Wikileaks - your thoughts - no politics

[Rustic23]

Dex,
As NW-Bound said, I was speaking in computer terms. The read/write permission for the files. It could easily be that he never actually saw the documents. I am not a computer expert, however, he might not have had permission to actually open the documents, but did have permission to move them around on the hard drives, make backup copies, and otherwise perform actions to 'protect' the data. I am not sure if that is possible. But if his job was that of a IT tech. he would have access to the documents in bulk. In fact, assuming, this is the guilty party, he did not appear to actually look at the documents, just copy all he could.

[dex]

Quote:

Originally Posted by Rustic23 Dex, As NW-Bound said, I was speaking in computer terms. The read/write permission for the files.

Does that mean that WikiLeaks also broke an encryption? If so, I would guess they would have needed help to do that.

[Rustic23]

I don't have a clue. One would think the data would have been encrypted but, as I am not in that business, and never had reason to deal with classified data on an electronic system, I don't know. It could also be the tech had access to the encryption keys as a part of his job. Someone with current knowledge of the accused and his job description would have to answer that.

[NW-Bound]

We don't really know if the original files were encrypted or not. Same as some other posters, I simply expected them to be. I just now looked at a few reports on that site about the Afghan war. Could it be that these day-to-day operational reports were deemed low enough level that they did not require encryption?

And then even with encryption, if the files are to be accessible to many authorized readers, then I guess that means any of those readers could give away the key. If any of the forum surfers here know what the procedure is, they might not dare divulge that.

[Westernskies]

Quote:

Originally Posted by NW-Bound If any of the forum surfers here know what the procedure is, they might not dare divulge that.

"Don't ask, don't tell"

[obgyn65]

I agree. I also look forward to hearing more about Assange's "insurance file".

Quote:

Originally Posted by chinaco But I hope he dumps those Banks leaks out there quickly before he is caught. I want to see some a few more bankers get what they deserve...

[clifp]

Quote:

Originally Posted by NW-Bound We don't really know if the original files were encrypted or not. Same as some other posters, I simply expected them to be. I just now looked at a few reports on that site about the Afghan war. Could it be that these day-to-day operational reports were deemed low enough level that they did not require encryption? And then even with encryption, if the files are to be accessible to many authorized readers, then I guess that means any of those readers could give away the key. If any of the forum surfers here know what the procedure is, they might not dare divulge that.

I don't know what the procedure is either, but I do know that for the last 20+ years attempt to control the circulation of digital information, that is already pretty widely circulated (e.g. CDs DVDs, games, movies, Kindle books etc.) has been pretty much exercise in futility. Digital information is just to easy too copy, and while copy protection, passwords, encryption, digital rights management and classifying material as secret etc all work to some extent. They have limited value.

They are roughly the equivalent of locking your front door. It is enough to prevent casual theft and serve as deterrent to keep basically honest to people from doing illegal activities. However a determined thief will be able to defeat them. It is important that we don't be so obsessed with security that we make the hassle factor too high for legitimate users.

I think of Wikileaks as a fence. Police do shut down fencing operations and I expect the government do some work and they appear to have done so with getting Paypal to cancel connections to Wikileaks etc. However, far more important is destroy their reputations and most importantly go after the real criminals the leakers. Fence don't staying in business if they give up the names of criminals who buy or sell their customers. If the government hackers can find out the names of all the suppliers of information to wikileak, then I predict most of these leakers will think several times before supplying them with information.

The good news so far is that none of the Wikileaks as been really secret stuff. I hope/pray that the really important government secrets are not hooked up to the internet.

[RonBoyd]

WikiLeaks' Julian Assange arrested in London on rape charges

[Tigger]

Quote:

Originally Posted by RonBoyd WikiLeaks' Julian Assange arrested in London on rape charges

I'm curious to hear how much of what is being written is true:

Wikileaks Julian Assange rape charge for not using condoms : Zennie Abraham : City Brights

Assange Accuser Worked with US-Funded, CIA-Tied Anti-Castro Group | MyFDL

[Texas Proud]

Quote:

Originally Posted by clifp I don't disagree with anything you said, but let me play devils advocate and explain why I think it is a important that 600,000 people have access to information in wikileaks. We've been in Afghanistan for 10 years and over that time I bet the average Afghan tribal commander has seen 1/2 dozen or maybe dozen US/NATO commander in his region. He has made lots of deals with them, some Afghan leaders have good guys, some are really Taliban, and many other try and figure which way the wind is blowing. A Army captain takes command of area and the outgoing captains tells him that village leader Joe is good guy. That is useful info, but far more useful is a database of local Afghan leaders. In the database is the last 1/2 commanders reports on Joe which show he has been loyal ally, that Bob, his father in law, who is the leader of the next village seems to be neutral. What is more important is finding out that Bill another tribal leader although pretending to be anti-Taliban is strongly suspect of being a Taliban leader. So how do you limit access to this material. Is access restricted to captain and above serving in a particular region in Afghanistan?. What about Captain in the US who are deploying to Afghanistan shouldn't they have access to the info?. What about State Department employee who is doing research on the tribal structure and genealogy in Afghanistan? You really don't want to cut him of the loop because this guy that figures out that Bill and Joe are cousin, and while Joe maybe a real American ally he is almost certainly going to not betray his cousin even if he has kept this fact secret for many years. So how do we classify the information about Bill, Bob, and Joe? It ain't the launch code for nuclear missile but it isn't information that we want getting back to Bill and Joe. It seems to me that stamping it secret or top secret and letting people with this level of clearance and some plausible connection to Afghanistan access is the best way. The question is how do you fix the problem? The private in question worked in Army IT, not sure how you keep a pretty clever programmer from getting access to a database about Afghanistan. The fix Assange hopes will occur is that the US will compartmentalize our information so that the future Army captain ask Bill to help him catch Joe not realizing they are cousins and our troops run into an ambush. This will make America a less effective authoritative government, which maybe a good thing unless you happened to be related to one of the American soldiers killed or wounded in the ambush.

Someone else responded.... but I will add.... why does a PRIVATE in Afghanistan need access to the state dept memos from every country


Your example shows that the Captain or whatever level he is needs that info on the tribal leaders... but he does NOT need to know our plans in Russia or Isreal or even if we plan on bombing Iran because Saudi Arabia thinks we should...


There should be some people who does have access to all the info... but they should be secured someplace and not allowed to willy nilly download 100s of thousand of pages of documents without the systems screaming to everybody what is happening....

[Texas Proud]

Our company requires that if you have a laptop the whole laptop is encrypted.... it is a 256 key encription (IIRC)... I have asked our tech person what if the person forgets their password... she said we would have to rebuild the computer as we could not get access to the data...

All of our important data is on our secured servers with a copy on a secured backup server with tape backups in a fireproof safe...


It just does not seem that the data was encrypted... and there was no alarms when the data was copied... but if he was the DBA, then he probably was the one who would have been informed that there was a massive copying of data if they had that in place..

[clifp]

Quote:

Originally Posted by Texas Proud Someone else responded.... but I will add.... why does a PRIVATE in Afghanistan need access to the state dept memos from every country Your example shows that the Captain or whatever level he is needs that info on the tribal leaders... but he does NOT need to know our plans in Russia or Isreal or even if we plan on bombing Iran because Saudi Arabia thinks we should... There should be some people who does have access to all the info... but they should be secured someplace and not allowed to willy nilly download 100s of thousand of pages of documents without the systems screaming to everybody what is happening....

I think because rather than state department having there own database of Afghan tribal leaders and the military having its own database, at the suggestion of 9/11 commission they either have merged the databases or allowed easy access to anybody with secret or top secret clearance.

They have not concluded that Private Bradley Munning is responsible for all the leaked info, AFAIK he is only the prime suspect for the Afghanistan related dumps. If he is responsible for both than I'd say they have gone too far in the sharing department.

My SWAG is that the reason Private Munning is in custody is because the computer system did in fact keep log of all of the files that were copied. However, I am not sure that IT guy copying a large number of files would raise a red flag, cause it doesn't seem all that unusual. After all on "24" they always catch the CTI mole by reviewing the logs never by the system saying an email saying Cloe O'Brian is copying files in the server room.

[Rustic23]

A little off subject, but I was speaking with an accountant friend the other day, and he said that most of the audit rules, and accounting procedures were there to catch the thief, not necessarily prevent the theft. i.e. it would leave a trail that could be followed to the thief, but it would not necessarily stop the original theft. The security procedures need to do both. This is a very difficult task and still make sure the end user get the data they need.

[dex]

Quote:

Originally Posted by Rustic23 A little off subject, but I was speaking with an accountant friend the other day, and he said that most of the audit rules, and accounting procedures were there to catch the thief, not necessarily prevent the theft. i.e. it would leave a trail that could be followed to the thief, but it would not necessarily stop the original theft. The security procedures need to do both. This is a very difficult task and still make sure the end user get the data they need.

That is not correct and paints accounting as backwards looking. Good accountants review the policies and procedures, and recommends best practices to their clients. You have encountered them every day - cashier giving you a receipt and being monitored so that they do it; at the movies you purchase a ticket from one person and give it to another. No system is foolproof and employees are one of the major areas of theft.

Just as there is no way to stop a determined suicide bomber there is no way to stop a determined thief.

[Rustic23]

Dex, agree, and he said that also. However, we were talking more to your last sentence. You ae not going to stop the thief, but you will catch him.

[youbet]

Quote:

Originally Posted by dex employees are one of the major areas of theft. .

This is confusing. A concurrent thread on this forum indicates that every negative event in a company is the result of a "boss."

[clifp]

Quote:

Originally Posted by youbet This is confusing. A concurrent thread on this forum indicates that every negative event in a company is the result of a "boss."

Maybe because some of these evil bosses are preventing corporate asset shrinkage.

[kcowan]

Every system relies on honesty at some level. Just look at the Wall Street payouts. When everyone is corrupt, the system fails.

[eridanus]

He's a journalist. He's committed no crimes in releasing classified information given to him.

New York Times Co. v. United States - Wikipedia, the free encyclopedia

That the US is ignoring a Supreme Court decision is not really a surprise; I assume it expects a 40 year precedent will be overturned with the current court.

As for those who want to throw him in prison or execute him posthaste, Freedom of Speech (and Freedom of the Press) is not for those who agree with you.

[dex]

Quote:

Originally Posted by eridanus He's a journalist. He's committed no crimes in releasing classified information given to him. New York Times Co. v. United States - Wikipedia, the free encyclopedia That the US is ignoring a Supreme Court decision is not really a surprise; I assume it expects a 40 year precedent will be overturned with the current court. As for those who want to throw him in prison or execute him posthaste, Freedom of Speech (and Freedom of the Press) is not for those who agree with you.

'Journalist' is to journalism as 'Artist' is to art. No one can define art so every practitioner is an 'artist'. Every blogger is a journalist. Everyone who posts here is a journalist. If I never wrote a word yet said I am a journalist could I be proven wrong?