Slashdot Mirror
How To Stop the Next WikiLeaks
Hugh Pickens writes "Eli Lake reports that the U.S.'s 16 intelligence agencies are using a program called SureView that makes it easier to spy on the spies and catch whistleblowers early in the act. SureView is a type of auditing software that specializes in 'behavior-based internal monitoring' that monitors the intelligence officer's computer activity. If the officer acts like a potential leaker, sending an encrypted email or using an unregistered thumb drive, the analyst might push a button and watch a screen video of the officer's last hour of work. Once a case is made that a leak might be imminent, it is checkmate: the agent is thwarted. 'Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,' says Ryan Szedelo, manager for Raytheon's SureView software. The intelligence community has had auditing software for years. SureView came on the market in 2002. But the programs were buggy and often prone to false positives, alerting a network administrator too often to routine behavior. 'The technology has gotten substantially better in the last year,' says Jeffrey Harris, a former head of the National Reconnaissance Office. 'The problem with audit files was it took an army of people to understand them. Now we have rule-driven systems and expert systems that help us reason through the data.'"
'Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,'
They say that like it's a good thing...
The problem is that the system is only as good as the ruleset and detection; it's the same theory behind antivirus. If you have a zero-day exploit that acts differently it's going to get through, and if you have someone that figures out a different way to capture data then the leak will happen. Can the software detect someone taking a picture of a document on the screen with their camera? Can it detect getting booted from an OS CD? Can it stop a person from telling someone what they read? This is just more window-dressing to make the people in charge feel a little safer.
If a spy spies a spy who spies, who spies the spy who spies the spy?
In italian is funnier because both "spy" and "spies" translate into "spia".
Se una spia spia una spia che spia, chi spia la spia che spia la spia?
'Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,' says Ryan Szedelo, manager for Raytheon's SureView software.
And nobody would have evidence of the serious crimes he told the world about. That's what they're really worried about.
I am officially gone from
Why are we just making it easier for skynet to take over?
Don't give millions of government employees access to confidential documents. The Manning documents were likely already in the possession of all major powers.
Or, you could stop committing and covering up crimes and routinely classify any and all information regardless if it's needed or not. Then nobody would feel the need to leak the things that are rightfully secret.
Just a thought.
May we live long and die out
"Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,"
This quote sends shivers down my spine.
Imagine if King George III had had this kind of technology. Then no one would know who George Washington is today. Why would anybody think this is a bad thing?
"A week in the lab saves an hour in the library"
Another fly-by-night software developer conned some tech-ignorant government institute into buying their shit-software under the guise that it would stop their latest .
Go America! I'm sure this will work out just fine for everyone.
They'll just take you to Guantanamo and beat you until you decrypt them.
To offset political mods, replace Flamebait with Insightful.
Oh, the jobs people work at!
Out west, near Hawtch-Hawtch,
there's a Hawtch-Hawtcher Bee-Watcher.
His job is to watch...
is to keep both his eyes on the lazy town bee.
A bee that is watched will work harder, you see.
Well... he watched and he watched.
But, in spite of his watch,
that bee didn't work any harder. Not Mawtch.
So somebody said,
"Our old-bee-watching man
just isn't bee-watching as hard as he can.
He ought to be watched by another Hawtch-Hawtcher!
The thing that we need
is a Bee-Watcher-Watcher!"
WELL...
The Bee-Watcher-Watcher watched the Bee-Watcher.
He didn't watch well. So another Hawtch-Hawtcher
had to come in as a Watch-Watcher-Watcher!
And today all the Hawtchers who live in Hawtch-Hawtch
are watching on Watch-Watcher-Watchering-Watch,
Watch-Watching the Watcher who's watching the bee.
You're not a Hawtch-Watcher. You're lucky, you see!
If you were blocking sigs, you wouldn't have to read this.
Coming soon to a corporate network near you : SureView Enterprise.
If a worker acts like a potential human, sending a personal email, visiting an unregistered website or trying to conduct union activities on site, the analyst might push a button and watch a screen video of the officer's last hour of work. Once a case is made that something might be imminent, it is checkmate: the worker is thwarted.
Well considering it looks for things to flag people as "suspicious", I would say only sending encrypted e-mail, counts as suspicious.
I have not read most of it, but I closely followed for a while the WL releases for the countries I am familiar with. The "leaks" were basically the reports of the embassy intelligence figurehead, and consisted exclusively of two things -- translations of rumors and newspaper articles, dutifully translated to English by hired locals, and some general political commentary, which usually closely echoed the pro-American media on the ground. Actually, considering the report dates, it seems the other way around -- the pro-US media on the ground closely echoed the points of the reports. Not a single instance of really secret, juicy information has been leaked so far, for a total of four countries, two of which are rather important.
At the beginning, there was a lot of brouhaha about Assange and what not, so I entertained the idea that this was a real leak. But as it turned out that WL was mostly regurgitation of local news and political commentary, I am starting to seriously consider the possibility it was a controlled operation. I think that Assange and Mannings believed they were leaking important stuff, but is that all the story?
The timing of the leaks, the amazing and sudden "galvanizing" effect they allegedly had in Africa and the Middle East, the timings of the spyops that raised the "revolutions" and the subsequent NATO military operations, etc. all seem too smooth for coincidences. I doubt WL will be the last leak of this kind we see.
...that you are a murderer, stop murdering.
Minimize access to sensitive docs, keep those with access happy, and most importantly, always be ethical.
Big Brother is watching you!
I wonder when they make this compulsory for civilians as well?
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
You know, all that war, killing and hiding the truth could just end. Nah.
I feel obliged to note that on most of the systems likely to have this sort of thing attached, encryption is nearly the default setting for e-mail, and is basically never considered a bad thing. This program isn't about e-mails and outbound comms so much as it is about what you access internally, and media writes etc.
A new counter-counter-counter intelligence method is devised
set your wallpaper to goatse people
Just act like a decent moral human being. If you do "because" someone is going to blow the whistle on you.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
If the officer acts like a potential leaker, sending an encrypted email or using an unregistered thumb drive, the analyst might push a button and watch a screen video of the officer's last hour of work.
So, then, the analyst becomes the leaker. (Or the spy that a 3rd party hires)
A more likely senario, is that the "officer" (who is an analyst himself), plays it safe, and doesn't gather enough intel together to actually figure out what the real bad guys are doing.
All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
+1
Use a VGA/DVI interception hardware device to save to external storage. People will be stuck thinking in the box so you'll have no problems whatsoever as long as you don't save or move any data "in-system".
Please don't forget to mention how SureView is awsome and ensures 100% data security while at it to keep the blinders on.
Summary is actually about stopping leaks and the latter existed long before Assange's website. Inasmuch I am glad Manning's load became public, but for a security agency any leak-preventing policy seems a reasonable and logical step.
The risk an insider takes to publicize the data that is prohibited from publicizing by law should be compensated for the society in case the activity he is publicizing is criminal (that is breaking other laws).
Now, there are probably internal rules on how to fight crime inside the walls of security agency, but I am pretty sure they are not covering a lot of real situations that are not only real but actually already happened in the past.
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
And there you have it: the North Koreans represent such a definitive immenent high level threat that we must be prepared to destroy the earth to stop them!!! By the way, where is this 'North Korea' that you speak of?
At the age when US president openly murders US citizens on a hunch and starts whatever war he wants, like a Boss (like a King) and the rest of the government doesn't stop him in his tracks.
At the age when US Supreme Court doesn't see anything wrong with the federal government going way beyond its authority on pretty much every issue, every law, every regulation, every tax.
At the age when Congress and Senate bail out banks and companies and vote to increase debt limit without ever considering the consequences.
At the age when Federal Reserve is counterfeiting currency left right and center.
At the age of fascism/corporatism on the top and Marxism/communism on the bottom.
What do you need wikileaks for? Are you blind?
--
Of-course they want the specifics of their secrets to remain secrets, they are now your rulers, not your servants.
You can't handle the truth.
I actually find it hilarious that the three-letter agencies regard sending encrypted email as 'suspicious', and then wonder why how security breaches happen...
You know you've hopelessly fucked up, when the one guy who sends an encrypted email is suspected of being the leak.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
od -c /opt/supersecretprogram/binarydatafile
Check out my lame java blog at www.javachopshop.com
And what about the analog hole?
If eyes can see it, cameras can film it.
If ears can hear it, recording devices can record it.
Most of their leaks could probably be stopped with a very small script or service that sends out a very bright warning whenever a large file or amount of files are copied or generated.
Absolutely not true in the modern age of computers.
Given a juicy chunk of data, a smart guy with a few software tricks will dig that info out. The power of the internet is it only takes ONE smart guy, (or gal!) and then the results are rebroadcast in sound bite form.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
With Halloween coming, I should expect scary things but this, "'Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,' says Ryan Szedelo,..." is probably the scariest thing I'll read all month.
Don't stop where the ink does.
This isn't going to be practical for thousands of pages of documents, that would take hours of filming rather than a few seconds to copy.
Does SureView have a plug-in for that?
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Read my journal.
You can't handle the truth.
You think? Ask Abdulrahman al-Awlaki about how his US citizenship helped him.
"What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
A team of cats would also do the trick.
Three Swedish girls next time.
And two guys willing to throw everything away from the Bank of America leak.
I am a federal contractor and we're required to encrypt attachments that contain 'sensitive' information. (Which isn't to say 'classified' since that's not supposed to get tossed around in the first place.) If this were rolled out in the agency I work with, everybody and their dog would be setting off this 'alarm' every hour of every day.
Sounds like bullshit to me.
I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
HDCP could be used to prevent this, although there are a few inline HDCP interception devices on the market. If they can monitor for the disconnection of the encrypted data stream they could prevent these from being hooked up, unless the device is turned off first, and I'd assume that any newly booted devices would have to be manually confirmed by an administrator before being allowed access to prevent such attacks.
"When information is power, privacy is freedom" - Jah-Wren Ryel
If a leak occurs do the same test for every employee with access to the document, and discard the half for whom the correct character was visible. Keep repeating for every subsequent leak, halving the group each time. It wouldn't take many documents on average to identify who the culprit was.
Care to explain why you have so many blind people on your staff? Is it some kind of security measure?
This is sad to hear. The government reserves the right to spy on literally everybody, but will not permit itself to be observed. Who does watch the watchers, anyway?
Like all institutions, the government is concerned mainly with perpetuating its own existence. And since the general public equates the government's existence with their security and their own existence, they tolerate all kinds of wrong deeds and imbalances of power like this.
Secession is the right of all sentient beings.
Evidently you never visited E. Germany before the wall came down or spent any time in Iran, Yemen, Syria, N. Korea, or any similar countries recently. Data mining is used by everyone not just the government. The most dangerous online groups are criminals looking to collect credit card and other information they can use in a criminal enterprise. Most of the people complaining today about privacy issues are the same morons posting their life history on Face book. If you chose to participate in today's online world don't be surprised when your information becomes public. And yes, the US government does have the ability to collect massive amounts of data being transmitted through the Internet and mobile device infrastructure but even with sophisticated mining algorithms they are limited in how much data they can truly process. If the government becomes interested in your online activities it is usually because someone has pointed them in your specific direction.
...stop doing terrible things that are worth leaking?
What do I know, I'm just an idiot, right?
There are plenty of other holes too.
;).
1) They talk about unregistered usb drives. If you can plug in usb devices they better make sure you can't boot off usb devices otherwise everything can be bypassed
2) "reverse ssh" outbound on port 443, or similar stuff- you can set it up with plausible deniability - victim of hack etc.
3) Taking the hardware away for a while- worse if people are actually allowed notebook PCs.
4) If there's firewire, this can be a big hole.
Exactly, same here. I don't know why some people think that we only send un-encrypted emails. Sure some sectors of the governments might but the majority will be using it.
They aren't blind, but yes. The dogs and their doggie-sized PCs are a security measure.
And this will never ever change. The government will never be able to monitor us all all the time. Therefore, we do not need to figure out a way to hinder them from monitoring us all the time.
How inappropriate to call this planet Earth, when clearly it is Ocean.
Isn't Raytheon the people who had the Patriot missile software bug? Since this software was written by a defense contractor you can rest assured that the motivation was purely profit not delivering an effective product. And all the programmers were probably laid off as soon as the project was finished (but not necessarily done).
I can only imagine the bushel-baskets of false positives this cash-grab fiasco will generate. But they'll just make even more lucre trying to fix it.
There are some chillingly anti-human corporations out there; ADM is one; Raytheon is another.
Eli Lake is an anagram for "leak lie". Is it his real name? Too funny.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Yeah, I know, its an oxymoron. Sadly never more than today. Our government has too many secrets. Too many bodies buried. Too many skeletons in the closet. The secrets its keeping are not in your best interest, or they'd share them with you. No, the only way to keep government in check is with transparency. When an employee of the government see's gross negligence, naked aggression, illegal activities, or profound betrayals of the Constitution or the American People, they are honor bound to make that information public, and any attempt to stop them is itself a crime against the nation. More, they should be treated as heroes, not black listed and hung out to dry or worse prosecuted.
Time after time we hear of some government atrocity, a person of impeccable integrity looks to get redress for the perceived wrong, and is basically told its none of his business not once but time after time. Finally he has nobody left in government to speak to so he tell the media. At which point they either remains anonymous, or they get crucified.
Now they tell us we can all be proud that our government has so wisely spent hundreds of millions of our tax dollars to plug up those nasty leaks and keep those rotten secrets, secret. Isn't that wonderful, now we can all enjoy the benefits of plausible deniability, while our rogue government bombs brown people for oil on behalf of Exxon-Mobil.
Folks, this might be a fine time to howl at your representatives... you know, the folks who are supposed to represent us? Let them know how we feel about government transparency. We're all in this together, and if what Government is doing is obscene, immoral or just plain illegal, there's a good reason why we all should know, and that's because you shouldn't be doing it! God Bless the Whistle Blowers!!!
Its high time we remind our Government its they who are here to serve us, and not the other way around!
Hi America... SureView... its like DEPENDS for the government. It prevents embarrassing leaks!
This is what J. L. Austin analyzed as a performative: the truth lies in the fact that you said it, such as stating "I christen thee the Titanic" then smashing a bottle.
If people fear this technology, the outcome it exists to promote automatically improves. Interesting.
In the service of this handy performative, it's not necessary to divulge any correct information about the true workings of the program. That would be counterproduct, in fact. Best to cast your dart into the red herring suburb of vaguely truthful.
Nice to know that our intelligence agencies actually got the Dr Strangelove memo: deterrents are more effective when you boast in public. What the horny Dr failed to mention is that your boasts need to be merely plausible--and not necessarily truthful--to have roughly the same effect.
Maybe the program sucks at picking up the first order behaviours, but is pretty good at picking up dodges a nervous person might make concerned the program is looking over his shoulder. Wheels within wheels. You game such as system at your own peril.
We might not have heard of Manning, but we've certainly heard of the guest facilities where the people we've never heard of are sure to end up.
Exposing military misconduct is obviously moral behavior. A system that punishes moral behavior is immoral. It does't matter whether he knew there would be consequences. It's the consequences that are the problem.
Behavior that I disagree with, which makes me uncomfortable, or that I don't like is not necessarily (or even probably) misconduct. But even if it was...
Doing 'whatever I want' with information that I do not own after agreeing not to do so is not a moral act. Stealing information is not a moral act. Imposing my discomfort or dislikes on you; making you conform to my personal likes; is not a moral act. Trying to avoid responsibility for committing an immoral act... is not a moral act. Committing immoral acts in the hope of exposing other immoral acts seems like hypocrisy at best.
Mr. Manning appears not to be a moral actor in this case. Any system that seeks to prevent immoral actors from acting immorally is...?
The government has always had the means to collect information on it's citizens. Tax Returns, real estate records, banking records, school registration records, public utility bills, telephone books, drivers licenses, and other information has always been available it just took longer to get it. Just like the limits and caveats included in the Freedom of Speech or Assembly the to Privacy does not translate to the right of total anonymity.
We need wikileaks because the things that you see are only the tip of what is going on behind closed doors.
All the world's a CPU, and all the men and women merely AI agents
Does all this not just amount to counter-intelligence against your own people? I mean, if the people you serve want to know, let them know! I'm not naive enough to think that everything should be available, but a lot of the stuff that has leaked has been really quite important, and evidence enough that if you think you can hide it, people will commit the most attrocious acts in the name of "serving the greater good". We're living in a time that is a horrible cross between 1984 and V for Vendetta, yet the western world seems perfectly happy to bend over and take it!
I'd say that in a hundred years, people are going to look back on this decade as the dark ages of the information age, but we already know that now. Wikileaks was only the start.
They're still out there trying stop Wikileaks (obviously), these intelligence firms. Their aims?
Feed the fuel between the feuding groups. Disinformation. Create messages around actions of sabotage or discredit the opposing organizations. Submit fake documents and then call out the error.
Create concern over the security of the infrastructure. Create exposure stories. If the process is believed not to be secure they are done.
Cyber attacks against the infrastructure to get data on document submitters. This would kill the project. Since the servers are now in Sweden and France putting a team together to get access is more straightforward.
Media campaign to push the radial and reckless nature of WikiLeaks activities. Sustain pressure. Does nothing for the fanatics, but creates concern and doubt among moderates.
Search for leaks. Use social media to profile and identify risky behavior of employees.
They might stop one employee, but if we all do it they won't have enough manpower to keep going. It's disobedience, and it works when enough people say,"I won't be part of this anymore."
-
oh, and one more thing about all this wikileaks BS.
I've known a few fed employees who hold the line on this insanity. You know what they're afraid of losing? They don't have kids, they're aren't living in squalor or anything... they're worried about losing their FUCKING PINBALL MACHINES and their LORD OF THE RINGS COLLECTION!!!!!!
People are shredding YOUR rights so they can have a bunch of STUPID toys! It's OBSCENE!
I am sorry for the rant, but I feel quite strongly about this subject, and knowing some of the people who perpetrate it first hand, it makes me even sicker to see our democratic republic die for a fucking movie series. We ALL deserve better.
-
Use a VGA/DVI interception hardware device to save to external storage. People will be stuck thinking in the box so you'll have no problems whatsoever as long as you don't save or move any data "in-system". Please don't forget to mention how SureView is awsome and ensures 100% data security while at it to keep the blinders on.
Wow. Pretty clever.
(I have no mod points today.)
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
"Had SureView been on Bradley Manning's machine, no one would know who Bradley Manning is today,"
Who is their right mind keeps such material and how can we trust to monitor such a system.
The guy in Germany who left to set up his own "better" version of Wikileaks took all the leaked copies of the BOA documents with him but destroyed them instead of releasing them, and the "better" leak site never actually released anything and has gone. Unless the original leaker has copies and sends them onto somebody else we (and interested governments and law enforcement) are not going to see them.