Warning: Constant ABSPATH already defined in /home/public/wp-config.php on line 27
Will They Ever Learn? — Why Now?
On-line Opinion Magazine…OK, it's a blog
Random header image... Refresh for more!

Will They Ever Learn?

by Bryan

I’ve seen this, Military Bans Use Of Removable Media After WikiLeaks Disclosures, in several places and am astounded.

First off, it wasn’t that long ago that reporters were buying thumb drives in Afghan markets that contained classified information, and there was supposed to have been a ban as a result of that fiasco, but the rules not many years ago specified that that equipment could not be connected to any military network if it had a removable device of any kind, or a printer. The back-up media and printing was centralized and under the control of the system administrator. Disk-less workstations were the norm.

Military communications security seems to have been flushed down the porcelain throne this century. They are classifying more and more, and doing less and less to protect it.

If you accept that one Army Specialist is responsible for all of the information that WikiLeaks is posting, how much have the professional intelligence agents managed to walk off with?

16 comments

1 fallenmonk { 12.13.10 at 6:43 am }

It is embarrassing. Back in the day you even had to have your pack of smokes broken down by security. You had to empty your pockets and leave your wallet and other personal stuff on the outside in a locker. You were also subject to a full pat down without cause at any time and we are talking a very personal pat down that might include a cavity search including cheeks and under the tongue and all the rest. Wikileaks would have had a hard time 40 years ago.

2 Bryan { 12.13.10 at 2:06 pm }

Yeah, going through airport security is nothing when compared to entering the NSA HQ at Ft. Meade. The Marines on guard did not have a sense of humor, and the head of security was a professional paranoid. They banned Furby because of the primitive recording capability and you damn sure didn’t bring any personal electronic devices near any site.

I still don’t understand how a low-level enlisted type was able to access so much data that was obviously outside of his area of concern. This is a total security failure, that has nothing to do with the content or WikiLeaks. There should be people with a lot more rank awaiting trial over this mess.

3 Steve Bates { 12.13.10 at 8:11 pm }

Oh dear, Bryan. Your ref to the Furby incident reminded me of some of my doggerel that predates your blog and mine, and I can’t resist reproducing it…

1/13/1999 (Washington Post) “Cute plush toy or nefarious spy?”

(AP) By Vernon Loeb
Washington Post Staff Writer
Wednesday, January 13, 1999; Page A21

Move over, Aldrich Ames. The National Security Agency has targeted a new national security threat capable of blabbing secrets to U.S. adversaries: the Furby.

As harried parents scrambled in the weeks before Christmas to get their hands on these homely, high-tech cyberpets that supposedly repeat what they hear, the supersecret spy agency put out a “Furby Alert” on its internal intranet in early December and banned the Furby from Fort Meade.

“Personally owned photographic, video and audio recording equipment are prohibited items. This includes toys, such as ‘Furbys,’ with built-in recorders that repeat the audio with synthesized sound to mimic the original signal,” the Furby Alert warned NSA workers. “We are prohibited from introducing these items into NSA spaces. Those who have should contact their Staff Security Officer for guidance.”

(Whew. I can’t top that introduction, but I’ll try… SB)

Someone’s a Little Fuzzy,
but
Furby it From Me To Say Who

If you’re looking for the winner in the Paranoia Derby,
I suggest the spooks at NSA who classified the Furby.
I’ve inquired about the wherefores, but the bureaucrats are balking;
They refused requests for interviews… and Furby isn’t talking.

One assumes they fear the Furby, reckless creature prone to chatter,
Overhearing something classified, and passing on the matter.
Round the children of the household the suspicions doubtless hover:
For their Furby has been sighted in their bedroom… undercover.

When they overheard the Furby say “deployment of the troops,”
Furby’s echoing what Sis said, that the boy made all the poops.
And mysterious allusions made to “weapons to Saddam,”
Were the Furby’s hash of Bobby’s plaint: what happened to my Mom?

While the NSA thinks Furby’s gonna give away the store,
All the rest of us believe the little critter’s quite a bore.
Though the biggest risk is he’ll repeat what Daddy said to Mommy,
To the spies, he is an unredeemed cold warrior and a Commie!

I assert the little guy could be the savior of our nation:
For just thirty bucks, he’d be a source of pure disinformation.
We could place him in the NSA, then dump him in the streets…
How the hell could foreign agents understand what he repeats?

And just how could evil agents make him spill the stuff he knows?
Could they threaten shoving nails up Furby’s nonexistent toes?
Or remove his ears and beak, and dump his RAM if he is mute?
Never fear, no one could torture him: he’s just so blessed… CUTE!

– SB the YDD

4 Steve Bates { 12.13.10 at 8:13 pm }

Oh, great… pasting an old MS-DOS file into your comment window renders 0d0a as two returns, not one. The poem is in quatrains, if that helps. Sorry… I should have previewed it.

5 Bryan { 12.13.10 at 9:15 pm }

Steve, I’m not kidding when I call the guys in charge of Security at NSA HQ professional paranoids. They can imagine a threat in almost anything. You do your very best not to interact with them – ever.

OT: it wasn’t difficult to fix. The formater assumes that carriage return and line feed are equivalent.

6 Badtux { 12.14.10 at 2:19 am }

I know/have known a few of the NSA guys. They are… hmm. Brilliant and devious and twisted, I guess that’s the best way to put it. They can figure out how to use a Furby to smuggle out things, so they figure the bad guys can, too. It still amuses me how they manipulated both the old bull NSA types who want to wiretap everything and were upset about encryption making that hard, and those of us who were in the cyber-liberties movement, in order to get strong encryption for Internet commerce. They figured that if they could snoop on weak encryption, so could attackers — and worse yet, attackers could inject attacks that were undetectable, thus making a shambles of Internet commerce. Let us just say that aside from the brilliant and devious and twisted civilians involved, there were also some folks with .mil email addresses involved in the design of the EFF’s encryption engine and with the design of strategies used to poke so many holes in the encryption export embargo that finally the Clintonistas had to give it up as ridiculous and just allow export of strung encryption… heh.

The main problem is that the NSA is supposed to be lead agency in security military networks, but they don’t have the authority to come in and force folks to do things right. That has to go down the chain of command… a chain of command that hasn’t a clue, by and large.

– Badtux the Security Penguin

7 Bryan { 12.14.10 at 7:21 pm }

NSA is a joint services agency headed by a three-star as the Director, a position that rotates through the services. It is a staff agency, not line, so it off to one side of the chain of command, rather than a direct part of it, making it something of a step-child in the pecking order. It can advise, but it cannot command anything.

It leads to the situation where you are issuing reports saying that the moron at X location are still using the regular phone lines that everyone and their kid can tap, rather than the encrypted, secure lines provided. You can’t even call and tell the people that they are doing it, and need to stop.

We know, and known for a very long time how to stop/prevent what just happened, but the people at the top need to lead on the issue. I doubt they’ll do what’s necessary, even after the leaks. They’ll go to the “few bad apples” defense, and the people truly responsible for making this possible won’t even get a reprimand inserted in their records.

8 Kryten42 { 12.14.10 at 9:18 pm }

LOL Very nice Steve! And appropriate. 🙂

We don’t really have an equivalent of your NSA, but we have three organizations that together do what the NSA and the UK MI does. DSD (Defense Signals Directorate handles everything *electronic* (and was very secret until the late 80’s/90’s), DIO (Defense Intelligence Organization oversees all forms of intel gathering and analysis and are the official paranoids. When I was there, we had a Director that we nicknamed Bogeyman because he saw them everywhere! (and also because if he even suspected someone of being bent, he made their life hell!) We used to say we were certain he checked under his bed as soon as he woke up!) and the other org is still a secret and mainly handles field craft. 😉 🙂

We have an interesting situation where the intel/security org’s here have a classification that is above the PM’s level. This is a leftover from the Colonial days where the UK Crown was the ultimate authority. Today, it’s a useful piece of old law that gives the PM and all Gov officials an *out* (plausible deniability).

Speaking of things Military, I saw this at TP.

Birther Army Doc Who Refused To Serve Pleads Guilty, Faces Up To Three Years In Prison

The Military better throw the book at this totally ignorant moron! Or they will have a LOT of problems on their hands!

During a heated interview with Lakin back in May, CNN’s Anderson Cooper lambasted him for singling out Obama. “He has taken orders for years from people, probably thousands of orders, countless orders. He has never questioned the legitimacy of the people he has taken orders from…or all he knows, General Casey could be a foreign-born, a — not an American citizen.”

And really, these people are just too stupid to live! Seriously!

9 Bryan { 12.14.10 at 10:07 pm }

DSD was classified? Next you’ll be telling me that GCHQ was classified in the UK. Nobody here but us spooks, or secret squirrels as some called us.

Well, studying electro-magnetic wave propagation in the upper atmosphere and polar regions is an international effort 😉

As for the birther Doc, at least some of the officers he took orders from were definitely “foreign born”, as were 10% of my basic training flight. You don’t have to be an American citizen to serve in the US military. You have the right to refuse an unlawful order, but the status of the individual giving the order doesn’t make it unlawful. In joint operations you may be under the command of officers from a foreign army, but you had damn well better follow orders.

10 Badtux { 12.15.10 at 2:14 am }

Singing to the choir about the Pentagon and NSA cybersecurity situation, Bryan :). My, erm, entanglement with certain persons is a decade in the past (well, last one I personally talked to was in 2003, we were talking about AES and he took me out to dinner for something I’d done for the effort), but even then they had much to say about it (I won’t repeat the technical discussion we had at that last dinner about a certain deficiency in the way certain things were done on the WWW, which was quite interesting, because, well, because it’s still relevant — alas, a recent exploit took advantage of exactly what we’d discussed in 2003, and it *still* isn’t fundamentally fixed due to dunderheads who just don’t *get it* when it comes to securing communications).

All in all, I’m quite contented to be well away from that frustration and instead be focused on virtualization, storage, and clustering. Storage clusters don’t care what application writers stupidly do, we just serve bytes to a wire connected to the application server, what the applications do with those bytes (or don’t do, security-wise) is their problem :twisted:.

11 Kryten42 { 12.15.10 at 3:44 am }

@ Bryan: Yeah! They were so paranoid about DSD until the 80’s that even their name was redacted from reports! 😆 And a person would find themselves being asked questions by VSP’s if they uttered the name in public places. 😉 What I found hilarious, is that whilst a lot of what they do is (and should be) classified, the *REALLY* serious EW super-freaks worked for a group that most people even today have never heard of, even though, officially, it isn’t classified! Perhaps that’s because for most people, the official name is not one that rolls easily off the tongue! 😉 I know it well because I was tasked there to plug a leak during the late 80’s. Security was very extreme and serious. You couldn’t take any electronic device in without prior arrangement, and then you got a receipt for a replacement when you left, because that one would be destroyed by a 300 ton press, and then incinerated! 😆 I got to know the Scientists there very well. They were a pretty good (and surprisingly sane, for the most part), bunch. 🙂 I remember meeting one of the leading Scientists there with 2 PhD’s (Math/Physics) and he was only 26! Anyway, the place was called: DSTO EWD RWPG (Defense, Science & Technology Organisation, Electronic Warfare Division, Radio-wave Propagation Group. They were the brainiacs who developed JORN (Jindalee Operational Radar Network, the first operational long-range over-the-horizon radar system). 🙂

@Badux. Yeah, I occasionally miss is, then I remember the mostly bad bit’s and that feeling soon evaporates! 😉 😀

12 Kryten42 { 12.15.10 at 7:24 am }

Oh, look! Someone sane for a change… and a nice blast from the past! 😀 😉

From Juan Cole:
Former CIA Official Ray McGovern Defends Assange

Nice to see that a little sanity remains. 🙂

13 Bryan { 12.16.10 at 12:44 am }

If you followed established procedures and implement some common sense many of the current problems that plague the Internet would be gone. As long as people refuse to do anything about security because it might affect “ease of use”, rather than the truth that people don’t want to put in the time to do it right from the beginning, we have to put up with all of the extraneous crap that “steals” packets for purposes that are generally annoying and occasionally dangerous.

Hackers I can live with, but there is no need for the scriptkiddies to have the ability to muck things up. People should be required to show some talents before they can make a mess.

While we obviously didn’t talk about such things outside of our work areas, it was never indicated that the name itself was classified, or required protection, Kryten.

I’m OK with WikiLeaks, but the more I see about the actual Swedish case, makes me less than an Assange supporter. The Western media isn’t translating the Swedish articles, and you can’t trust the Google translations to be accurate, but it is looking like the case is very valid, and Assange could get some serious prison time. He should have dealt with it immediately. He might still avoid prison, but refusing to cooperate makes him look guilty to the Swedish prosecutors who seem to want the whole thing to be settled as soon as possible.

14 Kryten42 { 12.16.10 at 8:00 am }

Oh yes. 🙂 If Assange was stupid enough to break the law, he should have his day in court, and if he’s legitimately found guilty, he should do the time. But, until that day, it’s all speculation. 🙂

I don’t actually care much about Assange one way or the other. *shrug* Wikileaks is a whole other matter! 🙂 For example, did you know that Wikileaks has the only known copy of the first edition manuscript for the book “Operation Dark Heart” (Operation Dark Heart. Spycraft and Special Ops on The Frontlines of Afghanistan and The Path To Victory, ISBN: 9780312603694 ) by (former Intelligence Officer) Lt. Col. Anthony Shaffer, before the Pentagon bought (almost) all of the 10,000 first run copies and burned them in September? There is a 2nd edition now, but it’s been heavily redacted. I really hope Wikileaks releases that first edition soon! I really want to see what the Pentagon is afraid of! 😉

Apparently, the Pentagon only got just over 9,500 copies, and it’s known that about 100 or so advance copies are out there somewhere, which means, thanks to the internet, it won’t be too hard to find soon. 🙂 A few sold on eBay for up to $2k! 🙂 Originally, the Pentagon OK’d the book for publishing in 2003. Looks like the Pentagon once again wasted taxpayers money for nothing! Same old… 😉

Wikileaks Calls US Pentagon ‘Nazi Punks,’ Threatens New Leak

And, speaking of the “Fort”:
The New York Times reveals a few open secrets

Pentagon Bought & Destroyed 9500 Copies To Protect Military Secret?

😆

15 Badtux { 12.16.10 at 10:39 am }

The big issue with Assange fighting deportation to Sweden is that in Britain he has most of the rights of a citizen (since he is a Commonwealth citizen born before, what was it, 1983?), and can’t be deported to the U.S. from there for a political crime (which a charge under the Espionage Act decidedly would be under all treaty definitions). In Sweden he has no such protection and could easily be deported to U.S. custody (an un-marked aircraft that then flies to an Eastern Europe country, after which Assange is never seen again thanks to one of the Hedgemony’s black prisons that President George W. Bush II has conveniently kept open after GWB I left office). As far as the crime of which he is accused in Sweden, my understanding is that it is not rape in the U.S. sense of rape, which involves lack of consent where a man forces himself upon a woman who does not want sex, but something fuzzier involving withdrawal of consent at some point during the sexual act but no force involved. Which points out the downsides of having sex with people whose language you don’t speak natively in places where no really DOES mean no — if you’re not familiar with the idiom and the many ways in which people can say no in that language, it’s easy to get into these kinds of situation. Not saying that this is what happened to Assange, just that it’s easy to happen, and why it was stupid that Assange was even poking his rod into his groupies there. Not to mention that anybody with even a lick of tradecraft would be thinking “honeypot”, though that does not seem to be the case here, which is *another* reason Assange should have kept his rod to himself.

So to sum it up, Assange is at best a moron when it comes to things sexual. And that’s the best you can say about that. At worst… well, if charges are ever filed and it comes to trial in Sweden (which may never happen, if the unmarked aircraft scenario plays out — yes, Sweden participates in the CIA’s “extraordinary rendition” program, that’s another thing that’s come out with Wikileaks), we’ll find out more after that, I guess.

16 Bryan { 12.16.10 at 9:54 pm }

The issue that is common the Swedish articles have have been translated rather that simply mentioned, is STDs, and especially HIV. Apparently that’s the reason the Swedes aren’t calling this sexual assault or rape in their charge, but “lack of consent”.

This thing exploded because Assange was supposed to have been tested for STDs before he left Sweden, as a condition of leaving, and he didn’t. Assange says that the women were “jealous” when the found out about each other, but the reporting seems to indicate that they panicked when the realized he had probably been tom=catting all over the world.

If he gets the tests and comes out clean, he can probably avoid prison, but if the tests show an STD then you are into some very serious territory.

Since Assange was trying to get permanent resident status in Sweden, he didn’t seem to be too worried about being extradited from there, and the current government is apt to want to get involved after the heat received when people found out about the complicity in the rendition program. I can see them deporting him to Australia to avoid problems, if they don’t imprison him.

Kryten, you have to realize that just because something is made public, it does not lose its classification, and if it is classified, copying or transmitting it is still technically illegal, which is why the US government has issued all of the bans on people going to the coverage of the documents. It looks, and is stupid, but it is the law.