Gaius ponders:
More interesting than the leaks, so far, is the question how some lowly PFC had access to this stuff and the answer seems to be that he didn’t, he is a skilled hacker who hacked far and wide.
He didn’t need to be a skilled hacker, if indeed he was one. The mighty U.S. government didn’t even have the barest of security measures in place to prevent copying of these documents by anyone with access to the files.
From today’s Washington Post:
The U.S. intelligence community came under heavy criticism after Sept. 11, 2001, for having failed to share data that could have prevented the attacks that day. In response, officials from across the government sought to make it easier for various agencies to share sensitive information – effectively giving more analysts wider access to government secrets.
[ . . . ]
The director of U.S. national intelligence, James Clapper, has said he believes the WikiLeaks releases will have a “chilling effect” on information-sharing.
“We have to do a much better job of auditing what is going on on any [intelligence community] computer,” he said this month. “And so if somebody’s downloading a half-million documents . . . we find out about it contemporaneously, not after the fact.”
To prevent further breaches, the Pentagon announced Sunday it had ordered the disabling of a feature on its classified computer systems that allows material to be copied onto thumb drives or other removable devices.
Sunday. When were the first documents released to Wikileaks? July, wasn’t it? They’re just NOW getting around to this?
The Defense Department will limit the number of classified systems from which material can be transferred to unclassified systems. It will also require that two people be involved in moving data from classified to unclassified systems.
Such efforts “should have been done long ago before any of this happened,” said Steven Aftergood of the Federation of American Scientists. The rush to knock down so-called “stove-piping” without hardening operational security “was asking for trouble,” he said.
Ya think?
This is all incredibly fishy. Why would someone in DoD (a lowly PFC) have access to State Department cables? I’ve had a clearance, thankyouverymuch – and I’ve done IT security at classified installations. No connections allowed between classified and unclassified systems, no media allowed in the facility, no calculators or cellphones, and a mandatory air gap between classified and unclassified equipment. Certainly no unfettered access to systems belonging to other agencies.
I don’t buy it.
And yet, according to the Pentagon, they had no such security and have only begun implementing it. So . . .
But yeah, something smells. Big time.
One more question. The guy allegedly downloaded some of this to a CD that he supposedly erased and then re-recorded over? Can that be done with a commercially recorded CD? No, it can’t.
Then he obviously pirated it. The hell with DoJ, we should sic the RIAA on the little bastard. That’ll fix him.
Manning used Siprnet, described here:
http://www.guardian.co.uk/world/2010/nov/28/siprnet-america-stores-secret-cables
That net apparently has over 2 million users…or more. Ummmm…security?
The info released by Manning may as well be all public domain…me thinks.
Or close to it. Anglachel writes:
Check out her post. It’s an interesting angle.