Private First Class Bradley Manning may be one of the most celebrated whistleblowers ever but he is also, if he really is the Wikileaks source, a damn fine data thief. The corollary of that is that the United State military is a an awful guardian of classified data. Manning, a US army intelligence analyst, is believed to have …
How do we know he did not have legitimate access?
I mean, what if he was an administrator?
I accept that the data should have been encrypted and the keys held only by those authorised, however, tryign to get a non techie to adhear to this kind of security policy is difficult, often futile.
So as a failsafe, to make sure somebody could still access it all when the suits / generals had forgotton the keys, they let the IT dept have a key also.
Let;s be honest, anyone that runs an email server can access all of the inboxes in there.
I bet there are thousands of people here who have been able to look at sensitive company documents because they are the IT people.
Who watches the watchers?
... should still not have given him access to the plaintext of messages which were above his clearance level. You can administrate a system without being able to decrypt and copy the (hopefully encrypted) content of the files stored on its disks.
Similarly, access to those files should have been audited, and so easily traced back to whoever took them. Given that why, is there such a delay in charging him?
As with the McKinnon debacle,, this seems to be more about saving face for the poorly run system, and its negligent management, than anything to do with justice.
It's always worth thinking/mentioning ...
Whether or not Manning did perform this data theft, it's important to try and remember the conditions in which this man is being held.
Whilst currently waiting a trial which may or may not happen he's currently in solitary confinement for 23 out of 24 hours for the last 6 weeks. Denied the ability to exercise, communicate or any information regarding his incarceration. Hell, the man's not even allowed a pillow!
Many of us would probably champion him for his efforts in bringing to light various appalling crimes like the machine gunning of innocent civilians, but he's going to be incarecated for decades and eventually forgotten about.
The Punishment Fits the Crime
Manning is in solitary because he had eyes on classified documents. If he was in with the general population, he could leak even more classified information. Even his guards have security clearances in case he talks to them.
He is in solitary because in those conditions, he can't divulge any additional classified information.
BTW, this is military justice. There is not always a presumption of innocence.
He is charged with leaking classified information and there is an overwhelming preponderance of evidence against him.
Well, from the information that's out there, and has been out there since the summer, I'd be very surprised if Manning wasn't responsible. Assuming they're real, logs where he explains how he did it have been published. Basically just bad security.
The US Air Force issued an order at the start of this month banning the use of removable media on computers residing on SIPRNET.
CD, DVD, optical disc...
not sure why you even mention those if your assumption is that the data size was 500GB....
2 or 3 DVDs per day
and you have the lot transferred in less than two months. Dress up a couple of R/W disks as (unclassified) instructional videos, course material or just common movies, and I bet you can get away with them if they search you at the gate.
On top of that, I doubt it's 500G, and if it is, 250k documents equates to 2M per file on average. Which strongly suggests that it's MS Office stuff, not plain text, but even that compresses really well.
As an ex-FS techie I know of facilities where even manufacturer alignment tapes for tape drives were to be left inside, and the reimbursement for impounded scratch tapes kept the office cookie jar and snack cupboard well-stocked.
But it's clear that Jim Leaks wasn't working at such a site.
Hmmmm... conspiracy spidey-sense tingling...
Don't you realise how suspicious it looks to display an article like this on your homepage and then pull it again 30 minutes later?
A few GB
Text files so I don't think the cables amounted to more than a few GB in total.
Hence how he was able to copy it to a single DVD RW (labelled "Lady GaGa" I believe).
Doesn't really matter
Manning will be burned as a witch whatever happens. Some sort of sacrifice is required to provide a smokescreen, hiding the idea that it was too damned easy. There must be a hell of a lot of heavy money involved in the providing of the system that allowed such easy access. To protect the guilty there must be a very public show trial before the cracks begin to show in the wallpaper.
The seeming 'disappearance' of Manning is a good/bad indication of the treatment McKinnon(sp?) would expect if the was to be extradited.
To protect the guilty the equivalent of hacking off his hands and ripping out of the tounge will be required from on high. A single sacrifice to wash away the pain and embarrassment of those on huge salaries.
re: witch burning
Manning is royally screwed either way, he's comitted high treason as a military officer if found guilty. Can't see him ever seeing the light of day again if thus is the case.
There is a torrent doing the rounds of everything wikileaks has, not just the recent stuff but all of it.
It's 18GB in size compressed with rar.
"instead of shooting the messenger"
Whilst I agree wholeheartedly with this sentiment Chris, it doesn't seem to match El Reg's messenger fixated editorial of recent months...
The article doesn't mention the allegation, made by some qualified sources splattered all over the Web, that security measures (like DLP) were actually switched off on SIPRNet in Iraq because it became unworkable.
The article might have had ambitions toward journalism if this aspect would have been further researched and sourced or perhaps when a discussion would have been started about how good high security mechanisms could actually work for a global, high-demand extremely mobile work-force of tens if not hundreds of thousands of people.
What is left is a blog entry of someone trying to look smart. Yawn.
Jim Leaks *changed his name* halfway through the article! He wouldn't do that if he had nothing to hide, would he. I recommend ID cards to prevent this sort of foul left-wing freetard <foam gargle gargle>
Well, you know, during a war...
I have no idea where it happened, but assuming that the theft* happened in Iraq, they were most certainly preoccupied with a lot of other stuff beside checking that the classified computer had the proper protocols and security enhancements installed. And as somebody said, if somebody has administrator access, it becomes really hard to stop him from doing whatever he wants, encrypted or not.
*Considering these documents are indeed classified, but technically in the public domain as far as copyright law is concerned (as they were written by US gov employees), I would contend that theft is an inadequate word.
By the way
Assange must really regret not keeping it in his pants these days...
But whether he is Jim/Joe Leaks or not, I bet that Manning is regretting his compulsion to look cool on the web. Oh My God. Fifty years of your life for fifteen minutes of fame in a chat room.
It brings up True Lies' definition of kids: 10 seconds of joy, 30 years of misery.
US may well have got it right, ineasing access
I suspect that the increase in utility of the system for the legitimate purposes it has from opening up access to information may have been worth the consequences.
In fact to the extent that the illegitimate use of the system - in hiding crimes or the evidence of crimes from law enforcement agencies - has been made more difficult by the leaks, the net benefit is likely to be doubly positive.
An almost sensible article about this. The thieves should not have been given that opportunity in the first place the real error have been made by their policy, security assessors and information access management. They have failed monumentally and going after an opportunist and a publisher is hiding the real serious thread. The USA should be downgraded and face some serious international sanctions for not being able to keep their and that affecting their partners information secure.
Oh and to the earlier posters I guess you haven't done ict in a secure environment before the concept of one it bod having all that access is very alien to me. And even when they already do not have singular access we have still a variety of integrate tools running to identify, block, proof. Yes the watchers are being watched and I have a strong suspect that even my team is being watched.
Anonymous, well you can guess why.
"The US government and military are lashing out at Assange when, instead of shooting the messenger, they should lock the metaphorical doors through which his source entered their IT infrastructure and pillaged it"
No the correct option is option c, if he's guilty of a crime he should be prosecuted and they should also fix their security issues.
If this happens at your company, say an employee walks out the door with el reg's user db and starts spamming everybody you'd want to see people prosecuted both in civil courts and criminal courts where appropriate, but you'd also tighten security.
This is how the world does and should work.
More lashing out
Does the USA justice system actually practice justice,go in for human rights, fair trial, and not condemn before trial, for an ordinary non-celebrity person?
Trial of bankers, financiers and mortgage speculators proceeds with the accused being cared for in good , high class accommodation , even when the accused may have ruined the lives of millions of families.
I suppose that's the American way. Greed is good.
Upsetting politicians and Generals is Un-American.
There have been changes
Because of Wikileaks, government computers that manage classified documents can read from USB sticks and CD/DVD drives, but now cannot write to them. This is regardless of permissions, Administrator access, etc.
Any attempt to write to these media or circumvent the protection will quickly result in some very polite and heavily armed individuals coming to meet you at your desk. They will take you to a comfortable room with no windows to ask you some nice questions.
"This is how the world does and should work"
Agree with the 'should', but strongly doubt the 'does'.
- On the matter of shooting down Amazon delivery drones with shotguns
- Review Bring Your Own Disks: The Synology DS214 network storage box
- OHM MY GOD! Move over graphene, here comes '100% PERFECT' stanene
- Google's new cloud CRUSHES Amazon in RAM battle
- Beijing leans on Microsoft to maintain Windows XP support