
Scholarship, Security and ‘Spillage’ on Campus - chmaynard
https://medium.com/@tcfdotorg/scholarship-security-and-spillage-on-campus-15aa8fb8f38
======
secabeen
This is why the University of California has a prohibition on classified
research at the ten UC campuses. All classified UC research is undertaken at
one of the National Laboratories administered by UC or Scripps, and even then
only at the Secret Level, not Top Secret. I think that's a good policy, as it
protects researchers and staff from impacts of this nature:
[http://www.ucop.edu/research-policy-analysis-
coordination/re...](http://www.ucop.edu/research-policy-analysis-
coordination/resources-tools/contract-and-grant-manual/chapter20/index.html)

~~~
OopsCriticality
That's hardly a portable solution considering that California has 4 National
Labs when most states are lucky if they have even one.

~~~
secabeen
The solution of just not performing research on classified subjects is. Any of
these institutions could not compete for those contracts. UC chooses to do
that with Top Secret contracts.

------
mindslight
Some thoughts:

1\. This kind of government thug behavior on a college campus is immediately
counterintuitive, but makes complete sense after you think about it. All that
DARPA money goes _somewhere_. It's a bit like being _shocked_ that Ma Bell
would be an integral arm of state security.

2\. This story should be shouted far and wide so that people attending these
type of talks will record them on their phones. Make this corruption of our
institutions openly apparent, rather than isolated rare incidents easily
written off. Make it known that the surveillance-collaborators are not
appreciated in the least. These moles won't even return phone calls because
they know what they did is indefensible with anything other than "policy".

3\. I wonder about running a DoS attack on universities with such agreements,
either to make NSA etc have to issue formal declassification of the public
documents (unlikely), or to force the colleges to reconsider their agreements
(and therefore their research foci). Imagine "I guess we have to destroy every
computer in _this_ lab too. And the network switches. And the Internet router,
again".

~~~
rubidium
" I wonder about running a DoS attack on universities with such agreements"

No. Just stop. You'd be messing up the lives of grad students and network
admins by taking such actions. Get off your keister and out from script-kiddie
land and do some direct action protests against the administration if you care
so much. They're the one's making/enforcing policy.

~~~
mindslight
I'd think the people who actually destroyed perfectly good systems would be
the ones doing the interfering.

If it wasn't clear (as you're calling me a "script-kiddie"), I'm talking about
people physically going to these computers, viewing the voyeurs' precious
trove, and then attesting "I read this on this machine" to the university
administration. This sure seems like a direct action protest to me.

As for [marching] protests - yeah I went to one of those once. It doesn't make
much sense to merely volunteer to be kicking fodder for police horses.

(edit: apparently people really don't understand that "denial of service" is a
generically applicable term. sheesh)

~~~
cinquemb
> _As for [marching] protests - yeah I went to one of those once. It doesn 't
> make much sense to merely volunteer to be kicking fodder for police horses._

I find it some what comical when people have a knee jerk reaction and advocate
to others that the best™ way to protest is to do it in a way that that an
institution/state is best prepared to deal with and puts the individual
against forces that are completely asymmetrical in such domain…

------
epberry
People were discussing this in the ECE labs and in student government today. I
think the consensus is that the administration overreacted but that they were
kind of stuck between a rock and a hard place with academic free speech vs.
compliance.

In general Purdue does seem to have more of a government and conservative bend
to it than other colleges so I'm not surprised that the speaker was called out
about the currently classified material on his slides.

Also whoever was saying they were considering DoSing schools.. please don't.
My compiler is not going to turn itself in :).

------
devit
Imagine if the same security practices involving the government's classified
information were applied to the citizens' classified (aka private)
information.

------
zeveb
The university did exactly what it should do. The fault lies entirely with the
author: he had absolutely no right to disclose information whose disclosure
will cause exceptionally grave damage to the national security of the United
States (he has not, apparently, signed an NDA, so his behaviour may not be
illegal; that it is legal does not make it right).

Top Secret information is not something to be used to make one seem wittier
than one is; it's not something to display as a gag. It's a deadly serious
matter.

Yes, I'm aware that a lot of folks are concerned about over-classification
(that's a legitimate concern, but perhaps overblown; few in the public are
aware that over-classification is as contrary to policy as under-
classification). That's not really relevant, though: over-classified or not,
that information is…still classified.

And I'm aware that many folks are concerned about the legality of certain
programmes. They have every right to be concerned, but absolutely no right to
examine those programmes for themselves, nor to disclose information about
those programmes to unauthorised parties. A few seconds' thought will indicate
why: sure, _you_ may be a patriotic American justly concerned for your
Constitutional rights, and if _you_ examined a programme's details and found
it to be legal, you'd never reveal it; but _some other person_ may be an agent
of a foreign state, and not care one but about whether something is legal or
not, and immediately disclose it regardless. In the real world, secrets are
necessary, and the essential thing about secrets is that they be…secret. One
has to trust those who _are_ authorised to examine the legality of such
programmes. And of course, one must hold accountable those who abuse that
trust. And of course one must also be humble enough to admit that one might be
wrong about issues of legality, constitutionality and morality. Speaking of
humility:

> By way of example, I mentioned that the NSA, CIA, and Office of the Director
> of National Intelligence “have steadfastly refused to give me a secure
> channel to communicate with them” about the Snowden leaks.

Who does this guy think he is?!? The Queen of England has steadfastly refused
to send a courier to exchange secret keys with me so that she and I can
discuss Battlestar Galactica—or at least, I imagine she would if I were so
full of myself that I importuned her to do so. It's simply, literally, none of
his business.

This guy disclosed information he literally had no right to disclose; he
expects that people should be glad to discuss with him things which are
literally none of his business; and he finds it remarkable that people who
_do_ have the right to work with that kind of information are doing what they
are required to do?

~~~
lumpypua
> it's not something to display as a gag. It's a deadly serious matter.

When you say this without consideration of the context, it makes you look very
detached from reality. The pictures he showed were all over the internet. FTA:

 _This was, I think, a rather devout reading of the rules. (Taken literally,
the rules say Purdue should also have notified the FBI. I do not know whether
that happened.) A more experienced legal and security team might have taken a
deep breath and applied the official guidance to “realistically consider the
potential harm that may result from compromise of spilled information.”_

 _Or perhaps not. Yes, the images I displayed had been viewed already by
millions of people online..._

Any time I read national security paranoia regarding Snowden's leaks, all I
can think of are quotes from Team America. "From what I.N.T.E.L.L.I.G.N.C.E
has gathered, it would be 9/11 times 100."

~~~
retbull
900/11 = 81 + 9/11 I am OK with this.

