With Better Sharing of Intel Comes Danger 287
Hugh Pickens writes "Ellen Nakashima writes in the Washington Post that after the intelligence community came under heavy criticism after 9/11 for having failed to share data, officials sought to make it easier for various agencies to share sensitive information giving intelligence analysts wider access to government secrets but WikiLeaks has proved that there's a downside to better information-sharing. To prevent further breaches, the Pentagon has ordered that a feature that allows material to be copied onto thumb drives or other removable devices be disabled on its classified computer systems and will limit the number of classified systems from which material can be transferred to unclassified systems, as well as require that two people be involved in moving data from classified to unclassified systems. The bottom line is that recent leaks 'have blown a hole' in the framework by which governments guard their secrets. According to British journalist Simon Jenkins 'words on paper can be made secure, electronic archives not.'"
Leak DRM? (Score:4, Informative)
>"To prevent further breaches, the Pentagon has ordered that a feature that allows material to be copied onto thumb drives or other removable devices be disabled on its classified computer systems"
Yeah, like that is really going to make THAT much of a difference. Oh- make sure to remove all printers too, prevent all Email/IRC/IM, cut and paste, CD/DVDRW, etc. I suppose I can't criticize them for trying, but no amount of stuff like that is going to prevent information leaks if someone wants to leak information. It is no different than DRM.
Re:Leak DRM? (Score:4, Informative)
It's not that it is impossible to leak information--that's never a goal--the idea is to increase the difficulty and risk to such a level that it is not worth it for the average employee to attempt to leak whatever mediocre information they have access to and that the employees the skill and access are more loyal and less likely to attempt it. In this way it is different to DRM because there is no inherent risk associated (for most people) as you are not going to lose your job or risk federal/military prison for your actions and thus there is nothing to dissuade you from attempting it.
For the record it is not particularly easy to use a printer to duplicate, say, 250,000 diplomatic cables and walk out with them under your arms. It's not particularly difficult to prevent the average employee from accessing IRC/IM either and the obvious risks attached to e-mail are far too high. The approaches do need to be more sophisticated.
Next time, skip the "Intel Inside" sticker (Score:5, Interesting)
The approaches do need to be more sophisticated.
You mean like using a cell-phone camera to take a picture of a screen?
You can also encode a LOT of info into just one jpg or png of the family dog.
As for printing, you can use a 600dpi laser to output the whole bible in encoded format on 5 sheets of paper. So yes, you could walk out with 250,000 cables pretty quickly.
Re: (Score:3)
The approaches do need to be more sophisticated.
You mean like using a cell-phone camera to take a picture of a screen?
You can also encode a LOT of info into just one jpg or png of the family dog.
As for printing, you can use a 600dpi laser to output the whole bible in encoded format on 5 sheets of paper. So yes, you could walk out with 250,000 cables pretty quickly.
Not every office has the kind of hardware (or every person the skillset) required to minimise documents at the drop of a hat like that. While I concede that methods for this are readily available on the internet a lot of people with access to this intelligence just don't have the expertise to step through it and that is a strong enough deterrent in a lot of cases.
Keep in mind I am limiting my discussion to internal patriotic staff members 'freeing America' etc and not a well placed terrorist or foreign inte
Re: (Score:3)
So it's one of those cases where unfortunately, stuff is going to leak no matter what. There are some problems that are simply not solvable.
Re: (Score:3)
Re:Next time, skip the "Intel Inside" sticker (Score:4, Interesting)
As for printing, you can use a 600dpi laser to output the whole bible in encoded format on 5 sheets of paper. So yes, you could walk out with 250,000 cables pretty quickly.
Do you know of any printer/scanner software that can do the encoding/decoding so as to do printed backups ? Something with redundancy like rar or turbo codes that prints out a page of pixel soup... I'm not sure how useful it would really be, just curious.
Re: (Score:2)
Re: (Score:2)
For the record it is not particularly easy to use a printer to duplicate, say, 250,000 diplomatic cables and walk out with them under your arms.
True, however if said documents were already in deadtree format then all one needs is a camera.
And a microSD card is a lot less painfull than a roll of film... or so I would imagine ;-)
Re: (Score:2)
the idea is to increase the difficulty and risk to such a level that it is not worth it for the average employee to attempt to leak whatever mediocre information they have access to
I can tell you from experience in government offices that adding any process raising the difficulty of getting to information, lowers productivity. Not a little, a lot.
Stovepiping data also prevents "connecting the dots" another frequent criticism of pre-9/11 handling of intelligence information. It's deja vu all over again
Re: (Score:2)
It reminds me of the cycle of child protection laws. Laws are found to be too restrictive, to the point where people are afraid to look at a child without a government background check, so protections are slowly loosened... then some school caretaker murders a girl, and overnight laws are passed that requir
Re: (Score:3)
In life we just live, pay taxes and there is no connecti...
Wait wut?!
Re: (Score:3)
There is no method of storage that is absolute proof against maliciousness. Since the dawn of civilization governments have had to deal with traitors and moles. The Wikileaks situation underlines, in general terms, that you can never trust anyone absolutely, that giving out a certain degree of access to state secrets is an act of trust that comes with the accompanying risk.
The chief difference between events like the Pentagon Papers and the latest Wikileaks trove and espionage is that in these cases the i
Re:Leak DRM? (Score:5, Insightful)
Or just don't participate in corrupt activities. Whistleblowers almost always leak information because they feel morally obligated to do so (leaking information puts one's future and safety at risk, no one does it for kicks or b/c they hope to make money). Many whistleblowers (especially in the corporate world) fall victim to strange accidents or they find themselves blacklisted from employment. When people decide to leak information like this they've made a conscious decision that doing so is more important than their own life.
Whistleblowers aren't spies, they're just people with morals. If our government is concerned with protecting itself against the ethically conscious, then perhaps there's no hope. The government has become everything it was designed to prevent: a tyranny. The only reason I haven't reached this conclusion yet is b/c Obama has been so hands-off with this Wikileaks mess. It's been the usual band of psychos that have called for Assange's arrest/assassination: Lieberman, McConnell, ect.
Re: (Score:3)
It is not a perfect world and the reality is that "don't participate in corrupt activities" is extremely naive. The issue I have is that everyone has a different definition of corrupt activities and leaving it up to the individual to leak classified material on a whim is impracticable.
I don't know how you think that works. One very cautious person considers a highly classified mission to be immoral, and thus leaks details, which the majority considers acceptable. Vigilante justice rarely works.
Re: (Score:2)
Yeah, like that is really going to make THAT much of a difference. Oh- make sure to remove all printers too, prevent all Email/IRC/IM, cut and paste, CD/DVDRW, etc. I suppose I can't criticize them for trying, but no amount of stuff like that is going to prevent information leaks if someone wants to leak information. It is no different than DRM.
All printers on a secure network are also classified with big colored stickers on them. They may or may not log exactly who did what when on them. You decide.
BTW, everything else you said is entirely within the realm of possibility and/or already being done.
I suppose I can't criticize them for trying, but no amount of stuff like that is going to prevent information leaks if someone wants to leak information. It is no different than DRM.
At this level, "leaking" is no different than "spying"
You're pretty foolish to think nothing can be done about it. BTW, DRM works, this is why year old console games cost the same as new. PC games depreciate faster not because they are "old" because
Re: (Score:2)
>You're pretty foolish to think nothing can be done about it.
You could, perhaps, protect a secret from being disclosed by 99.99% of people. But all it takes is one person and the secret is out. I never said they shouldn't try. Making it harder should be their goal.
>BTW, DRM works,
And you were calling ME foolish?
Re: (Score:2, Insightful)
How are they going to block usb flash media? In the old days you could epoxy the usb ports and then just use ps/2 keyboard/mouse. But those are legacy now and you are forced to use USB on modern systems. Also, it's not exactly difficult to gain access to the usb headers to install unbroken ports.
I suppose you could write a filter driver to prevent access to removeable media... of course then all you have to do is make hardware that doesn't report itself as removeable.....
Alternately you could write a fil
Re: (Score:2)
Then you code the OS such that any USB attached device which reports itself as non-removable doesn't get mounted and sends an email to the admin. It's USB. You write the USB drivers to not send anything out the USB port that isn't whether or not to turn on the CAPS light on the keyboard.
Re: (Score:3)
Hrm... I've got this macro that blinks the caps light according to a text file and I've got this photodetector on a chip that stores the readings in a tiny amount of flash, only 128 megs, paltry amount.
Clearly, I could not break security with this.
Re: (Score:3)
one amusing story was one place I worked thought it would be a good idea to distribute soft lined metal boxes to each office so that staff could deposit phones into the box (instead of leaving with security who were inundated with phones every morning). This was because there was a suspicion that staff's phones could be intercepted by evil-doers and install bugging software on them; if they were in the box, it would dampen the sound. Except, one small problem was that people who left the phones switched o
Re: (Score:2)
Something I'm not sure you are giving enough credit for is that when they make it harder, it also makes it harder to not get caught.
Hopefully, they are not ignoring other avenues to get the information off the systems. If they are smart, they should be monitoring traffic more and attempts to bypass the restrictions put in place. The more complex it becomes to commit an act, the more complicated avoiding detection becomes. With this in place, it might make it easier to find people attempting to make the leak
Re: (Score:3)
It tells me they don't give a shit. So, let's take the DoD's clearances away until they can demonstrate good data handling of classified information. They do that to contractors they deem "incapable" of keeping secrets all the time. Time f
Re:Leak DRM? (Score:5, Interesting)
feature that allows material to be copied onto thumb drives or other removable devices be disabled on its classified computer systems
Here's a question: Why the hell was that stuff ever enabled in the first place?
A place I worked a while back -- we did QA for voting systems and for games -- was a lot more secure than that. Only one system on the LAN had a CD burner, and that was passworded and the media use logged. Cameras everywhere. Firing offense to have your own thumb drives (or to plug in a device like an MP3 player), etc. Cell phones forbidden without express authorization. Everything logged. Air-gap -- and you had to know the passwords, including to the cypherlock on the door -- on the machine that could access customers' code servers. Defeatable? Sure, but not without leaving a trail a mile wide. And this was on the voting side of the company, security on the gaming side was even tougher. (Hey, now we're talking about real money!)
Apparently the government doesn't take security as seriously as game software companies do.
Re: (Score:2)
Don't forget to confiscate everbody's crayons!
Re:Leak DRM? (Score:5, Informative)
The other problem is that this was already policy in the '90s when I worked in AFSAA in the Pentagon. You were not allowed to copy data to non-classified system without the approval of specific officers who were tasked to examine the data. The data was copied onto a zeroed disk in a clean system, examined directly and in a hex editor. Then, if approved, it was copied for you onto a disk marked unclassified. There were also strict rules about the use of pads of paper (remove the top sheet, put it on a hard surface, write your note; that way you did not leave stray impressions on the pad which might be distributed. In the vaults, they often had pads stamped "SECRET" or "TOP SECRET" to make this less likely.) And there were quite a few applications we used where cut and paste was disabled or limited.
This obviously slowed things down, but that was the whole point. There had been several incidents where people had bypassed the rules and classified data were nearly leaked (the affected unclassified systems had to be scrubbed). Even if you just know that a document contains no classified information, it is quite possible that a file does. Problems were specifically discovered with MS Word files where random data from the system could end up in non-visible portions of the file. Once on an Unclassified system, the classified data might end up in swap space or otherwise be copied to where it should not be and remain after the offending file was wiped. Therefore the entire contaminated system would usually be wiped and reinstalled from a clean image. And, often the offending person would have their career shortened considerably. We dealt with nuclear deployment data and WINTEL (data which could reveal the identity of intelligence sources), so courts martial was always a possibility even, perhaps especially, for inadvertent release.
Personally, I consider release of classified data through idiocy to be a higher offense than doing so on purpose through act-of-conscience. The procedures exist for a reason, and often it is not to make things convenient. Carelessness gets people killed.
About when I stopped doing work there (1997-98) was when they were really going gung ho on the "classified Internet" where classified networks were tunneled over the DoD Unclassified Internet. That made for a lot more mixing of systems and cables which, I think, made it much harder to enforce strict separation. It used to be that there had to be 6' between the Top Secret network cables and the Unclassified network cables (and the cables were color coded). Ostensibly that was to prevent electronic feedback from leaking signals, but I think the real reason was to make absolutely sure the wrong network cable never went to the wrong hub and that someone lost their job if it did. It was absolutely forbidden to patch a classified cable outside of the designated rooms and areas. Classified printers, copiers, and CD burners were usually in designated areas as well. (You were allowed to make Unclassified copies on a Classified copier as long as you ran three blank pages through first to clear any residual images on the drum; you were never allowed to copy Classified data on an Unclassified copier outside the designated areas). Trash, of course, was separated by classification level and classified electronic waste (e.g. bad hard drives) were destroyed. Some manufacturers insisted that we return bad drives for warranty replacement, which was fine, as long as they understood that the platters would be physically destroyed first.
In any case, I am not surprised at this rule as much as surprised that it was allowed to lapse. You cannot 100% prevent leaks of data, but you at least want to make sure it is deliberate, that people are aware of what they are doing and of what the consequences will be.
Re: (Score:3)
I love how you call them dumb for falling for the simplistic and easily defended against trick that you imagined them falling for.
Headline total fail (Score:3, Insightful)
For a good reason (Score:2)
Words on paper can be made secure because they're fucking worthless for replication and transfer.
They'd be even more secure if chipped into clay tablets in cuneiform.
Can't win for losing (Score:2)
Information is traditionally doled out on a 'need to know' basis. Yes, the intelligence agencies got nailed for closeting information before 9/11 but surely the answer to that is not 'information wants to be free'.
Re: (Score:2)
Then from there the folks that are doing that can decide sort of who gets access within the department. Providing it to everybody in the agency is neither n
write access only (Score:2)
Re: (Score:3)
That's the thing; I'm sure that there's way more than one leak in their dam. If wikileaks managed to get a hold of this information, why would anyone believe that every intelligence agency on the planet didn't already have all this information? I'm perplexed at the persecution that wikileaks has faced over this cable release as all they really did was expose the U.S. government's inability to keep classified information out of the hands of, well, anyone and everyone. I mean, the government would try to shif
Re: (Score:2)
and I'm sure many more.
Last time I was at the Pentagon, all of their USB ports were physically disabled - either via breaking the socket with a pair of pliers, or by filling the socket with hot glue. What happened to that mandate?
Re: (Score:2)
Probably the insistence on the computer manufacturing industry and keyboard/mouse makers on not providing PS2 ports or equipment capable of using them. It's even getting hard to find printers that can be connected to a parallel port anymore.
Most likely what happened to that mandate has a lot to do with
Re: (Score:3)
I have a feeling that the machines on the classified network didn't have USB ports.
From what I've read, Pfc Manning went into the secure area and carried with him CD-RW's that when he checked in and out, had Lady Gaga and other artists written on them. The machines had a writable CD-ROM drives in them, and the people overseeing security apparently allowed soldiers to listen to music CD's on the drives, as access to the public internet wasn't possible from the classified network. He even said he lip-synced
Re: (Score:3)
an INTEL analyst who was demoted for assault and scheduled for an early discharge should have had his SIPRNET access terminated.
Word. USAF he'd have had a hard time keeping his nipr(unclassified) access, much less sipr.
And so Wikileaks wins (Score:5, Insightful)
This is precisely the outcome that Wikileaks was looking for [wordpress.com]: Assange's plan has been to leak information in order to make those who wish to keep secrets paranoid, so that they clamp down on their own internal communications and become less effective:
The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive “secrecy tax”) and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaption. Hence in a world where leaking is easy, secretive or unjust systems are nonlinearly hit relative to open, just systems. Since unjust systems, by their nature induce opponents, and in many places barely have the upper hand, mass leaking leaves them exquisitely vulnerable to those who seek to replace them with more open forms of governance.
Re: (Score:2)
Sure this stuff was leaked to everybody, but for god's sake we've had Israeli intelligence looking through or stuff on the sly, just imagine what the enemy is managing to get.
Re: (Score:2)
This is precisely the outcome that Wikileaks was looking for: Assange's plan has been to leak information in order to make those who wish to keep secrets paranoid, so that they clamp down on their own internal communications and become less effective:
The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive "secrecy tax") and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaption. Hence in a world where leaking is easy, secretive or unjust systems are nonlinearly hit relative to open, just systems. Since unjust systems, by their nature induce opponents, and in many places barely have the upper hand, mass leaking leaves them exquisitely vulnerable to those who seek to replace them with more open forms of governance.
I'm sorry, but the next time someone pops the question about why so many hate Assange as opposed to Wikileaks, this is it. The man is crazy.
So steps will be taken to ensure secret information is even more tightly controlled, which is basically the goal in the first place, and "you win" ?
This is the definition of insanity, friends.
"The more secretive or unjust an organization is"
He is absolutely convinced that secrets are bad. Wake up folks, that isn't Gotham City out your window.
Re: (Score:3, Insightful)
This is precisely the outcome that Wikileaks was looking for [wordpress.com]: Assange's plan has been to leak information in order to make those who wish to keep secrets paranoid, so that they clamp down on their own internal communications and become less effective:
So the point is to make the United States' efforts to stop terrorist attacks less effective?
I know that's not what you're trying to say; it's not even what Assange is trying to say. But it's *one* of the effects of this process -- not the only one, I know, and people will argue that more good than harm has been done by these leaks. But it can't realistically be questioned that harm has been done. The question is essentially whether one believes that governments should ever keep secrets. The position of
Re: (Score:2)
So the point is to make the United States' efforts to stop terrorist attacks less effective?
I think it would be hard to make them less effective; they're pretty ineffective already. Some attacks proceeded anyway -- anthrax, the IRS guy -- some were stopped by civilians on the scene -- the fourth 9/11 plane, the shoe bomb -- and the ones that appear to have had the most government involvement are usually schmucks that never could have accomplished anything to begin with, and required help from the government
Re: (Score:2)
So the point is to make the United States' efforts to stop terrorist attacks less effective?
I think it would be hard to make them less effective; they're pretty ineffective already.
How do you know that? I presume, since you're making this assertion, that you're cleared and have access to information most people do not on U.S. anti-terrorism operations? Or are you concluding that stuff you haven't heard about must therefore not exist?
Either way, the effectiveness (or lack thereof) of U.S. anti-terrorism operations had very little to do with the point I made in the post to which you replied.
Re: (Score:3)
Re: (Score:3)
Or are you concluding that stuff you haven't heard about must therefore not exist?
This, chiefly. I am an American citizen. I have the right to judge how well the government that works for me is doing. And, since it only is legitimately empowered to govern if it has the consent of the governed, I have the right to grant or withdraw my consent as I see fit. All Americans have these rights.
I'm obviously not going to just trust them. The entire structure of the government is founded on distrust of power. If th
Re: (Score:3)
This, chiefly. I am an American citizen. I have the right to judge how well the government that works for me is doing. And, since it only is legitimately empowered to govern if it has the consent of the governed, I have the right to grant or withdraw my consent as I see fit. All Americans have these rights.
I'm obviously not going to just trust them. The entire structure of the government is founded on distrust of power. If they keep secrets, then not only is it wholly appropriate to judge them on the basis of what information we do have, it is also fair to condemn them for keeping secrets.
I think it's perfectly sensible to say that you can only judge on the information you have. I think it's also important to consider the possibility that you may have incomplete information, particularly given that we're talking about organizations that we already know keep secrets. That doesn't require "just trusting them" -- not at all. I'm not suggesting a conclusion to draw -- I'm suggesting drawing no conclusion at all.
On the other hand, I think it's naive at best to "condemn (the government) for kee
Re: (Score:3)
I'm not suggesting a conclusion to draw -- I'm suggesting drawing no conclusion at all.
In which case you could have a rogue government that did obvious evil things, claimed to do secret good things, and was not subject to whatever cures democracy could provide, since everyone would be paralyzed by the claims -- which might very well be false, in keeping with the known evils of the government -- of good.
That's not acceptable. This is the real world, and we are going to have to draw conclusions based upon wha
Re: (Score:3)
I'm not suggesting a conclusion to draw -- I'm suggesting drawing no conclusion at all.
In which case you could have a rogue government that did obvious evil things, claimed to do secret good things, and was not subject to whatever cures democracy could provide, since everyone would be paralyzed by the claims -- which might very well be false, in keeping with the known evils of the government -- of good.
That doesn't follow at all. In the scenario you describe, my conclusion would be "I don't know the status of what, if anything, they're doing behind the scenes; but I know they're doing bad things right in front of my face. So the kindest thing I can say is that maybe, *maybe*, it's a wash. Time to go."
Believing that the government should never, ever keep secrets? That point-of-view seems unrealistic.
Oh, I don't think that it is realistic to expect a totally transparent government. OTOH, I do think that deviation from total transparency is at least not good, when justified, and usually bad, as it isn't.
If it's "justified", then by definition, how is it "not good"? That seems a contradiction.
So I see nothing wrong with condemning a government that keeps secrets from its people, and spitting upon the officials who engage in this. If they've done something wrong, and are cowering behind the claim of secrecy, they deserve it. And if they've done something good, but are tragically forced to conceal it, and are condemned nevertheless, the Super Chicken rule applies: They knew the job was dangerous when they took it.
I bolded the part to which I wanted to reply. Your statement here suggests that the only harm of considering all
Re: (Score:3)
That doesn't follow at all. In the scenario you describe, my conclusion would be
Weren't you all about not drawing conclusions at all?
If it's "justified", then by definition, how is it "not good"? That seems a contradiction.
Think of it in terms of 'least bad.' If you had a gangrenous arm, it might justifiably have to be cut off, but I'm sure you wouldn't view the benefits of losing an arm to be all that good, and wouldn't like to have a perfectly healthy arm taken away.
I bolded the part to which I wanted to
Re: (Score:3)
But it can't realistically be questioned that harm has been done. The question is essentially whether one believes that governments should ever keep secrets. The position of Assange, and most people here, appears to be "no, they shouldn't, ever." The kindest thing I can say about that position is that it's naive.
I think Assange's point is more that it is much easier to keep a small number of secrets than a large number and that this is incompatible with a manifestly unjust system. If that is his point, I would have to basically agree: you cannot use classification to cover up blatant crimes and violations of your own rules in a leaky intelligence environment. You cannot effectively control a global oppression network without secure communication. At some point the system needs to balance the costs of the two extrem
Re: (Score:3)
I think Assange's point is more that it is much easier to keep a small number of secrets than a large number and that this is incompatible with a manifestly unjust system.
I think that's a perfectly reasonable statement, from which most of the rest of what you wrote logically follows. However, I don't think your statement of Assange's point is consistent with the quote from him linked-to and cited above.
Re: (Score:3)
The question is essentially whether one believes that governments should ever keep secrets. The position of Assange, and most people here, appears to be "no, they shouldn't, ever." The kindest thing I can say about that position is that it's naive.
If that were their position, why would they redact anything at all?
That's a fair point. But it's also interesting, because such redaction seems at odds with the 'statement of purpose' quoted above, to which I originally replied. There, Assange doesn't say that his intent is to inhibit the keeping of secrets that shouldn't be kept; he explicitly states his intent to inhibit the keeping of secrets *at all*.
Re: (Score:3)
Re: (Score:2)
Yes, I would like that too. The politicians just create the laws as needed and we can vote for them on the internet. And you can believe that I have enough zombie PCs out there that I can account for most all of not more of the apathetic population that just doesn't vote. I can finally have my Utopia..
the problem is to much marked classified (Score:3, Insightful)
Re:the problem is to much marked classified (Score:5, Informative)
Re: (Score:3)
Now please do your duty and burn your eyeballs out with bleach, because even this information is meta-classified. Your government thanks you - and remember, we're watching!
Re: (Score:3, Informative)
Sorry, citizen, but how we determine what IS and is NOT classified is classified information.
It's fun to be snide, but sometimes the facts get in the way. How the U.S. Govt. determines what should and shouldn't be classified is spelled out in Executive Order 13526, the text of which is not classified.
Sec. 1.4. Classification Categories. Information shall not be considered for classification unless its unauthorized disclosure could reasonably be expected to cause identifiable or describable damage to the national security in accordance with section 1.2 of this order, and it pertains to one or more of the following: (a) military plans, weapons systems, or operations; (b) foreign government information; (c) intelligence activities (including covert action), intelligence sources or methods, or cryptology; (d) foreign relations or foreign activities of the United States, including confidential sources; (e) scientific, technological, or economic matters relating to the national security; (f) United States Government programs for safeguarding nuclear materials or facilities; (g) vulnerabilities or capabilities of systems, installations, infrastructures, projects, plans, or protection services relating to the national security; or (h) the development, production, or use of weapons of mass destruction.
http://www.whitehouse.gov/the-press-office/executive-order-classified-national-security-information [whitehouse.gov]
Why doesn't anyone mention the actual problem (Score:5, Insightful)
Re:Why doesn't anyone mention the actual problem (Score:5, Insightful)
Ah, so because you don't like how a particular combat event played out, you think it's appropriate for diplomats dealing with very difficult foreign governments to not be allowed to frankly discuss the situation with their co-workers, out of the public eye (and away from monitoring by the very government being discussed)? You don't think that an important protest and opposition figure in Iran should be able to retain his anonymity while discussing circumstances inside that regime's thugocracy, because
Re: (Score:3, Insightful)
Re:Why doesn't anyone mention the actual problem (Score:4, Insightful)
Re: (Score:2)
Ah, ... you think it's appropriate for diplomats dealing with very difficult foreign governments to not be allowed to frankly discuss the situation with their co-workers, out of the public eye (and away from monitoring by the very government being discussed)?
Red Herring Alert!
Does anyone really think that anyone in their country's diplomatic corps isn't fully aware of what sort of talk goes on "in private" among their cohorts in other countries? C'mon; these leaks didn't have any effect at all on any diplomatic discussions anywhere. That's just a ruse by the politicians to try to discredit the wikileaks folks. And those of us who are at all familiar with the situation just laughed at it.
If anything, it's this sort of clumsy propaganda effort that discredits
Re: (Score:2)
You obviously haven't been actually paying attention to the information that's coming out. This is public disclosure of cables from our own diplomats back to officials in the US, detailing - among other things - topics like how we're interacting with foreign governments as we conduct actions against terror cells, or what sort of cover a counter-terror operation is being given by another government. Or the identity of op
Re: (Score:2)
The real problem is the US government killed innocent people and covered it up.
That may well be the case, but it is not what Wikileaks has shown. Wikileaks showed that Iraqis killed more Iraqis than we previously suspected and the US didn't keep a full tally.
Forcing the government to admit it's illegal actions is the right thing to do.
It is the right thing to do, but Wikileaks hasn't done that.
Re: (Score:2)
Forcing the government to admit it's illegal actions is the right thing to do.
It is the right thing to do, but Wikileaks hasn't done that.
No, you're right. WikiLeaks hasn't done that. They just distribute the information. What happens after that is up to you.
Re:Why doesn't anyone mention the actual problem (Score:4, Interesting)
Do the words, "Pentagon Papers" ring a bell? (Score:3)
" 'words on paper can be made secure, electronic archives not.'"
Really? Really? You really said that and seriously meant it?
Re: (Score:2)
Re: (Score:2)
" 'words on paper can be made secure, electronic archives not.'"
Really? Really? You really said that and seriously meant it?
Oh, c'mon; securing words on paper is trivial. All it takes is a small fire. Do you know of any way to reconstruct the text from the ashes?
This provides really high security. It makes the text secure from decoding by anyone.
[Emboldening mine, of course, for emphasis.]
Re: (Score:2)
Burning paper does not secure the words and images thereon. It merely destroys THAT particular paper the words and images are on. If there's even one copy, then the information in that particular destroyed document is not 'secure'.
The Pentagon Papers were secure... until Ellsberg loaded them into photocopier and sent copies to the NY Times.
Securing information is difficult at the best of times. It needs to be available to authorized parties and yet kept safely secured from unauthorized eyes.
Burning only sec
Fools at the Washington Post... (Score:2, Insightful)
Of course it has to be a binary switch. You must either share all documents and be insecure, or not share any documents and be totally secure. Any middle ground is impossible. Thus the correct response to WikiLeaks must be to lock down all the documents and make sure nobody reads them at all. Only this will keep us safe!
That sounds like the same kind of logic that comes from a town that sends troops to Iraq in response to a threat from a man in Afghanistan, or that would like to repeat the policies of H
That's not the classified guidelines I worked with (Score:3)
And on that topic, post 9-11 changes, the Republicans, and Democrats when they wake up to this fact, can stick it. The post 9-11 changes to the handling classified material happened under a Republican administration at the behest of (severe pressure from) Congress on both sides of the aisle. As with the mortgage meltdown, Congressional members are pointing everywhere else but at themselves.
Re: (Score:2)
While I was serving in the military and handling classified material on computers the regulations on data handling were quite clear.
Of course this changes in both time and place... I was in the us army early 90s era so your experience will probably vary.
You could handle confidential on a secret system but then it could never be put back on a classified confidential system.
Obviously allowed, not never, although it happened via certain procedures not just randomly shuffling data.
For an obvious close personal example, the fact that my ASP had a particular crate of 5.56mm rounds with a certain NSN and lot number is not sensitive (more like, "duh") but an aggregated report of all ammo supply stocks for the entire theater, held a much higher classification.
more sharing, but not for everyone (Score:2)
More sharing is needed, and clearly they've done that to at least some extent. The problem is they included too many people in that sharing. Full access to "everything" should be limited to specific analysts with top clearance, and years of experience doing work under clearance (and thoroughly background/personality checked). It should NOT be for front line soldiers, which instead should have limited NTK access.
Shares of Intel (Score:5, Funny)
So we should invest in AMD then?
What direction you want to take? (Score:2)
Politics would be simpler if we could peek into our future to see what will bring our choices, too bad those damn blue butterflies are waiting for us right there.
Fixed summary. (Score:2)
TFTFY Timothy
how do you disable writing to external drives? (Score:2)
For example, officials said they were disabling all "write" capability to removable media such as thumb drives or disks, on DoD classified computers,
Can someone take pity on me and explain what the heck they are talking about here? Unless a "classified" computer is very different from a regular one, I don't understand how that is possible. I guess you could try to desolder and remove all of the external USB and/or esata and/or firewire ports from the motherboard in addition to removing any pins on the motherboard that are made to give you additional ports. Wouldn't you have to also remove any unused PCI slots as well? Even after doing all that someone c
Re: (Score:2)
None of that is hard to do. The US government could buy custom systems with exactly the external interfaces they need. They could install an OS which does only what they require. They could use thin clients everywhere and not provide a screen shot function.
Re: (Score:2)
Re: (Score:2)
Wait, wait. (Score:2)
You really want to tell me that up to now anybody could put in his 64GB USB drive and copy all the data he/she wants to copy? Seems relaxed to me taken into account that probably the entrance is guarded by an armed guard.
Re: (Score:3)
At one point I was responsible for transferring four classified laptops (they were fully loaded Sun Solaris laptops (by Tadpole, I think) and therefore rather expensive), external hard drives, and a pile of DAT tapes out of the Pentagon to a new secure facility elsewhere. All of the laptops and all of the (4-8GB) tapes were Top Secret. I had all of the paperwork, it was a legitimate transfer, and I followed all of the rules. When I got down to the Metro Station entrance (there is a DC Metro terminal connect
Words on Paper Secure (Score:2)
You can make words on paper secure? Really? Are you sure about that? I seem to recall at least one time when that wasn't the case. I seem to recall some "Top Secret" level documents that got out. You may better remember them as the "Pentagon Papers". Oh and then I remember another time someone leaked information and a few papers to the newspapers. You might remember it better as the "Watergate Scandal".
http://en.wikipedia.org/wiki/Pentagon_papers [wikipedia.org]
http://en.wikipedia.org/wiki/Watergate [wikipedia.org]
Now what was that about
WikiLeaks shows there are government issues (Score:2)
WikiLeaks is showing that there are multiple problems with the government in the US. There is a problem of making sure people aren't walking out of buildings with information that they shouldn't. There is the problem of our government telling us one thing, and the truth being something completely different. Everyone thinks the leaks were this super secret, bad for the troops and the country, information. Remember none of this is "Secret" or above. This is all stuff classified "Sensitive". So I can't imagine
Re: (Score:2)
WikiLeaks is showing that there are multiple problems with the government in the US.
And you needed WikiLeaks to figure that out? Of course, the US government lied, just like it has for every war that we have ever entered. To anybody with half a brain, that was clear before we even entered these wars, as was the fact that lots of civilians would lose their lives and that US soldiers would commit war crimes, like all soldiers in all wars. Bush went into these wars with high approval ratings. Americans want
The need for FOSS intelligence tools (still)... (Score:2)
http://pcast.ideascale.com/a/dtd/76207-8319 [ideascale.com]
http://groups.google.com/group/openmanufacturing/msg/2846ca1b6bee64e1 [google.com]
Imagine these sorts of things applied to, say, medical research and trying to understand how a money trail affects research results...
Danger. Really. Danger? (Score:5, Interesting)
"With better sharing of Intel Comes Danger"
I love this stuff. What Danger?
We are being told that this release of information has harmed the ability of the U.S. to carry out diplomacy. In what way? That we tell lies and other governments tell lies, and now some of these lies have been exposed? What was the "Danger"? Wasn't the danger in the telling of the lies in the first place? Better sharing of Intel didn't bring about this danger.
Besides, if this data dump was so easily acquired (I am assuming the obvious here, that Wikileaks never had to go all "Tom Cruise/Mission Impossible" to get it), surely the data dump was no surprise to various other governments. I'd even guess that this is a fraction of what our enemies know about what we have been saying to ourselves for decades. How could it be otherwise?
So the "Danger" is that increase sharing might also include the public? If there is a change here, it is that the public got into the loop. Is it possible that they might have to abide by a higher level of ethics to avoid embarrassing lies coming out in future leaks? Is it possible that this is the "Danger"?
I am struggling here. So far I haven't heard about anything leaked which can be properly described as a "Danger" appeared with the leak itself. All of the best tidbits I have heard so far that might cause some diplomatic ruffle are due to actions that either 1) Should not have occurred (agreements to lie to the public), or 2) Need not have occurred (Let's call Putin "Batman").
I don't like to negotiate in business with people that live in secret worlds. I don't like the fact that our government loves secrets. The default for government should be to play their cards on TOP of the table, face up. When secrets are really necessary, they become easier to keep if their numbers are few, and the period of secrecy is of very short duration.
Which downsides? (Score:5, Interesting)
So far we haven't actually seen ANY downsides of the wikileaks...
* We saw a german official get fired for leaking information to a foreign state
* We saw the Yemeni government conspiring to lie to its people
* We saw the UK foregin office trying to lie to the UK parliament about breaking international commitments on cluster bombs
* US secretary of defense Bob Gates explained that the leaks haven't hurt the US
There have ben only upsides so far.
When I Was Military... (Score:3)
I was in the US Navy for nine years, and the system we were using was WinNT.
That was later shifted to an OS called "IT-21". It was a custom version of WinNT that had been cobbled together by SPAWAR. MS actually let them have the source code, so they could customize it. There were all kinds of tweaks, dibbles and fidgets added to it, but the biggest was to disable the USB ports, COM ports, and prevent the system from writing any info to the pagefile.
Now, blocking off the pagefile was a touch of brilliance, but blocking the COM ports meant we couldn't hook a teletype to the computer. So when we were doing HF teletype exercises, messages either had to be loaded using Win98 or done by hand.
And once the newer printers started coming out, blocking the USB ports gave everyone conniptions.
For a while there, they played around with preventing the OS from writing anything at all to the floppy drive, but that lasted all of 1 day when comms shacks all over the WORLD started calling SPAWAR support, screaming about how they couldn't load the CO's traffic to disk.
Soon, the patches came out, and IT-21 became just another hunk of crap we had to deal with. As time went on, we dumped it for Win2K. Before I left, I saw people using Vista Premium for classified traffic, so I doubt things have changed all that much.
At the end of the day, it comes down to three things:
1. Don't do shit that will make your people question your ethics.
2. Screen out people who are, themselves, unethical.
3. Trust but verify.
Re: (Score:2)
Forcing them to print the materials doesn't stop leaks, but it does greatly slow the process and greatly increase the likelihood of them getting caught trying to smuggle the stuff out of the building.
Re: (Score:2)
That's a LOT of cables on one ream.
Going to 1200dpi can give you 8 megabytes per page. At that point, all of Wikileaks fits on one ream, not just the cables.
Re: (Score:2)
Sharing secrets with more people MAY have a risk of more people knowing your secrets. Shocking.
Seriously though, adding a bunch of people/agencies that can see your data is bound to result in some turbulence trying to maintain similar security levels. I wonder if people can still print?
You know, one way to reduce the threat of leaks might be to stop classifying everything even remotely contentious (or honest) as Secret.
Seriously. It's a hell of a lot easier to protect and ring-fence 1000 documents that really, really need to be protected than it is to try the same thing with a quarter million of them.
One of the many services that WikiLeaks has rendered us is showing just how the knee-jerk tendency to designate everything Secret or Confidential doesn't serve any useful purpose.
Re: (Score:2)
Sharing of AMD is even worse.
Could be worse again if it was WMD.
Re: (Score:2)
This is why the so-called open source movement is far more profound than people realize; it's not just about software, it's about putting an end to ALL secrets and finally achieving true freedom for all (as opposed to a few). We need open source government, and an open source government doesn't keep secrets and doesn't need information-sharing lockdown protocols.
What color is the sky in your universe? There has never been an organization which didn't keep secrets. Many of us keep secrets from ourselves. A totally open government would quickly be destroyed by non open governments.
Re: (Score:2)
There are very limited times that you would not want to scream your head off about certain information that the government is doing. I can think of at least one very serious and very major secret that had to be kept secret or the US and everyone else was totally and completely screwed. "D-Day" It was vital to keep secret when and where the US was going to do a major beach landing to make a drive for Germany. We lied our butts off and said it was going to be somewhere else, and the Germans moved their troops
Re: (Score:2)
During the sketch, a message from President Obama (Fred Armisen) gives way to a staticky screen, which then reveals a greasy version of WikiLeaks founder Julian Assange (played by Bill Hader).
"Hi America, I have taken over your airwaves," he says in an Australian accent. "The leaks did not inspire a revolution as I had hoped, so tonight I present a new WikiLeaks, where the leaks are even more embarrassing and the details are even more sordid."
The screen flashes the title, "WikiLeaks: TMZ."
Ha! Cue Dennis Hopper [yahoo.com].
The answer is moving beyond the irony... (Score:3)
http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html [pdfernhout.net]
"Likewise, even United States three-letter agencies like the NSA and the CIA, as well as their foreign counterparts, are becoming ironic institutions in many ways. Despite probably having more computing power per square foot than any other place in the world, they seem not to have thought much about the implications of all that computer power and organized information to transform the world into a place of abundance for all.
Re: (Score:3, Insightful)
That all _WAS_ there in the days when military systems ran on DGUX and Trusted Solaris. Things like not being cut-n-paste down data from a higher level security app into a lower level are just one of the basic features in both and are backed all the way to the OS level to ensure it is not easily bypassed.
It all WENT AWAY with the windows infestation of the networks. The military should not blame anyone but themselves here. Security levels and "colour" books were defined for a reason and no Windows system ha