The mental gymnastics involved in having a high security clearance. 260 points by pavel_lishin on Nov 30, 2011 | hide | past | web | favorite | 150 comments

 I used to be in the intelligence field, and I held a top secret SCI clearance for about five years.What most people don't realize about classified information is that it's not the information itself that's so sensitive; it's the means via which such information is acquired that must be protected. If this were not so, targets could simply sidestep our intelligence collection vectors.I rarely dealt with any classified information that was interesting or surprising. It's mostly stuff you would expect. The technologies and methods used to acquire a piece of intelligence were always more interesting than the intelligence itself.
 You don’t even need that much justification.http://www.samefacts.com/2002/12/secrecy-in-government/shhhh...[quote]When I was young and irresponsible, I worked for the Justice Department, analyzing drug policy. In that capacity, I was put through the full security mumbo-jumbo and received a Top Secret clearance and, on top of that, clearances for various very highly taboo Codeword categories.... Having been cleared, what did I learn that it would then have been a felony for me to reveal? Nothing that would have helped the Russkis or the narco-bad-guys. But I did learn the names of assorted corrupt high-level officials in various of the Carribean banking havens Jeff MacNelly once lampooned as “Rinky-Dink and Tabasco.” No elaborate spying had been required to learn the names; apparently it was routine cafe gossip in the countries involved. So why, I asked, is this material classified? Not that I had any desire to reveal it, but I was curious.The senior security guy in the Criminal Division set me straight: Yes, everyone knew that the Rinky-Dink-and-Tabascanese Finance Minister, or Central Bank president, or whatever it was, was crookeder than a dog’s hind leg. He knew, we knew, the Prime Minister knew, the Prime Minister knew we knew, we knew he knew we knew, ad infinitum. Maybe the Rinky-Dink-and-Tabascanese voters didn’t know; that was their lookout.But it was our policy to make nice to Rinky-Dink and Tabasco (honest, I forget which contrylet we were talking about). If it were revealed publicly that the US Government had knowledge that Mr. So-and-so was on the take, that would embarrass the Rinky-Dink-and-Tabascanese government, thus impeding U.S. foreign policy. Ergo, properly classified.[unquote]
 This is a great, relevant quote.It generalizes my original point better than I did: with classified material, the secrecy is always because of the how, not the what.
 Well in this case it seems to be more of the "why". The information was easily obtained, the information was known in the country of origin. What was not admissible is for everyone to know that US govt. knows about the information.
 That's not secrecy to protect national security, that's secrecy to protect corruption and oppress citizens.
 It's not clear to me that "impeding U.S. foreign policy" is a bad thing in this case.
 I had a "Secret" clearance twice upon a time. Absolutely nothing I saw while I had that clearance was of the slightest interest. In fact, everything that I knew that was classified ended up appearing in Aviation Week. And no, I wasn't the leaker.But I regard that as a symptom of over-classification, and speaks directly to the "fifteen or twenty" clearances Kissinger was about to get that were above a Top Secret.Ultimately, there's only a few "national security" secrets, but there's mega boatloads of career-ending blunders, minor and major wastes of time and money, graft and corruption. Over-classification and compartmentalization solves all of those problems by covering them up.
 The reason for so many different levels of classification isn't "this is more sensitive than Top Secret, and this is more sensitive than that, and THIS is even MORE sensitive, etc etc."It's about compartmentalization - a guy who works intel in Iraq doesn't need to know about North Korean intel collection techniques, so it's classified differently and compartmentalized.
 Is that a good example?You may not need to know about the data collected in another compartment/agency but it would be useful to at least know how they are collecting data because you can then refine your own techniques.
 Actually no. There is a trade-off there. Compartmentalization implies duplication of work and waste but it protects against one compromised person leaking a whole lot of information.Imagine that North Koreans promised $2m to the Korean Intel Dept. employee to reveal their secrets. If the secrets and methodology is the same and shared as he Iraq Intel methodology that one person can cripple our the whole intelligence apparatus worldwide.  The flip side of that is that if a hostile power penetrates your network in one context and finds that you employ global clearance standards, the antagonist can roll up or contaminate your intelligence networks on a global scale.  I thought I read somewhere once that it was a violation of security procedures to reveal your security clearance level (unless it was in doing your job to access information). Is it ok to mention you used to hold a top secret SCI after the fact?  If you weren't allowed to mention the fact that you have one, then nobody would ever be able to apply for a government contracted job.What the government doesn't want is people going out to a club and getting hammered and then telling a bunch of strangers that you have a clearance because it makes you a target in a situation where you are already vulnerable.The funny thing is, a clearance doesn't give you a need to know. From my experience the overwhelming majority of people with a Top Secret clearance don't have access to anything that is even remotely interesting.  There is no formal guidance (that I'm aware of) about revealing a secret, top secret, Q, or L clearances, nor is there formal guidance on revealing that you are SCI eligible.Each SCI compartment and SAP has its own unique rules about what you can and cannot reveal (some SCI compartments mere existence is classified at the SCI level itself, meaning you can't say you hold that clearance to anyone who doesn't hold that clearance, for example).Each SCI compartment also comes with it's own unique rules about when you can or cannot talk about what you learned or were cleared to access (most are probably lifetime NDAs).That said, it's pretty shitty opsec to tell someone, or the Interwebs, that you hold a specific clearance or do a specific job.  >you can't say you hold that clearance to anyone who doesn't hold that clearanceI assume that there's a secondary signal that can be disclosed that everyone who has clearance can recognize?  I'm not aware of one. In some cases, the information will just be disclosed, and you'll be forced to sign the paperwork and be 'read in' after the fact. As long as you have a legitimate need to know, that's fine.  Security procedures don't apply to you once you no longer have a clearance. Except for, of course, revealing the protected information until it is declassified.Yes, the security structure can seem a bit artificial at times, like: - During cleared professionals-only job fairs. - Leaving a cleared job and all of a sudden there are no reporting requirements or security procedures. It's as if the gov't refuses to acknowledge that sensitive info is still in your head.  Depends on the compartment...  You can say you have clearances, but you aren't supposed to talk about what level.When I was leaving the agency I worked for, I had to get what I wanted to write on my resume approved. They told me I had to remove my clearance level.  Not in general. Notice that our friend is a throwaway account.  I think what is not OK is revealing the specific code word of the compartment not the fact that a person has a top secret clearance in general.  Every compartment is entirely unique. For example:  What authority creates and polices an SCI clearance? Who makes the decision about whether and when to extend that clearance?  DCI in general, and it depends on the specific SCI compartment.  File a FOIA request and tell us what answer you get back.  Just to play up the intrigue, perhaps you don't know of the information or clearances being mentioned. ;) "...a person who didn't previously know they even existed."  > If this were not so, targets could simply sidestep our intelligence collection vectors.Sorry, could you explain this? I can't seem to put this together.  If the people we're gathering intelligence on (the "targets") knew how we are collecting that intelligence (the "vectors"), then they'd be able to avoid being spied on.  Also, sometimes the vectors themselves, if exposed, would cause diplomatic incidents -- human intelligence (spies), placed within a foreign government, or illegal means of collection (black bag job breakins, tapping undersea cables in national waters, ...).  Ah, so by "if this were not so" he meant "if they weren't protected"? I read it as "if they didn't have to be protected", which is why I was confused.  If you knew your phone was tapped, you could stop using it.  The article spoke distinctly of security clearances that you don't even know exist. You probably didn't have those.  Top Secret SCI ("secret compartmentalized information") isn't one clearance: each SCI has a codeword, and you get cleared individually for each one. That's probably what Ellsberg means by about to receive "15 or 20 special clearances", and what throwaway is referring to. It's not uncommon for TS-cleared individuals to be additionally cleared on at least one TS-SCI thing. Obviously codeword-classified information can vary in interestingness.  SCI is 'Sensitive' compartmentalized information, not 'secret'. SCI information can be SECRET or TOP SECRET (or, in theory, FOUO, although that would be weird).Not all SCI compartments are codeworded, some just have names or acronyms (e.g. HCS - HUMINT CONTROL SYSTEM [http://en.wikipedia.org/wiki/Sensitive_Compartmented_Informa...)As a Govt leader, rather than a working-class flub DOD employee, Ellsberg was probably referring to various SAP access that Kissinger was about to be read into. SCI is just one SAP (well, most people consider it as such, but the IC seems to disagree for legal basis reasons). This article is actually pretty good for once:  It doesn't even need to be top secret. There are "special access" projects at secret level as well.  It's likely referring to the SCI status - the point of SCI, over and above just Secret or Top Secret, is that you have different "compartments" (clearances) for different categories of information. A guy with SCI working for the DOE would see much different information than a guy working for the DOD, or the FAA. And it's much more granular than that. I don't know anything about how the SCI compartments are created, only that you can be cleared for one more many when you reach that point, though you'll never know the full gamut of which compartments exist or don't exist until you are cleared for each one.Thus, there are likely many clearances/compartments that a great many people don't know exist or don't exist. I suspect there isn't really anyone who knows what every compartment is.  One thing I've always wondered about was what the President's clearance consists of. Are there things he doesn't have access to? Does he know he doesn't have access? Can he see a list of every secret program, but perhaps not get details? Does he have totally unfettered access to everything the US does?Edit: the corollary is, "how many people have access to everything?" or alternatively, "if the president doesn't, does anyone have access to everything?"  Not being the President, this is purely speculation, but I would guess:There are many things the President probably does not have unfettered access to.There are many, many, many trainings and shit you go through that reinforce that seniority and superiority do not in themselves constitute the 'need to know' for classified information.There should NOT be someone who has access to everything, as the entire point of the compartmentalization is that no one breach can be used against everybody/everything. I have a suspicion that there are actually compartments which are mutually exclusive - if you're in Compartment X, you are, by definition, not allowed in Compartment Y, specifically for that segmentation reason.  There exist a number of "super users," I believe their role is to minimize redundancy of effort. Even if someone had access to everything, the amount of data generated far exceeds what one person can handle.  I'd imagine such super users get Name/Codeword/Purpose briefs to cross reference, rather than access to the information itself, as clearance to know is not a need to know.  I can think of two rationales for restricting the President's access to information.One is plausible deniability: there's no need to expose the president personally to every misdeed everyone working for the government may have committed. Yes, that's a cynical, realpolitik type of answer that really pisses off people on HN, but it's true.The other is simply that the President makes decisions at such a high level that low level information simply isn't helpful to him. The federal government is huge. The President can't function without hundreds of people who spend all day aggregating and summarizing information. This invests a lot of power in the aggregators and summarizers.  > I suspect there isn't really anyone who knows what every compartment is.Unless the process is completely decentralized, there must be someone approving new compartments. They probably know at least a little about each one.  The main constraint is budgetary authority; it's easier to create a new secret program than to fund it. Ultimately all funding authority comes from the US Congress, although there are layers of obfuscation.The ability to create new Special Access Programs is usually delegated to the level in an organization that actually does this routinely; definitely below Department level, above Combatant Command level.On the Army side, check out AR 380-381, and legally, 32cfr159a. Basically someone more operational creates it, and then gets approval from above, but the authority to create the program is closer to the action than the ability to finance it.They deconflict on names at one level, usually per department (e.g. Army, Navy). I think this is done by pre-assigning names in batches to be used. http://en.wikipedia.org/wiki/CIA_cryptonym is an interesting article.  Well, you have to keep in mind that compartments, from the way I understand them, are topical, or centered around the specific field they pertain to. Thus, the DOE and the DOD won't have the same compartments, and even the Army and the Navy won't have the same compartments.This is, I believe, one of the reasons that intelligence sharing between agencies and the armed forces is so difficult. Some intel is compartmentalized in places that are inaccessible to another branch or agency, and changing the classification level or compartment of information is an extraordinarily inconvenient process.The upside of this, however, is that we really do have a secure system for information  Once the authority to keep secrets has been delegated, it seems almost inconceivable that anybody would know all of them.  It seems to me that either someone knows about all the compartments, or there is a high likelihood of redundant and overlapping compartments being created accidentally. It probably is okay for one clearance to actually be represented as five or six because of bureaucracy (that's basically just denormalization, and product management systems deal with it all the time); the real problem is that project X might be half-covered by compartment A, and half by compartment B, and you just end up getting assigned both (thus exposing you to more classified material than you should know) because there's no one with enough oversight to create compartment C = A∩B, make A and B into A'=A-C and B'=B-C, and then just assign people A and C while leaving out B.Basically, imagine trying to do library science without being able to know what information you're managing. The classifications created would quickly become senseless and incoherent.  This is the United States Federal Government we're talking about here, remember.Holy crap is there every redundancy and overlap!  There's a flip side to this as well: as a voter, I don't know what information my elected leaders have when making decisions.In theory, with a small amount of secrecy needed to make diplomacy and security function, this makes sense. The problem is that it's not actually working in practice. There are so many un-elected people who have jobs for life and also the ability to classify broad swaths of information that the incentives are all set to increasing amounts of classified data. There's no correction mechanism. In theory, you'd have Congressmen aggressively using their oversight powers to correct the system. In practice, elected officials are mostly in for life (or as long as they choose) and are easily manipulated by the system. In fact, they don't want anything to do with making tough decisions. The more things are secret, the less they have to worry with those nagging voters giving their opinions about things. I read about intelligence oversight committees being told they don't have clearance to see things and it just blows my mind: our entire system of using force rests on civilian oversight. Thousands have died because civilians have made mistakes with information they've be given -- and that's the way it is supposed to work. Somehow we've forgotten all about this critical principle.As an example, I'll pick a topic where you guys can all call me fuzzy-headed: UFOs. I pick this topic because of its ludicrous nature. Heaven help me if I were to pick something that was diplomatically sensitive and start hammering on it. I've been studying sightings and evidence as a hobby for many years, and based on credible eye-witness testimony I'm comfortably convinced that the United States government knows a lot more about intermittent atmospheric phenomenon than they are letting on. Why? I don't know. Why not a little more openness? I don't know. What part of this information is being used by my elected officials to make decisions? Again, I don't know.This leaves the door open for all kinds of crazy speculation. It's an insane way for a democracy to treat its citizens. Yet this is just par for the course. All I did was pick a way-out example. Laugh off my UFO example if you wish, but for every thing like that there is a thousand other things that drive public policy -- and you and I will never know about them. Taken to this level, it is a very unstable way to maintain consent of the governed.Not only does it make it impossible for an elected official to take advice, it makes it impossible for voters to make reasoned and educated judgments about the actions of officials. Secrecy corrupts everything it touches. That's why it must be aggressively minimized.  Taken to this level, it is a very unstable way to maintain consent of the governed.Bingo. Even a radical anarcho-capitalist like me is grudgingly willing to accept a minimal amount of government, in the sense that Bastiat described it as no more than "the collective extension to our individual right to self defense." BUT... with a big caveat that said "government" must be accountable to "We The People" and must be subject to our oversight, supervision and - possibly - dismantling if it fails to serve the end it was organized for. But when this entity accumulates and hoards crucial information about the world we live in, it's removed itself from that oversight and supervision.This is the same reason why - despite the fact that I generally don't advocate "black hat" hacking - I don't really have a problem with people hacking government systems and releasing information contained therein, and why I generally support Bradley Manning. We need to know what our government is doing and how/why it's justifying those decisions, in order to maintain the feeling that the government is serving us.Not only does it make it impossible for an elected official to take advice, it makes it impossible for voters to make reasoned and educated judgments about the actions of officials. Secrecy corrupts everything it touches. That's why it must be aggressively minimized.This.  Not only does it make it impossible for an elected official to take advice, it makes it impossible for voters to make reasoned and educated judgments about the actions of officials.You know, here in San Francisco they put out a thick pamphlet every election with the full legal text of all statewide and city ballot initiatives, using typography to also show how the existing legislative language would changed or deleted if the ballot initiative were to pass.I am the only person I know who sits down and reads them all every election cycle. I'm sure there must be others, but most people vote based on soundbites - and they might be making a more efficient use of their time than I do. economists refer to this as 'rational ignorance,' where the cost of educating oneself on a topic exceeds the value of the knowledge gained as a result.Some people favor minarchy or isocracy; I used to, but have changed my mind. Call me paternalist, but I'd rather have a technocratic government, or maybe even a gnostocracy.  Even with that information, you still have nowhere near enough information to understand how the new laws will impact you. You have to understand who the major players are and how it will impact them. How have courts interpreted similar statements? Is this law being used as a wedge to affect other laws or voting patterns? I'm not saying don't read them, but you'll only catch really obvious or frivolous stuff that way unless you understand the ecosystem. Code ain't written in a vacuum either.  I don't disagree with your fundamental point, but I think you misunderstand how things become classified. It's always eithera) due to how the information was collectedb) something derived (citing) a piece of classified information.So a special collection platform may collect material at some high level of classification, anything that references that information (it could be 100,000 reports) are also all classified at that level automatically.It's just how the system works not individual politicians stamping individual pieces of information as classified.  It's not politicians certainly, but it's often unaccountable bureaucrats stamping something classified for questionable reasons. The conventional wisdom is that nobody ever got fired for classifying data, and the administration may classify a lot of information that is simply embarrassing.The Intellligence Squared US podcast did a nice job of covering both sides of this issue in their June 8th, 2011 podcast on freedom of the press: http://intelligencesquaredus.org/index.php/past-debates/  You actually can't handle classified data, or derive something from classified data, that doesn't automatically classify the derived work (a report, or some such) at at least the same level. To not do that risks releasing the information and you can actually end up in prison over it, or at the very least lose your job.So in 99% of the cases it's not like you make a decision to "classify" something. It is by its nature classified.Think of it this way. You have a friend that tells you via email a secret. This secret can only be known between you and your friend. For example, you are arranging a surprise party for a third friend.Using this knowledge it is your job to get a birthday cake that has the person's name and age (and a decoration) on it. But the only baker in town is also friends with the birthday friend. You don't want to risk the baker leaking the surprise of the cake to your friend. So you decide to buy a blank cake, and decorate it yourself.This cake is also classified at the same level of the original information (Classified//only between you and your friend). Because it is derived from the knowledge of the birthday party email).Now your friend prints off decorations with some party specific information, say a sign or some streamers or something. Those are also classified at the same level.Suppose there are some other odds and ends that are a result of this email and the party plans. Say a "making of video" for the party etc.Now let's say you also hire a clown for the party. You only provide the clown the time and place to come and perform, not any other details. Because the clown isn't in on the original secret, the arrangements for the clown and the various transaction documents pertaining to it are at a lower classification level. You might still not want the birthday friend to know that somebody he knows hired a clown on his birthday (a convenient coincidence) so you swear the clown to secrecy.Even if it gets out and the birthday friend asks the clown directly, the clown has plausible dependability and doesn't know why he was hired, only that he was. So it's not good that your friend finds out, but it doesn't entirely screw up the surprise.I'm stretching the analogy a bit, but hopefully that makes it clear how knowledge of single piece of information (the email that established the surprise party) can end up producing so many classified documents and how that process happens.  Is it reasonable for everyone to have access to everything? Taking your UFO example, what if the military had information about unknown objects - could these just as easily be foreign drones with advanced technology? In which case, it's arguably in the interest of national security to hold certain things close to the vest. If the President immediately announced that something unknown was spotted, a potential invader could nimbly push to plan B or re-allocate resources toward better cloaking technology.Secrets are a competitive advantage - conversely, having competing countries (in terms of economics just as much as defense) know exactly what we know would be a terrible disadvantage.  As a government you'd probably want some insane theories floating around so you can hide the less insane but real secrets inbetween - after all, conspiration theorists are rarely taken serious.An example in the UFO case: You tested your new amazing stealth plane, but something went wrong and there are reports. However, if they fit the common UFO sighting tropes, chances are the whole issue is ignored/misinterpreted, leaving the secrets you want to stay hidden.  >There's a flip side to this as well: as a voter, I don't know what information my elected leaders have when making decisions.I once had a discussion with an Air Force officer who was involved with Homeland Security planning. I made points about warrantless wiretapping and other 4th amendment violations by DHS and TSA. He just shrugged and said I would probably feel differently if I knew all the things they had prevented. I said "Absolutely, tell me. Let me make an informed decision about whether DHS should exist or not".He just shook his head and changed the subject. So much for an informed electorate.  I just imagined a DEA agent saying "if you only knew" regarding drugs. There are limits to the trust we can put in government officials.  It gets even worse when you start to think that this information is probably also used to achieve a political ends to a means. By that I mean, those in charge of classifying things, know who has what classification, and should they play favorites or the opposite therof for anyone in their bureaucracy, information will lay hidden to all, just to keep it away from a few, solely for personal gain.  I think you have a fundamental misunderstanding about how things become classified.see previous comment here http://news.ycombinator.com/item?id=3298594Keep in mind that there are probably north of 1 in 150 Americans with current access to classified material. It's a huge number and just because you aren't in the club doesn't mean it's really all that hard to get in. Get a job that gets you a clearance and you can see what's on the other side of the curtain. Believe it or not, it's amazingly mundane.  This comment is a little misleading; clearances don't give you unfettered access to classified information, they only allow you to receive whatever information you have a "need to know". A security clearance alone doesn't give you access to anything, it just tells the government you've had a background check and could potentially be trusted with certain information.  Well...it can be conflicting. At the Secret level, you tend to have access to much wider ranging information than in a SAP. A person working Intelligence in Japan for example, might also have access to information about Lithuania at that level. In fact, they probably do.At TS it starts to get more restricted. You have more ability to request access to things outside your general area, but you may/may not get approved.In the Compartments, my experience has been they are surprisingly global in nature, but focused in content. Meaning I can pretty much get that "kind" of information for any place on the planet, but it's only that "kind" of information. There's some exceptions, but not many.SAP programs tend to be where it gets very focused. Often because they represent information only collected in your area using only a specific means. So there isn't a global collection of that kind of data -- well, there might be, but you aren't in all of the SAP programs to try and figure it out.  Well this is certainly only partly true. The difference between a generic Secret clearance and the level of clearance talked about in the article is probably bigger than the difference between having a secret clearance and not having one at all. I got my first secret clearance in a month or so, with the interim clearance coming in only a couple of weeks. Hardly anything that would be considered "oh cool!" is labelled Secret. Once you get to the up levels of clearances you start to have a harder and harder time getting and keeping that clearance. You make it sound easy, when in fact it isn't. I was on a small team and a surprisingly large percentage of people we tried to bring onto the team got their request for clearance denied. If you are trying to get a TS/SCI clearance and have a foreign born wife, or too much debt, or a gambling problem, or you used drugs and didn't announce that on your form, or you were completely sketched out on the polygraph, boom, no clearance for you (obviously those are just examples, not set in stone).Also, once at the TS/SCI level and above everything in compartmentalized. It isn't as if you get the clearance, get some password to some digital book of secrets and all of a sudden you know what really went down at Area 51.  I'm actually surprised by this. I work with a ton of people with foreign born wives (many not even green carded yet) -- soldiers tend to marry where they are first stationed.Also, I work with plenty of people with TS/SCIs who have used drugs in the past.The key is just being honest with the investigators.You are right that people with too much debt, gambling problems, current drug use, etc. don't get one. But that makes sense. I've worked with some pretty sketchy characters though and they didn't have a problem getting or keeping there clearances.I don't think I've ever personally known somebody who had theirs denied, I've known one person who had their taken from them for doing some questionable things.  It could have been the particular agency that was doing the clearance in my case. With a military customer, I saw less issues, but with the customer I was referring to in my previous post, there were lots of denials. I think the location of foreign born wives is important in this case. The few cases I saw were countries we don't have good intelligence relationships with, in asia and the middle east.  Yes, close personal contacts with people from unfriendly countries can be a problem. However, I do know people with clearances who are from several countries the U.S. is not particularly friendly with.Quite often it could be that the investigator could not ascertain the relationships on the wife's side and/or they don't have a citizenship yet.  So 1 in 150 Americans have the high levels of clearance talked about in this article?  No, classified at some level.  Right. As to specific compartments and SAPs, I wouldn't have any idea what the number is (by design).I've worked on SAP programs that had 3 people on them. Some of the larger compartments probably have hundreds of thousands read into them.  Here's a case of someone using double-secret information to play the market:http://www.slate.com/articles/business/the_dismal_science/20...I bet this sort of thing happens all the time.  > In theory, with a small amount of secrecy needed to make diplomacy and security function, this makes sense.It does not make sense to me. Perhaps you could explain to me how you reached this conclusion?  More mundane than protecting secret codes and espionage, I think there's a strong argument for keeping the private conversations between the representatives of two governments confidential. Much as my conversations with my close friends would be very different if I knew the contents would be published in the New York Times today, to have functioning relationships governments need to know that some level of confidentiality will be kept when requested.That said, over-classification is definitely a problem, particularly if done with domestic political considerations in mind. Even worse can be selective declassification, when the public is presented with a few bits of intelligence that present only part of the story and may lead to conclusions very different than had the full picture been presented (i.e. 2003 Iraq War run-up).  > to have functioning relationships governments need to know that some level of confidentiality will be kept when requested.To have relationships that function the exact same way they do now. It's clear that things would be different. It's probably true that things would be harder for people in those roles. It's not at all clear that things would be worse for those outside of government, which is the real question of whether it is desirable.  What part doesn't make sense? An example from WWII was when the Allies cracked the enigma code. Obviously the intelligence value goes down if the British brag about it to all the voters and the Germans stop using it.  In that case, why not brag about cracking some code that's just too hard to crack? Make the enemy question the value of a difficult code, and put them through the expense of replacing code books, cypher machines, or at least changing out all public keys.You'd have to come up with something you could leak to prove that the code was broken, I suppose. But what about bragging about a code you've broken pretty thoroughly, and then giving really shoddy evidence that only arguably proves you've broken it? Sort of the opposite of Cryptonomicon's Unit 2702. You might make the enemy snort in derision, and believe that the cypher in question was still secure.Do that a few times, and then suddenly reveal a lot of stuff that could only have come from one of the bragged-about-in-a-shoddy-fashion cyphers. Now all cyphers, especially the one's not bragged about come under suspicion.Wow, this is a fun game!  I've answered this elsewhere already, but spin the question around: Could you explain how it doesn't make sense to you? It seems obvious on its face to anybody who's ever withheld any information from anybody else.  If anyone has seen the comedy series "Yes, Prime Minister", they'll often understand how a leader can be manipulated by his mandarins through selective disclosure of uncorroborated information, present consequences couched in politically unacceptable terms, force the hand by setting the agenda.This is especially true if dissenting opinion is filtered before it gets handed to the President etc.I apologize if the following sounds a little leftist. I only intend to make a point about how mistakes come to be made, and what governments may need to do to arrive at better decisions:Over in Australia, an ASIO analyst chose to resign rather than see Australia join the Iraq war on the basis of WMD pretexts. (Andrew Wilke is now a Member of Parliament).The trillion dollar mistake US made was due to influencers being able to feed super-classified information to the willingly gullible people.It is not easy for a President to call bullshit. I believe the reason is because there isn't sufficient accountability that is built into the system. In days past, members of the royalty are expected to fight in wars. Even during Roman days, only landowners could join the army. The appearance of the professional soldiers lowered the personal risk of the people in power who rush into war.The Chinese emperors surrounded themselves with eunuchs thinking that the absence of offspring give some assurance that these people will be less biased, but it didn't work out that well. Influence is still peddled, particularly because power itself is very addictive on its own.Some cultures resort to shamans to try to get an outcome that is independent of any one person's viewpoint. The most interesting one that I came across is the use of ibogaine, where people have a "spiritual" moment, where they see the big picture instead of worrying about themselves.For a complex society to survive and transcend humanity's limitations, we may need to create a supermind. Some elements of this already exist. One is the idea of "opensource intelligence" that can be used to corroborate otherwise secret accounts.  Here's an example of Bill Clinton, as President, calling bullshit in 1995. A while back, Pakistan had paid a lot of money to buy 28 F-16 fighters, but that sale was voided by the US Government because of Pakistan's efforts to develop nuclear weapons. However, since the planes had been built, and the money spent, the Pakistanis couldn't have their money back, either.The State Dept. bureaucracy had already been mobilized to defend this decision and had so indicated at various levels to their Pakistani counterparts. Clinton, of course, was briefed on this decision and expected to go along. This was US policy, after all.Instead, Clinton told the Pakistani prime minister that it was wrong for the US to keep the money and that he would find a way to resolve it.http://auphr.org/index.php?option=com_content&view=artic...I note this because, according to the author of the piece linked, it almost never happens, even when, as in this case, the information involved is largely unclassified. So when decisions rely on classified information, percolated through the policy apparatus, it's surely much worse.  Is there any evidence that the Iraq War was anything but intentional by the President? Secrecy was used to mislead the public, but the entire Administration was hired based on their commitment to finish GHW Bush's war.  Well, Clinton initially spoke out in support of Bush, saying that he had also though that Iraq had WMDs.  I have no opinion regarding your post itself, but I'd like to point out that a comedy series is not evidence of anything.  He's not presenting it as evidence, but saying that it can help to illustrate a pattern of behavior. There's still the larger, more important task of showing that that pattern of behavior exists in the world, but this allows exemplars of this pattern of behavior to be internalized. The internalization process is obviously dangerous, but ultimately I'm not smart enough to make rational judgments on most things, so I need to rely upon intuitive understandings of things.(Though one could argue that stuff like this : http://www.youtube.com/watch?v=oLhFXkvugLM&feature=youtu... can be used as evidence of showing how leading language can work, if you can feel your own opinion being swayed, as Bernard talks. The extent to which one can rely upon one's own feelings of their opinions is another matter... but it's a stab in the right direction.)  It is when it is written by political scientists who attended university with the politicians they later wrote the comedy about, interviewed serving politicians while posing as a think tank to gather info, took advice from other former executive politicians, and secretly consulted high-ranking civil servants for plot ideas, and lifted whole plots from people's then-unpublished memoirs.Yes Minister is not a normal comedy series. It is bordering on a documentary.  I'm only trying to figure how Chalabi managed to fool the entire US intelligence machinery into invading Iraq, and the only logical conclusion is he couldn't. Facts were being created by the hawks and these people decides on who gets access to the President.  As far as I am aware, the decision making process started with a desire to invade Iraq and then once it was decided to do this any evidence that could justify this decision was collected and circulated (even if it came from someone who was known to be delusional).Even worse, the UK government knew that there weren't good reasons to invade Iraq, but went along with it simply to keep in with the United States.  I didn't think GWB himself was a neocon, although he was surrounded by a few.  I wonder if any game theorists have thought about whether a country with no secrets could be militarily stronger.It's similar to the Linux vs Windows debate: at first glance it seems ludicrous that an open source OS could be more secure than a closed source OS. But with enough eyes and enthusiasts, all problems are quickly fixed.A small inner-circle who have access to the inner workings may find it hard to compete when their competitor has the whole world helping debug and fix the system, including the goodwill associated with that.  Sure they have. IANA game theorist, but I think the conclusion is that some secrets are good, but the paramaters should generally be communicated.You didn't want to let the USSR know how many nukes you had (or they could come up with a stronger first strike plan). But you wanted them to know roughly how many, so they knew not to overreact (and build a massive deterrent to an overstated threat), or under-react (and get too cocky).There's also value in giving biased paramaters - the President is mad, and you have more nukes than they think (which will make them scared, and more likely to back down, because they think they are dealing with an irrational actor), but you don't want to sail too close too the wind here.The thing is, game theorists don't deal well with stuff that's not part of game theory. Game theory tends to assume that actors are all very smart, and aren't hamstrung by some of their best advisors being out of the loop.  Isn't there some kind of game theory which takes irrational/drunken actors into account?  The "military secrets" to "source code" isn't an apt analogy. Lots of Linux OSs have secrets, such as SSL private keys, ssh private keys, passwords that sort of thing. Those are like military/government secrets. A (windows or linux) server that told everyone what the ssl private key and root passwords were, would, obviously, not be secure/  I'm not sure if that analogy works. Wouldn't a country with no secrets like an organization whose source code is open AND all of whose encryption keys are public?  Yes. And they also know that too many secrets makes a country militarily weaker. An example scenario, a intelligence professional comes across information that pertains to a plot to kill his co-worker that was collected in a way that is highly classified that he can't warn his colleague (with a lower clearance) about it.  Really interesting question. I wonder if there are any small countries willing to give it a try.I bet there are more countries without a military than ones without military secrets.  Arthur Kantrowitz was not a game theorist, but he was a scientist involved in Cold War programs, IIRC. His "The Weapon of Openness": http://www.foresight.org/Updates/Background4.html  When I first heard about the Bell-LaPadula model ( http://en.wikipedia.org/wiki/Bell%E2%80%93LaPadula_model ) in my security class, it was pretty eye opening, especially the notion that once you're given a certain level of access, you can no longer write at lower levels. I think it might explain in part the explosion in the amount of classified material generated each year.  Yeah, that model is more or less what's in use. Except the real-world version is a bit more complicated and messier (and more confusing). But the principle is all the same. Read goes down, write goes up.You can move information down only if the information is at the level you are moving it to and it's been properly signed off.e.g. something that is marked Secret, but written to a Top Secret system, can be moved back down to the Secret system)  A side note to the content of the article, which was interesting, but I couldn't zoom the text.I'm using Chrome, and when I zoomed in, the pictures, headers and footers all grew appropriately, however the text remained a constant size.I'm not sure how they managed that, but it makes for a terrible user experience when you want (or need) to increase the font size to make it more readable.  It's because it's their mobile website. The text on the normal version of the story seems to zoom fine: http://motherjones.com/kevin-drum/2010/02/daniel-ellsberg-li...  Looks like it's -webkit-text-size-adjust: none; that's inhibiting the zoom.  Well, this sure puts a different spin on the arrogance of the US Government. The new Aristocracy, those with "clearances", receive and can act on information that the rest of us can't be allowed to have. The Fed's "We just know better than you" attitude probably derives directly from this secret pool of knowledge.But why would you divide up information into 15 or 20 categories? I bet that even at "Top Secret" levels, the narrowness of view is stultifying.  The reason to divide it up into many categories is to compartmentalize the information. The best example I've heard is take an NSA Cryptography expert. Their clearance level needs to be extremely high. Another extremely high level clearance would be for the engineer responsible for turning the key in a nuclear silo. While both of these people have a need to know extremely secretive things, there is no reason for them to know anything about the other's work. Thus the compartmentalization into 15-20 categories.  > why would you divide up information into 15 or 20 categories?To protect the information it in case one invididual gets compromised.> I bet that even at "Top Secret" levels, the narrowness of view is stultifying.Yes and that often makes work seem pointless and unrewarding. Invididuals migth get to view a very thin slice of a large project. So they might be designing an algorithm or a widget without knowing how and where it fits in the big picture.I am guessing for some projects this compartmentalization leads to the dilution of guilt. "Hey I only build detonators", "I only build the shell", "I build the remote control", "I only leave the device in a certain place without know what it is". But all these people could be making something that would hurt or kill someone.  There are a lot of things required to make a modern spy satellite that I know nothing about. Saying there is a special clearance related to that information is limiting but so is lacking the engineering knowledge to understand it even if someone where to tell it to me. Ditto, sonar, atomic bombs, jet engines, tank armor etc. But, I also lack the historic understanding of the middle east politics to understand a transcript of high level diplomatic talks. Toss in the classic military issue of troop movements etc which are just as meaningless to me but still dangerous. And you are left with a huge pile of information would be valuable to a wide range of institutions AND totally useless to most people out there.So, while there are implications of need to know they are IMO less significant than capable of understanding.  Think of it like this: if one person only knows part of a system, they can only reveal so much about it. 15 people might know the entirety of one system, but individually they don't know enough to be a threat. This idea can be stretched out to cover entire levels of security clearance and information (as it does).  It also makes it more difficult for them to collaborate and conspire without the coordination of those above.  This.The pyramid structure that seems to permeate all things //system// has the following salient feature. Say a system pawn is a node at level$L$and his/her boss is at level$L+1$and the boss' boss is at level$L+2$. Depending on social skills and intelligence, the pawn might have information about "what is going on" at level$L+1$by talking to the boss, but for sure he/she has //no// information about what is going on at$L+2\$. In a way secrecy (i.e. information non-awareness) is the //essence// of the pyramid.Assange has this paper [1], which talks about information being the perfect way to choke the system.[1] cryptome.org/0002/ja-conspiracies.pdf [ abstract: Consider the Gonspiracy G = (V,E) where V is the set of conspirators and E is the set of inside information links. The conspiracy G is embedded in a larger graph, society, S. Let |G| be the power of the Gonspiracy. The 'good guys'[2] want |G| to be small, the bag guys want |G| to be large. Assange defines the total conspiratory power as |G| = sum information flows in e for all e in E  So to fight G, one must either cut edges e, or generally reduce the flow of information flowing on edges, by scaring the nodes {v \in V} that they might be found out. ]
 Interesting, thanks.
 Let's flip that around: it makes it easier for "those above" in the hierarchy to deceive a whole pile of compartmentalized people into performing useless work, and thereby consuming lots and lots of government money.
 Good point.Seems like that would inevitably lead to everyone in the organization unable to determine whether or not their contribution was useful. (Short of them actually saving a life at the bottom level.)With no hope of finding meaning in your job, it would make a 40-year career to retirement a long career indeed.
 Why would they do that?
 Ever heard of Empire Building? It's a common problem in corporations. Mid-level managers become important by having a lot of underlings. I imagine this would be even more important in compartmentalized areas, as mid-level managers would nominally have no other method to signal their importance to superiors or peers.I can also think of a situation where a contractor might hire a mid-level manager's husband, wife or child. The mid-level manager would be able to crank up his or her headcount to get the relative a sizeable Christmas "bonus". I've heard tell that this sort of thing actually happens.
 The most charitable explanation would be that they have no way even to know if they're doing it, and the tendency of large systems under such conditions is to degrade in efficiency.
 I agree that the attitude is off-putting and the narrow view afforded to individuals is counterproductive.There are, however, members of the intelligence community who have the breadth of view to make good judgment calls. Just not enough of them, and no accountability.
 But isn't that what the Kissinger story was about? Getting the breadth of view, the knowledge, leads almost inevitably to (arguably) terrible arrogance about what you (the cleared) know vs what everyone else knows, and what you (the cleared) get to do about it.
 I'm sorry, I've read your comment twice, and I have no idea what you're talking about. Perhaps you could write out your conspiracy theory in more easily digestible points?
 You're having a hard time finding the conspiracy theory because there isn't one. bediger simply called the government arrogant, along with worries that people are making decisions without enough info.
 You forgot the part where he felt the need to try to cast 'cleared' and 'uncleared' people into classes, insinuating a seething, out of site class warfare was part of the equation.
 You said that there is no level strictly above Top Secret (just comparmentalizations within that). Is there any actual evidence for that? (I mean, non-classified evidence; I'm not asking you for classified information.)Where did you get the statistic about 1 in 50 to 70 Americans have had at least a Secret classification? That seems absurd.What are you talking about when you say "cut off from the outside world most of the time, no idea what the current news is most of the time"? It wasn't clear at all, but I guess you mean "while physically working in a classified area"; (i.e. you're no longer cut off at the end of the workday)?
 Secret ain't really that secret. That's why they invented Top Secret. Seriously, if you add up all the military veterans and people who used to work in defense/government contracting who have had to access slightly classified information, that's not an unreasonable ratio.
 Right, my out-of-the-ass estimate is probably very conservative. It's probably an even lower ratio in reality, 1:10, 1:15 maybe?
 You guys aren't presenting real evidence, just making up numbers. 1:10 is absolutely ridiculous. If there are 4.2 million now (according to the Daily Mail article cited elsewhere), that's 1.36 percent. You're never going to get that to 10 percent, expecially since (as the DM article says) the currently high number is due to recent expansion of the number of people who have clearances (so you can't argue about tons of retirees as easily). I realize that we're counting "people who have ever had a clearance," but I doubt there's going to be like 5 to 10 times the # of contractors who once had a contract, but don't currently have one (again, the increasing number of clearances argues against that).
 Why not? Provide your own numbers as an estimate.You can get a clearance at 18, and people live into their 70s and 80s pretty regularly. The 4.2 million with a clearance are not the same ones that had a clearance 10, 20, 30, 40, 50, 60 etc. years ago.We had a draft until the early 70s. Tens of Millions of people have been through the military system, and this doesn't even count civilian types, contractors, cleaning people, building facility people, secretaries, etc.The Vietnam war saw about 9 million people in the military for example.There's about 25 million vets in the U.S. right now.It's pretty simple math to arrive at number well above the current number. Remember, just because you aren't in the club, doesn't mean it isn't big.Let's look at what 10% means. There are ~300 million people in the U.S. 10% of that number is 30 million. Let's say that every single man and woman who is currently in the military or has previous served has a clearance (with no overlap). There are about 3 million active and reserve people right now in the military.25 + 3 = 28 million. Now let's add in non-military government civilians with clearances, the CIA for example is a civilian agency with an estimated 20,000 people, DIA, 16,500, DTRA, 2,000, DOE: ~110,000, NGA 16,000, NRO, 3,000, NSA 20,000 (civilians only, 38,000 total), DHS, 216,000, DOJ, ~112,000, State, ~50,000, etc.I'm not even including treasury. And we're up to almost 29 million people.Now how many contractors do you think have Secret clearances?Lockheed Martin employes over 100,000 people, Northrup Grumman, 120,000, General Dynamics, 91,200, SAIC, 46,000 etc. etc. etc.And we rapidly go past 1:10.Now obviously not every single person I've listed has (or has had) a Secret clearance. But until you start shaving off huge percentages out of each organization you're still between 1:10 and 1:15.If you disagree with these numbers, the onus is on your to provide better ones.
 There are also also over 20 million military veterans in the United States; probably most of those will have had a security clearance. Once you add former federal employees and contractors, 10% isn't far off.
 > probably most of those will have had a security clearance.That is a particularly bad assumption. Private Gomer Pyle, USMC, did not have a security clearance.
 If your understanding of the military comes from 1960's television sitcoms, you're not qualified to discuss this subject.
 I'm sorry, I appreciate the information, but you're not actually giving evidence for your claims about TS being the highest.Same thing for the ratio of people in the military (except for the Daily Mail citation, which is quite helpful). I mean, Army grunts are not required to have clearances [1], for example, so you can't just say "assume everyone in the military has a clearance..."[1] This may be a misunderstanding on my part, but that's what I've been told. You don't want to clear (and probably can't clear) a ton of 18yo cannon fodder.
 I'm assuming you aren't actually asking me to prove a negative. If a reading of NISPOM doesn't clarify it for you, then there's really nothing more I can say that will persuade you from your conspiracy theory.http://www.dss.mil/isp/fac_clear/download_nispom.htmlArmy Grunts are required to have a clearance. General Infantry (18yo cannon fodder in your parlance) must have at least a Secret clearance. Army Cooks, may even be required to be cleared.Think you can run around with 5th generation night vision goggles and state of the art body armor, talk on encrypted radio equipment, know troop movement information, chase after specific enemies and report back on activities on Secret level systems without a clearance? Think again.Let's do a thought experiment. Let's say we can say there's a piece of information that is so dangerous, so important, that releasing that information could endanger the entire population of the planet. Say, the nuclear codes.These are arguably the most sensitive information in the world. Why would there need to be a classification level above and beyond TS and the appropriate compartments and or SAP program to protect them? Some sort of Super Top Secret?Or for fun, let's say Area-51 has alien tech there, or we have a secret military base on the moon, or a Stargate. Why wouldn't it just be protected under a SAP? A Super Top Secret doesn't buy you anything at all in terms of protecting that information. Nor does a Super Duper Top Secret. As somebody not in the SAP and not with a need to know, I wouldn't even know the SAP exists to protect the Stargate program, or the alien autopsy videos, or whatever. Only the people in the SAP and a handful of people managing the SAPs of the agency that created it even know of the SAPs existence and/or what it protects. SAPs can even have sub-compartments that provide even further protection.Practically speaking this offers what can be perceived to be "high levels of clearance" but in fact are all just plain jane Top Secret.
 I thought polygraphs didn't work. Or is there classified information showing that they do?
 Whether the machine works or doesn't work is irrelevant if they convince you during the poly that it does work. I had one, and the technician was far more intimidating than the machine. If I had something to hide, by the end he would have gotten it out of my I'm sure.
 Right, often they are simply used to indicate when a line of questioning is stressing out the subject and to continue on that line.
 When people are "prepared" for the polygraph (say a mole) they are often trained to construct alternative mental models that would let them answer damaging questions without appearing anxious.For example, they might organize an obvious seemingly accidental meetup in a some monitored public place (train station) with a foreigner from a specific country so when the question is asked "have you met with foreigners from country X" they can say "yes, I sat next to one when taking the train".
 You might also go through a slightly different polygraph with highly personal questions about your sex habits.Why do they do this? For blackmail purposes later?
 I went through UK security clearance and can tell you that the process is to determine whether your personal/sexual habits are likely to make you vulnerable to blackmail. Not so that the government or agency can blackmail you.That is: If you happen to be into BDSM and this is something you keep extremely private, then what would you rather give up? Your personal privacy or a piece of sensitive data?So the interviews at different levels determine whether you can be trusted with the information based on the risk you pose to factors such as blackmail, or financial rewards, etc.
 This is mainly why they killed Turing.
 Turing died because his lifestyle was illegal and he was being punished for it, not because it was a secret.
 Turing died because he had a head full of military secrets and consorted with gay prostitutes, and was therefore considered a security (blackmail) risk.Obviously it was more complicated than that, but I consider this to be the primary reason.
 Interesting theory you've got there. Please explain why, if he was considered such a security risk, he was charged and tried publicly in a civilian court, and then allowed to roam freely for two years after his conviction.
 I think I'm coming across as more of a conspiracy theorist here than I intended.When he was convicted for homosexuality, it would have come to the attention of various senior people in government. They would have wanted to make an example of him, being as he was a relatively well known figure at the time, much like what happened with Oscar Wilde.They would have also had concerns about his homosexuality being used against him by britain's enemies, and also because of the recent uncovering of a ring of soviet spies who were all drawn from an intellectual set, all academics, and two of whom were gay.What I am saying is, I find it likely that these government/military figures would have found it highly convenient for Turing to disappear, or at least have his life made extremely difficult for him. They couldn't have him executed for his sexuality, but they could apply chemical castration. They did offer him the choice between castration and prison, and I accept that this weakens my case. You might ask, if they were that concerned, why didn't they just have him conveniently die in a car crash? My answer would be that they weren't that concerned, it was an opportunistic thing.Also to be honest I am not entirely convinced that his death by poisoned apple was necessarily suicide, but there is no evidence for that, and there never will be.
 It is call a "Lifestyle" Polygraph and it is meant to weed out anything that can be used against you in exchange for divulging secrets. The major component to most of the clearance questions revolve around bribery. People don't divulge secrets typically because they hate the government or the country, but for much more simple reasons like they need to pay rent and they figure they can sell some secrets.
 Even given the variations of security clearances in use, there is the requirement that classified information is always and only distributed on a "Need to Know" basis; two people with exactly the same level clearance may still have official secrets from each other.
 Does anyone know of any research into compartmentalized network protocols? Specifically I'm wondering about protocols where components co-operate to acheive some goal but don't know enough to compromise the entire network. I'm sure the botnet guys have done a lot of work on this but I'm wondering there are any good references in the open literature.
 Not sure about network protocols, but, the systems research version of this is called multi-level secure systems. You might want to start looking there.
 Interesting. Perhaps the comment about not being able to learn from people who don't have these clearances also applies to highly knowledgeable individuals in any field that have trouble listening to people with less information or understanding of matters. Perhaps it even explains how years of "knowing more" can lead to resistance to change (the kind that I've found to be characteristic of bad professors or some people I used to work for)I think it's important to be aware of this. If I ever find myself not listening to someone because I think the person doesn't know all the facts, I hope that I'll become aware of it and try to zero in on what facts they are missing. Luckily I know very few secret things (I have even been known to intentionally make secret things un-secret) so I'd gladly share those facts and see for myself if it changes the other person's opinion.
 And the corollary, just because people have access to sensitive information means they know all of the sensitive information."Well I have a clearance and can tell you this is how it is" is probably the mark of somebody who just wants to win the debate but doesn't know squat.
 for those interested in US governmental secrecy stuff, http://www.fas.org/blog/secrecy/ is a very interesting blog/newsletter
 For a more nuts and bolts view of security requirements and procedures, the NISPOM is publicly available http://www.dss.mil/isp/fac_clear/download_nispom.html
 I think there's a big danger here.Of course the idea of being initiated into a secret circle is extremely attractive. It appeals to our sense of ego, intrigue, romantic notions of the other. It's the stuff of novels and films .. it's the beginning of a great story. The personal advice given sounds good. But the dangerous part for me is the inference that we need to consider that those above us necessarily know best, and we should, by necessity, capitulate control.The fact that such layers of information, access to information, and access to power exist should not supplant the fact that this system embodies one single way the world can be ordered.What would happen if everyone had access to everything?

Search: