher!
And today all the Hawtchers who live in Hawtch-Hawtch
are watching on Watch-Watcher-Watchering-Watch,
Watch-Watching the Watcher who's watching the bee.
You're not a Hawtch-Watcher. You're lucky, you see!
Coming soon (Score:2)
If a worker acts like a potential human, sending a personal email, visiting an unregistered website or trying to conduct union activities on site, the analyst might push a button and watch a screen video of the officer's last hour of work. Once a case is made that something might be imminent, it is checkmate: the worker is thwarted.
Re: (Score:2)
Re: (Score:2)
I work at a major hospital. Remote software commonly used for remote troubleshooting fires off quite regularly. I expect every workstation in the place has screen-shots taken. It's not an hour of video, but probably because that would be too expensive.
If you don't want the world to know... (Score:2)
...that you are a murderer, stop murdering.
To stop "the next Wikileaks" (Score:2)
Minimize access to sensitive docs, keep those with access happy, and most importantly, always be ethical.
In the land of the "free"... (Score:2)
Big Brother is watching you!
I wonder when they make this compulsory for civilians as well?
Or we could stop doing bad stuff (Score:2)
Re: (Score:2)
You know, all that war, killing and hiding the truth could just end. Nah.
I think the problem here is that other countries intend to continue with the dirty deeds. If we intend to fight back (i.e. the CIA), our activities must remain secret, simply because most American's cannot handle the cognitive dissonance of "there are no good guys, not even us".
Re: (Score:2)
stop right there criminal scum (Score:2)
A new counter-counter-counter intelligence method is devised
set your wallpaper to goatse people
Its easy to stop the next wikileaks (Score:2)
Just act like a decent moral human being. If you do "because" someone is going to blow the whistle on you.
Re: (Score:2)
"Just act like a decent moral human being."
History suggests doing that isn't globally competitive, however much idealists wish it were.
Who watches the Watchers? (Score:2)
If the officer acts like a potential leaker, sending an encrypted email or using an unregistered thumb drive, the analyst might push a button and watch a screen video of the officer's last hour of work.
So, then, the analyst becomes the leaker. (Or the spy that a 3rd party hires)
A more likely senario, is that the "officer" (who is an analyst himself), plays it safe, and doesn't gather enough intel together to actually figure out what the real bad guys are doing.
Re: (Score:2)
Mislieading title (Score:2)
Summary is actually about stopping leaks and the latter existed long before Assange's website. Inasmuch I am glad Manning's load became public, but for a security agency any leak-preventing policy seems a reasonable and logical step.
The risk an insider takes to publicize the data that is prohibited from publicizing by law should be compensated for the society in case the activity he is publicizing is criminal (that is breaking other laws).
Now, there are probably internal rules on how to fight crime inside t
Don't even need wikileaks to see righ through this (Score:3)
At the age when US president openly murders US citizens on a hunch and starts whatever war he wants, like a Boss (like a King) and the rest of the government doesn't stop him in his tracks.
At the age when US Supreme Court doesn't see anything wrong with the federal government going way beyond its authority on pretty much every issue, every law, every regulation, every tax.
At the age when Congress and Senate bail out banks and companies and vote to increase debt limit without ever considering the consequences.
At the age when Federal Reserve is counterfeiting currency left right and center.
At the age of fascism/corporatism on the top and Marxism/communism on the bottom.
What do you need wikileaks for? Are you blind?
--
Of-course they want the specifics of their secrets to remain secrets, they are now your rulers, not your servants.
Re: (Score:2)
Encrypted email == warning sign (Score:2)
You know you've hopelessly fucked up, when the one guy who sends an encrypted email is suspected of being the leak.
Ooh! And Then... "The Accident"? (Score:2)
Does SureView have a plug-in for that?
Re: (Score:2)
Yes they do, his name is Waldo, and if I say any more, they will find me with SureView and all anyone will ever find of me is my right nipple.
How to stop the next wikileaks? (Score:4, Funny)
And two guys willing to throw everything away from the Bank of America leak.
An easier way (Score:2)
If a leak occurs do the same test for every employee with access to the document, and discard the half for whom t
Re: (Score:2)
Not a good thing (Score:2)
This is sad to hear. The government reserves the right to spy on literally everybody, but will not permit itself to be observed. Who does watch the watchers, anyway?
Like all institutions, the government is concerned mainly with perpetuating its own existence. And since the general public equates the government's existence with their security and their own existence, they tolerate all kinds of wrong deeds and imbalances of power like this.
Here's a thought... (Score:2)
FUBAR (Score:2)
There are some chillingly anti-human corporations out there; ADM is one; Raytheon is another.
Anagram (Score:2)
Eli Lake is an anagram for "leak lie". Is it his real name? Too funny.
Government Intelligence... (Score:2)
Yeah, I know, its an oxymoron. Sadly never more than today. Our government has too many secrets. Too many bodies buried. Too many skeletons in the closet. The secrets its keeping are not in your best interest, or they'd share them with you. No, the only way to keep government in check is with transparency. When an employee of the government see's gross negligence, naked aggression, illegal activities, or profound betrayals of the Constitution or the American People, they are honor bound to make that informa
Now all they have to do is sell it... (Score:2)
Hi America... SureView... its like DEPENDS for the government. It prevents embarrassing leaks!
the legacy of Dr Strangelove (Score:2)
This is what J. L. Austin [wikipedia.org] analyzed as a performative: the truth lies in the fact that you said it, such as stating "I christen thee the Titanic" then smashing a bottle.
If people fear this technology, the outcome it exists to promote automatically improves. Interesting.
In the service of this handy performative, it's not necessary to divulge any correct information about
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I actually find it hilarious that the three-letter agencies regard sending encrypted email as 'suspicious', and then wonder why how security breaches happen...
Re:What if... (Score:4, Interesting)
Sounds like bullshit to me.
Re: (Score:3)
Care to explain why you have so many blind people on your staff? Is it some kind of security measure?
Re: (Score:2)
They aren't blind, but yes. The dogs and their doggie-sized PCs are a security measure.
Re:What if... (Score:4, Informative)
Please don't forget to mention how SureView is awsome and ensures 100% data security while at it to keep the blinders on.
Re: (Score:2)
Re: (Score:2)
HDCP could be used to prevent this, although there are a few inline HDCP interception devices on the market. If they can monitor for the disconnection of the encrypted data stream they could prevent these from being hooked up, unless the device is turned off first, and I'd assume that any newly booted devices would have to be manually confirmed by an administrator before being allowed access to prevent such attacks.
Re: (Score:2)
Use a VGA/DVI interception hardware device to save to external storage. People will be stuck thinking in the box so you'll have no problems whatsoever as long as you don't save or move any data "in-system". Please don't forget to mention how SureView is awsome and ensures 100% data security while at it to keep the blinders on.
Wow. Pretty clever.
Re: (Score:2)
And what about the analog hole?
If eyes can see it, cameras can film it.
If ears can hear it, recording devices can record it.
Re: (Score:2)
This isn't going to be practical for thousands of pages of documents, that would take hours of filming rather than a few seconds to copy.
Re: (Score:2)
1) They talk about unregistered usb drives. If you can plug in usb devices they better make sure you can't boot off usb devices otherwise everything can be bypassed
2) "reverse ssh" outbound on port 443, or similar stuff- you can set it up with plausible deniability - victim of hack etc.
3) Taking the hardware away for a while- worse if people are actually allowed notebook PCs.
4) If there's firewire, this can be a big hole.
Re: (Score:2)
Re: (Score:2)