Loading ...
Sorry, an error occurred while loading the content.

Wikileaks...shows State Department MAJOR 3 Strikes-Screw-ups

Expand Messages
  • dave
    Australian’s get it RIGHT—Don’t Blame the Messenger of Bad News!! By Free Inhabitant Dave The latest US media—and I contend government-sponsored--
    Message 1 of 3 , Dec 8, 2010
    • 0 Attachment

       

      Australian’s get it RIGHT—Don’t Blame the Messenger of Bad News!!

      By Free Inhabitant Dave

       

      The latest US media—and I contend government-sponsored-- blitz is to find disgust with Australia’s blame of the US State Department for sloppy handling. An understanding of how classified material is ORDAINED to be handled in the US will reveal Australia correct—but ironically, because of same policy to not reveal weakness, no real security officer will admit same. Let me explain.

       

      All people who handle highly sensitive material are given briefings for handling same—usually by a security officer. Mine was no different having been given by the head of a major US military-base security office. Now this was during the cold war when America’s secrets were to be very well guarded—so I can assure you, the principles have not changed.

       

      During this briefing, I was given the usual speeches and then led past all the guards to several rooms and in some cases vaults [for super classified material] where I would be working. In those rooms were tons of regular plain-jane file cabinets with simple ¾ inch steel bar and government-approved padlocks on them with signs marked open and closed. Also on the table were big black tarpaulin cloths covering the desk top’s “working papers” —some padlocked to the table on the corners.

       

      The security officer started with the briefing speech about the padlock I was given for my cabinet:

      “You get to pick the combination. Do not use your birthday or some combination of your SSN. Don’t be like the idiotic Phd scientist’s we have here and use some combination of 12-25 or 07-04 for your combination because they are so smart they are forgetful.”

       

       I found this immensely funny and started to laugh but then I asked this officer:

      “Excuse me for laughing but while on the subject of humorous, I find it funny how ANYONE could think those padlocks and single steel bar sufficient to prevent ANYONE from gaining access to that information. It would be a piece of cake to defeat that bar or cut that lock. I know you have several guards posted that people have to get through, but anyone inside could technically gain access to the other guy’s classified information and thus destroy the ‘need to know’ purpose. Why it could be the janitor even!”

       

      Now this fellow was up in age and had worked security for a very long time. He looked me straight in the eye and said:

      “It’s designed that way. You appear a smart guy but you don’t know the reason why, so I’ll let you in on the secret very few people know. All our security is designed to reveal when it has been breached or tampered with. Think about it: It’s almost as important to know when information has been compromised, as to keep it secret.”

       

      Security principles are the same all over the world and the TRUE security officer’s “in the know” realize what this fellow revealed to me: It’s very important to know when your material has been compromised—nearly as important as the material itself.

       

      Now consider the State Department’s stupidity! Consider:  (1) Not only did they allow someone with “no need to know” access to this information but (2) without Wikileak’s they would have never known it was STOLEN AND (3) would have never known of the vulnerability! Three strikes, you’re out!

       

      It’s LITTLE wonder the state department has been quick to distract people with the “blame elsewhere game” isn’t it?

       

       

       



      __________ Information from ESET Smart Security, version of virus signature database 5686 (20101208) __________

      The message was checked by ESET Smart Security.

      http://www.eset.com
    • BOB GREGORY
      *I agree with you that it is important to be able to know when a compromise has taken place. However, you seem to be basing your assessment of things on your
      Message 2 of 3 , Dec 10, 2010
      • 0 Attachment
        I agree with you that it is important to be able to know when a compromise has taken place.  However, you seem to be basing your assessment of things on your experience with security matters a long time ago.  While the principle has not changed, the circumstances are vastly different now. 

        During more than 20 years in military service I had a Top Secret clearance in almost every assignment I had.  In one of them I was security manager on an admiral's staff and granted security clearances to the various members of the staff of over 300, plus to crew members in a fleet of 30 ships.  Security clearances should not just be handed out in the chow line,  But things have changed so drastically that that is almost the case sometimes.

        Years ago only specially cleared officers and occasionally a few senior petty officers handled secret and top secret materials.  Every piece had to be signed for. They were numbered.  There were very few copy machines and no fax machines (beyond specialized weather equipment) or scanners. 

        There were far fewer classified messages.  The systems available did not allow it.  Classified messages were encrypted using offline encryption machines or even one-time pads.  They were manually typed into machines and the output encrypted tape pasted onto a message form.  Only officers did this work.  The throughput was comparable to a 1/4" tube.  Then the message went to main communications where it was likely to be sent by Morse code at a speed of 20 to 30 words per minute (maybe a  3/8" tube).  It could possibly be routed onto a radioteletype circuit at 60 WPM, but a tape had to be punched first (maybe a 1/2" tube).  Later there were 100 WPM teletype circuits, and even later multi-channel circuits that could handle several 100 WPM channels on one frequency.

        But then came online encryption with greater speed and thus greater volume capacity.  Today the capacity is something like a ten inch water main.  And like the saying in "Field of Dreams," "If you build it, they will come."  Traffic volumes are out of sight, and much of it is classified Confidential, Secret or Top Secret.  Some documents are classified out of an abundance of caution and because it's easy.  Some are classified because it gives a sense of importance to the guy who creates them.  Whatever the cause, the current volume of classified material is out of sight and beyond reason.

        Today about 500,000 people have access to the SIPR network from which a PFC in a forward operating base in Iraq downloaded around 250,000 messages.  About 6% of those messages were classified Secret (40% Confidential, 54% Unclassified).  Over a million government employees are cleared to view messages at that level.  If the government were really serious about protecting "secrets," it would not make them so freely available.   My uninformed guess would be that half of the Confidential messages could have been Unclassified and many of the Secret messages could have been Confidential.

        An analysis of the content of the released documents shows that they affirm the notion of attacking Iran.  They contained nothing other than mildly embarrassing information to hurt the U.S. and they contained no information whatever about Israel.  Does that tend to give you a clue that they were "massaged" before release?  There is information that Julian Assange met with Israeli reps in Geneva, Switzerland earlier this year before releasing the documents.  There was probably a deal to allow them access to all of the cables and then to veto release of any they did not want made public.  Note that there is a big gap in the messages between July and September 2006 during which time the Israel-Lebanon war took place.  

        The affair is providing a great excuse to Obama and company to further control and police the internet.

        I think an old saying may be applicable here:  "Things are not the way they used to be, and they never were."                

                                                               

        On Wed, Dec 8, 2010 at 6:49 PM, dave <dwissel@...> wrote:
         

         


         

        Security principles are the same all over the world and the TRUE security officer’s “in the know” realize what this fellow revealed to me: It’s very important to know when your material has been compromised—nearly as important as the material itself.

         

        Now consider the State Department’s stupidity! Consider:  (1) Not only did they allow someone with “no need to know” access to this information but (2) without Wikileak’s they would have never known it was STOLEN AND (3) would have never known of the vulnerability! Three strikes, you’re out!

         

        It’s LITTLE wonder the state department has been quick to distract people with the “blame elsewhere game” isn’t it?

         

         

         




      • dave
        Subject: RE: [tips_and_tricks] Wikileaks...shows State Department MAJOR 3 Strikes-Screw-ups Bob: I took a course and test on handling material and personnel
        Message 3 of 3 , Dec 11, 2010
        • 0 Attachment


          Subject: RE: [tips_and_tricks] Wikileaks...shows State Department MAJOR 3 Strikes-Screw-ups

           

          Bob:  I took a course and test on handling material and personnel mandated and given by government only 4 years ago. Scored a 98% if I recall.

           

          Unless things have changed in 2 years…which was my last re-activation I had….I can assure you that security people made sure nothing I had was widely shared like that. Hammered down tighter than a drum lid—especially electronic documents. Gone post 911 were the good ole’ days of even treating confidential level as “ok to pass around cleared people but not too much.”

           

           “No need to know” was and STILL IS the controlling policy. If anything after 911 it’s FAR MORE stringent. The briefing officer told me, “It’s not like the old days. No one has a clearance for years based on maybe some need a couple times a year. No one has a clearance just past when it is ABSOLULTELY necessary for them to have it. The new policy is to deactivate….and re-activate IF they need it. If in doubt, pull it.”

           

          Trust me….it’s a real hassle now.  So a private gaining access someplace was a UTTER goof up of some moron handing out the keys to his computer in trust..

           

          Still what you say is true….only its reported that 3 Million people have access to the SIPR network…including other nations. I think its misleading though and the tip off is ‘other nations” for that would have to exclude noforn….for example when I worked in CERTAIN other highly classified areas [now 20 years ago for certain areas] all of us had access to a search system network too—even before the internet. Sit down at the computer terminal and search all you want. We used to print out literally CARTONS of paper killing lots of trees. There were MILLIONS upon MILLIONS of documents logged into it. We used to have fun searching weird names like our own and sure-enough—up would pop a report on Country “XYZ name”  with soldier “our name” drinking the jet wing-deicer fluid because he was burned out. However….just because people had access, didn’t mean you got to read it all. All the confidential I recall and noforn and especially the S and TS were only SUMMARIZED in very brief notation…nothing of substance. If you wanted access, you could get it…but you had to establish…YEP….”NEED TO KNOW.” Otherwise it was FLAT OUT refused. I doubt its changed that much.

           

          Thus I suspect the PFC was some place where he should not have been….on a secure computer he should not have been…said computer or log in of someone else, etc.

           

          You can rest assured things WILL change now.

           

          One more comment: As of 4 years ago….I was completely IMPRESSED with the PROFESSIONALISM of those government people who doll-out the clearances and protect said information. They were SMART, well trained, COURTEOUS, etc. These guys take their business of protecting information seriously…very seriously. There were NO hassles with filling out their forms and add all the attachments you want to clarify anything—including the law. One guy told me, “We are trained to look for the truth. We accept the truth because the truth means you can’t be blackmailed. We don’t care about your belief’s….we don’t care about your exploits….all we care about is one thing, ‘Are you going to honor the commitment to safeguard the information we entrust to you. That’s it.”  These people—like most in the military—were a REFRESHING view of government workers.

           

           

           

           

           

           

           

           

           

           



          __________ Information from ESET Smart Security, version of virus signature database 5695 (20101211) __________

          The message was checked by ESET Smart Security.

          http://www.eset.com
        Your message has been successfully submitted and would be delivered to recipients shortly.