I think there were two points here. On the one point, the original question was if companies have data destruction policies; the answer is they do. On the other, the White House and EOB aren't all that big, and even CONFIDENTIAL has to be stored in vaults that are expensive to obtain, staff, and maintain. So there's a real impetus to get rid of old stuff beyond any privacy concerns.
Um, (1) no, the 22nd Amendment takes care of that, and (2) you've provided a marvelous logic-class example of how a true consequent can be in an implication from a false antecedent.
I wonder if someone could quote or cite the law that says the White House is supposed to preserve emails for more than n years, with a value for n?
Reading this, it sounds like a discovery request. In a discover request, a judge can order you to deliver anything you have, for any time --- but that doesn't mean you're required to *keep* everything for all time. In fact, that's why (or one reason) companies have record-retention policies, and purge their records once the retention period passes.
Except that companies have data retention policies that say when data can be destroyed, and increasingly often, when data must be destroyed.
Now think about this context: you have very sensitive data (I wouldn't be surprised if this is TOP SECRET by aggregation even if no single piece is more than CONFIDENTIAL), with, say, daily incrementals and weekly full backups. And each item has to be labeled, numbered, inventoried, audited and stored in an expensive and bulky safe.
Not for a corporate IT department, but for a place dealing with national security.
Which, of course, the White House is.
Back when I used to work with the Three Letter Agencies, disk drives could be erased in one of two accepted ways: send them back to the TLA for destruction (they ran them through a ball mill), or if you were in a hurry, take them to an open field and set off a thermite grenade in them.
The thermite grenade was more fun, but made the fire marshall techy.
What's more, guaranteed erasure is increasingly an issue for corporate IT departments too. Lots of people working on that. See, eg, Radia Perlman's "ephemerizer."
I'd add an insulting coda here, but if you're dumb enough to think the White House is running a "corporate" IT department, you're too dumb to get anything subtle.
Have a look at Peter Kramer's Against Depression first of all, for a clinician's observations of SSRI's in real use.
Then notice this is one of those meta-studies, where someone uses a collection of other studies to try and draw a conclusion. At this point, the statistics are getting pretty hairy, and there's a real problem with selection effects: what studies are being used? Did they have the same criteria? How are the criteria normalized?
The answers usually are: "the ones the author could get access to data for"; "no"; and "badly".
The result is that these studies, more even that usual, tend to confirm whatever the authors believed in the first place.
If you think about it in computer-science terms, you can think of this as an information-theoretic problem: there cannot be more bits in the output of the study than there were in the inputs, and necessarily the study introduces noise. Here we have a metastudy that has as input some strong positive results, and some null-hypothesis results (ie, "no better than placebo"). The result is "only weakly better than the placebo."
... counter the last 8 years of corporate dominance in government.
Look, guys, history didn't start when Bush was elected. You want to look at corporate dominance, violations of civil liberties, warrantless wiretapping and spying, legal suppression of dissent, all that stuff, look into, eg, the Woodrow Wilson administration.
Oh, and you want to keep money from being used in elections? Well, here's a hint: money is speech. If you keep someone from using money to buy ads, you're effectively using prior restraint on their speech. Where are your civil liberties then?
... but the biggest one is that file size (like a lot of other things) has a "long ail" distribution, ie, if you had a histogram of file asizes,there would be many more of them than big files. So if you weight bandwidth to maximum speed for little files, you dramatically improve average throughput.
Well, only because you don't understand the (admittedly foolishly complicated) terminology and methodology. The SRR stage is a "what we build" stage: it has to be a rocket, it has to lift n tonnes and provide k miles/sec of delta-v, and so forth. You're saying "they should have known these bad things would happen before they'd even decided what good things they want to happen."
Oh, don't be silly. This is a dynamics and performance issue; you can't do that before it's pretty far along. Even when you're building around known hardware.
Absolutely true --- I was just arguing this with someone: they were suggesting "number of trouble tickets processed" as a measure of how productive an admin is. I was noting that having no trouble tickets at all would be even better, but wouldn't look "productive".
CIA ends up in the unenviable position, in general, that only their failures get publicity, just as only admin problems get trouble tickets.
You're making an amateur mistake: you think "secure" means "can't possibly allow violations." What it really means, technically, is "makes clear what things you can trust, and to what extent."
In Solaris10/TX, you can set it up so you don't have a root account at all; there's a much more complicated, and much more capable, permissions system. There's still a limit to how much trust you can put in it.
MULTICS was evaluated to Orange Book A1 at one point; that meant you could have even more trust in it. You still couldn't mix TOP SECRET and UNCLASSIFIED on a single MULTICS system, or put one onto the 'net holding TS data.
Clancy also got information fed to him on purpose, sometimes not particularly public... until the book came out.
That's the problem with doing intelligence stuff --- not much glory. Not much publicity. Hard to let people know about successes, and too often your failures get exposed in leaks that are part of internal bureaucratic battles.
The interested student might usefully consider this in relation to, eg, Valerie Plame.
Oh, you don't have to quote back the article to me: I read the article. I'm saying it's wrong. It's not a radical change, and it's not a statement that NSA is doing something radically new. It is, at most, formal recognition of something that's been true in practice since, oh, at least the early 80's that I know of personally. Probably driven by the FISA stuff, since that is in itself a formalization of something NSA has been doing forever.
Slashdot Mirror
I think there were two points here. On the one point, the original question was if companies have data destruction policies; the answer is they do.
On the other, the White House and EOB aren't all that big, and even CONFIDENTIAL has to be stored in vaults that are expensive to obtain, staff, and maintain. So there's a real impetus to get rid of old stuff beyond any privacy concerns.
The media manipulates the military.
Um, (1) no, the 22nd Amendment takes care of that, and (2) you've provided a marvelous logic-class example of how a true consequent can be in an implication from a false antecedent.
No, that's the general DoD standard. NSA, and TOP SECRET codeword data in general, still requires destruction.
At last a voice of reason. Bet the kids ignore you.
I wonder if someone could quote or cite the law that says the White House is supposed to preserve emails for more than n years, with a value for n?
Reading this, it sounds like a discovery request. In a discover request, a judge can order you to deliver anything you have, for any time --- but that doesn't mean you're required to *keep* everything for all time. In fact, that's why (or one reason) companies have record-retention policies, and purge their records once the retention period passes.
Except that companies have data retention policies that say when data can be destroyed, and increasingly often, when data must be destroyed.
Now think about this context: you have very sensitive data (I wouldn't be surprised if this is TOP SECRET by aggregation even if no single piece is more than CONFIDENTIAL), with, say, daily incrementals and weekly full backups. And each item has to be labeled, numbered, inventoried, audited and stored in an expensive and bulky safe.
Or shredded when it gets old.
Sure enough, it gets shredded.
Not for a corporate IT department, but for a place dealing with national security.
Which, of course, the White House is.
Back when I used to work with the Three Letter Agencies, disk drives could be erased in one of two accepted ways: send them back to the TLA for destruction (they ran them through a ball mill), or if you were in a hurry, take them to an open field and set off a thermite grenade in them.
The thermite grenade was more fun, but made the fire marshall techy.
What's more, guaranteed erasure is increasingly an issue for corporate IT departments too. Lots of people working on that. See, eg, Radia Perlman's "ephemerizer."
I'd add an insulting coda here, but if you're dumb enough to think the White House is running a "corporate" IT department, you're too dumb to get anything subtle.
You seem to claim its more likely that one retard exists that can stuff a paper box, than that one hacker exists that can hack an electronic election.
This missing point here is that there are lots of retards.
Have a look at Peter Kramer's Against Depression first of all, for a clinician's observations of SSRI's in real use.
Then notice this is one of those meta-studies, where someone uses a collection of other studies to try and draw a conclusion. At this point, the statistics are getting pretty hairy, and there's a real problem with selection effects: what studies are being used? Did they have the same criteria? How are the criteria normalized?
The answers usually are: "the ones the author could get access to data for"; "no"; and "badly".
The result is that these studies, more even that usual, tend to confirm whatever the authors believed in the first place.
If you think about it in computer-science terms, you can think of this as an information-theoretic problem: there cannot be more bits in the output of the study than there were in the inputs, and necessarily the study introduces noise. Here we have a metastudy that has as input some strong positive results, and some null-hypothesis results (ie, "no better than placebo"). The result is "only weakly better than the placebo."
Surprise.
... counter the last 8 years of corporate dominance in government.
Look, guys, history didn't start when Bush was elected. You want to look at corporate dominance, violations of civil liberties, warrantless wiretapping and spying, legal suppression of dissent, all that stuff, look into, eg, the Woodrow Wilson administration.
Oh, and you want to keep money from being used in elections? Well, here's a hint: money is speech. If you keep someone from using money to buy ads, you're effectively using prior restraint on their speech. Where are your civil liberties then?
... but the biggest one is that file size (like a lot of other things) has a "long ail" distribution, ie, if you had a histogram of file asizes,there would be many more of them than big files. So if you weight bandwidth to maximum speed for little files, you dramatically improve average throughput.
Well, only because you don't understand the (admittedly foolishly complicated) terminology and methodology. The SRR stage is a "what we build" stage: it has to be a rocket, it has to lift n tonnes and provide k miles/sec of delta-v, and so forth. You're saying "they should have known these bad things would happen before they'd even decided what good things they want to happen."
Oh, don't be silly. This is a dynamics and performance issue; you can't do that before it's pretty far along. Even when you're building around known hardware.
before it's even off the cad-cam screens.
/. tag for "goddamn idiot press"?
No shit, sherlock?
Is there a
"Warmer more nuanced sound" means "high frequencies clipped."
Is any technical project truly a success until Dvorak says it's doomed to failure?
Yeah, and? You mean you've discovered that technical people use words in more precise ways than they're used generally?
Who'd'a thunk it?
Absolutely true --- I was just arguing this with someone: they were suggesting "number of trouble tickets processed" as a measure of how productive an admin is. I was noting that having no trouble tickets at all would be even better, but wouldn't look "productive".
CIA ends up in the unenviable position, in general, that only their failures get publicity, just as only admin problems get trouble tickets.
Dude, you know the name "National Security Agency". It's not the most secretive agency within the US government.
besides, NRO is more secretive and it's still known by name.
Not to mention a million script kiddies doing it just for grins.
You're making an amateur mistake: you think "secure" means "can't possibly allow violations." What it really means, technically, is "makes clear what things you can trust, and to what extent."
In Solaris10/TX, you can set it up so you don't have a root account at all; there's a much more complicated, and much more capable, permissions system. There's still a limit to how much trust you can put in it.
MULTICS was evaluated to Orange Book A1 at one point; that meant you could have even more trust in it. You still couldn't mix TOP SECRET and UNCLASSIFIED on a single MULTICS system, or put one onto the 'net holding TS data.
Clancy also got information fed to him on purpose, sometimes not particularly public ... until the book came out.
That's the problem with doing intelligence stuff --- not much glory. Not much publicity. Hard to let people know about successes, and too often your failures get exposed in leaks that are part of internal bureaucratic battles.
The interested student might usefully consider this in relation to, eg, Valerie Plame.
Oh, you don't have to quote back the article to me: I read the article. I'm saying it's wrong. It's not a radical change, and it's not a statement that NSA is doing something radically new. It is, at most, formal recognition of something that's been true in practice since, oh, at least the early 80's that I know of personally. Probably driven by the FISA stuff, since that is in itself a formalization of something NSA has been doing forever.