> I once asked a U.S. cybersecurity executive how his company handled the banned-documents problem in the context of securing the networks of their own clients. His answer: They would assign U.S. leaks to British analysts and leaked U.K. documents to American analysts.
But mostly the article is a simplistic attack on a simplistic policy, by a (claimed) John Hopkins professor in this area. Very heavy on how the current policy makes his life in academia more difficult. Minimal interest in what workable improvements (from the US Nat'l Security Establishment's PoV) would look like. And scarcely a mention that the whole problem would be far smaller if our Establishment was less shitty at preventing leaks of its secret documents.
EDIT/Responses:
(Dylan16807) Yes, small picture, the leaks are a different topic. But at the "professor of strategic studies" level, arguing for changes in national security policy - maybe he should pay more attention to the bigger picture? That could include mention of the degree to which "simplistic idiocy" security policies discourage and demotivate the young people who our Establishment needs as responsible clerks handling its secret documents.
(cowsandmilk) The "(claimed)" is a sarcastic dig - at the sophisticated worldview which he should bring to this subject, vs. the simplistic way he presents in the article.
That's a very different topic, and even if it was perfectly fixed there's still so many existing documents causing constant hassle.
An obvious improvement would be to not prohibit people with a security clearance from looking at documents that are already publicly available.
If the concern is that the documents could be forgeries, train them to have a suitable skepticism about the authenticity of leaks rather than prohibiting them from reading it. What if they are already skeptical and want to view the documents for some other reason? What if the government has already conceded that they're authentic, or it's something that can be easily verified given the information, so the authenticity isn't in question? What if they're in a position to prove that it isn't authentic, which could be highly useful information to the government, but nobody ever finds out if they avoid reading it because of a senseless prohibition?
Your responses deserve their own comments, and by posting in this way, you circumvent the voting mechanism of other HN readers.
It just feels uncouth or unseemly to reply in the original post as an edit, and it’s unfair to the person you’re replying to, as they may not know you replied, because you didn’t, technically. It feels manipulative and like you are avoiding downvotes that would otherwise arrive when you comment on how your comments are voted on. This feels like thwarting the will of users and subverting the will of the users as expressed through their responses. It’s hard to even have a conversation when you edit/reply, so it’s not really promoting conversation like the guidelines encourage us all to do.
And this is as someone who usually agrees with you and your comments!
1. Missing important context, 2. Missing paragraphs, 3. Be edited or in fact, not real at all.
Also if it's not real at all then you are allowed to look at it.
Kinda like if that wire labeled "Danger, 480V" is actually dead, then it is safe to touch. But with that approach to things, your career as an electrician could be kinda short.
Dial back the sensitivity of the image, and just release the sat images if you are concerned about leaking the angular resolution.
Has anyone made any logistical improvements to SCIF in decades? I don't mean whizz bang tech, I mean actual changes of substance to information management on secure basis.
Current political incumbents aren't much bothered with nuance it seems.
Of course it makes sense to prohibit making any statement that serves to confirm or deny whether any publicized information is accurate, but beyond that, once it's out, it's out. Any policy that pretends otherwise is absurd.
- The actual declassification decisions would be made by career nat'l security people. Who know that nobody was ever disciplined for keeping "2 + 2 = 4" secret. Nor promoted for declassifying the (metaphorical) blueprints for George Washington's false teeth.
- I've not seen it articulated, but there's also the "never speak honestly around troubled children" nature of declassifying anything. Capitalist journalism promotes junior high school drama queens, and the internet is crawling with simpletons and nut jobs. If you declassified the fact that, in 1971, DoD Junior Analysts Joe & Alice suggested basing nuclear missiles on https://en.wikipedia.org/wiki/Rockall - it wouldn't matter if their idea was vetoed the next day by an O-4, or was physically impossible anyway. There would still be a giant "OMG AMERICAN NUCLEAR MISSILES WERE GOING TO BE LAUNCHED AGAINST INNOCENT BRITISH SEAGULLS!!!" shitstorm about it - because for a (seeming) majority of humankind, "truth" is whatever idea is pushing their buttons the hardest right now.
This has always been the policy. Unless the documents have been declassified, then access controls remain in effect, and maybe you've got a clearance, but maybe not access or need-to-know, so it would be unauthorized access, which is a security violation.
To the best of your understanding, what is the unambiguous, demonstrable way this policy benefits the nation? What are the gains that outweigh the cost of decades of doltish enforcement?
I am asking because of all the potential benefactors I can come up with, none of them are the American public. I'm hoping your experience can provide some unforeseen nuance.
You have a person that knows X and a person that knows Y, but knowing both X and Y is vastly more valuable. To keep things secure you ban the X group from knowing about Y things regardless of how they found out.
It's going to produce absurdities sometimes, but the basic principle makes sense.
Both Boyce and Snowden leaked because of their ideological opposition to what they saw.
The truth is that "we" (the "good" guys) are doing the same rotten things that the "bad" guys are doing, and being part of that world can make you feel soiled. If "we" chose the high road and didn't stoop the level of the "bad" guys, it would put "us" at a competitive disadvantage.
https://www.nsa.gov/portals/75/documents/news-features/decla...
To survive, you need to rationalize what you see against your own values, and have a mix of patriotism and respect for the rules.
There's an ever-present danger of becoming corrupt within this culture. I've never been an "ends justify the means" sort of person, but most CIA/NSA people I've met are.
Coincidentally, this is the same way I describe National Security - except I include major campaign donors in the receiving column.
misswaterfairy•5mo ago