But that is exactly what training is supposed to do, train everyone on what suspicious behavior is. If the US military can have boot camp where they are taught basic military training (and they are reminded what it is annually), why can't other parts of the government?
I did RTFA and my comment on need to know was based on comments already made below... I undersand that they are taking some risk, but what is the risk of, for example, not letting a first responder know of imminent danger that the intelligence community could prevent from happening since they have access to the information. How could they even begin to know if the first responder needs access to the information?
...if people that have access to it have clearances and the network is not accessible to the public. Need-to-know is nonsense. It is practically impossible to create a solution that is 100% secure. Why? Because people are involved in it. And people are unpredictable. And if a bad person wants to do bad things, having a super-secure, compartmented and fine grain access controlled wiki is not going to stop the (very few) cleared bad guys from doing bad things. However, it will prevent the cleared good folks (i.e. the majority) from doing good things.
What's really needed is a good amount of security training to practically eliminate the potential of cleared bad guys in the IC. How? Train everyone to report suspicious behavior. If something looks fishy, take note and report it!
So why all of the comments about super securing a wiki that only a select number of people (that have had extensive background investigations) have access to? Why can't they (default to) trust each other?
Well put! How can any group even begin to know what others need to know. Saying that any individual or organization in the intelligence community has no need to know is arrogant and presumptuous!
Slashdot Mirror
But that is exactly what training is supposed to do, train everyone on what suspicious behavior is. If the US military can have boot camp where they are taught basic military training (and they are reminded what it is annually), why can't other parts of the government?
I did RTFA and my comment on need to know was based on comments already made below... I undersand that they are taking some risk, but what is the risk of, for example, not letting a first responder know of imminent danger that the intelligence community could prevent from happening since they have access to the information. How could they even begin to know if the first responder needs access to the information?
...if people that have access to it have clearances and the network is not accessible to the public. Need-to-know is nonsense. It is practically impossible to create a solution that is 100% secure. Why? Because people are involved in it. And people are unpredictable. And if a bad person wants to do bad things, having a super-secure, compartmented and fine grain access controlled wiki is not going to stop the (very few) cleared bad guys from doing bad things. However, it will prevent the cleared good folks (i.e. the majority) from doing good things.
What's really needed is a good amount of security training to practically eliminate the potential of cleared bad guys in the IC. How? Train everyone to report suspicious behavior. If something looks fishy, take note and report it!
So why all of the comments about super securing a wiki that only a select number of people (that have had extensive background investigations) have access to? Why can't they (default to) trust each other?
Well put! How can any group even begin to know what others need to know. Saying that any individual or organization in the intelligence community has no need to know is arrogant and presumptuous!
Who says they're not trying to do that already? :) (Seriously, I really hope not!)