Slashdot Mirror
Incomplete PDF Redaction Leaks Data From UK MoD
An anonymous reader writes "The UK Ministry of Defence has been left with egg on its face, after a supposedly redacted PDF detailing secrets related to air defence radar systems was published on a parliamentary website. The problem? Whoever did the redacting simply changed the sensitive text to black on a black background, making it possible for anyone to access the information simply by cutting-and-pasting. The incident is particularly embarrassing for the Ministry, as six months ago precisely the same security screw-up occurred — that time related to sensitive information about nuclear submarines."
At least they are consistent in hiring incompetent amateurs to do important work.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Seriously, this exact mistake seems to occur at least a couple times a year. You would think that anyone with enough security clearance to make redactions would, I don't know, take a 4 hour training course on how to use MS Word? Do they hand this job off to interns, or what?
Or, y'know, replace the text with "[redacted]". If you black out the text, you're still giving away information on its length.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Blacking out the secrets clearly isn't a good strategy.
Next time, they should just put whiteout on the screen to cover up the secret parts.
There are types of information that every sane person thins should be classified. For example, the engineering details of how to make nuclear weapons should probably be classified. There's a limit to how much of that can be practically classified because those secret are so old, but a similar remark about hydrogen bombs would apply. Similarly, if one country has a high ranking spy in another country's government (say for example the Brits having a North Korean colonel giving them information from the inside), wanting to keep that information secret is reasonable. These are but two of the more clear cut examples. There's a lot of information about the specs of military hardware that could give an enemy advantages if they knew about it. Radar used in defense systems (which is what was leaked in this context) is exactly that sort of thing.
There are examples where governments try to classify things that they shouldn't. Sometimes they use that as a way of disguising violations of their citizens rights. Other times they use it as a way of covering their asses after they do something incompetent. But it is a mistake to look at the examples where governments have abused their ability to classify things and then conclude that all classification is bad.
Because private businesses are competent? We read on Slashdot about their making this same mistake all the time. Why would some temp working for some defense contractor be any better? Especially when those temps are likely to be not just outsourced, but offshored? I can see plenty of, say, Pakistani office temps caring even less about protecting UK government secrets than their equivalent who is actually a citizen of the country at risk when the secret is divulged.
--
make install -not war
Having worked in the classified world (pre 9/11), it was surprising how little military information was classified. The front-line military view of secrecy is that secrecy is a short-term thing. "Where the ship was last week is unclassified. Where the ship was yesterday is confidential. Where the ship is now is secret. Where the ship will be tomorrow is top secret." Sooner or later, if it matters, the enemy will find out what you're up to. Preferably when your attack hits them.
On the other hand, what your troops, ships and planes can do is generally well known. Too many people have to know. Secret capabilities do exist, but, again, they're time-sensitive. Eventually you have to use the secret weapon, after which it's no longer secret.
Vulnerabilities are more of a problem. The U.S. Army tried to keep secret the vulnerable spots on a M-1 Abrams tank. But once Iraqi insurgents had found the places on the turret ring to aim at, trying to suppress the pictures of the damage was sort of stupid.
When planning proposals, we estimated that running a project at SECRET doubled the cost, and running at TOP SECRET quadrupled it. (The clearance process takes many months, the physical security is expensive and slows you down, and worst of all, the people who spend too much time in classified tanks get out of touch technically.) The intel community was willing to pay that price - the military, not so much.
Christian "crusades"
As opposed to the Muslim invasions of the Palestine, Egypt, whatever the rest of North Africa was called 1300 years ago, Iberia, France, Babylon, Persia, Afghanistan, India, etc, etc, etc?
"I don't know, therefore Aliens" Wafflebox1
Right. How many people on 15k a year know what Postscript is, let alone how to edit it?
Very true ... people are not taught how to use the computers, it is kind of assumed that they know. So they mess up. The MOD would never get someone to drive a truck without first sending them on an appropriate driving course, so why are computers that different ?
Unless you TEACH people how to use the tools that you give them - you must expect them to use them poorly and occasionally screw up big time.
This is a management problem, but, as ever, they will blame it on some lowly paid, under trained minion and sack them. The real cuplrits much further up the management chain will get away scott free.
How does the existence Christian crusaders negate the existence of Muslim crusaders, or any other type of crusaders for that matter? History is filled with religiously motivated war, regardless of religion.
In this respect, the problem comes down to incompetence at some point in the chain of command, and (by transitive closure) lack of effective oversight at all points above that one. But that's not an excuse, just a description of the pathology.
Parity: What to do when the weekend comes.
But I do know that while in school the evils of the Christian Crusaders was repeated many times, while even the very *fact* that Muslims invaded Holy Land was *completely* glossed over as if they had always been there. And this was 35 years ago in a sectarian school with no Anti-Christian bias.
What you are describing is actually a pro-christian bias.
Since pretty much everything the muslims did is left out of high-school history courses that really shouldn't be much of a surprise.
When information is power, privacy is freedom.
Right, because spies only kill people. There is no way they could be monitoring hostile countries to ensure *they* aren't planning to kill people. And while we're at it, let's just publish the full list of names and locations of everyone in witness protection, they're all criminals anyways. As a show of good faith, why don't you post you full name, date of birth, mother's maiden name, current place of residence, credit card number and annual income? It's not like the government is keeping any of THAT data secret for you.
I find it absolutely stupid when people chant "Secrets are bad, mmmkay" while using an online pseudonym.
How about this. A judicial review, where each and every redaction must pass a court of law and fulfil firstly that the redaction would have no impact upon the next election and secondly the redaction is truly in the public interest and date set for the release of the information contained in the redaction.
No government department should be entitled to keep secrets under it's own authority without judicial review and where information was kept secret that would have an impact on the next election those person should be charged with treason for attempting to pervert the course of democracy. After all that is the only acceptable reason for keeping secrets from the public, those secrets must be in the interests of protecting that democracy and never ever should those secrets instead be an attack in that democracy.
Chaos - everything, everywhere, everywhen
That's perhaps one of the most naive things I've ever heard. If it came from a child, it would be adorable.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Only the Pro version of Acrobat has a redaction tool. I have the standard version and it's $150 more just to get the redaction tool.
Indeed. There has been at least one story here on /. a few years ago detailing how in some cases the missing words could be recovered. In that case a document where place names (cities or countries, I forgot) were removed.
They were recovered by precisely measuring the distance between the non-blacked-out words, the size of the letters of the font used, and then mixing and matching until you found a word (name) that had the correct length in that font. Usually a few matches were found but from the context the correct one was easily deduced.
Your pedestal opinion of Buddhism will change once you've been in a country with 90+% Buddhists for any length of time. They're no better then Christians, even with pushing their faith on others regardless of the intent of the religion.
A few years ago I also found I needed to redact text from a document. I do most of my document processing in LaTeX, and found that the following works nicely. It replaces (not overprints) all text inside \redact{...} with a black bar, and copes well with wrapping across lines and pages.
\RequirePackage{soul,color}
\sethlcolor{black}
\makeatletter
\def\phantom@SOUL@ulunderline#1{{%
\setbox\z@\hbox{#1}%
\dimen@=\wd\z@
\dimen@i=\SOUL@uloverlap
\advance\dimen@2\dimen@i
\rlap{%
\null
\kern-\dimen@i
\SOUL@ulcolor{\SOUL@ulleaders\hskip\dimen@}%
}%
\phantom{\unhcopy\z@}% \phantom added here
}}
\DeclareRobustCommand\redact[1]{\begingroup
\let\SOUL@ulunderline\phantom@SOUL@ulunderline
\hl{#1}%
\endgroup}
\makeatother
At least Buddhism teaches real things, real values and there's no imaginary persons, as Buddha himself has actually lived. And he said to think and evaluate things with your own brains, instead of following some stupid book.
But history also is replete with episodes of Buddhist polities fighting and invading one another and inflicting the usual horrors of war on entire populations. Consider the many internal wars and mutual invasions of Burma and Thailand, for example, both being Buddhist for many centuries.
Religion, of any form, is a tool for control of populations by their rulers. Any attempts to demonstrate the falsehood of the local religion will be fiercely resisted - and likely punished by the authorities as much as by the credulous zealots. It has always been thus.
"Religion is regarded by the common people as true, by the wise as false, and by rulers as useful." - Ira Cardiff (he attributed the statement to Lucretius).
"The various modes of worship, which prevailed in the Roman world, were all considered by the people, as equally true; by the philosopher, as equally false; and by the magistrate, as equally useful." - Edward Gibbon (possibly loosely translating from a work of Seneca the Younger).
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
The military-industrial complex would much prefer to operate with no oversight at all.
We have a perverse system where such oversight is acceptable only if it does not compromise security (rather than the other way around.)
So by screwing this up on purpose, the military can plead security concerns and never publish anything at all, because any public oversight whatsoever will be too risky.
Never ascribe to malice what can be explained by incompetence? Well, malice exists, even though incompetence is so powerful it can explain anything.
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.