Sir
I'm wondering if a friendly country can share comments with an unfriendly country and start a war?
The possibilities are endless :)
"It wasn't secret, we just didn't need to tell anyone about it" said Sid Heaslip, Programme manager at Opentext discussing the TOP SECRET FACEBOOK OF POWER that his company made for the G20 summit in 2010, exclusively for the leaders of the world's most powerful nations to network with. Despite keeping the network codenamed " …
Why "social software" is supposed to be better than email, though, is a bit beyond me. Then again, I actually know how to write a proper reply and I can actually deal with multiple topics in a simple email, I know how to encrypt my emails, that sort of thing.
Or maybe it's the "we're here, let's use special software while we're here" gimmick. How mature are these world leaders anyway? Anybody check what their background is? Are they lawyers, sociologists, scientists, engineers? It'd be ironic to have to conclude they're as easily swayed by some shiny new computer-y thing as beads, trinkets and mirrors did the "savages" of yore.
Spokes
Axles
Ball bearings
Iron fittings
Pneumatic tyres.
The wheel has undergone many upgrades since its invention.
Also, we now have caterpillar tracks, hover craft, and flight, to supplement it.
I give you the point about not necessarily being better, but certainly we can design something more suited to its situations.
Assuming this system is web based and not fat client based, You can't wasily forward a web page. It takes a little effort.
Second, your content stays on your system (assuming nobody saves it off manually) and can therefore subject to one jurisdiction for discovery, one records retention policy, only exposed to one set of IT staff, etc.
IMHO asking why this is "better" than e-mail is like asking why your toaster doesn't mow your lawn. The two were designed for wildly different purposes - e-mail for things to be forwarded and shared, this Facebook clone (and I think it could be argued the original as well) to be a walled garden in that the content stays in the back-end system.
Also... <tin foil hat> this may be a way around FOIA compliance </tin foil hat>.
"You can't wasily forward a web page."
I presume you meant "easily". I forward web pages all of the time. Ever hear of converting the web to a pdf and emailing that? Even if they use a fat client and disable printing, you can always capture the screen. Any claim that this close system is "more secure" is bogus.
Having said that, as other have pointed out, a walled garden system like this does allow you to track who has accessed what, and when they accessed it. It also allows you to dynamically tag, in subtle ways, everything displayed so that if someone does transfer the content out of your walled garden, it is uniquely tagged so that the "wild" version can be linked to whatever userID released it, and when they released it.
By "easily" I was trying to get at... it has to be intentional and the mechanisms to take said content outside of the garden are not part of the architecture. This prevents accidental/unintentional information releases. I don't consider that to be "secure" either, but it is different than e-mail.
Anyone who has access to anything can find a way to get it out. I've used the same trick before with restricted fat clients : ) There is always a way... so no disagreement there.
I hope it didn't sound like I was cheerleading the Facebook model. I am quite fond of SMTP (it's not perfect of course, but it works) and anyone who thinks something like Facebook would ever replace it obviously doesn't understand why SMTP works the way it does, or how people use it. The two really should not be compared as if they are substitutes - they are completely different animals.
'Why "social software" is supposed to be better than email, though, is a bit beyond me. '
If I send you an e-mail, it
1. goes from a controlled, secure network (mine) through an uncontrolled, insecure network (intranet) to a possibly- controlled, maybe-secure network (yours);
2. cannot be proven to be received/read; and
3. will likely have size limitations which preclude efficient sharing of large, complex documents,especially with more than a few people.
If, on the other hand, I put you on my secure social network, I can
1. keep the data on a secure, controlled network,
2. monitor what you do or do not read, and
3. ensure efficient storage and sharing of large files.
These are a few of the arguments for a private social network over e-mail. While I know there are mitigation technologies for e-mail's weaknesses, they are generally on the same order of complexity as a private social network; so at that point it becomes roughly a choice of equals.
In that view, perhaps, and it raises a couple questions. Like, should you worry about my network? If you encrypt the message, then it suddendly becomes much more tangible that the data should be protected. It's a testament of low expectations and high bar of entry that Johnny still can't encrypt. Ideally this should be a no-brainer, practically it's a no-brainer the other way around, largely because of the poor state of computer using.
My automatic objection is that for email I can, and for web-bound systems I cannot, choose my own interface. That captive interface is actually a massive productivity drain, so forcing it on me is close to you committing more of my time than strictly necessary to your toy. If that is roughly equal to email (with my preferred and presumably finely tuned to my foibles client and all) that says something very sad indeed about the expected quality of emails sent.
But then, there exists very poorly written spam that is more effective at being read than plenty of non-spam email that goes 'round. To me that goes to show that communication with fellow humans is still very much the humans' job, so it's up to them to get better at it. Fancy captive interfaces won't change that; they provide cookie-cutter environments that both might improve the base line but also puts an upper limit on the improvement. So that approach cannot really be the future. At some point there will be a realisation that a more general tool would be good. Sadly, that'll mean a reinvention instead of the realisation that we already have the tool, all that's needed is a little training. Simply because in this field reinvention is so much easier ("lookit ma, I innervated!") than admitting you were doing it wrong before.
Should you worry about checking whether other people read your messages? Should that even be tracked? It's a valid question, and says volumes about trusting your fellow world leader. I wonder what'd happen if those same world leaders fully realised just what was happening, and why. There's valuable intelligence in there. In that, it's a nice racket this company cobbled together.
Email is a communication standard, while 'social media platforms' like face-book are web applications from a supplier.
You get the sense that people regard facebook as a permanent thing because we all use it so much, but imagine if for some reason (debts, legal issues, BOFH gone mad) facebook suddenly and permanently died. Apparently some people used MegaUpload as a backup platform (wut?).
If everyone were using it like email, there would be a massive international problem.
Email is a coms standard, and the risk is spread across a thousand suppliers. If your managed email goes down, you find another supplier. If your local email server goes down, you yell at your IT guy.
Until 'social media' is putting data into an open platform you can control, with competition and interchange between suppliers, it's a retarded thing to use for anything serious.
As an aside, if your company uses a cloud based platform for something critical, and you can't get the code running on someone elses cloud within a week, your making the same bet.
Mistyping addresses or accidentally cc'ing press contacts or people not included in the conference...
Given the generally technophoic attitude to technology by a lot of leaders, communications not necessarily being encrypted when they travel over the network etc. I can understand, why they wanted to avoid e-mail.
The V20 was a closed network, at worst you could have sent a message to Putin saying Obama is a pussy and would never push the button, and accidentally including him in the list of viewers...
Recall USENET is BOTH of those things. We could be using that. El reg could cobble up an NNTP bridge and auto-post their articles there as thread-starters even. We're not doing it because "everybody" uses a myriad of web-only reinventions because, you know, that's the expectation, the skill level to do anything more complicated just isn't there, the realisation that it might be useful hasn't entered those webmonkeys' thick skulls, it doesn't support dancing rodents very well, and so on, and so forth.
But mentioning the status quo in and of itself is hardly a proper refutal of the argument sketching the status quo. Try again please.
This post has been deleted by its author
And the chief central bankers of those countries that still have central banks. The chiefs of the ECB and the NCBs.
What will they discuss besides those tiresome balance of payments?
Simple. how much fiat currency every nation gets to print that month. Or, if they don't print, how much the ECB should credit their accounts. If the US prints a trillion in 2012, and the M3 of your currency is about 20% of the dollar's M3, you get to print $200 billion. As most of the nations are bankrupt, what better way to pay for science projects than by printing currency. And pay for Social Security, defense weaponry, environmental projects, etc.
When we get to Mars, it will be on a Stairway of printed currency.
How cool is that, Robert Plant?
... Unless some dirty deals are being done.
Presuming there is a *valid* reason for secrecy, keep it off the god-damn Internet ... duh!
Give them dedicated circuits to the G20 server, hardware-based encryption/decryption, and VT-100s with appropriate keyboards and character ROMs. CKJV-type countries get a Linux dedicated appliances with appropriate fonts and keyboards.
If a diagram can't be expressed as character-based art, it doesn't need to be in the document.
Sorry, but just what do OpenText think they have done with this that's so wonderful. Setting up an air gapped network to operate at TS is not that difficult. Expensive, but not difficult. Their software would provide most of the separation needed. Unless of course, they set up 20 or more separate neworks and linked them through controlled gateways. Even then it's easy, but even more expensive, and uses even less of the applications segregation abilities.
It's only when you want to connect it to the rest of the world that it gets interesting.
That's all that's needed, really. It ain't exactly rocket science. All my critical systems have been air-gapped[1] since roughly 1985.
"It's not just global power-mongers who like to share documents"
If you're sharing 'em outside your security circle, they aren't secure by definition.
"secure cloud-based software"
Is that three, or four oxymorons?
"it is used by other SECRET people, the Register was informed."
Because everybody knows that SECRET people inform ElReg at all opportunities.
[1] Casual sneaker-net included, I might add ...
All that and The Reg didn't include the website.
www.g20net.org
As made plain on Open Text's own website PR pdf ( http://tinyurl.com/7ozhfz9 ) about the thing. Just zoom in enough to read the url bar in one of the pictures.
Just last week there was the OpenText UK Government User Group meeting. http://tinyurl.com/8xtm24b Did anyone go?