Slashdot Mirror
LANL, Sandia Report Losing Classified Data
dread minerva writes "This week, Los Alamos and Sandia National Laboratories publicly reported that sensitive material stored on removable data storage devices was missing." In Sandia's case, "According to the Las Vegas Sun, this 'prompted the lab to halt all classified work Thursday while officials conduct a wall-to-wall inventory of sensitive data.' Sandia also reported that a 'computer floppy disk was missing.' However, according to the Albuquerque Journal, 'lab officials said they don't believe it contains any weapons information or any other information that could harm national security,' only admitting that the material on the disk was classified. Due to these latest events, LANL has shut down all work on classified projects as of Friday." (Read more below.) Update: 07/17 21:21 GMT by T : A correction -- research was shut down only at LANL (not, as I mistakenly claimed, at Sandia) -- and an update: Sandia's missing disk was recovered.
"These snafus have led the government to open up the labs to defense-contracting bids for the first time in their 60+ year history (until now the labs have been run by UC-Berkeley). As NPR reported on Friday, the researchers at the labs were upset by this move, as they are afraid of the labs losing their academic nature. Perhaps the best question to ask in this situation is why these labs are still using removable data storage devices to store sensitive information."
(Other institutions, including The University of Texas system, are also angling for a share of the lab's management.)
So... I was trying to figure it out but failed, how can you plug/hide a floppy in a iPod? :)
Remind me again of what form of strong encryption they were using for said data? Oh wait a minute... Really great when people who are trusted with info this sensitive (I'm glad they seem to be _mostly_ certain that it did not contain weapons information) are not held to certain standard security practices.
What is it with computers that they are magnets for incompetent people? Before everything was stored electronically somehow I doubt people obtained sensitive info just because someone forgot to lock a vault door...
It is a miracle that curiosity survives formal education. - Einstein
Colleges and universities are largely dependent on alumni donations (which should tell you all you need to know about their money-management skills). Athletics are a way to keep alumni involved for years and years after they graduate, and consistently strong programs can keep them going for decades. Even more, strong sports programs create national awareness of the school, which can encourage academically gifted students to attend as well. You may be surprised at the number of kids who decide which school to go to based on the quality of the sports program. I know I was.
While the loss of a floppy, might seem trivial to some, you might want to consider this fact. That single floppy could have contained the results of years of experimentation. Thus allowing anyone that obtained it, to forego that same xperimentation, and advance their studies further at the exspense of the United States Tax Payer. Just because a Secret is small, doesn't make it any less vital, or costly.
My cat's picked up a Hammer. HEY! Put down that Hammer. Put Down that Hamm...THUNK!
Nobody wants to become the next Wen Ho Lee. So when they make a small mistake, they probably are afraid to report it, even though failing to report will get them in even bigger trouble. This could explain why missing hard drives, instead of being turned in when found, mysteriously turned up behind a photocopier, a spot that had previously been checked.
Of course it's appropriate to be anal about security when dealing with this type of stuff. But it takes a special kind of person to function well in a culture of fear, and such people are very rare, even more rare when you also require that they have advanced scientific degrees. So LANL has to strike a delicate balance between instilling fear to enhance security, and dealing with the unwanted, paradoxically security-degrading consequences of that fear.
When Wen Ho Lee backed up his work data, it was not even classified. It was designated "Protect As Restricted Data" (PARD), which is not a classified designation. The government retroactively classified it to prosecute him. Imagine working in that kind of environment. Not fun.
>> If it doesn't contain any data that can be used to endanger national security, WHY is it classified?
Who ever said the data couldn't be used to threaten national security? There are other ways to threaten security other than just weapons data; infrastructure information, intelligence reports, and even science that nobody is quite sure what to make of at this point.
"These snafus have led the government to open up the labs to defense-contracting bids for the first time in their 60+ year history (until now the labs have been run by UC-Berkeley)."
Given that the disks have already been found, and never left the possesion of those authorized to have it, why make such a fuzz about it? Why do we see this on the news (I did)? Why shut down all work? Wouldn't you want to keep the fact anything is missing quiet, if only to cast doubt in the mind of any one being offered stolen secrets as to whether they really are genuine?
And why suddenly decide to break open the bidding for the contract, within days/hours of an incident?
How convenient.. Perhaps.. a bit too convenient?
SCO employee? Check out the bounty
There are a lot of things that aren't by themselves critical secret knowledge (schematics to a nuclear weapon), but are still not a good idea to share. Let's say they contain software for helicopters that controls the interface for missile detection. It's probably not dangerous to give out, but there might be a bug in that software that some country exploits to build missiles that won't be detected. Things like that.
Considering the way that Congress classifies even the most mundane stuff these days, and assuming that this practice has spread (as it helps the CYA crowd) there's probably a good chance that this information really wasn't of any importance. For all we know, it could have been someone's list of Pr0n sites.
Because nukes are like any other weapon. We've spent years and billions of dollars researching how to make them most effective. The genie is out of the bottle yes, but we haven't shown the world all the steps in how we got him out.
No matter what we want our equipment to be the most effective out there, no matter what. Being in the military I know that when I'm out there, I'm using the world's best equipment and gear, and personally I'd like to keep it that way.
Of course, you're right. I never would have heard of MIT if it weren't for the national coverage of their basketball teams.
As a quick reality check, visit LANL's ASC site to convince yourself that (1) there's no way that they are carrying all that data around on floppies and (2) that given the scope of the computational effort, there are probably some operations that exceed the capability of a Javastation, XTerminal, or diskless Linux box.