Slashdot Mirror

← Back to Stories (view on slashdot.org)

With Better Sharing of Intel Comes Danger

Posted by timothy on from the always-a-tradeoff dept.

Hugh Pickens writes "Ellen Nakashima writes in the Washington Post that after the intelligence community came under heavy criticism after 9/11 for having failed to share data, officials sought to make it easier for various agencies to share sensitive information giving intelligence analysts wider access to government secrets but WikiLeaks has proved that there's a downside to better information-sharing. To prevent further breaches, the Pentagon has ordered that a feature that allows material to be copied onto thumb drives or other removable devices be disabled on its classified computer systems and will limit the number of classified systems from which material can be transferred to unclassified systems, as well as require that two people be involved in moving data from classified to unclassified systems. The bottom line is that recent leaks 'have blown a hole' in the framework by which governments guard their secrets. According to British journalist Simon Jenkins 'words on paper can be made secure, electronic archives not.'"

11 of 287 comments (clear)

  1. And so Wikileaks wins by Homburg · · Score: 5, Insightful

    This is precisely the outcome that Wikileaks was looking for: Assange's plan has been to leak information in order to make those who wish to keep secrets paranoid, so that they clamp down on their own internal communications and become less effective:

    The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive “secrecy tax”) and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaption. Hence in a world where leaking is easy, secretive or unjust systems are nonlinearly hit relative to open, just systems. Since unjust systems, by their nature induce opponents, and in many places barely have the upper hand, mass leaking leaves them exquisitely vulnerable to those who seek to replace them with more open forms of governance.

  2. Why doesn't anyone mention the actual problem by kawabago · · Score: 5, Insightful

    The real problem is the US government killed innocent people and covered it up. A soldier with a conscience decided his government should fess up and released all the documents. If the US government had been honest about it's mistakes and misdeeds, there would have been no motivation for a leak. When the US government breaks it's own laws and goes to great lengths to obstruct justice, it can expect this kind of release of confidential information because American soldiers have also been taught to do what is right. Forcing the government to admit it's illegal actions is the right thing to do.

    1. Re:Why doesn't anyone mention the actual problem by ScentCone · · Score: 4, Insightful

      A soldier with a conscience decided his government should fess up and released all the documents

      Ah, so because you don't like how a particular combat event played out, you think it's appropriate for diplomats dealing with very difficult foreign governments to not be allowed to frankly discuss the situation with their co-workers, out of the public eye (and away from monitoring by the very government being discussed)? You don't think that an important protest and opposition figure in Iran should be able to retain his anonymity while discussing circumstances inside that regime's thugocracy, because ... what, it's better he's dead at the hand of that government than that he rely on non-public communication with foreign diplomats and supporters? So glad you have the big picture, here.

      --
      Don't disappoint your bird dog. Go to the range.
  3. Shares of Intel by rossdee · · Score: 4, Funny

    So we should invest in AMD then?

  4. Next time, skip the "Intel Inside" sticker by tomhudson · · Score: 4, Interesting

    The approaches do need to be more sophisticated.

    You mean like using a cell-phone camera to take a picture of a screen?

    You can also encode a LOT of info into just one jpg or png of the family dog.

    As for printing, you can use a 600dpi laser to output the whole bible in encoded format on 5 sheets of paper. So yes, you could walk out with 250,000 cables pretty quickly.

  5. Re:the problem is to much marked classified by vxice · · Score: 5, Informative

    Actually only 46% was indeed marked classified. 6% was marked secret. None top secret. That is the whole point of classification levels.

    --
    every anarchist is a baffled dictator. Benito_Mussolini
  6. Re:Leak DRM? by AJWM · · Score: 4, Interesting

    feature that allows material to be copied onto thumb drives or other removable devices be disabled on its classified computer systems

    Here's a question: Why the hell was that stuff ever enabled in the first place?

    A place I worked a while back -- we did QA for voting systems and for games -- was a lot more secure than that. Only one system on the LAN had a CD burner, and that was passworded and the media use logged. Cameras everywhere. Firing offense to have your own thumb drives (or to plug in a device like an MP3 player), etc. Cell phones forbidden without express authorization. Everything logged. Air-gap -- and you had to know the passwords, including to the cypherlock on the door -- on the machine that could access customers' code servers. Defeatable? Sure, but not without leaving a trail a mile wide. And this was on the voting side of the company, security on the gaming side was even tougher. (Hey, now we're talking about real money!)

    Apparently the government doesn't take security as seriously as game software companies do.

    --
    -- Alastair
  7. Danger. Really. Danger? by paulsnx2 · · Score: 5, Interesting

    "With better sharing of Intel Comes Danger"

    I love this stuff. What Danger?

    We are being told that this release of information has harmed the ability of the U.S. to carry out diplomacy. In what way? That we tell lies and other governments tell lies, and now some of these lies have been exposed? What was the "Danger"? Wasn't the danger in the telling of the lies in the first place? Better sharing of Intel didn't bring about this danger.

    Besides, if this data dump was so easily acquired (I am assuming the obvious here, that Wikileaks never had to go all "Tom Cruise/Mission Impossible" to get it), surely the data dump was no surprise to various other governments. I'd even guess that this is a fraction of what our enemies know about what we have been saying to ourselves for decades. How could it be otherwise?

    So the "Danger" is that increase sharing might also include the public? If there is a change here, it is that the public got into the loop. Is it possible that they might have to abide by a higher level of ethics to avoid embarrassing lies coming out in future leaks? Is it possible that this is the "Danger"?

    I am struggling here. So far I haven't heard about anything leaked which can be properly described as a "Danger" appeared with the leak itself. All of the best tidbits I have heard so far that might cause some diplomatic ruffle are due to actions that either 1) Should not have occurred (agreements to lie to the public), or 2) Need not have occurred (Let's call Putin "Batman").

    I don't like to negotiate in business with people that live in secret worlds. I don't like the fact that our government loves secrets. The default for government should be to play their cards on TOP of the table, face up. When secrets are really necessary, they become easier to keep if their numbers are few, and the period of secrecy is of very short duration.

  8. Which downsides? by ljw1004 · · Score: 4, Interesting

    So far we haven't actually seen ANY downsides of the wikileaks...

    * We saw a german official get fired for leaking information to a foreign state
    * We saw the Yemeni government conspiring to lie to its people
    * We saw the UK foregin office trying to lie to the UK parliament about breaking international commitments on cluster bombs
    * US secretary of defense Bob Gates explained that the leaks haven't hurt the US

    There have ben only upsides so far.

  9. Re:Leak DRM? by RazorSharp · · Score: 5, Insightful

    Or just don't participate in corrupt activities. Whistleblowers almost always leak information because they feel morally obligated to do so (leaking information puts one's future and safety at risk, no one does it for kicks or b/c they hope to make money). Many whistleblowers (especially in the corporate world) fall victim to strange accidents or they find themselves blacklisted from employment. When people decide to leak information like this they've made a conscious decision that doing so is more important than their own life.

    Whistleblowers aren't spies, they're just people with morals. If our government is concerned with protecting itself against the ethically conscious, then perhaps there's no hope. The government has become everything it was designed to prevent: a tyranny. The only reason I haven't reached this conclusion yet is b/c Obama has been so hands-off with this Wikileaks mess. It's been the usual band of psychos that have called for Assange's arrest/assassination: Lieberman, McConnell, ect.

    --
    "From the depths of my skeptical and rationalist soul, I ask the Lord to protect me from California touchie-feeliedom."
  10. Re:Leak DRM? by evought · · Score: 5, Informative

    The other problem is that this was already policy in the '90s when I worked in AFSAA in the Pentagon. You were not allowed to copy data to non-classified system without the approval of specific officers who were tasked to examine the data. The data was copied onto a zeroed disk in a clean system, examined directly and in a hex editor. Then, if approved, it was copied for you onto a disk marked unclassified. There were also strict rules about the use of pads of paper (remove the top sheet, put it on a hard surface, write your note; that way you did not leave stray impressions on the pad which might be distributed. In the vaults, they often had pads stamped "SECRET" or "TOP SECRET" to make this less likely.) And there were quite a few applications we used where cut and paste was disabled or limited.

    This obviously slowed things down, but that was the whole point. There had been several incidents where people had bypassed the rules and classified data were nearly leaked (the affected unclassified systems had to be scrubbed). Even if you just know that a document contains no classified information, it is quite possible that a file does. Problems were specifically discovered with MS Word files where random data from the system could end up in non-visible portions of the file. Once on an Unclassified system, the classified data might end up in swap space or otherwise be copied to where it should not be and remain after the offending file was wiped. Therefore the entire contaminated system would usually be wiped and reinstalled from a clean image. And, often the offending person would have their career shortened considerably. We dealt with nuclear deployment data and WINTEL (data which could reveal the identity of intelligence sources), so courts martial was always a possibility even, perhaps especially, for inadvertent release.

    Personally, I consider release of classified data through idiocy to be a higher offense than doing so on purpose through act-of-conscience. The procedures exist for a reason, and often it is not to make things convenient. Carelessness gets people killed.

    About when I stopped doing work there (1997-98) was when they were really going gung ho on the "classified Internet" where classified networks were tunneled over the DoD Unclassified Internet. That made for a lot more mixing of systems and cables which, I think, made it much harder to enforce strict separation. It used to be that there had to be 6' between the Top Secret network cables and the Unclassified network cables (and the cables were color coded). Ostensibly that was to prevent electronic feedback from leaking signals, but I think the real reason was to make absolutely sure the wrong network cable never went to the wrong hub and that someone lost their job if it did. It was absolutely forbidden to patch a classified cable outside of the designated rooms and areas. Classified printers, copiers, and CD burners were usually in designated areas as well. (You were allowed to make Unclassified copies on a Classified copier as long as you ran three blank pages through first to clear any residual images on the drum; you were never allowed to copy Classified data on an Unclassified copier outside the designated areas). Trash, of course, was separated by classification level and classified electronic waste (e.g. bad hard drives) were destroyed. Some manufacturers insisted that we return bad drives for warranty replacement, which was fine, as long as they understood that the platters would be physically destroyed first.

    In any case, I am not surprised at this rule as much as surprised that it was allowed to lapse. You cannot 100% prevent leaks of data, but you at least want to make sure it is deliberate, that people are aware of what they are doing and of what the consequences will be.