WikiLeaks and U.S. Computer Security: The ‘Second Spy’ Theory
Whatever else it may have been, the disclosure of 250,000 State Department cables by WikiLeaks promises to provide material to the punditariat for weeks or months.
The revelations themselves were not all that surprising. The real news is — as with the Climategate files last year — that many of the most cynical explanations of what was happening turned out to be true:
– The U.S. really is tied in with an unstable and bipolar ally in Karzai, and works actively to keep him from damaging our interests.
– The global climate change conferences — like Copenhagen last year and Cancun this year — really are largely mercenary efforts by the UN, small countries, and qangos to extract cash from the developed world and use it to line their pockets and those of their friends.
– Under all the bureaucratic bafflegab of diplomacy, the State Department really does recognize that Russia’s government has been suborned into a kleptocratic oligarchy by ex-KGB officers who are unusually unscrupulous, even considering that organization’s sordid history.
In other words, the cables largely revealed that there remain people within the U.S. diplomatic establishment that actually are in touch with reality.
As someone who has been involved with intelligence for more than 30 years and with computer security for 25, however, the professionally interesting point is: “How did it happen?”
Let’s start by recalling some of the basics of the whole arcane mechanism of classification. The classification system in the U.S. grows out of two basic axioms: first, you work hardest to protect the material that can cause the most damage; and second, the one way to be certain someone can’t reveal a secret is to make sure they don’t know it.
The first rule leads to the sensitivity levels: TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED. Those levels define how much damage could be expected if the classified item were revealed.
The second rule leads to the notion of compartmentalization: classified items have various other terms attached, indicating limits on who should have access. In the WikiLeaks State cables, the cables themselves range from SECRET to UNCLASSIFIED, and the most common compartment is NOFORN: “no foreign dissemination.” Compartmentalization is part of an overall philosophy called “need to know”: you shouldn’t know something unless you need it, and so you shouldn’t have access to it unless someone with responsibility for the classification agrees you should.
To make this whole process easier, each paragraph is labeled with initials in parentheses. So, if you see a paragraph in the cables labeled (U) it means that paragraph was considered UNCLASSIFIED; (S//NF) means “SECRET NOFORN.”
The whole system of classification depends on two things: making it hard to get sensitive information, and making sure as few people as possible do know a particular piece of classified information by using “need to know” rules and their formalization in compartments.
According to the press coverage, the only suspect is one Pfc. Bradley Manning. Manning had been an intelligence analyst supporting the 10th Mountain Division. Manning bragged about having passed information to WikiLeaks to Adrian Lamo, previously famous for having cracking into the New York Times‘ internal systems. Lamo turned him in.
The story, as reported by the Guardian, is that Manning gathered the information on SIPRnet — a U.S. government sharing network for data at SECRET and below — then loaded it on writable CD-ROMs that he brought into his work area saying they contained Lady GaGa music.
The problem here: this explanation raises many more questions than it answers.
First is the “need to know” question. Manning had been a E-4 Specialist (same pay grade as a corporal) analyst — he was busted to PFC for unrelated reasons — and would have had access to intelligence in theatre. It seems inconceivable that he would have access to worldwide diplomatic cable traffic. The Guardian story’s answer is that these cables were being dumped into SIPRnet as part of a 9/11-inspired attempt to make information available, and thus avoid the problem of people not “connecting the dots.”
Perhaps. But the other side of that argument is what’s known as the “aggregation problem” in computer security: the more information you collect together, the more you can learn. As we’re seeing in these leaks, you can infer some very sensitive stuff from a lot of relatively low-level information. Are we really giving any random person with a SECRET clearance access to this much information, including video of Baghdad firefights and Special Forces operation reports?
Second, there’s the way Manning is said to have gotten the information out of his secure area. According to the Guardian, Manning brought in some rewritable CD-ROMs with music, erased the music, copied the data to the CD-ROMs, and walked back out with them.
If so, there is an ex-officer from his unit who is now counting socks in Thule, Greenland, or should be. Secure areas have a very straightforward rule on such things: media may come in, but it can’t go back out. (In fact, when I worked in a secured area, we even had to lock up our typewriter ribbons and platens.)
But this seems unlikely, because the DoD had forbidden people to even bring CDs and thumb drives in to secure areas in 2008.
As CNET reported:
The U.S. Department of Defense has temporarily banned the use of thumb drives, CDs, and other removable storage devices because of the spread of the Agent.bzt virus, a variant of the SillyFDC worm, according to Wired.
This explanation isn’t completely implausible. Not completely. If it’s true, it appears that it means general breakdowns in the methods by which the U.S. has protected classified information since the First World War, as well as violating explicit policies and procedures.
Of course, there’s another explanation: someone at a higher level of trust than Pfc. Manning is the real source, and Manning is just a convenient fall guy.
We can draw a picture of that source, just from what we know already. The source has access to diplomatic cable traffic, U.S. war reports, and even gun sight video across both major theaters of the war. Compartmentalization puts that person back inside the Washington, D.C., theater.
State’s diplomatic traffic is transmitted over their own networks; NSA, as the government’s cryptography arm, has some control of the implementation of that network, but State jealously guards its right to manage those networks. It’s possible someone at NSA would have access to all this, but NSA is a collection organization, not an analysis organization.
Analysis is done largely at CIA, but State also has people who look at, summarize, and digest the cable traffic — someone has to make it usable to the upper level diplomats, as there’s just too much to deal with in raw form.
It seems to me that our ideal other source would be someone with broad access, either at CIA, in the Department of State, or in the national security apparatus in the White House.
Countering this, of course, is Manning’s confession to Lamo. Lamo’s chat log of the discussion has been released, and it does seem as if Manning is claiming to have done it himself — but he also is cagey about it, and looking at the whole chat, it’s clear Manning is a very troubled young man. Might he be suggesting that he wasn’t the original source somehow?
So here’s the dilemma: If Manning really is the perpetrator, then there have been massive screw-ups, top to bottom, in the U.S. government’s management of classified data. If not, if Manning had a co-conspirator or if he’s the fall guy for someone else, then there may be someone who still has access to these networks, just waiting for the heat to come off in order to strike again.
And, of course, there’s another aspect to this “second spy” theory. Michael Savage, among others, has suggested this was a political “hit” by Obama insiders against Hillary Clinton, trying to block her from a primary challenge in 2012. I’m not a big fan of Savage; I’m not pleased to find myself entertaining what seems, at first, to be a fairly squirrelly conspiracy theory. But think of what’s followed: Assange has explicitly called for Secretary Clinton to be fired or resign; Hillary herself said since these cables leaked that this will be her “last public job.”
Both of these notions are speculation, and either one is troubling. Hopefully, with the new incoming Congress, the question of what really happened will be fully investigated.
WikiLeaks has certainly done harm to the United States and our interests, although I suspect it’s actually been less than previous releases of action videos and war logs.
Honestly, the deepest revelation seems to have been that the State Department really does operate cynically, for political motives, and I personally find that perversely reassuring. It’s better that then the other possible explanation — that State is full of delusional fools.
Nor do I imagine that the revelation that we say harsh things about our allies in internal documents caused much real disturbance, although the assumed outrage will undoubtedly be regurgitated in high-level posturing for the many years to come. But as Secretary Clinton has reported, the off-the-record response was: “Don’t worry about it, you should see what we say about you.” These people aren’t children.
What should really disturb us is the implications — not for our diplomacy, but for the competence and effectiveness of our own counter-espionage. There are really two possibilities: we’ve either, in the name of “sharing,” completely forgotten all the lessons that have been learned, at great cost, over the “War Century”; or there is someone else, with much broader access that Pfc. Manning, who was really behind this leak. And either conclusion should scare us silly.
could it be something as simple as misinformation?
perhaps the accessed “information” was waiting to be “leaked” and just needed a pfc fairy who was jilted by a tranny to do the deed
Shouldn’t the State Dept be able to trace the leak?
“Michael Savage, among others, has suggested this was a political “hit” by Obama insiders against Hillary Clinton, trying to block her from a primary challenge in 2012.”
This is one of those rare times when I am willing to entertain such a conspiracy theory. Oabama’s closest allies would not hesitate to put the knife into Hillary Clinton’s back. These people are convinced that the damage to the country is well worth the price. It is far more important that they remain in power.
Obama and his close allies certainly have to see Hillary as 2012 primary threat. Does anyone think that Hillary sits around thinking “Well, I am glad that I didn’t win the Democratic nomination. Barack is certainly a better president that I would have been”?
Interesting idea that this was a political hit on Hillary when you consider that after Obama won in 2008 and named Hillary to this position, many PUMAs were grumbling amongst themselves that this was just a set up to blame Hillary for his failures and keep her from running against him. It does seem consistent with their concerns back then.
Look, all the access Manning needed was a Secret clearance and SIPRNET access.
The two main DoD networks are the NIPRNET and the SIPRNET. NIPRNET stands for non-classified internet protocol network and SIPRNET stands for Secret Internet Protocol network. The SIPRNET works just like the Internet we are using here except it is the repository of Confidential and Secret classified information. If it’s on the system anybody with access can get to it. No special super secret, special handshake and secret word required. Manning had the clearance and that gave him access. The State Department database was accessible through SIPRNET.
At one time there was something called “need to know” and Manning would not have had access but internet technology has eliminated that barrier and it’s open season on secrets.
TDI, that’s what I understand. But if so, that’s just option 1. You’ve got this amazing mass of information, from after-action reports, to gun video, to apparently more or less every diplomatic cable in the last umpteen years that is SECRET or below, and it’s being made available to every damn-fool E4 with a SECRET clearance?
It’s called data “transparency” and my guess it’s about to end. And yes any pudknocker with a secret clearance gets to see it.
Thank you! I thought I was the only one out there trying to explain how SIPRNET works. Manning did NOT have to hack into anything. Once they gave him access to SIPRNET – possibly for something as mundane as sending secure emails – he potentially had access to vast amounts of info. There are websites, FTP sites, etc., so anyone who knows how to use the Internet can use SIPRNET. True, a lot of resources ARE password-protected and of course there’s a lot of highly-sensitive information that never ends up there network at all. But something like a cable archive? That was probably available to anyone with access. No conspiracy required.
One solution to people like the Private is using thin clients. These machines allow you to access the network and do your work, but they have no removable media whatsoever – no CD-ROM drives, no USB ports, nothing. The only software they run is a telecom client program – no individual Windows installation. Where I work, thin clients are what people get by default IF they need to access SIPRNET. You need to make a special request and demonstrate an important business need before they’ll let you have a fully-functional PC.
When I was at Sun we were trying to push thin clients — SunRays with the server on Solaris 10 with Trusted Extensions — for just that reason: you can turn the USB on and off with an access-control list. But we come around to the same discussion: this kid had uncontrolled physical devices with which to jump the air gap, and full access to all this stuff?
I mean, I (and lots of smarter people, like John Mclean and the other folks at NRL) did a lot of theoretical research on the aggregation problem and dealing with it — has that all been forgotten?
Okay, here’s my question: Did the Pfc download 250MB or 250+GB? Suppose I have the appropriate clearance. Now, suppose I go in with my portable Seagate drive and dump a 1 TB of data from SIPRNET: no alarms go off? Or, suppose I dribble it out over a week or two drawing from what might appear as randomly selected parts of the archive: again, no flag is set? Really?
O, see theory 1. That’s exactly the right question: the more data you have, even at low sensitivity levels for each piece, the more likely you’re find out things that are very sensitive from the aggregate. This is, surprisingly, most of what CIA does: not process secrets delivered by hot Russian redheads who have been turned, but processing little details gleaned from local newspapers and on the street conversations.
Charlie,
TDI is right. Any idiot with a SIPR account can log on and surf over to lots of things that would not have been available to them pre-9/11. One of the lessons learned post-9/11 was that there were too many firewalls blocking information access. One of the counters was to open things ups a bit. Well, it bit us in the butt. Also, as a retired 24 year USAF intel specialist with current SIPR access I am not surprised that Manning was able to do it. Yes, the DoD has rules about bringing in recordable media. But we all know that lax enforcement happens, and I’d be willing to bet that Manning’s work site was poorly led – espeically given that Manning is known to have been a discipline problem before this happened. Whoever his NCOs and Officers were, they need to be answering some serious questions as to why he still had a clearance.
As to whether Manning is the only leak, don’t make me laugh. Of course there are others; its the nature of the business that when you give every other guy in the military a clearance that things will happen.
However, I disagree that the leak required particularly high level access or personnel to carry off. It just isn’t needed given the situation that exists. Manning – and just about any other junior intelligence specialist – could have done it far more easily than most people think.
Whoever his NCOs and Officers were, they need to be answering some serious questions as to why he still had a clearance.
As extra duty after they finish the ice-scraper inventory in Thule.
However, I disagree that the leak required particularly high level access or personnel to carry off. It just isn’t needed given the situation that exists.
Honestly, that’s also perversely reassuring: I like the answer that it was a bunch of idiots a lot better. Pace Bugs#17, I’m not sorry that there’s no conspiracy, and I’m more than happy to have it have been door number one.
As extra duty after they finish the ice-scraper inventory in Thule.
Ha! That’s great. They probably have quite a few ice scrapers.
I’m pretty skeptical that any old Pfc could pull this off – how much “analyzing” is a recruit with not more than a high school education in a position to do? Granted that most 10 year olds are more computer literate than anyone over 30. But I can not believe that this guy had the intelligence savvy to know what he had access to (if he did) and what to do with it. On his own. And if he’s still a Pfc after how long in the Army, he can’t be the brightest bulb in the pack. This seems about as hard as embezzlement on your own – next to impossible.
Manning’s omivorous approach to the problem would indicate that all he did was download all the information that he could get his hands on regardless of its relevance. You think all the 250,000 DoD cables have great revelations on them? There was no analysis just access.
Never ascribe to intent what can be ascribed to incompetence. Given how well our intelligence systems have operated in the past, does anyone seriously think that we have a functional compartmentalization system?
“Never ascribe to intent what can be ascribed to incompetence.”
I suspect that’s just what it is, incompetence. Bureaucracies rarely encourage critical thinking or problem solving, just moving in sinc, following the rules and not making waves.
The U.S. Department of Defense has temporarily banned the use of thumb drives, CDs, and other removable storage devices because of the spread of the Agent.bzt virus, a variant of the SillyFDC worm, according to Wired.
This is true, BTW, at least for thumbdrives. All USB thumb drives are banned on any DoD systems – and the capability to use them is removed from the drivers. Which is a real pain for those of us trying to use them for research purposes.
Which is a real pain for those of us trying to use them for research purposes.
But then, that’s kinda the point
In government, the default explanation is *always* incompetence – even in the Intel community. Until Manning drops his confession, incompetence it is. Under the “second spy / fall guy” theory, unless the “second spy” had the capacity to offer him a Presidential pardon, he will be sufficiently motivated in due time to drop the confession. (Manning’s looking at Life, no?) And if the offer was made, the young Mr. manning will learn the hard way Obama is not very good at delivering on promises.
http://libertyatstake.blogspot.com
“Because the Only Good Progressive is a Failed Progressive”
minor clarification: in no way am I saying “case closed.” Manning’s chain of command still has a lot of splainin’ to do is more the point. And I mean the entire chain of command.
I think we are all being played.
Isn’t that one of the tenets of spying? You never know the motive of who is doing this, especially if you don’t know who is doing this.
It is what we don’t know that is the real threat. I for one do NOT trust the obama administration.
The single spy story doesn’t play well with me either, kind of like the lone assassin in the JFK assassination. There’s more going on here than we know or are going to be told, for whatever reason.
Until or unless something is revealed that dicloses who Obama really is and who created him, I’m assuming his cabal is behind this charade, and that somewhere 14 levels below what we will ever be able to see, the cabal is benefitting.
My memory might be failing, but systems delivered to classified or secure locations did not have writable media devices. No active USB ports were configured – yes, the physical ports are there, but the drivers were removed from the system making the port useless; and no CD/DVD drives were on the systems.
So, if an E-5 was downloading files, where did he store them? Downloading that many files would take along time, and most secure systems maintain logs of all transactions – did anyone check the E-5′s logs? Those logs are maintained at the network, not just on his workstation. Hmmm!
This story has more legs than are being exposed – maybe a duo-centipede.
There’s another plot here.
On every classified systems I’ve had access to, over the last 4 or 5 years probably 10 different systems, the physical USB ports are disconnected internally, not just missing the drivers. No CD/DVD drives are in the systems, and you can’t open the case without breaking a seal. A few systems had expansion bays so particularly sensitive info – data, algorithms, etc – could be sequestered on a removable hard drive and locked in a cabinet after immediate use. Only the hard drive owner and IT had a key to the expansion bay.
If you wanted an app installed or to access information from any media – CD, DVD, flash card, thumb drive whatever – you went through the signature hoops. Then went to IT with the signed off request and handed him the media. Once the media touched the classified net, it was considered classified at the highest level the net went, the physical nedia given a control number, and IT kept it under their lock and key. You would never get it back.
You could not even bring a programmable calculator or IPOD in/out of some classified areas I’ve worked in. Once in, it stayed in. It was given a control number and sticker, went under accountability protocols, and leaving it around unattended could get you a violation.
I have seen rather egregious violations of information security uncovered after the fact in the past, but that doesn’t appear to be the case here. Manning seems to be saying that his bringing the media into the area was noted and a simple explanation – Lady Gaga music? – derailed usually rigid security protocols.
I would tend to call BS on Manning’s story also.
clear mind,
The computers in the vault downstairs from where I work have SIPR access and they came from the vendor with CD-RW drives. They have not been disabled, even though the USB ports have been.
As for how much data we’re talking about, its not really that much. The State cables are all text and a one or two page cable probably won’t run more than 8k (if that much). A CD can hold approx 700MB, which is about 87000 times 8k. Manning could have stored the entire download of 250,000 cables on 3 CDs, possibly even 1 CD with good compression tools. And writing a 700MB CD takes maybe 5 minutes, so its not like he was taking all day. Its also likely that no one was watching him work.
I guess I’d ask for an audit of those systems in the vault. Unless they’ve changed standards, this was not the standard when we delivered. Still, if he downloaded to 3 CD/DVDs, there has to be a log. He might have even been clever enough to reroute, but… If it was a secure site, rules would not permit taking removable media out, but, again, I don’t know enough about the site where he supposedly accessed the data, if it was him. Where are the logs? I have my own stories of DoS access controls that would curl the eyebrows of their security administrators.
I worked on two vault software projects as a civilian 25 years ago. The “data goes in but data doesn’t go out” rule was strictly enforced. Network connections to the vault were designed to be “one way” with handshake bandwidth strictly limited in case of some hack to the network driver to encode info in the timing or spurious NAKs.
The rule made perfect sense to me, and I am shocked that they let people carry CDs out now.
Almost 20 years ago, we looked into installing a UNIX system running Multi-Level Security (MLS). It was a new implementation, and even the guys at AT&T couldn’t make the damn thing work. But the principles behind it were legitimate – that data, once classified, could travel from a lower level of security to a higher level domain, but never from a higher to a lower. Removable media, of course, was simply not available (instructions not to use them are hardly foolproof).
Of course as we moved from UNIX – with its native concepts of groups and access control lists – to the more open Windows where everything is permitted unless it’s restricted, and ACLs arrived only much later, things only got worse. Moreover, as Richard Clarke notes in his recent “Cyber War”, the alleged separation of the classified and unclassified systems is not what it appears, as the two do intermingle at various points in the system. He also notes, most disturbingly, that cyber assaults from the likes of Russia and China have already pilfered documents far more sensitive and damaging than what Wiki has released, including design documents for our weapons systems, battle strategies, high level technologies, and the like.
All systems/connections on these networks maintain active and archived logs of all uses on that system/network and they are archived for forensics in case of the need for an investigation. It is easy to acquire any logs of this E-5, so all of the speculation could be put to rest. With no spokesperson validating how they “caught” the E-5, it’s all speculation and anyone with any semblance of computer forensics training is probably giggling in their Latte!
About the same time I developed the original architecture for a highly secure version of X, and helped write some Navy docs on the old TCSEC Orange Book.
I haven’t had a cleared job in years, been a civilian researcher; I’ve got to say I’m shocked — seriously, not in the Claude Rains sense — at what you’re telling me.
Take this example from Ragnar:
‘The computers in the vault downstairs from where I work have SIPR access and they came from the vendor with CD-RW drives. They have not been disabled, even though the USB ports have been.’
It doesn’t shock me. It falls into the category I mentioned of egregious violations of information security that won’t be uncovered until after a breech. Even the simplest ‘hard lesson learned’ security practices are routinely ignored because the breech that generated that lesson did not happen in your facility or on your watch.
Nonetheless……I still call BS on Manning’s story if it turns out that the details I hear are true. That when he actually had to justify bringing RW CD’s into a secure facility – implying that it was not usual practice to do so – his rationale was accepted.
I see one possibility here other than your speculation that it was someone higher up. I can attest to it as being possible in facilities I’ve worked at.
Manning downloaded onto a laptop that belonged in the area with an easily removed hard drive. Manning actually took the hard drive (possibly the laptop itself) home for the night and cloned the drive. In which case, more than just documents would have been compromised. If so, someone will eventually find a laptop with the sticker over the hard drive cover screw tampered with or missing.
I’ll contact a friend whose son had command responsibilities at the base where the E-5 was supposed to have worked. Those of us with security and classified operations backgrounds have done an autopsy here that I’ve not heard in the media, and I can only wonder why. With all the systems knowledge out there, our discussions amount to common sense.
Because this thread involves competent thought that might sprain the brain of the average 6th grade drop out.
I vote for both the US govt. being incompetent, that Assange had inside help beyond Manning, and also that the inside help is leading the investigation as to whether Assange had his help. It’s the American way.
Our super duper government Justice Department is “on the ball”. No need to worry. Honestly, I feel in my gut this is sanctioned by our wonderful President. I just can’t get over the feeling that this is another step in the destruction of America, and the coming police state. Shutting down the internet will seem like a reasonable step to protect our country, won’t it. Etc…etc…etc….No. I am not a conspiracy wing nut by any definition. Soros is behind this somehow. I will bet all I own on that. This is a Alinsky tactic…..
I agree that this smells. I remember the levels of compartmentalization and classification 30 years ago when I was on active duty and in the defense contracting world, and this would have been impossible. I can’t imagine the DoD and DoS computer systems don’t limit access on some sort of need to know basis. It would be one thing to be able to search across the whole thing without being able to retrieve anything– so a legitimate user could make an interesting correlation, and then requisition the underlying documents based on his/her need to know and level of clearance, but unfettered access just doesn’t make sense. I suspect the government knows far more and has far better control over access than we are being led to believe.
You offer a false choice. It doesn’t have to be an either/or situation, does it? Our intelligence services have been astonishingly bad since the Cold War, and it is unlikely Manning had this much competence and access. So it probably is incompetence and a second leaker.
I have no doubt there are Obama Administration officials who place politics well above national security. We see that play out daily. But in this instance, the best explanation is the simplest one. Our intelligence services screwed up, once again, and someone either assisted Manning or fed him at least some of this information.
The burning question remains why the Obama Administration did nothing after the first information dump, which contained much more important classified information and did actual damage to the United States. The only–repeat, only–reason this dump has gotten so much attention is that involved political figures and salacious details about foreign leaders.
Sorry, no conspiracy here. The network the private got the information from was DESIGNED to allow DoD, State, and other agencies to SHARE information – including archives of cables. That doesn’t mean everything’s on it. But a lot is, the point being to allow the supposedly over-compartmentalized Feds to collaborate and cooperate in anti-terrorist activities – something they were accused of NOT doing after 9-11. Today, the State Department and the Army are deeply involved in each other’s business in Iraq and Afghanistan. So of course an Army intel guy was able to look at (and download) State Department cables. Again, it was ASSUMED that he was trustworthy. People are the weak spot in this system. We need to start taking a closer look at people before giving them access to anything.
“People are the weak spot in this system.”
Wasn’t this a line from the first “Terminator” movie? Or “War Games” perhaps?
I guess things have changed a lot since I was in the army forty years ago; we obviously have a kinder and gentler armed forces where gay PFCs can have hissy fits over boyfriend problems and full access to all the state secrets. Maybe he or she or it doing field grade “intelligence” in the army was being hustled by he or she or it doing “intelligence” in the State Department, or the Pentagon, or the CIA–do we actually have a Central Intelligence Agency anymore, and is the CIA a contradiction in terms? We obviously don’t have Department of Justice anymore.
Looks like I haven’t been doing too badly without access to classified information once I retired from the military, since the Wikileaks data dumps appear to have a few grains of wheat here and there amid mass quantities of chaff. At least Assange provided the service of exposing weaknesses in our system of handling classified data.
One of the lessons learned post-9/11 was that there were too many firewalls blocking information access.
Let us not omit the unhallowed name of the creator of the most effective wall, which enabled the non-communication, which enabled the non-discovery, of the 9/11 pilots flight training: the Jamie Gorelick of the Clinton Administration.
SADLY, since the Cold War Era, the U.S. intelligence apparatus has become systemically incompetent. Much of this at the hands of political ideologs. Today, since all intelligence has become
“de-compartmentalized” through centralization in Homeland Security, our most sensitive intelligence data control and security is in a shambles.
Likewise, during the Clinton era with a Republican Secretary of Defense (Cohen), initiating the new redesign of the military, the nations military systematically became less and less “responsible” gate keepers (across all grades and ranks) of national intelligence security.
Charlie, I worked alongside intel and was privy to their information when 19 years old in the USAF 15 + years ago whereas my highest military clearance was only ‘Secret’.
The protocol for Secret information in the Air Force was TIGHT. Like, look at the folder containing the info, absorb it (no written notes allowed, obviously), hand back folder to security officer/higher ranking/clearance possessing personnel and they’d place it back in the safe and lock it. That person would then have a telephone/computer protocol to complete.
IMO it seems the Army has slackened their protocol, in the M E theater of all places too..
It seems unlikely PFC Manning could obtain, save and archive this amount of data without same/similar protocol in place all by his lonesome.
It’ll be interesting in months, years to come the information provided by Manning and possible accomplices and the incompetence of top brass down..
It varies heavily from facility to facility, and often incidents don’t get talked about between sites. Let’s just say, the incident with the guy who put a classified briefing on top of his car, and drove off, is not the worst security fubar I’ve heard about.
Well, I must say I hadn’t considered it, though I will admit I did find it a might bit strange at the ease Pfc. Manning obtained the information. Some thing to bounce around any way, though I wonder how long it will take some to blame it on aliens, the Illuminati, Atlantis, or secret government organization department for experimenting on zombie creation with a leak.
I was never thrilled with SIPRNET to begin with. I still remember the days that handling SECRET material required strict protocols, including TPI as well as records of receipt and destruction. Technology changed all that unfortunately. What earlier comments stated are on target; any chump with a SECRET clearance (and that ain’t too hard to obtain) can access a whole bunch of stuff, all bundled together in the name of interoperability. How convenient.
finally, breaking(good) news for hopeful change.
they are going to start storing the secret material in a VERY safe place;
and, are waiting now for obama to help put all this secret stuff where he
hid his birth certificate, college X-scripts, ….
Either U.S. intelligence is massively incompetent, or PFC Manning had help — an insider with high-level access.
I don’t think it’s an either/or situation. Manning may have had help or he may have acted alone. Why would U. S. Intelligence be more or less competent than the rest of the government?
Google “Hayden’s Heroes NSA” and then “Thomas Drake NSA.”
Besides the bogus and bloody war in Iraq, 9/11 also gave Bush and his people an excuse to outsource huge chunks of the intel agencies, resulting in a massively complex hodgepodge of useless contractors, confusing redundancy, and winked at incompetence, including a half-ass “secure” network system more resembling a teenager’s notebook PC in terms of real security.
Just had to get your signature BDS bray into the conversation.
BC, honey, you’re describing every government operation since at least the Roman Empire. Oh, with the exception of the notebook PC.
The difference between an incompetent, overpriced contractor like, say, Lockheed-Martin being involved in building jets as opposed to them being involved in electronic/cyber-security (which they are, big time), is that they can’t quite get away with making a non-flying jet, whereas something like cyber security, however, is vaguely defined and expectations seem to be very low. And apparently there is no penalty for failure if you are a big enough contractor.
Nonetheless, his description of the fantastic growth of these semi-official or semi-governmental agencies is correct. It doesn’t prove that 911 was a pretext to bring this about, or to trigger a series of Patriot Acts. At the same time, it should be a large enough clue to make people ask more questions. That they don’t comes down to blind patriotism; when facts or possibilities don’t fit previously existing world views, they are are usually dismissed and their sources ridiculed. In all likelihood the amazing growth of intelligence collection activities – and the profits that derive from same – are a spontaneous outgrowth of 911. Yet there’s no proof of that either, just as there is no proof that OBL remains alive or that KSM was indeed ‘the’ mastermind of 911.
More to the point, each and every ‘national security article’ that appears on these pages assumes that the official version of the 911 attacks is correct. And why? Basically because ‘America is great’ (it sometimes is), because ‘America is a democracy’ (sort of) and because ‘our elected leaders would never contemplate doing such a thing’ (not really true).
‘Nonetheless, his description of the fantastic growth of these semi-official or semi-governmental agencies is correct. It doesn’t prove that 911 was a pretext to bring this about, or to trigger a series of Patriot Acts.’
Somewhat correct. 911 was not the driver. Most security oversight, functions were under DoD control before the Berlin Wall dropped. A DoD contractor would have security officers on their payroll, but they were vetted by the DoD and answered to them.
After the Cold War warmed up, the DoD found themselves with a lot of under utilized security personnel. There were many reasons for that. There were two major reasons. One was that much of the emphasis on security shifted to industrial espionage, a subject the DoD was less interested in. The second was that a lot of DoD information was being downgraded one, sometimes more than one, level.
So DoD started cutting down their security staff. And not just at the DoD. Defense contractors were shedding the DoD vetted security officers on their payrolls for the same reasons the DoD was. Some functions were given over to security firms started up by ex-DoD security officers as a cost measure by both the DoD the defense contractors. This started happening back in the 90′s.
After 911 and the subsequent ramp up of security concerns – the need for background checks for example – the DoD found that they had gone way further than they should. Cost wise, it made sense to ramp up outside contractors to fill those sort of needs rather than ramp up internally.
All of which is moot for two reasons. The security functions outsourced by the government were primarily clerical. Running background checks for TSA agents for example. Manninge may have been partially vetted by a security contract firm when he was given his security access level. I honestly do not know whether the military uses them for background checks or not. The second reason, and more important to this discussion, is that the security failure happened in a military facility. They handle their own on site security. The security officer Manning answered to while in uniform was military, not a civilian. And it was a military superior given Manning was a private.
So no, BC doesn’t have a point trying to make the impetus for distributed security functions something that came about after 911. It started in the 90′s.
I’ll call your Bush and raise you a Clinton. Under the Clinton Administration, Jamie Gorlick, under DoJ head Janet Reno, instituted a “wall” between domestic law enforcement and the CIA which was the single most important reason for 9/11, according to the 9/11 Commission.
http://www.nytimes.com/2004/04/14/us/threats-responses-commissioners-for-members-panel-past-work-becomes-issue.html?ref=janet_reno
I worked for NAVCIRT for 6 years. I was a pen tester against fleet units for 3 of that. I’ve been retired since 2008 so I don’t know what’s changed since then, but I’ll tell you, SIPRNET is about the most open network around to anyone who has access. Where I work now has a SIPRNET computer, and that is protected like it’s Fort Knox, but to me, that’s because it’s one box. The more people that have access to SIPR at a particular site, the more likely that thinks like USB ports will not be shut down. One of the biggest obsticles to proper security was officers who wanted to move their classified briefs or documents from one SIPR machine to another. I’ve broken into more officer’s computers than anything else.
Careful Rik. Julian is proud of what he did too.
You misinterpret my motives. I don’t take any pride in that. It wasn’t difficult. It wasn’t that my skill overcame their security. It’s that their security was so lax, that it made it a simple task. It was a warning. I wasn’t trying to suggest I was some kind of great cracker, I was, an am not. To reiterate; security on many, many, DOD systems is so lacking that the idea that a single person in a key position was able to data mine that much, doesn’t require a ‘second shooter’ in my book.
..continued. Remember if you have physical access, and you know something about computers, then you can download tons of data to the hard drive and disconnect it from the network, put in a CD that runs a RAM based OS and reconnect the devices without anyone knowing. Then you just put it all back after you’ve gotten the data.
I was regulated by a strict ROE, but it didn’t take a genius to see how easy to data mine it would have been, had I been willing to commit to such a crime. Even data mining NIPRNET you can obtain a classified picture, because people are so flippant about OPSEC. Even less attention is paid to SIPRNET because it’s thought to be a “closed” network. IDS operators are far less likely to pursue SIPRNET alarms than they are NIPRNET alarms. So it doesn’t surprise me that one person, even a junior enlisted, who was probably working odd hours anyway, was able to pull off such a data mining feat.
I am not a security guru just a run of the mill IT guy but give me five minutes and you will have to physically break the box in order to boot on your OS. Boot passwords both in the BIOS and in teh booter proper have been around for some time you know. And once you boot your in memory OS you will find the disks are encrypted so good luck retrieving any info from them.
As Helen Thomas is given attention for her rants about the “Elders of Zion”, I’ll try my hand at one of the actual, not imaginary, chapters in history. Most commentators were not born in the time of which I speak so have only the material provided to them from their mentors in Media. entertainment,school and university.
Responses to the story of the moment from ALL influence / propaganda and political organisations world wide, leads to the recognition that what goes around comes around. Those who cannot remember the past are condemned to repeat it.
I refer to time when a NEW propaganda instrument entered the stage as star of the show, in the NEW AGE. A medium so influential that it enabled those who controlled that medium to in effect control the world by its favours to those it chose to give OR to refuse attention.AND the manner of that attention. CONTROL by self-selected groups which were inadequately accountable for their power — the controllers had the power to make or break any it favoured and thus were the puppet-masters of the political processes AND THE CHOSEN DRAMATIS PERSONAE of those processes.
So — might we not go from the immediate responses of these Media with their favoured and unfavoured players to join the parallels in relatively recent history ?
Is for example Julian Assange the Woodward/Bernstein of today? Is the little soldier the Daniel Ellsberg of today? Is “Deep Throat” the internal – remember Deep Throat was finally outed at his death as a high level FBI agent – mole ? Are we to credit that NOBODY in the influence media, the Washington Post and New York Times the driving forces in that chapter for which the name Watergate was coined, KNEW who was Deep Throat ?
This occurred when a LAWFULLY elected president of the US who was not to the taste of these “best and brightest” of media and university was attempting to end with honour and dignity for the USA the Vietnam “War”. The war never declared but administered as war, begun and escalated by their favoured political machinery the “liberal / progressive / big government party the “Democrats”.”War” started shortly after the appearance of the New Star in the East, Sputnik.
Now there is a BIG GOVERNMENT presidential administration MUCH IN FAVOUR with these influence and power media, which decry the Tea Party, of ordinary – NOT primarily “elite” college students exempted from the military draft instituted by President Johnson – a significant favour from the “Democratic” Party with no doubt expected reciprocal”respect”.
Hostile and aggressive antagonism instead of the drum-beating and trumpet blowing for the protest to government as the Anti-war protests, during the 1960s-70s.
These “liberals/progressives/democrats tried a replay of that act after the loss of the Millenium election in the early part of the century. It did not play so they need a different ploy.
ET VOILA, the deus ex machina : bringing the competency and reliability of the USA once more into discredit, a central plank in the platform of THIS President, using a different staging.
In this act NOT the ACTUAL PERSON / OFFICES of Chief Executive, Justice and State, chiefs of which are ALL instruments selected by this present Chief Executive of the Enterprise the USA. It has been a motto that in the USA the desk of the Chief Executive is the place where the buck stops.
The rules have been changed AS these same groups with the mewling compliance of Congress and Court have done with the fundamental LAW of the USA which Disallows in law this centralisation of power of the people in a single government office / agency.
AND NOW with this contrived scene using their actors Assange, that soldier, the Media controllers who have lost absolute control of information thus power and money want to control this NEW information medium to their ends : disenfranchising Americans of free information as they have disenfranchised Americans of their NATURAL RIGHTS protected in the law, the Constitution of the USA. Gradually, invidiously by false promises of paradise on earth without costs over the past half century.
The election of BH Obama their chest – beating victory over their prey the USA, the erstwhile richest, free-est, most powerful, PROMISe TO THE WORLD, of the possibilities achievable by men and women for SELF -determination of their destinies.
IF this was a ”hit” by the White House on Hillary, perhaps that would account of the lack of action by the DOJ (Well they are incompetant) and a very muted response from the Administration??
“Under all the bureaucratic bafflegab of diplomacy, the State Department really does recognize that Russia’s government has been suborned into a kleptocratic oligarchy by ex-KGB officers who are unusually unscrupulous, even considering that organization’s sordid history.”
This sounds just like Washington right now, you could have been describing them.
Don’t discount what Michael Savage has to say. If someone were to tell you prior to 9/11 that four planes(there were more)would be hijacked in one day, flown into buildings, and a field in Pennsylvania killing thousands by Arab Terrorists, you might have looked at them like they were crazy. That couldn’t happen in America right?
With this regime, I lean on the side of criminal until I’m shown otherwise.
There is a woman named Rosa Brooks who has a big position in the Department of Defense. She worked for George Soros. George Soros OSI funded WikiLeaks. Obama has placed Soros people and Muslims throughout our government. I think the Hillary situation is possible. This is why Michael Savage is so despised by the government. He does not sugar coat what might be happening. Look at who Obama is tied to. William Ayers, Bernadine Dohrn, Rashid Khalidi, The Black Panthers(Angela Davis)who has visited the White House, George Soros. Barack Hussein Obama is the enemy.
Obama want to take over drilling, Gulf Oil Disaster. Obama wants to take over the internet, WikiLeaks funded by Mr. George Soros of OSI.
If our security is this poor, we really just need to get off the world stage and come home. What country will ever share any secrets with us again? Assaunge may not be a good guy but the flaw was him ever having access to begin with and some head should roll. As far a publishing the files, Wikilieaks is terrible but what about the NYT and other worldwide newspapers that just passed it on. Even Corporations have security for sensitive info like financial, processes, research and I am sure the mailroom boys don’t get access. The Pentegon is the one who needs to be answering the questions.
Unfortunately, I find PFC Manning’s story all too easy to believe. I worked in intel for 10 years, at sites ranging from a tactical hut to NSA offices. The further into “the field” you get, the looser and looser security gets.
For instance, at NSA sites, cell phones are strictly forbidden. However, at one of the bases in the Middle East, cell phones were allowed in the classified spaces if they were turned off. This was probably due to the fact that this base was top heavy with 05 and above (getting their “combat” pay 500 miles from the action), and these oh-so-important guys pitched a fit over the fact they couldn’t take their oh-so-essential cell phones into the SCIF with them. I don’t know how many times cell phones went off in the middle of highly classified briefings, but of course these senior guys never caught flak for it.
Technically, all the media writers (CD, USB, floppy) at Manning’s location (a forward operating base in Iraq) should have been disabled/removed. However, I’m pretty sure the scene went something like this:
IT Sergeant: Sir, we need to remove the CD writers on this machine.
Senior officer: But then how will we save off our briefings? Or move information between networks to compile our briefings?
IT: But sir, security regulations say–
Senior Officer: I don’t care. We’re in the middle of the freakin desert. There’s no one here but cleared people. We need our access.
I read an article a few years ago that postulated that it was harder to steal a book from Borders than it was for a cleared person to steal classified data. It was true then and it’s even more true now.
Co-conspirator on the inside? Quite possibly, or a really good hacker, maybe with inside help. Perhaps, I’ve been reading too much Stieg Larsen, but what if the source of this breach of security is external, instead of, or as well as internal?
Manning did wrong, he knows it, and he’s going to pay. His superiors are the ones that really need to have their feet held to the fire. This didn’t happen because a PFC, for whatever reason. decided information security was just a game. We’ll never know just how high the blame goes, like with Watergate or the Pentagon papers. Lets just hope the corrective action has been taken.
I love your blog, check out this fort lauderdale computer store, broward pc repair, fort lauderdale computer repair service