dagblog - Comments for "WikiLeaks Debate on Democracy Now"

Windows has had user-level

kgb999 — Sat, 04 Dec 2010 20:59:05 +0000

In reply to In my opinion, this WikiLeaky

Windows has had user-level permissions implemented since Win95/NT. It's perfectly possible to administer a MS network reasonably securely much as you describe ... at least from an non-exploited operational point of view. (FWIW, Novell probably provided the best backbone solution for the DoD/State enterprise)

Read/Write/Execute is a directory/file access level thing. Once someone is granted access to "read" a file, it allows copying the file into a user's local memory. A user without "write" privileges would be prevented from saving any changes made *back to the original* file. But once it's in local memory, there's nothing to keep the user from saving the information any damn place the local machine has the hardware to accommodate. This would be true on both Unix or MS. In his chats with Lamo, Manning focused on a slightly different aspect of what you are talking about; the lack of physical controls in place at the operational level and a lack of proactive security monitoring of the data network. He pretty much nails the biggest hole in that respect IMO.

But you ultimately get to a crux of difficulty with data technologies. The whole power of the distributed database is that people across the organization have instant access to the entire pool of knowledge - typically sorted and queried in a fashion relevant to their tasks. None of this leaked stuff is in the "need to know" category. "Secret" is a pretty huge category and "Classified" is even larger. Some of it is tagged not to be shared with foreign nationals but it's ops level stuff. In order for the system to actually work, any one with the specified clearance level *has* to be able to access the data pool. It appears that what a lot of analysts do is perform specialized queries on these databases when requested by superiors. It's a solid idea technologically speaking ... but by it's nature it kind of requires a vast number of people accessing on a read-only nature and a huge number accessing on a read-write basis (the analyst doesn't do the data entry ... I *think* that is happening more or less directly from the field).

We don't actually know if all the information released by Wikileaks is from the same source so it's pretty difficult to know if they had access to stuff that was well above what their clearance allowed. Assange has said on several occasions things came in from several different places. That said, Manning's clearance and role likely would have allowed him to access the stuff we've seen so far. Military commanders have to decide how to deal with random civilian leaders from all over the place and really need to know what's going on when both military and diplomatic officials are are operating in the same place - I can see how giving DoD analysts access to the State data pool for prepping reports would be a real benefit.

I agree criticizing Wikileaks seems rather to be like shooting the messenger here. But I think the internal strife is far more systemic than just a data management/security problem (although we do seem to have one of those too). Ultimately there is a reason some people have taken to dumping internal data wholesale. Either we accept they are genuinely traitors and just want to destroy America or we have to ask ourselves why those who are leaking the information ended up deciding Wikileaks was the only place to turn.

In a sense this was not even

A Guy Called LULU — Sat, 04 Dec 2010 18:44:39 +0000

In reply to I didn't see a clear winner.

In a sense this was not even a debate as nobody presented a thesis which one defended and the other attacked. It was more a broad conversation in which each party discussed and expressed opinions about Wikileaks and Assange ranging from right and wrong, effectiveness, legaliy, responsibility, and potential harm versus benefit. and those opinions were sometimes the same and sometimes very different.
From Wikipedia:

"Though logical consistency, factual accuracy and some degree of emotional appeal to the audience are important elements of the art of persuasion, in debating, one side often prevails over the other side by presenting a superior "context" and/or framework of the issue, which is far more subtle and strategic."

This is where I judge that Greenwald did a much better job than Steven Aftergood.

I ran into this at wired.com

we are stardust — Sat, 04 Dec 2010 17:23:46 +0000

In reply to I've seen both types in

I ran into this at wired.com while I was looking for something else, and pardon me if this has been discussed on this thread already. Paulson says a lot of missteps by Assange's folks could have been avoided easily, and he posits that maybe they're not as tech savvy as they think. (I understand not one jot of it.)

http://www.wired.com/threatlevel/2010/12/wikileaks-domain/

never argue with a fool,

Atheist — Sat, 04 Dec 2010 16:22:32 +0000

In reply to I've seen both types in

never argue with a fool, especially once he's been certified.

If I were DD… (especially for those of us who understand the context)

I've seen both types in

Beetlejuice — Sat, 04 Dec 2010 16:08:53 +0000

In reply to It has changed, and for the

I've seen both types in action. Unix Sys Admins are hard-core computer scientist types and know the language and hardware inside and out. Whereas, Windows Sys Admins are bootcamp specialist willing to fork out lots of $$$ for a simple certification that says they know what their doing. I had many discussions with certified guru's and noted they rely upon their training rather than read the documentation. For instance, Cisco switches and 3Comm NICs were incompatible so the switch and NIC needed to be hardwired with matching speed and duplex. However, the Microsoft Certified Engineer running the PC shop refused to listen or read the documentation because he learned in bootcamp they should always set the NIC to auto negotiate...never argue with a fool, especially once he's been certified.

Happy to oblige.

A Guy Called LULU — Sat, 04 Dec 2010 15:56:43 +0000

In reply to Lulu, I wonder if you might

Happy to oblige.

That's were the breakdown

Beetlejuice — Sat, 04 Dec 2010 15:55:14 +0000

In reply to To extend the Unix metaphor

That's were the breakdown was...they didn't take the time or make the effort to catalog the info then establish a need-to-know criteria for users to establish who is or is not authorized to view, copy and edit. One would think as sensitive as the info seems to appear by the way the government is reacting they would have gone the extra mile to safeguard access. So it's not the leaker who is the criminal, but the victim themselves for not taking care their info was secure and on a need-to-know basis with credible and trustworthy users. That's why all the noise being manufactured is dingy...it's all for the wrong reasons and serves no useful purpose...the government will not tackle upgrading their access methods cause WikiLeaks is the public's enemy now.

What Stardust said.

Atheist — Sat, 04 Dec 2010 15:48:33 +0000

In reply to This short article is

What Stardust said.

Lulu, I wonder if you might

we are stardust — Sat, 04 Dec 2010 15:46:45 +0000

In reply to This short article is

Lulu, I wonder if you might be enticed to hit the font-size drop down menu and hit #3, (12 pt) before composing. Man; that default font is hard to see...

This short article is

A Guy Called LULU — Sat, 04 Dec 2010 15:39:00 +0000

In reply to Not to mention his attorney

This short article is interesting. To me it is filled with darkly humorous ironic hypocrisy. An intelligence "source" leaks NSA findings, presumably everything from the NSA is classified, to "The Daily Beast".

http://warincontext.org/2010/12/03/moscows-bid-to-blow-up-wikileaks/

The source implies that the U.S. would not do anything underhanded. No, not us, who would even think it, but those Russkies? They play by different rules and they are outraged. They might do something dirty.
Is the leak a heads up to Assange so he will keep his head down? I doubt it. So, what might have been the reason for this information to be released? To get an early start at deflecting blame in case our good=guys get the chance to pop Assange? No, that sounds too conspiratorial. That couldn't be it.