Incomplete PDF Redaction Leaks Data From UK MoD

Don't hide information. by Anonymous Coward · 2011-10-09 09:57 · Score: 0

They should not be trying to hide information from the people they govern.

Re:Don't hide information. by JoshuaZ · 2011-10-09 10:13 · Score: 4, Insightful

There are types of information that every sane person thins should be classified. For example, the engineering details of how to make nuclear weapons should probably be classified. There's a limit to how much of that can be practically classified because those secret are so old, but a similar remark about hydrogen bombs would apply. Similarly, if one country has a high ranking spy in another country's government (say for example the Brits having a North Korean colonel giving them information from the inside), wanting to keep that information secret is reasonable. These are but two of the more clear cut examples. There's a lot of information about the specs of military hardware that could give an enemy advantages if they knew about it. Radar used in defense systems (which is what was leaked in this context) is exactly that sort of thing.
There are examples where governments try to classify things that they shouldn't. Sometimes they use that as a way of disguising violations of their citizens rights. Other times they use it as a way of covering their asses after they do something incompetent. But it is a mistake to look at the examples where governments have abused their ability to classify things and then conclude that all classification is bad.
Re:Don't hide information. by Doc+Ruby · 2011-10-09 10:18 · Score: 1, Offtopic

Actual secrets of military technology are legitimate secrets, as long as the military secrets are being overseen by competent people with power independent of the military - who are themselves catchable when they're corrupt.
But the problem isn't this secret. It's the vast abundance of secrets in governments like the UK's. Some percentage of secrets are going to be divulged when they shouldn't. Having millions of secrets means that percentage results in a lot of divulged secrets.
Perhaps the large number of secrets that are worthless, or are secret only to protect someone who did something wrong rather than to protect the country, means that most divulged secrets harm no one - or harm people who did wrong. But the large number of secrets makes the percentage divulged increase. Especially when the worthless ones divulged get everyone used to divulging secrets. Then the percentage goes way up. And the secrets worth keeping do a lot of damage.
Proper management calls for reducing the amount of secrets to the minimum. This is a fundamental principle known to any competent info security professional, and to many amateurs - in any field. But governments keep increasing their trove of secrets. Mostly because governments keep increasing the number of things they do wrong. And keeping too many secrets, many (if not most) of them worthless or even beneficial to reveal, is just one of the things they're doing wrong.
It's the worst kept secret in the secrecy business.

--
--
make install -not war
Re:Don't hide information. by That+Guy+From+Mrktng · 2011-10-09 10:29 · Score: 1

Information wants to be leaked.
Really, who can tell if they didn't want this to be leaked? This is probably a disinformation gig, because such screw up it's just too lame to have happened on a such level, I mean, you can do it like it should be done in effing MS paint.
Re:Don't hide information. by nedlohs · 2011-10-09 10:46 · Score: 1, Flamebait

They already exist. So not creating them isn't an option obiously. But don't let that stop you being retarded.
Re:Don't hide information. by Nutria · 2011-10-09 10:47 · Score: 2, Insightful

Christian "crusades"
As opposed to the Muslim invasions of the Palestine, Egypt, whatever the rest of North Africa was called 1300 years ago, Iberia, France, Babylon, Persia, Afghanistan, India, etc, etc, etc?

--
"I don't know, therefore Aliens" Wafflebox1
Re:Don't hide information. by Anonymous Coward · 2011-10-09 10:48 · Score: 1

If you worry that some nuclear designs leak out, what about not creating them in the first place?
Yes! And then we can all ride rainbow unicorns to the land at the end of the rainbow and eat candy and play with kittens! I think you should run for President of the World, Mr. tech4; your intellect is so brilliant, your insight so stunning, you just made me spunk.
Re:Don't hide information. by SwedishPenguin · 2011-10-09 10:57 · Score: 2

How does the existence Christian crusaders negate the existence of Muslim crusaders, or any other type of crusaders for that matter? History is filled with religiously motivated war, regardless of religion.
Re:Don't hide information. by Nutria · 2011-10-09 11:19 · Score: 1

How does the existence Christian crusaders negate the existence of Muslim crusaders
Who says I did?
But I do know that while in school the evils of the Christian Crusaders was repeated many times, while even the very *fact* that Muslims invaded Holy Land was *completely* glossed over as if they had always been there. And this was 35 years ago in a sectarian school with no Anti-Christian bias.
Likewise the Eeeevils of the Iberian Reconquista.
Thus, I'm betting that most everyone else in the US was not taught the same things.

--
"I don't know, therefore Aliens" Wafflebox1
Re:Don't hide information. by Pieroxy · 2011-10-09 11:22 · Score: 1

This is probably a disinformation gig, because such screw up it's just too lame to have happened on a such level
The higher the level, the stupidest the screwup, specially a tech one. That's because the higher level, the higher n00bness.

--
Write boring code, not shiny code!
Re:Don't hide information. by Jah-Wren+Ryel · 2011-10-09 11:28 · Score: 2

But I do know that while in school the evils of the Christian Crusaders was repeated many times, while even the very *fact* that Muslims invaded Holy Land was *completely* glossed over as if they had always been there. And this was 35 years ago in a sectarian school with no Anti-Christian bias.
What you are describing is actually a pro-christian bias.
Since pretty much everything the muslims did is left out of high-school history courses that really shouldn't be much of a surprise.

--
When information is power, privacy is freedom.
Re:Don't hide information. by DarwinSurvivor · 2011-10-09 11:36 · Score: 2

Right, because spies only kill people. There is no way they could be monitoring hostile countries to ensure *they* aren't planning to kill people. And while we're at it, let's just publish the full list of names and locations of everyone in witness protection, they're all criminals anyways. As a show of good faith, why don't you post you full name, date of birth, mother's maiden name, current place of residence, credit card number and annual income? It's not like the government is keeping any of THAT data secret for you.

I find it absolutely stupid when people chant "Secrets are bad, mmmkay" while using an online pseudonym.
Re:Don't hide information. by Nutria · 2011-10-09 11:41 · Score: 1

What you are describing is actually a pro-christian bias.
Eurocentric, not pro-Christian.

--
"I don't know, therefore Aliens" Wafflebox1
Re:Don't hide information. by MightyYar · 2011-10-09 12:55 · Score: 2

That's perhaps one of the most naive things I've ever heard. If it came from a child, it would be adorable.

--
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Re:Don't hide information. by hairyfeet · 2011-10-09 13:05 · Score: 1

Would you have been happier if American soldiers in the Pacific were having to gut little kids and ended up shell shocked? try looking up "The World At War: Japan 1941-45" and see for yourself, they have film footage of the Japanese training little girls with bamboo spears and it is pretty common knowledge that even AFTER dropping two bombs upon them the high command had to broadcast the surrender in BOTH English AND Morse Code because there were a couple of Army Generals that tried to take over the radio station and broadcast they were gonna fight to the last Japanese!
The US has a lot of things they did wrong but I'd say dropping the bombs is not among them. look at the footage of Saipan, of Iwo jima, when there was NO hope of victory, no hope of even a draw they still fought on.

--
ACs don't waste your time replying, your posts are never seen by me.
Re:Don't hide information. by MightyYar · 2011-10-09 13:18 · Score: 1

It just shows that these secrets are used for evil and bad things, for murdering people.
Secrets are important for defense as well. Even if the US were to completely abandon a foreign intelligence service, there would still need to be counter-intelligence services. And those activities and such would be necessarily secret. Or forget foreign interaction altogether. An ongoing corruption investigation needs to be secret. Wiretapping of a mob boss needs to be secret. The President's schedule details often need to be secret. Many, many, completely legitimate government functions need to be secret.

At least Buddhism teaches real things, real values and there's no imaginary persons, as Buddha himself has actually lived.
Right, and Buddhists have never fought any wars. And they don't keep secrets. And they never get all authoritarian or anything like that. BTW, Jesus was also a real guy. So was Mohammad. Buddha may have "actually lived", but the first written account of his life seems to have occurred hundreds of years after his death. And this written account includes Buddha being advised by invisible men.

--
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Re:Don't hide information. by ganjadude · 2011-10-09 16:02 · Score: 1

exactly true. I graduated highschool in 2003, and I remember all we were taught was the ottoman empire took over alot of land. It took research on my own to find out that the ottoman empire was the muslim crusaders. However they always pointed out the evils of the christian crusaders without hesitation.

--
have you seen my sig? there are many others like it but none that are the same
Re:Don't hide information. by LingNoi · 2011-10-09 18:13 · Score: 4, Informative

At least Buddhism teaches real things, real values and there's no imaginary persons, as Buddha himself has actually lived. And he said to think and evaluate things with your own brains, instead of following some stupid book.
Your pedestal opinion of Buddhism will change once you've been in a country with 90+% Buddhists for any length of time. They're no better then Christians, even with pushing their faith on others regardless of the intent of the religion.
Re:Don't hide information. by Caesar+Tjalbo · 2011-10-09 18:40 · Score: 1

What you are describing is actually a pro-christian bias.
Eurocentric, not pro-Christian.
and christian-centric, which is defensible since the church probably had a huge influence on history and in Europe there was not much else. However, the few times 'other' people come into focus, it's as "invaders" who did nothing more than occupy some land until the good guys finally restored order and threw them out.
History education has changed since I last had it at high school and I'm sure we teach our kids a little bit more and a little less biased. Don't know if we've come to the point where we no longer speak of the Moorish invasion of Spain but may actually see the the greater Umayyad culture.

--
"I'm not much interested in interoperability. I want substitutability. I want to be able to throw your software out."
Re:Don't hide information. by znrt · 2011-10-09 18:58 · Score: 1, Insightful

look at the footage of Saipan, of Iwo jima, when there was NO hope of victory, no hope of even a draw they still fought on.
ok. Saipan was overrun Jun 1944, Iwo Jima Feb 1945. Hiroshima and Nagasaki were obliterated Aug 1945, directly causing the death of 150.000 - 250.000 civilians. A nuclear bomb is a weapon specifically designed to blow up entire cities. There is no imaginable military target for which such a device could be considered effective or even suitable. US invested billions of dollars employing more than 150.000 people for 7 years, to design and implement such an atrocity. And then they used it. Against civilians, of course, as was intended. Twice.

The US has a lot of things they did wrong but I'd bullshit dropping the bombs is not among them.
FTFY
Re:Don't hide information. by Nutria · 2011-10-09 19:10 · Score: 1

However, the few times 'other' people come into focus, it's as "invaders" who did nothing more than occupy some land until the good guys finally restored order and threw them out.
I was taught back in the 1970s that the Spaniards were brutish to conquer the Moors and the Aztecs and the Christians were downright Evil to invade the Holy Land. Maybe an anti-Catholic bias?
Nothing about how others were temporary invaders.

--
"I don't know, therefore Aliens" Wafflebox1
Re:Don't hide information. by AliasMarlowe · 2011-10-09 19:52 · Score: 2

At least Buddhism teaches real things, real values and there's no imaginary persons, as Buddha himself has actually lived. And he said to think and evaluate things with your own brains, instead of following some stupid book.
But history also is replete with episodes of Buddhist polities fighting and invading one another and inflicting the usual horrors of war on entire populations. Consider the many internal wars and mutual invasions of Burma and Thailand, for example, both being Buddhist for many centuries.
Religion, of any form, is a tool for control of populations by their rulers. Any attempts to demonstrate the falsehood of the local religion will be fiercely resisted - and likely punished by the authorities as much as by the credulous zealots. It has always been thus.
"Religion is regarded by the common people as true, by the wise as false, and by rulers as useful." - Ira Cardiff (he attributed the statement to Lucretius).
"The various modes of worship, which prevailed in the Roman world, were all considered by the people, as equally true; by the philosopher, as equally false; and by the magistrate, as equally useful." - Edward Gibbon (possibly loosely translating from a work of Seneca the Younger).

--
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
Re:Don't hide information. by TheRaven64 · 2011-10-09 23:14 · Score: 1

Some people cherry pick the good parts of a religion and live their lives accordingly.
Some people cherry pick parts of a religion to justify being an asshat.
As far as I can tell, no major religion has a monopoly on people in either category, and every major religion has a lot of people from both. It seems that the teachings of the religion are largely irrelevant.

--
I am TheRaven on Soylent News
Re:Don't hide information. by CrimsonAvenger · 2011-10-09 23:52 · Score: 1

A nuclear bomb is a weapon specifically designed to blow up entire cities. There is no imaginable military target for which such a device could be considered effective or even suitable. US invested billions of dollars employing more than 150.000 people for 7 years, to design and implement such an atrocity. And then they used it. Against civilians, of course, as was intended. Twice.
1) Both Nagasaki and Hiroshima had military industries, which were legitimate targets.
2) It's probably still not widely known that both Nagasaki and Hiroshima were removed from conventional bombing target lists at the beginning of the war (among other cities) specifically because they were suitable for evaluating the funtionality of atomic bombs, assuming such weapons could be built. So both those cities (and several others) were NOT bombed into ruin for four years.
3) And it's also not terribly widely known that BOTH atomic bombings combined caused fewer casualties than the conventional bombings of Tokyo did. In point of fact, there were individual fire-bombing raids on Tokyo that caused more casualties than either atomic bombing. And Tokyo suffered through rather more than two fire-bombing raids, as well as numerous conventional HE bombing raids.
4) Finally, it should be pointed out that the alternative to the atomic bombings of Japan was an invasion of Japan. Which was tentatively scheduled for later in 1945. Which was expected to cause rather more American casualties than we suffered in the rest of WW2 combined, as well as millions of Japanese casualties. Note that there were not millions of Japanese killed by the atomic bombings.

--

"I do not agree with what you say, but I will defend to the death your right to say it"
Re:Don't hide information. by lewko · 2011-10-09 23:56 · Score: 1

It's Moops.

--
Do you or your partner snore? - Visit www.snoring.com.au
Re:Don't hide information. by DrXym · 2011-10-10 00:20 · Score: 1

Of course there are military uses for atomic weapons. If you know your enemy is massing troops in some area you drop a huge frigging bomb on them annihilating / severely disrupting their ability to wage war. Or you drop a bomb on their oil fields, naval docks, train depots, industrial zones or whatever.
Aside from that, it is not unreasonable given the alternatives to believe the bombings shortened the war and saved more lives (civilian and military) than they cost. That is no consolation at all to the people who died prolongued, agonizing deaths or suffered the rest of their lives with horrible burns or other effects. But it's still the likely result of using them.
So I am not really surprised that the US sought to drop them, or convinced by the moral arguments that they shouldn't have given the situation they were in.
Re:Don't hide information. by hairyfeet · 2011-10-10 06:25 · Score: 1

Horseshit, complete and utter horseshit. We are talking fanatics here, my late uncle was in the pacific at both Saipan and Okinawa and I got to here of the horror first hand from him. He said they'd get a bunker surrounded then broadcast in Japanese "If you don't come out we are gonna have no choice but to call in the flamethrowers, we'll give you food, treat your injuries, and take you to safety if you'll just come out and surrender" and instead they would strap grenades on their chests and banzai charge the lines. he said the bodies were literally piled up like cordwood, the stench of death was beyond belief, yet they still came. He also watched women throw infants off the cliffs rather than surrender their children, that kind of shit haunted him for years, hearing the screams of babies as they fell to their deaths.
So sincerely fuck your bleeding heart bullshit. as Truman said "I can tell you how many Americans were saved by the dropping of those bombs" and in a time of war THAT is what matters. Either you give 100% or you go the fuck home, that's it. I would remind you we had already killed more than the atomics in Tokyo alone and as I said even AFTER TWO BOMBS They had to broadcast the surrender from multiple sites because several general took over a radio tower and was broadcasting they were gonna fight to the last man.
While you may think it would have been cool for Americans to line up and just grind little kids into fucking hamburger with the 50cals I can tell you thanks to the stories of my family who fought in both theaters (grandfather in Europe liberating one of the camps, great uncle in the pacific as a marine) that having to kill little kids because its you or them? NOT good on the soldiers. Killing a soldier is one thing, killing an 8 year old girl because she is going kamikaze with a grenade tied to the end of a bamboo spear? totally different ball game.

--
ACs don't waste your time replying, your posts are never seen by me.
Re:Don't hide information. by znrt · 2011-10-10 07:40 · Score: 1

I understand your points, but I didn't intend to debate if the bombing was moral/reasonable/whatever. I just made its particular significance very clear: a government of a democratic country (by any standards) deliberately and autonomously built a wmd and used it against civilians and in an undisclosed way, as "tech4" pointed out. A hard fact that "hairyfeet" blurred by displaying his moral stance towards the issue which is, at least, debatable. So much less an issue that should be kept undisclosed to citizens, methinks.
Of course a majority of US citizens could have favored the wmd development and even the bombings. But who knows ... nobody asked them! They weren't even told about until it was done (and lots of information has ben held back until very recently)
I'm not look(ing) at the examples where governments have abused their ability to classify things and then conclude(ing) that all classification is bad.. The point is that while there is the mere possibility that (democratic) governments classify and hide any such farreaching activities (and Hiroshima and Nagasaki are not possibilities but proof) then democracy is at the end of very limited use. Maybe that's why it is more of a mockery, today. My view is that there should not be information classification whatsoever.
Re:Don't hide information. by znrt · 2011-10-10 08:54 · Score: 1

Horseshit, complete and utter horseshit.
plain, succint and verifiable facts (no, you don't need a veteran father to verify that).

We are talking fanatics here, my late uncle was in the pacific at both Saipan and Okinawa and I got to here of the horror first hand from him. He said they'd get a bunker surrounded then broadcast in Japanese "If you don't come out we are gonna have no choice but to call in the flamethrowers, we'll give you food, treat your injuries, and take you to safety if you'll just come out and surrender" and instead they would strap grenades on their chests and banzai charge the lines. he said the bodies were literally piled up like cordwood, the stench of death was beyond belief, yet they still came. He also watched women throw infants off the cliffs rather than surrender their children, that kind of shit haunted him for years, hearing the screams of babies as they fell to their deaths.
So sincerely fuck your bleeding heart bullshit. as Truman said "I can tell you how many Americans were saved by the dropping of those bombs" and in a time of war THAT is what matters. Either you give 100% or you go the fuck home, that's it. I would remind you we had already killed more than the atomics in Tokyo alone and as I said even AFTER TWO BOMBS They had to broadcast the surrender from multiple sites because several general took over a radio tower and was broadcasting they were gonna fight to the last man.
While you may think it would have been cool for Americans to line up and just grind little kids into fucking hamburger with the 50cals I can tell you thanks to the stories of my family who fought in both theaters (grandfather in Europe liberating one of the camps, great uncle in the pacific as a marine) that having to kill little kids because its you or them? NOT good on the soldiers. Killing a soldier is one thing, killing an 8 year old girl because she is going kamikaze with a grenade tied to the end of a bamboo spear? totally different ball game.
This could indeed qualify as fanatism. I recommend you broaden your views somewhat beyond of your (most respectable, no doubt) father's war impressions. No matter the horror, the savagery, there is always more to it (usually expresable in plain and cold money). We're talking about governments and information, here. And remember, Mahattan project started long before a single marine put a foot on any japanese shore. So much for your baby kamikaze horror stories.
--
"property, the whole thing is about property" (1st Sgt. Edward Welsh, "The thin red line").
Re:Don't hide information. by hairyfeet · 2011-10-10 17:54 · Score: 1

Maybe YOU should pull your head out your ass and try learning a little history. try watching "The World At War: Japan 41-45" which just to make you happy was NOT made by the American but by the BBC, which are known for their impartiality. There you will get to see with your own two eyes Japanese training videos showing 8 and 9 year old kids being taught to use bamboo spears, which were to have grenades strapped to them.
Maybe you can read, perhaps you'd like to explain this? Look at the bottom, see the girls being trained as suicide attackers? Now what did you think we should do, hit them with flamethrowers? grind them up with the 50cals? or do you think we should have surrendered, because from your tone I have to seriously wonder if that isn't what you would have done. With just the attacks up to that point suicide attackers killed over 3000 Americans and wounded another 6000. Tell me did you think those Americans "deserved it"?
Whether you like it or not it is pretty well documented the USA was looking at 350,000 to 500,000 dead if we invaded the home islands. Would you have preferred that? Would you have cheered? Like it or not friend too damned many on BOTH sides were killed by Japanese fanaticism. Maybe this quote from the first link will help you to see clearly " Teenaged boys and girls were taught how to use grenades and spears. Civilians, including woman armed with spears, made attacks on Okinawa, 21April, and Ie Shima. 23April. Unable to provide uniforms, they were equipped with a patch. One million people on Kyushu were eligible. Chance of their survival improved after Hiroshima." Those folks lived because we dropped the bomb. If we hadn't? They'd have been given a stick, a grenade to tie to it, and been pointed AT US. Or do you think those American soldiers shouldn't have defended themselves?

--
ACs don't waste your time replying, your posts are never seen by me.
Re:Don't hide information. by Anonymous Coward · 2011-10-11 05:51 · Score: 0

As opposed to the Muslim invasions of the .. France ..
Would you like to shoot some Norwegian school kids then?
Re:Don't hide information. by znrt · 2011-10-11 09:21 · Score: 1

Tell me did you think those Americans "deserved it"?
they were soldiers, not civilians. a good chance of death is what a soldier buys the very moment he enlists.

Those folks lived because we dropped the bomb
you can't possibly know that. even if you did it still wouldn't be a valid reason to build a wmd and throwing it at the population.

the USA was looking at 350,000 to 500,000 dead if we invaded the home islands
the forecast was actually higher. roosevelt throwed around figures that even tripled that. so what? who said invasion was the only option, or was a reasonable option at all? it would still not be a valid reason to build a wmd and throw it at the population.

Teenaged boys and girls were taught how to use grenades and spears.
you should stop spraying that crap, really. it is well known that japanese were very crude and fanatic. that, you could reasonably expect from a culture that had jumped out from feudal middle age just a few decades earlier. you can't by any means be implying that the only way to deal with this kind of people is .... build a wmd and throw it at the population.
besides ... your father sure did tell you that the guys in his company were all honorable brothers in arms, straight and enduring hearts. that's maybe because your father only told you the shit he wanted you to believe ... or wanted himself to remember. if not, and if he'd served in irak, he could have told you about girls being raped by marines (always good buddies) right in front of their just executed family, being burned alive afterwards. if that family had known beforehand, they might as well have throwed themselves at the troops with their pants stuffed with explosives. even your family might do the same in a similar situation. (wait, you're american, why in heaven would you be in such a situation?)
your father may have been a good or a bad soldier, but he couldn't have built a wmd and throwed it at popuilation, himself. that's a different story, hairy feet. governments do such things, because they can. and they do that on their own record in total disregard to public opinion (this was the topic, bytheway :D). and if needed they are eager to manipulate public opinion to spread the belief that there may exist any utterly bizarre argument for ... building a wmd and throwing it at people.

Those folks lived because we dropped the bomb.
this is more than a really sick excuse out of the blue. it is awfully perverse to me.

American soldiers shouldn't have defended themselves?
I still don't get the association between "american soldiers defending themselves" and "build a wmd and throw it at the population".
Re:Don't hide information. by LrdDimwit · 2011-10-11 11:26 · Score: 1

"No imaginable military target", huh? Just because you say it doesn't make it true. A nuke would do a pretty severe amount of damage to just about any military installation. Anywhere a lot of military facilities were built close together is a good military target for a nuke. So is anywhere a large number of troops are massed.

It so happens that the last few war the US has been involved in have been against asymmetric guerilla opponents. Nukes are largely useless against relatively small groups of people hiding in plain sight. But that doesn't mean there's no military application for nukes. To the contrary - if it ever had come to nuclear war against the Russians, the Pentagon would have been one of the first places they blew up. That's a classic military target. For an enormous list of other military targets, see this list of US military bases.

At least consistent by gweihir · 2011-10-09 10:00 · Score: 2

At least they are consistent in hiring incompetent amateurs to do important work.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.

Re:At least consistent by Anonymous Coward · 2011-10-09 10:07 · Score: 0

Well, at least they have moved past putting white-out on the screen.
Re:At least consistent by Anonymous Coward · 2011-10-09 10:22 · Score: 0

I doubt they were employed based on ability. It's the UK.
Re:At least consistent by RichardJenkins · 2011-10-09 10:48 · Score: 2

"Consistency: It's only a virtue if you're not a screwup"
http://demotivators.despair.com/consistencydemotivator.jpg
Re:At least consistent by Anonymous Coward · 2011-10-09 12:36 · Score: 0

More likely than not, it is the same secretary who can't find the time for a computer literacy course because of the demand for the excellent blowjobs.
Re:At least consistent by Dabido · 2011-10-10 00:01 · Score: 1

As soon as they are hired, they are technically incompetent professionals. :-)

--
Sure enough, the cow costume was hanging up next to the superhero outfit and sailors uniform. (S,Spud)
Re:At least consistent by gweihir · 2011-10-10 04:52 · Score: 1

True ;-)

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Re:At least consistent by Ramin_HAL9001 · 2011-10-11 14:44 · Score: 1

So government workers in the UK think Microsoft Word is exactly the same as virtual paper. There ought to be a law that forces all government employees to write documents by hand-coding HTML tags, but then, I would prefer the government spilled secrets more often.

made me laugh by johnsnails · 2011-10-09 10:00 · Score: 1

rookie mistake

Who is in charge of redactions? by artor3 · 2011-10-09 10:01 · Score: 4, Insightful

Seriously, this exact mistake seems to occur at least a couple times a year. You would think that anyone with enough security clearance to make redactions would, I don't know, take a 4 hour training course on how to use MS Word? Do they hand this job off to interns, or what?

Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 10:04 · Score: 0

Is there a technique that doesn't involve printing it out and scanning it back in? removing text affects spacing. i'd be interested in knowing what the 'proper' way to do this is.
Re:Who is in charge of redactions? by SharpFang · 2011-10-09 10:10 · Score: 2

Affecting spacing is a boon, as length of text may suggest the content.

--
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
Re:Who is in charge of redactions? by BradleyUffner · 2011-10-09 10:34 · Score: 1

Seriously, this exact mistake seems to occur at least a couple times a year. You would think that anyone with enough security clearance to make redactions would, I don't know, take a 4 hour training course on how to use MS Word? Do they hand this job off to interns, or what?
It occurs enough that I surprised the PDF companies haven't added a check to detect when the same background and foreground colors are used so that a warning can be displayed.
Re:Who is in charge of redactions? by EdIII · 2011-10-09 10:43 · Score: 2

Use a PDF printer driver to print the document all over again. Export it out as a graphic and then put that up on the website.
Basically, there are quite a few different ways to change the elements in a PDF doc before publishing.
The largest problem is that PDF is so freaking complicated to the average person and it is not intuitive in the least that there would be data in the document not visible on the screen. You can embed entire books into an HTML document that don't get rendered in the browser, but the data is still there isn't it?
I'm a developer and using documentation on how to construct PDF documents and spreadsheets for data exports can be fairly complicated and look like complete gibberish to anyone walking by. Not to mention how many different versions and formats there are for documents to begin with.
If you are not an "IT person" the safest, and most assured way, to be completely certain that the document on your screen is what gets sent to the recipient is to print it out and scan it back it in. The method I mentioned first is a compromise, but you can be fairly certain that everything is rendered as a graphic in the printer driver before it gets printed back into a document.
You're technique, although inefficient and a blunt instrument, is actually the best one there is if you are that concerned about security.
Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 11:16 · Score: 1

Well Adobe PDF Pro has built in redaction tools. Redact, select, save. Can't make it much simpler than that.
Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 11:16 · Score: 0

Nobody reads warnings.
Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 11:25 · Score: 0

Similar.... a slight variation and you'd have a problem too. The eye won't pick up slight variations.
Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 12:12 · Score: 0

You would think that anyone with enough security clearance to make redactions would, I don't know, take a 4 hour training course on how to use MS Word? Do they hand this job off to interns, or what?
It was a PDF. Interns actually take the MS Word course.
Re:Who is in charge of redactions? by ttong · 2011-10-09 12:36 · Score: 1

Shit like this is why we can't have nice things.
Re:Who is in charge of redactions? by NeoMorphy · 2011-10-09 13:56 · Score: 1

Maybe they shouldn't even be using MS Word. There's a lot of silly ways one could leave information in a document after they thought they removed it. And even if they did everything correctly, a bug in MS Word could still leave it in. Oops, don't worry, just apply this update and that problem won't happen again.
Re:Who is in charge of redactions? by mlts · 2011-10-09 14:10 · Score: 1

Acrobat has a built in redaction mechanism, as of 3 years ago. It isn't just a black bar over text which is how some places used to do redactions... it actually destroys all what is under it, be it text or graphics. Once the document is resaved, the changes are permanent (no undo available, etc.)
There is just no excuse for improper redactions. It is built into Acrobat, as well as Wordperfect. Word, you install an add-on so you get non-undoable black boxes where the juicy info used to be.
Re:Who is in charge of redactions? by Nehmo · 2011-10-09 14:32 · Score: 1

... You would think that anyone with enough security clearance to make redactions would, ... take a 4 hour training course on how to use MS Word? ...
The documents at issue were PDFs, and Word doesn't edit PDFs. The source article suggests using the redaction features in Acrobat X.

--
(||) Nehmo (||)
Re:Who is in charge of redactions? by godel_56 · 2011-10-09 16:43 · Score: 1

Acrobat has a built in redaction mechanism, as of 3 years ago. It isn't just a black bar over text which is how some places used to do redactions... it actually destroys all what is under it, be it text or graphics. Once the document is resaved, the changes are permanent (no undo available, etc.)
There is just no excuse for improper redactions. It is built into Acrobat, as well as Wordperfect. Word, you install an add-on so you get non-undoable black boxes where the juicy info used to be.
Nitro PDF Pro ($99) and and the paid version of Foxit also do redaction, for cheaper than Adobe.
Re:Who is in charge of redactions? by artor3 · 2011-10-09 16:56 · Score: 1

Word can export files as PDFs, at least as of the 2007 version, and even before that you could use "print to file" addons. The point is, whatever tool they're using, they ought to know how to use it well enough to perform their basic job functions.
Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 17:01 · Score: 0

Or may be, they could just ban formats like PDFs, Word documents, and Powerpoints for anything they publish (Allow them to read those formats, just not publish in them). The more an application obfuscates to its users what it's doing to its underlying format, the riskier it becomes.
Even Open Office should go by that definition. Then, we'd be left with Notepad, TextMate, emacs, vim, and nano.
Re:Who is in charge of redactions? by tlhIngan · 2011-10-09 17:22 · Score: 1

Seriously, this exact mistake seems to occur at least a couple times a year. You would think that anyone with enough security clearance to make redactions would, I don't know, take a 4 hour training course on how to use MS Word? Do they hand this job off to interns, or what?
An easier solution.
Take document. Print it out on paper. With thick fat black marker, redact away. Then take redacted documents, and scan them in. This is just a modification on the way they used to do it in the old days.
The problem is people want to electronically redact, and that just doesn't work - too many mistakes can be made. We never had this problem before on old documents - they made a copy, redacted, and photocopied the result, and made that photocopy available.
It's also odd the government wouldn't want to do that - after all, scanned documents without OCR just make it that much harder for those pesky people who make FOIA requests - might as well make their lives as hard as possible. &sarcmark;
Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 19:08 · Score: 0

Yep, depending on the configuration Word will save the undo history in the document file.
Re:Who is in charge of redactions? by Nehmo · 2011-10-09 19:09 · Score: 1

Word can export files as PDFs, at least as of the 2007 version, and even before that you could use "print to file" addons. The point is, whatever tool they're using, they ought to know how to use it well enough to perform their basic job functions.
I understand your point, and I know Word currently can save as PDF (which is irrelevant), but you were careless in suggesting which program these workers should study, and this implies you didn't read the source article. If you are going to arrogantly criticize someone for being careless, you shouldn't be careless yourself.

--
(||) Nehmo (||)
Re:Who is in charge of redactions? by maxwell+demon · 2011-10-09 20:38 · Score: 1

What about manually replacing the text with a stars?

--
The Tao of math: The numbers you can count are not the real numbers.
Re:Who is in charge of redactions? by maxwell+demon · 2011-10-09 20:47 · Score: 1

It would also allow to add an extra security barrier: Things on your normal computer are technically prohibited from publishing. There's a special, separated publishing computer network, where the scanners are attached.

--
The Tao of math: The numbers you can count are not the real numbers.
Re:Who is in charge of redactions? by Anonymous Coward · 2011-10-09 22:20 · Score: 0

Do they hand this job off to interns, or what?
No. They leave it to the president!
Wait! UK?..
Re:Who is in charge of redactions? by TheRaven64 · 2011-10-09 23:19 · Score: 2

Use a PDF printer driver to print the document all over again
That probably won't work. Most of these work by converting the PDF to PostScript for the printer and then back again. In both the PDF and the PostScript, the text will be represented as black text on a black background.

Export it out as a graphic and then put that up on the website.
This removes the ability to search the text.
The correct solution is to replace the object in the PDF file that represents the string of text with an object that draws a black rectangle. Even this is quite tricky. Most PDF editors will do this by just writing a new object and then a new version table, so the original text will still be present, it just won't be visible unless you regenerate the PDF (the PDF format is designed to be edited by appending data to the file, so you can modify it without needing to keep rewriting the entire file).

--
I am TheRaven on Soylent News
Re:Who is in charge of redactions? by TheRaven64 · 2011-10-09 23:22 · Score: 1

You're assuming that the redaction was done in the PDF. It's equally likely that it was done in the MS Word document and then converted to a PDF, preserving the black text on a black background. It's been a long time since I did any work for the MoD, but I wouldn't be at all surprised if this were the case. Back then, MS Office was installed on everyone's PC as was Acrobat Reader (which tells you how long ago it was), but no PDF editing tools.

--
I am TheRaven on Soylent News
Re:Who is in charge of redactions? by AmiMoJo · 2011-10-09 23:35 · Score: 1

Adobe include a handy redaction tool in their PDF authoring software, but chances are whoever cocked this one up was just printing from Word to a soft PDF printer. I am surprised that Word doesn't include a redaction tool too.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:Who is in charge of redactions? by CSMoran · 2011-10-10 01:11 · Score: 1

Seriously, this exact mistake seems to occur at least a couple times a year. You would think that anyone with enough security clearance to make redactions would, I don't know, take a 4 hour training course on how to use MS Word? Do they hand this job off to interns, or what?
An easier solution.
Take document. Print it out on paper. With thick fat black marker, redact away. Then take redacted documents, and scan them in.
Yep, but then you can't search for text in it, can you?

I'm wondering if it's possible they did it on purpose, you know, to spread misinformation.

--
Every end has half a stick.
Re:Who is in charge of redactions? by EdIII · 2011-10-10 08:29 · Score: 1

Well removing the ability to search the text would seem to be inevitable if you are trying to "safe" the document. Unless you are very experienced with Adobe, the tools, and the interface, you will probably end up with something not searchable. So for a novice, the end result would most likely be a very "dumb" document.

That probably won't work. Most of these work by converting the PDF to PostScript for the printer and then back again. In both the PDF and the PostScript, the text will be represented as black text on a black background.
Okay. Correct me if I am wrong here, but the black text on black background will just be one large rectangle filled uniformly with black color? Meaning, the printer itself won't print it in a such a way that you could tell what the text was at all.
It seems to me that you are saying you would still be able to tell what the text was. Like printing out text, then running the paper back in and printing out a huge black filled rectangle. If you were to do that, you could figure out what the text was by inspecting the paper. Difficult, but not impossible.
Re:Who is in charge of redactions? by TheRaven64 · 2011-10-10 10:47 · Score: 1

Correct me if I am wrong here, but the black text on black background will just be one large rectangle filled uniformly with black color? Meaning, the printer itself won't print it in a such a way that you could tell what the text was at all.
Nope. In PostScript and in PDF, they will be saved as text data or, at the very least, sequences of bezier paths. The will only become a black rectangle when the PDF / PS is rasterised. This happens in the printer for a PostScript printer. If you are using a PDF printer driver, it will not happen at all.

--
I am TheRaven on Soylent News

So by Dunbal · 2011-10-09 10:01 · Score: 1

Where is the document? I call BS.

--
Seven puppies were harmed during the making of this post.

Only safe way to do it... by Frosty+Piss · 2011-10-09 10:01 · Score: 1

The only safe way to redact sensitive PDFs or Word (or other word-processing doc) is to black out the data, print it out, and rescan a hard-copy "original".

--
If you want news from today, you have to come back tomorrow.

Re:Only safe way to do it... by TheSpoom · 2011-10-09 10:03 · Score: 3, Informative

Or, y'know, replace the text with "[redacted]". If you black out the text, you're still giving away information on its length.

--
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 10:13 · Score: 0

Errrrr, not it's not. You should replace the text with a fixed-width field, e.g. [ REMOVED ] and print that.
Otherwise spacing/kerning analysis etc. can be used to derive potential original text.
Re:Only safe way to do it... by catmistake · 2011-10-09 10:17 · Score: 1

The only safe way to redact sensitive PDFs or Word (or other word-processing doc) is to black out the data, print it out, and rescan a hard-copy "original".
With PDF's, at least, If you know PostScript, you can actually do it with a text editor, vi, nano, BBEdit, WordPad, etc. Even if you don't know PS, you could probably bumble your way through deleting content... and still be left with a file that opens, even if sort of broken. Your success would depend largely on the size of the document (shorter documents with fewer redactions would be easier to deal with, obviously) and how well you manually parse markup/code. This assumes that the content is not in image scans.... you go and delete the OCRed txt from scans, but not the scanned pages, that won't do much good.

--
The Admin and the Engineer
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 10:24 · Score: 0

The only safe way to redact sensitive PDFs or Word (or other word-processing doc) is to black out the data, print it out, and rescan a hard-copy "original".
+1
Re:Only safe way to do it... by unrtst · 2011-10-09 10:29 · Score: 1

Huh!?!?!
As others have noted, you can just replace the text with "[redacted]", which also removes the length guessing.
Some people have noted some (ridiculous) concerns (like file formats storing changes, which could simply be disabled, and should be caught by the audit procedure afterwards - there is an audit, right?!?). So if you really want the print-out-and-scan-in type of dumbed down method, then:
* save to a bitmap or jpeg.
* black out the text in there ...no need for the useless media conversion (print/scan).
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 10:31 · Score: 0

I'm told that either Adobe Reader or Acrobat actually have a button for doing proper redactions.
Re:Only safe way to do it... by leenks · 2011-10-09 10:50 · Score: 2

Right. How many people on 15k a year know what Postscript is, let alone how to edit it?
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 10:55 · Score: 0

1. And how does that help if you have a need to show the non-redacted text in its original form?
2. You're suggesting telling an employee: "Just copy the information to Word, and replace the sensitive info with '[redacted]'. "? What could possibly go wrong?
I always love it when the snarky "y'know" is followed by pure stupidity.
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 10:56 · Score: 1

me
Re:Only safe way to do it... by TheSpoom · 2011-10-09 11:04 · Score: 1

1. Produce the original.
2. I am? Where? Did I mention Word at all? (No.)
Were I in charge of such a division, I would have a process put in place to guarantee that no information that was redacted could be found in the redacted copy before it was released. But then, you're just looking for a way to feel superior.

--
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Re:Only safe way to do it... by TheSpoom · 2011-10-09 11:07 · Score: 1

I wouldn't use Word were I working on a Secret or higher level document. See my sibling post for more details. I don't respond to ad hominem.

--
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 13:02 · Score: 0

Acrobat has built in redaction functions. They are actually pretty good, can be automated and they prevent many common errors. However, I still receive PDFs with sections marked as redacted in the comments, but are not actually applied. Another is the OCR overlay is still there with the text because they just blacked out the image portion. The latest versions have prompts to do it properly, but you cannot fix stupid. (of course you say yes to remove information. That is the whole point of redactions!)
A good site I use whenever I have to do it: http://blogs.adobe.com/acrolaw/2010/06/ricks-guide-to-using-redaction-in-acrobat-x-pro/
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 13:52 · Score: 0

http://blogs.adobe.com/acrolaw/2010/06/ricks-guide-to-using-redaction-in-acrobat-x-pro/
RTFA
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 13:59 · Score: 0

I wouldn't use Word were I working on a Secret or higher level document.

LOL, you make it sound like you'd have a choice in the matter.
But I do agree replacing the text with "[redacted]" or something similar is probably the best way to go.
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 14:26 · Score: 0

Acrobat includes tools to properly redact content, by removing any semblance of the bits, text, and information from the file. These issues are all caused because people are not using those tools.
Re:Only safe way to do it... by wvmarle · 2011-10-09 14:46 · Score: 3, Informative

Indeed. There has been at least one story here on /. a few years ago detailing how in some cases the missing words could be recovered. In that case a document where place names (cities or countries, I forgot) were removed.
They were recovered by precisely measuring the distance between the non-blacked-out words, the size of the letters of the font used, and then mixing and matching until you found a word (name) that had the correct length in that font. Usually a few matches were found but from the context the correct one was easily deduced.
Re:Only safe way to do it... by mgv · 2011-10-09 15:02 · Score: 1

Huh!?!?!
As others have noted, you can just replace the text with "[redacted]", which also removes the length guessing.
Some people have noted some (ridiculous) concerns (like file formats storing changes, which could simply be disabled, and should be caught by the audit procedure afterwards - there is an audit, right?!?). So if you really want the print-out-and-scan-in type of dumbed down method, then:
* save to a bitmap or jpeg.
* black out the text in there ...no need for the useless media conversion (print/scan).
Of course, that only works if you turn "track changes" off in word... :)
Michael.

--
There is no cryptographic solution to the problem where the intended receiver and the attacker are the same entity.
Re:Only safe way to do it... by mug+funky · 2011-10-09 15:15 · Score: 0

"you are the completely pathetic."
wow, trollfail.
better update your script.
Re:Only safe way to do it... by SlashdotUISucks · 2011-10-09 17:53 · Score: 1

Silly trollbot.
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 18:34 · Score: 0

you shouldn't trust important jobs to anyone making 15k a year.
Re:Only safe way to do it... by maxwell+demon · 2011-10-09 20:50 · Score: 1

Of course, that only works if you turn "track changes" off in word... :)
You edit bitmap images in Word?

--
The Tao of math: The numbers you can count are not the real numbers.
Re:Only safe way to do it... by Anonymous Coward · 2011-10-09 21:22 · Score: 0

-export to images using pdf-xchange viewer free
-edit images. paint lines black.
-convert images to pdf using pdf fill pdtools free.
or maybe open in libre office draw.edit and save.
Re:Only safe way to do it... by AmiMoJo · 2011-10-09 23:37 · Score: 1

The problem is that can break the formatting. Not a problem for a short email but a longer multi-page report could get screwed up.
Adobe's software has redaction tools that take care of everything, but a lot of people just print to PDF directly from Word or Outlook.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:Only safe way to do it... by _Shad0w_ · 2011-10-09 23:59 · Score: 1

It's the civil service; they don't pay anyone but permanent secretaries decent money. Front line staff get paid peanuts.

--
Yeah, I had a sig once; I got bored of it.

Not again by ColdWetDog · 2011-10-09 10:01 · Score: 1

Really guys. Maybe you should outsource this.

--
Faster! Faster! Faster would be better!

Re:Not again by Doc+Ruby · 2011-10-09 10:21 · Score: 3, Insightful

Because private businesses are competent? We read on Slashdot about their making this same mistake all the time. Why would some temp working for some defense contractor be any better? Especially when those temps are likely to be not just outsourced, but offshored? I can see plenty of, say, Pakistani office temps caring even less about protecting UK government secrets than their equivalent who is actually a citizen of the country at risk when the secret is divulged.

--
--
make install -not war
Re:Not again by Richard_at_work · 2011-10-09 10:42 · Score: 1

Ok then, how about the total opposite - one single department for the entire government which is responsible for releasing properly redacted documents, no other department is allowed to release redacted documents, everything as to pass through this single department...
Re:Not again by JustOK · 2011-10-09 10:57 · Score: 1

whole new set to vet

--
rewriting history since 2109
Re:Not again by Anonymous Coward · 2011-10-09 10:58 · Score: 0

that just means all the incompetency will be centered in one department.
Because you wouldn't hire new people, you'd just move all redacters into one building. the incompetent redactors are still incompetent ,they just now sit next to semicompetent ones they dont talk to or interact with.
You think reorganizing fixes things?
Re:Not again by rtb61 · 2011-10-09 11:37 · Score: 2

How about this. A judicial review, where each and every redaction must pass a court of law and fulfil firstly that the redaction would have no impact upon the next election and secondly the redaction is truly in the public interest and date set for the release of the information contained in the redaction.
No government department should be entitled to keep secrets under it's own authority without judicial review and where information was kept secret that would have an impact on the next election those person should be charged with treason for attempting to pervert the course of democracy. After all that is the only acceptable reason for keeping secrets from the public, those secrets must be in the interests of protecting that democracy and never ever should those secrets instead be an attack in that democracy.

--
Chaos - everything, everywhere, everywhen
Re:Not again by mug+funky · 2011-10-09 15:20 · Score: 1

whoosh?
Re:Not again by godel_56 · 2011-10-09 16:52 · Score: 1

Really guys. Maybe you should outsource this.
. . . to the lowest bidder, which will be a company in China.
Re:Not again by Anonymous Coward · 2011-10-09 18:02 · Score: 0

Citizen,
Given your public statements on our political system you have been flagged for further investigation.
Prepare to surrender any and all pertinent papers and electronic devices.
Do not attempt to conceal information from us or you may be charged under the Regulation of Investigatory Powers Act.
signed,
Your democratically elected overlords.
Re:Not again by WillDraven · 2011-10-10 00:47 · Score: 1

I was thinking an officially sanctioned program or plugin that properly redacts the text. That way you hire one guy to code and maintain the program instead of a whole department.

--
This is my sig. There are many like it but this one is mine.
Re:Not again by Doc+Ruby · 2011-10-10 01:23 · Score: 1

OP crashed.

--
--
make install -not war
Re:Not again by Anonymous Coward · 2011-10-10 04:02 · Score: 0

well, I have seen what happens to that idea in a ~300 person governmental institution: if you give gov' employees one department only for press releases and the like... well, they're government employees (the bottom of the barrel) and they don't know a single thing so they don't know what's important and what's not. At least some of them know how to make nice, colorful powerpoint presentations :-P Well, I guess, with clear guidelines this could be better, but I think it's easier to have more smaller departments where people can talk to each other and maybe an expert than have one big organisation hovering somewhere in the clouds...

The funny thing is, Acrobat has a redaction tool by Anonymous Coward · 2011-10-09 10:09 · Score: 1

It takes 30 seconds searching help to find the correct way to redact text. Amazing how lazy people are sometimes.

Whiteout by naroom · 2011-10-09 10:09 · Score: 2

Blacking out the secrets clearly isn't a good strategy.
Next time, they should just put whiteout on the screen to cover up the secret parts.

Re:Whiteout by inviolet · 2011-10-09 11:01 · Score: 2

Blacking out the secrets clearly isn't a good strategy. Next time, they should just put whiteout on the screen to cover up the secret parts.
Blacking out the secrets is excellent strategy if the data is actually misinformation.
The cheapest way to win an arms race is to trick your opponent into believing that you've got better gear, without actually wasting billions of dollars on said gear.

--
FATMOUSE + YOU = FATMOUSE

New career? by pdxChris · 2011-10-09 10:11 · Score: 1

If the editor needs a new gig, I'm sure there's room for them at Slashdot!

it's all the same root cause by Anonymous Coward · 2011-10-09 10:14 · Score: 0

Stuff like this, or all the people getting their machines jacked by malware, it's all the same root cause: people who have no understanding whatsoever of how computers work, and don't want to learn. You'd figure that here in 2011, computers are SUCH a key part of modern society that people would want to become competent at using them, but this does not appear to be the case.

Re:it's all the same root cause by nurb432 · 2011-10-09 10:25 · Score: 1

You could say the same about most any technology.
The simple fact is most people don't care how most things work, and in reality they shouldn't have to care. Computers are now a commodity appliance, not much different in concept than a toaster or TV, and should 'just work' until they die and then get replaced.

--
---- Booth was a patriot ----
Re:it's all the same root cause by McDutchie · 2011-10-09 10:41 · Score: 1

The toaster or TV analogy only works for computers that are restricted to walled gardens, such as the iPad. A real computer is more analogous to a car. You have to know how to drive it in order to use it safely. You have to build up experience in order to use it effectively.
Re:it's all the same root cause by bmo · 2011-10-09 10:42 · Score: 1

>and in reality they shouldn't have to care.
Having a working knowledge of how a car works sometimes means the difference between a thinner wallet and an empty wallet when dealing with a mechanic.
There is no excuse for stuff like this, and your assertion is stupid.
--
BMO
Re:it's all the same root cause by nurb432 · 2011-10-09 10:51 · Score: 1

Driving and understanding how it works for maintaining are 2 different things. Most take it somewhere to do the maintenance. By taking it to the 'service guy' you assume the car is mechanically safe to drive. The same should go for the computer.
You can safely drive a car and not even know how to put gas in it, let alone something more esoteric like a head gasket replacement.

--
---- Booth was a patriot ----
Re:it's all the same root cause by Alain+Williams · 2011-10-09 10:54 · Score: 2

Very true ... people are not taught how to use the computers, it is kind of assumed that they know. So they mess up. The MOD would never get someone to drive a truck without first sending them on an appropriate driving course, so why are computers that different ?
Unless you TEACH people how to use the tools that you give them - you must expect them to use them poorly and occasionally screw up big time.
This is a management problem, but, as ever, they will blame it on some lowly paid, under trained minion and sack them. The real cuplrits much further up the management chain will get away scott free.
Re:it's all the same root cause by Anonymous Coward · 2011-10-09 10:57 · Score: 0

Most people have no interest in computers. Most people want to do what they worked to achieve qualifications in. For the most part, this does not include computers. Sure, they have to use them as part of their job and during degree/training/whatever, but that doesn't mean they have any interest in them.
For most admin staff, they use computers as a means to and end, not because they want to learn how they work. They are trained to use systems. They have no interest in learning how to black out text in a secure manner, or how to use computers in a secure manner. They just want to turn up to work, do a set of tasks, and return home just as they've always done.
Cheap labour comes at a cost.
Re:it's all the same root cause by McDutchie · 2011-10-09 11:18 · Score: 1

Yes, and? "Redacting" a PDF by changing the text colors is not a computer maintenance issue, it's a basic failure to understand the fundamentals of using a computer. It's the equivalent of driving into a house because you don't know how the steering wheel works.
Re:it's all the same root cause by marcosdumay · 2011-10-09 12:25 · Score: 1

Well, I'd ask you to enumerate what other technologies are as central to daily life as computers, but you already did it. That saves time.
Next time I'm searching for a job I'll make sure to put "toaster expertize" in my CV.

--
Rethinking email
Re:it's all the same root cause by SlashdotUISucks · 2011-10-09 17:02 · Score: 1

The real cuplrits much further up the management chain will get away scott free.
*facepalm* The phrase you're looking for is 'Scot-free'.
Re:it's all the same root cause by Alain+Williams · 2011-10-09 19:44 · Score: 1

*facepalm* The phrase you're looking for is 'Scot-free'.
Thank you, although it might have been useful if you had provided a reference. I did a search and found that the hyphen is often not used, but yes I should have only put one letter 't'. It seems that 'Scot' is Scandinavian word for tax or payment..

A NSA approach by Anonymous Coward · 2011-10-09 10:30 · Score: 1

Consider "Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word 2007 to PDF" at http://www.nsa.gov/ia/_files/support/I733-028R-2008.pdf

I just don't get this redaction thing by Anonymous Coward · 2011-10-09 10:31 · Score: 0

What's so hard about just... deleting the sensitive words?

Who cares about the formatting or not being able to see the words if they're not supposed to know? If it's a matter where someone has to put in a password to reveal the secret words, then... just send an encrypted file to a person securely without having to redact anything. Otherwise I don't see why there can't be two versions of the document. One that's hopefully secure enough to not get leaked out, and the redacted sensitive-info-deleted version for anybody else.

Re:I just don't get this redaction thing by Nutria · 2011-10-09 10:54 · Score: 1

Screws up pagination, image location, etc. That's my guess.

--
"I don't know, therefore Aliens" Wafflebox1
Re:I just don't get this redaction thing by petermgreen · 2011-10-09 11:55 · Score: 1

What's so hard about just... deleting the sensitive words?
The trouble is if you simply delete text from a word processor document you are likely to change the formatting and pagination. This can be an issue for two reasons
1: Page numbers are often used to make references to a document and therefore it may be important that they match between the unredacted and the redacted versions.
2: Depending on how the original author formatted images, tables etc they may end up in a jumbled mess when the word processor reflows the text.
So people black stuff out rather than removing it. This was fine in the days when the document released to the public was a printed document but when the document released to the public is a pdf the original text can remain under the blacking out..
The correct thing to do of course is to remove the unwanted information and fix up the formatting and pagination (either by inserting dummy stuff or otherwise). Then as a second line of defense run the tool in acrobat to check for "hidden text".
The difficult bit is explaing to non-technical users WHY this effort is necessary and making sure that they actually do it. Especially when PDF has built-in protection features that give people a false sense of security.

--
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register

Seriously, again? by Thruen · 2011-10-09 10:32 · Score: 1

Isn't this like the third or forth time this has happened? I seem to recall both the FBI and TSA making the same mistake somewhat recently. At least within the last couple of years. I guess people can't learn from others mistakes after all...

Re:Seriously, again? by petermgreen · 2011-10-09 11:06 · Score: 1

It's a fact of life that people will screw things up. You can attempt to reduce the number of screwups through training people, disciplining those that refuse to comply and reducing the number of people performing high risk tasks but it's almost impossible to reduce it to zero.
How many redacted documents do you think are released every year? Frankly i'm surprised we don't see stories like this far more often.

--
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register

Johnny English by mr_lizard13 · 2011-10-09 10:33 · Score: 1

Our secret service is just one big trailer for the forthcoming Johnny English sequel.

--
"We live in a global world" - Harvey Pitt, former Securities and Exchange Commission Chairman

Dupe by Anonymous Coward · 2011-10-09 10:35 · Score: 0

Ha, when I started reading TFS, I thought to myself: "Damn, this is a pretty bad case of dupe!" Then I read:

The incident is particularly embarrassing for the Ministry, as six months ago precisely the same security screw-up occurred — that time related to sensitive information about nuclear submarines.

So, the fault does rest not with Slashdot but with the MoD after all ...

Re:Dupe by PPH · 2011-10-09 12:33 · Score: 1

We learn from our mistakes. That way when we make them again, we'll recognize them.

--
Have gnu, will travel.

Again? by Anonymous Coward · 2011-10-09 10:45 · Score: 0

But they said lessons had been learned! And new procedures had been put in place! I'm shocked, just shocked...

Classification paranoia by Animats · 2011-10-09 10:46 · Score: 5, Interesting

Having worked in the classified world (pre 9/11), it was surprising how little military information was classified. The front-line military view of secrecy is that secrecy is a short-term thing. "Where the ship was last week is unclassified. Where the ship was yesterday is confidential. Where the ship is now is secret. Where the ship will be tomorrow is top secret." Sooner or later, if it matters, the enemy will find out what you're up to. Preferably when your attack hits them.

On the other hand, what your troops, ships and planes can do is generally well known. Too many people have to know. Secret capabilities do exist, but, again, they're time-sensitive. Eventually you have to use the secret weapon, after which it's no longer secret.

Vulnerabilities are more of a problem. The U.S. Army tried to keep secret the vulnerable spots on a M-1 Abrams tank. But once Iraqi insurgents had found the places on the turret ring to aim at, trying to suppress the pictures of the damage was sort of stupid.

When planning proposals, we estimated that running a project at SECRET doubled the cost, and running at TOP SECRET quadrupled it. (The clearance process takes many months, the physical security is expensive and slows you down, and worst of all, the people who spend too much time in classified tanks get out of touch technically.) The intel community was willing to pay that price - the military, not so much.

Re:Classification paranoia by Anonymous Coward · 2011-10-09 16:36 · Score: 0

the people who spend too much time in classified tanks get out of touch technically.) The intel community was willing to pay that price - the military, not so much.
This could even lead to obvious conclusion that the US army's technical edge compared to armies of some other major defense spenders come from the openness of culture which is much more difficult to replicate than engineering schematics.

Sounds like i posted a similar story in April... by Tasha26 · 2011-10-09 10:51 · Score: 0

http://slashdot.org/submission/1531542/mods-error-leaks-secrets-of-uk-nuclear-submarine

What morons by rapidreload · 2011-10-09 11:13 · Score: 1

I mean really. Adobe Acrobat has an easy to use Redaction tool specifically designed for this sort of thing. Not only does it properly black out and remove the text underneath, it can also scrub the removed data from the PDF so that some smart fellow cannot undelete the contents. It's really not hard at all... unless of course you're paying peanuts to someone who doesn't give a shit about doing things correctly and instead just wants to give the impression of having done the job.

--
To all newcomers - people here are very close-minded and can't handle complaints about Linux. Keep this in mind.

"Looks good to me" doesn't work in security by starfishsystems · 2011-10-09 11:23 · Score: 2

Bruce Schneier said it best:

The problem with bad security is that it looks just like good security.

In this respect, the problem comes down to incompetence at some point in the chain of command, and (by transitive closure) lack of effective oversight at all points above that one. But that's not an excuse, just a description of the pathology.

--
Parity: What to do when the weekend comes.

Sorry, funniest thing I read for a Monday morning by bgibby9 · 2011-10-09 13:28 · Score: 1

Poor receptionist is all I can say. She was trying to do her best but didn't know any better! Shame on them!

--
http://www.gibby.net.au

Re:The funny thing is, Acrobat has a redaction too by MicroSlut · 2011-10-09 14:27 · Score: 2

Only the Pro version of Acrobat has a redaction tool. I have the standard version and it's $150 more just to get the redaction tool.

Here I thought you had left us! by Anonymous Coward · 2011-10-09 15:45 · Score: 0

You 500+ Fucking Asshole Kristopeit!

Re:Here I thought you had left us! by Anonymous Coward · 2011-10-09 16:55 · Score: 0

Idiot trollbot!

Maybe this was intentional? by GoodnaGuy · 2011-10-09 15:48 · Score: 1

This seems such an elementary mistake that I tend to believe it isn't a mistake. Most people like to believe that their governments and security agencies are incompitent so they easily believe the obvious explanation as it fits their view of the world. Maybe someone in the MOD wanted this information known. What was in the hidden information anyway?

Re:The funny thing is, Acrobat has a redaction too by Anonymous Coward · 2011-10-09 16:16 · Score: 0

Clearly we need to increase the budget of MoD!

they'll never command the same level of devotion by Lead+Butthead · 2011-10-09 17:43 · Score: 1

They can produce cheaper imitations, but their contraptions will never command this level of devotion.

--
ELOI, ELOI, LAMA SABACHTHANI!?

For fucks sake! by PhunkySchtuff · 2011-10-09 18:32 · Score: 1

Adobe Acrobat has a REDACTION feature built specifically to address issues like this.
It's not hard to use - arguably it's even easier than trying to find the text and putting a black background behind it.
It not only removes the text (or other objects) on the page that you are redacting, but it provides a very easy interface to use.
It also removes additional metadata (full text indexes, other personalised information such as document creator etc) and you can do a search and redact to redact specific strings.

It's not a new feature, it's been in Acrobat for years now and it works very, very well.

I can not believe that in places where this matters, people don't use it - it should be part of the job requirements, if they're redacting information they have to be trained on the workflow to do so - and I could train someone to do this within a couple of hours even if they've never used Acrobat before.

It would be one thing if they were using a format other than PDF - redacting a Word document is possibly quite a bit harder, but if the end result is a PDF that's been redacted, there's no reason at all to not use Acrobat to do it properly, especially if you're a government department as you get Acrobat for a fraction of the street price.

--
Specialist Mac support for creative pros, Melbourne

Redacting text in LaTeX by psychonaut · 2011-10-09 19:08 · Score: 2

A few years ago I also found I needed to redact text from a document. I do most of my document processing in LaTeX, and found that the following works nicely. It replaces (not overprints) all text inside \redact{...} with a black bar, and copes well with wrapping across lines and pages. \RequirePackage{soul,color} \sethlcolor{black} \makeatletter \def\phantom@SOUL@ulunderline#1{{% \setbox\z@\hbox{#1}% \dimen@=\wd\z@ \dimen@i=\SOUL@uloverlap \advance\dimen@2\dimen@i \rlap{% \null \kern-\dimen@i \SOUL@ulcolor{\SOUL@ulleaders\hskip\dimen@}% }% \phantom{\unhcopy\z@}% \phantom added here }} \DeclareRobustCommand\redact[1]{\begingroup \let\SOUL@ulunderline\phantom@SOUL@ulunderline \hl{#1}% \endgroup} \makeatother

Not 'cutting-and-pasting'. by 117 · 2011-10-09 19:10 · Score: 1

making it possible for anyone to access the information simply by cutting-and-pasting.

Surely it's 'copying-and-pasting'?!

Re:Not 'cutting-and-pasting'. by Anonymous Coward · 2011-10-09 19:46 · Score: 0

making it possible for anyone to access the information simply by cutting-and-pasting.
Surely it's 'copying-and-pasting'?!
If only they had a "+1 pedant" mod
Re:Not 'cutting-and-pasting'. by felipekk · 2011-10-09 21:49 · Score: 1

The correct method for retrieving the text had been obfuscated for security reasons.

Find - Replace by Anonymous Coward · 2011-10-09 19:46 · Score: 0

Find -> Replace __Sesitive Text with __. Simple, for everything else keep as a hot key to replace any sensitive text as it's reviewed.

MOD by Anonymous Coward · 2011-10-09 21:11 · Score: 0

Is famously completely dysfunctional. Famous for not having completed a project on time or on budget in living memory and for being larger than the armed forces that it is supposed to help administer. On the latter, even I was surprised the other day to find out that the British army has more generals than tanks...

and new technology? by cheekyboy · 2011-10-09 22:04 · Score: 1

If govt/nsa scientists have create scientific break throughs decades ahead of the real world, they have to publish it.

Imagine if the govt found antigravity or real alien tech 1000 years ahead.

They should free it, not keep it secret for 100 years and make trillions of dollars profit out of the tips of the iceberg.

Imagine if the telescope was kept secret for 100 years before the official 'invented date'. Oh yeah, the British did.

--
Liberty freedom are no1, not dicks in suits.

Re:and new technology? by rich_hudds · 2011-10-09 23:20 · Score: 1

What do you mean by saying the British invented the telescope?

We did a lot of stuff before we lost our nerve but I don't remember reading anything about that.

I think they did this on purpose by sam_handelman · 2011-10-09 22:31 · Score: 2

The military-industrial complex would much prefer to operate with no oversight at all.

We have a perverse system where such oversight is acceptable only if it does not compromise security (rather than the other way around.)

So by screwing this up on purpose, the military can plead security concerns and never publish anything at all, because any public oversight whatsoever will be too risky.

Never ascribe to malice what can be explained by incompetence? Well, malice exists, even though incompetence is so powerful it can explain anything.

--
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.

Johnny English Reborn: reassigned as well? by Anonymous Coward · 2011-10-10 00:38 · Score: 0

They should've seen it coming... Johnny English IS back, after all... XD XD XD

can i just say by KingBenny · 2011-10-10 01:08 · Score: 1

rofl

--
Free speech was meant to be free for all... how can anyone grow up in a nanny state ?

Fake leaks ? by Yvanhoe · 2011-10-10 02:12 · Score: 1

I know one should'nt attribute to malice what can be explained by incompetence but I can't prevent myself to think that if I wanted to leak fake informations, I would use exactly that kind of procedures.

Western governments jumped late in the infowar bandwagon but they are going there. Fake leaks are doomed to happen.

--
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.

Let the 'Hacking' begin... by N0Man74 · 2011-10-10 02:40 · Score: 1

Maybe next we can see people prosecuted for "hacking" for copying and pasting the text so they can read it. If truncating or guessing an URL can be considered hacking, surely this can be too.

Virtually print/obscure/OCR to redact by davidwr · 2011-10-10 02:50 · Score: 1

If you want to redact in the electronic age and be "just as good as" the old days, one "cheap" way to do it is to emulate the old days.

"Print" to a bitmapped-graphics format. "Black out" the text to be redacted. You can stop here if you don't need search-ability.

If you need search capability, OCR what's left.

This is very easy to automate and if done right will leak no more information than a printed copy that someone else scanned in for searching.

--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.

PDF is part of the problem by Anonymous Coward · 2011-10-10 19:54 · Score: 0

PDF is such a file format that it encourages you to do incremental saves of your document, meaning that old data remains in the file and only gets flagged as "not used", while the new data gets appended to the end of the document. Try to delete half the pages from your PDF document - depending on the software you use, chances are it's file size will increase :)

Redaction by Anonymous Coward · 2011-10-11 09:00 · Score: 0

This type of mistake is quite common in the world of redaction, but the damage from such mistakes is far reaching and really emphasizes the need for organizations to employ redaction systems that are reliable.

There are purpose made redaction software tools available such as RapidRedact that completely eliminate these types of mistakes by controlling the entire redaction process and effectively securing sensitive information. Find out more at http://www.rapidredact.com

Slashdot Mirror

Incomplete PDF Redaction Leaks Data From UK MoD

171 comments