back to article Edward Snowden's not a one-off: US.gov hunts new secret doc leaker

It appears former NSA contractor Edward Snowden is not the only leaker of secret US documents around, as the US government searches for another whistleblower in the aftermath of another leak of classified information. CNN reports that leaked documents related to a terrorist watch list and published by The Intercept (a site …

Thumb Up

Whoot!

Go nameless guy! I just hope he/she has a better escape plan in place than Snowden did.

Hopefully they are already sunning themselves in Ecuador.

31
3
Silver badge

Re: Whoot!

It's going to be a lot harder to catch this leaker - I'm guessing that they printed the list out and put it in the US Mail to a third party in Brasil. Nobody checks the mail these days.

0
0

Re: Whoot!

Private contractors? Aren't they the kind of people who might benefit from a leaked secret document before offering to sell more security and audit software to the public sector paymasters?

One way to reduce the risk of a widely distributed list being leaked is to salt it with a few unique names/records for each copy - makes it pretty quick to tell if the list came from the cops or haliburton or whoever, narrows down the chase somewhat already

3
0

Re: Whoot!

Another way would be to keep to the law so there's nothing to expose.

6
1
Silver badge

Amazing!

680,000 suspects and only 220 convictions over the last decade (http://www.thewire.com/politics/2013/04/civilians-courts-vs-military-courts-terrorism/64489/).

These guys are way better at slacking than I am! It's like were being guarded by an army of Wallys.

On the other hand, maybe it's just too easy to get on the list? I demand a more exclusive terror watch list!

24
1
Silver badge
Coat

A V.I.P. watch list, perhaps ?

With a golden membership card ?

8
0
Anonymous Coward

With a golden membership card

Platinum. You really don't want a credit limit to kick in when you're paying for a БУК launcher from MissilesЯUs.

9
0

insidious Marxism

Pah — I refuse to join any terror organization that would have me as a member.

13
0
Joke

Re: insidious Marxism

They, the alphabets, seem to be devoted whistlblower hunters, just inneffectual at it...

3
0
Go

Re: With a golden membership card

I would go for iridium, that would pay for the whole komplet, not just one battery.

0
0

Quite funny actually

If true then it will create lots of paranoia inside the organization, they will then lock permissions down so tightly that nobody will be able to get any work done

24
1
Silver badge
Big Brother

Re: Quite funny actually

But they will probably still all be able to see our data!!

1
1

This post has been deleted by a moderator

Anonymous Coward

Re: Database

You are now for asking that.

22
1

Re: Database

As are you for associating with him!

Oh, and me too now huh?

12
1

This post has been deleted by a moderator

Silver badge
Mushroom

The leaked database is shared with local law enforcement agencies, private contractors, and foreign governments.>

Really? ...how quaint.

13
0
Silver badge
Mushroom

@ Dropbear

That would explain why I am being upsold by ExplosivesRUs!!

"Dear Mr. Hack,

While most of our customers are happy to order C4, you're special. You're the kind of violent ideologue who expects only the best! Frankly, you seem like more of a Semtex man. And lucky for you this month we have a special...."

4
0
Angel

Re: @ Dropbear

Hey man Semtex is cool, we even have an energy drink here named that. http://www.semtexculture.cz/

0
0
Silver badge
Paris Hilton

Insider Threat

Generally slightly less of an issue if you are a government with the moral high-ground.

8
1
Anonymous Coward

Re: Insider Threat

a government with the moral high-ground

I wasn't aware those existed anymore, where might I find one?

8
0
Silver badge

Anymore?

Are you saying there used to be governments with the moral high ground? Where can I read about one?

1
0
Silver badge

Re: Anymore?

I can foresee a complete inversion of the security-threat-level (whatever that's called) and the El Register recommendation level.

Whenever something is at a threat-level 55 (mid-high?) the recommendations should come in at around 5+.

Eventually this will lead to the security agencies trying to up their threat levels so they get a higher El Reg recommendation. Pretty soon, secretaries from MI6 and the NoSuchAgency will be spilling their bosses beans all over the tubes - just for a better thumbs-up score.

In the end, secrecy will be a thing of the past along with wingless dinosaurs. We'll all live in blissful abondance of TMI.

0
1
Silver badge
WTF?

Somebody got a universal translator handy?

"Access controls including the two-man rule, role-based monitoring and data encryption are key requirements to make this happen, especially in highly concentrated environments like virtualisation and cloud,"

What hell does that mean?

3
0
Silver badge

It means that the data is kept secure in an extreme fashion, requiring two people to input passwords simultaneously (think Golden-Eye two-key access to the arming mechanism), and people who do access can only access the data that their authorizations subset allows them to, access being monitored automatically with red flags sent to monitoring personnel when out-of-line access requests are made, monitoring personnel who will then investigate the demand and compare with previous out-of-line demands - make too many mistakes and you're fired.

2
0

Re: Somebody got a universal translator handy?

Two man rule: It requires two people with seperate access codes, iris scans, keys etc to open a system. One can not do this without the other "man" being present

Role based monitoring: You have a set framework within which you carry out your duties. Operating outside of these parameters will trigger a red flag. Similar to trying to do something on your PC at work which is outside of the permissions set by the Sys Admin. Try to do something and it will be noticed.

What it means is that they need a shed load of internal "watchers" to watch the "watchers"

At some point in the future things will get so big and complex within the organization, circles within circles etc, that it will no longer be able to support its own weight and entropy will do its thing that it does with all systems which are out of balance.

14
1
Silver badge

Re: Somebody got a universal translator handy?

At some point in the future things will get so big and complex within the organization, circles within circles etc, that it will no longer be able to support its own weight and entropy will do its thing that it does with all systems which are out of balance.

For all we know it might already be the case that two-thirds of NSA employees are there purely to watch NSA employees. It would certainly explain why they have to rely so heavily on contractors!

5
1

Re: Somebody got a universal translator handy?

You could well be correct. I touched upon the weaknesses of this type of organization in something I wrote last year. Link here: http://russellchapman.wordpress.com/2013/09/26/a-question-about-the-terrorist-attack-in-nairobi-kenya/

Entopy always wins in the end, you can't beat physics. This is also why I am betting on a financial crisis in the next 3-4 months, I might be wrong on the exact timing but it will make 2007/08 look like a walk in the park.

2
1
Silver badge
Thumb Up

@ Pascal Monett and russell 6. Re "What the hell does that mean?"

Thank you gentlemen for your efforts. One of the things I like about El-Reg is that if you admit sincere ignorance someone will usually help you! :)

6
0

Re: @ Pascal Monett and russell 6. Re "What the hell does that mean?"

Kein problem, mein freund

2
0

Re: Somebody got a universal translator handy?

> This is also why I am betting on a financial crisis in the next 3-4 months, I might be wrong on the exact timing

I'm pretty sure you are, too much confidence around now. Misplaced confidence but it makes no difference. My guess is it's further off, perhaps a year or two.

> but it will make 2007/08 look like a walk in the park.

yep :(

2
0

Re: Somebody got a universal translator handy?

I don't think it will be as far away as two years. The collapse of the holding company of Bank Espirito Santo, a major Portugese bank is a signal of the on going weakness of the banking system in the periphery of Europe. Russia is in a much more fragile economic situation than many realize and China has huge debts which are hidden by its shadow banking system.

I happen to know several directors of major banks in Switzerland. All are saying that global stock markets are way over valued, price/earning ratios are crazy. Profit is coming from price/cost cutting rather than earnings on activity. It will only take one shock in the right place to start a chain reaction.

5
0

@Rich11 - GK Chesterton got there before you

1908 The Man Who Was Thursday.

1
0
Silver badge
Devil

Re: Somebody got a universal translator handy?

I don't think it will be as far away as two years.

Well then, it's simple: if nothing particularly noteworthy happens to the financial sector until January 1, 2015 do I get a fridge full of Guiness...?

0
0
Silver badge
Thumb Up

@ Arctic fox -- Re: Somebody got a universal translator handy?

It means...I got BINGO!

0
0

Re: Somebody got a universal translator handy?

No. But if nothing of particular note happens to global markets in a negative way by Jan 1st 2015, I will donate £50 to your favourite charity.

0
0

Re: Somebody got a universal translator handy?

Russell 6:

With the Putin vs. The West playing out as it is, I just hope some Shadow Recruit can stop a possible Russian Operation Lamentations. Some truth to the line that the Russians would be crushed, but would recover. The West might not be able to...

0
0

Re: Somebody got a universal translator handy?

" China has huge debts which are hidden by its shadow banking system."

Would you mind elaborating on the Chinese debts? I thought they practically owned the West. Unless they're worried that our debts to them won't be honoured when we collapse?

0
0

Re: Somebody got a universal translator handy?

Hi Auburnman

Read this Forbes article to get the lowdown on the Chinese shadow banking sector

http://www.forbes.com/sites/ywang/2014/05/21/chinas-shadow-banking-valued-at-80-of-gdp/

Japan is actually the USA's largest creditor and I wrote an article about it including some other research which put things into words more effectively than I can:

http://russellchapman.wordpress.com/2013/09/18/global-gdp-vs-global-debt-what-is-really-going-on/

2
0

Re: Somebody got a universal translator handy?

Hi Cipher

We are all in this together. West and Russia. It will be Operation Lamentations all round.

0
0

Re: Somebody got a universal translator handy?

...just so we're clear, its not just the NSA. 70% of the "employees" of the US Federal Government are private contractors. Always makes me chuckle when someone bashes the public sector while praising the private.

1
0
Silver badge

Insider threats can cause the most damage to any organisation?

Surely it's the idiots in charge that do the most damage, through incompetence, greed and illegal or immoral actions.

11
0

The best defense against a leak is to immediately leak a flood of substantial information yourself on a similar yet less important subject, but deliberately promote it as a shocking reveal. That way the media will focus on the larger more detailed leak you provided and overlook the real less detailed damaging leak.

6
1

This post has been deleted by a moderator

Or

We just have a global, federated LDAP, and each system authenticates against it. If you want to use a system you need to be added to that system's group(s). You can request that yourself, and the permissions thing just looks up who your manager is and who else should be informed, and they need to approve it electronically. If you haven't used that system for a while generally you'll get swept out of the group.

Easy, quick, pretty secure by default. I can't believe a defence agency trusts everyone on its network by default.

0
0
Silver badge
Meh

People do not like to hear this but here it goes...

Western whistle-blowers just leak "mostly benign" information from "mostly benign" countries.

It is very easy to leak from a western country, they can imprison you, but the likelihood of a western country putting a bullet in your head after having being tortured for weeks is low.

I would like to see the Snowdens of the world leak information from less benign countries.

It is very easy to ask for peace and freedom from the middle of Trafalgar Square, London, United Kingdom, but try to do the same from Pyongyang's Kim Il-sung Square in N. Korea. Or from Beijing's Tiananmen Square, China, or from Havaba's Plaza de la revolucion, Cuba.

9
6

Re: People do not like to hear this but here it goes...

True,

but at least in China, nobody claims it's a democracy.

6
1
LDS
Silver badge

Re: People do not like to hear this but here it goes...

In fact, in China there are no leaker - at least outside "reeducation camps".

2
0

Re: People do not like to hear this but here it goes...

The story is similar in Russia, where some 60 journalists have been assassinated, whilst former Soviet States Chechnya, Dagestan, Georgia, Ukraine, Trans Dniester and the like can hardly believe that the USSR has gone away. It is almost certain that Snowdon has divulged everything to his new owners.

1
3

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017