

How could Bradley Manning alone have leaked so much classified material? - yread
http://nationaljournal.com/whitehouse/wikileaks-one-analyst-so-many-documents-20101129

======
niels_olson
> In wartime, the number of young, fresh-out-of-school analysts granted
> security clearances skyrockets as demand for intelligence increases
> exponentially.

The rest of the article is trivial details, but this is a huge, gapping,
recurring problem. As a former SIPRNet user, this always struck me as the most
bizarre situation: why are we giving higher-level access to 18 year-olds than,
often, mid-grade officers? Sure, we got whatever tactical intel we needed, but
where's the sanity check on the other side of the transaction?

My personal thought is that the crypto ratings should start at E-5 (mid-grade
enlisted), and only be open to folks cross-rating from another specialty
(welder, mess cook, infantry, whatever) who have proven a certain degree of
loyalty over time. Any psychiatric types care to weigh in?

~~~
fname
Agreed.

Though, you have to remember that the method used to determine eligibility for
clearance relies heavily on past criminal activities, past drug use and
past/current financial activities. All of which should be very minimal for an
18 year old fresh out of boot.

~~~
rdl
Plus, you're not even allowed to ask questions about any activities before he
turned 18. This is insane.

I think the DoD needs to create more systems where people can worth with
classified data without having wholesale access to classified data. A lot of
those controls go away during war, and a lot of internal need to know controls
also prevent "synergy" or "serendipity" etc., so it's always a compromise.

------
yread
Unbelievable the primary storage for all the secret documents is Outlook's PST
of all things!

~~~
cypherpunks01
Ha, I'm a bit less surprised than you :)

Microsoft's crappy products are widely used in the corporate world, and are a
massive PITA to migrate away from. For such a huge system like the military's,
I'm sure a microsoft salesperson convinced some less-than-well-informed
military purchaser to store their data in an arbitrary secret microsoft format
many years ago, and things were just never changed.

~~~
ergo98
Not sure what value the derogatory comments about Microsoft brings. Exporting
data from a PST is trivial, whether using the supplied tools or using script
access. They obviously use PSTs because somehow it works for them.

~~~
xxpor
No, clearly it doesn't.

~~~
ergo98
Just to be clear, they knowingly granted him full access to all of this data
(ergo, all of these PSTs). This falls completely under the auspices of "user
error", and PST is no more to blame than if they granted administrator access
to every user.

This is a boring argument that only takes place because people can throw down
the tired, unsupported "damn that Microsoft!" card. Sorry, but the reality is
more correctly "Damn the intelligence community and inept safeguards and data
controls."

------
rbranson
It sounds like the biggest impact WikiLeaks has had is to help INCREASE our
homeland security by exposing these gaping security holes in the defense
information networks. The information leaked to WikiLeaks is pedestrian
compared to what COULD and probably IS leaking to people who could use it to
do bad things.

------
gwern
> So how did Manning allegedly manage to get access to the diplomatic cables?
> They’re transmitted via e-mail in PDF form on a State Department network
> called ClassNet, but they’re stored in PST form on servers and are
> searchable. If Manning’s unit needed to know whether Iranian proxies had
> acquired some new weapon, the information might be contained within a
> diplomatic cable. All any analyst has to do is to download a PST file with
> the cables, unpack them, SNAP them up or down to a computer that is capable
> of interacting with a thumb drive or a burnable CD, and then erase the
> server logs that would have provided investigators with a road map of the
> analyst's activities. But analysts routinely download and access large
> files, so such behavior would not have been seen as unusual.

That sounds surprisingly involved to me.

------
ceejayoz
The article says Manning had a Top Secret clearance, but everything released
thus far has topped out at Secret.

Perhaps the mysterious insurance .torrent has the Top Secret stuff?

~~~
rdl
It's also possible there were more effective controls on JWICS (TS/SCI) vs.
SIPRnet and various portals, so he had less wholesale access to download TS
data.

Also, TS+ information from Iraq/Afghanistan is probably actually less
interesting to the public than S information -- it would be primarily about
counterintelligence, rescuing hostages, signals intelligence, certain HUMINT
(i.e. infiltration, James Bond spy shit, etc.), certain task forces going
after actual al qaeda guys, etc., none of which would cause moral outrage. In
a war zone, S is basically anything operational at all, so you get a good
overview of how things are going.

------
bigwally
The entire "Leak" isn't exactly that bad. In some ways it almost looks like it
was deliberate. Most of the stuff leaked so far isn't that different from what
you hear talking to different consular people.

I can't see Hillary Clinton falling on her sword over this.

