At the end of that same article is (sort of) an explanation:
Asked why such sensitive material was posted on a network accessible to thousands of government employees, the state department spokesman told the Guardian: “The 9/11 attacks and their aftermath revealed gaps in intra-governmental information sharing. Since the attacks of 9/11, the US government has taken significant steps to facilitate information sharing. These efforts were focused on giving diplomatic, military, law enforcement and intelligence specialists quicker and easier access to more data to more effectively do their jobs.”
Facilitating info sharing to prevent another 9/11 = giving 3 million access to diplomatic cables? Sounds more like an excuse than an explanation to me.
I’d be interested to see which network they are talking about, but in general, just because you are “cleared” to access a network, doesn’t mean you can access anything and everything on the network.
Really, the “3 million” isn’t disconcerting. I do think some of the “junior” types don’t always understand the big picture and the potential ramifications of abusing their access privileges, but in general, a PFC in the Army has gone through basic training, mission training, and is ready to die in the line of duty. Making a hard line that says privates and junior officers shouldn’t have access to these networks to perform particular intel functions is about as stupid as saying you can vote or enlist at 18 but can’t drink until 21.
Joe Mama
To clarify, I wasn’t concerned about “junior” soldiers (PFC Manning notwithstanding) having access to such information so much as the sheer number of people, many if not most of whom are non-military personnel. I figured that the Secretary of State, ambassadors, etc. won’t be the ones actually handling the ins and outs of all these sensitive diplomatic cables, but 3 million people having a purported reason or need to access such information seems rather high to me.
Alasdair
As a Mainframe Computer Geek, I have to wonder that *someone* didn’t notice Joe-the-Peon accessing stuff he wasn’t supposed to in the first, ohhh, thousand or so page accesses and *then* have an initially-polite conversation with him …
After all, if dinosaur mainframes can handle record-level security and catch folk rifling through celebrity patient records, then I would hope that military folk are at lease as computer-savvy, wouldn’tchathink ?
I guarantee you, while 3 million might be cleared for access to the network on which this kind of cable traffic is kept (and even that number is probably high), there are not 3 million with access rights to that data. Getting a security clearance doesn’t mean you get an all-access briefing and the ability to poke around classified networks and see every single piece of sensitive / classified data out there. As a simplistic point of comparison, my company’s network is probably one of the five or ten largest in the world, but I can guarantee you only a very small percentage on that network can access the portals and applications that store sensitive corporate financial data.
Alasdair, depending on the ACL “Joe-the-Peon” was on, the security settings might not have been set to trip based on page views. The other thing to consider is, the barriers to get onto a network like that are fairly high, so from a risk management standpoint, there’s probably little business justification to support devoting a ton of resources to internal policing based on such flimsy criteria as volume of page views.
Alasdair
AMLTrojan – I wasn’t keying off the number of page views … I was referring more to the *hope* that the sensitive stuff would be monitored for *any* accesses (logged/audited) – and that, by the time the perpetrator had accessed more than just a few of the quarter million plus, someone would have noticed …
Nowadays, it is trivial to routinely monitor accesses and retain logs of who did what …
I do understand that many places still rely upon physical control of security … sort of the abstinence version of computer access … (grin) …
Alasdair, would it change your opinion much if the quarter million cables represented a minute fraction of the overall volume available in the system? Think of cables as email, text message, and listserv traffic, and you can begin to understand the relevant volumes. Even so, you’re correct that monitoring this kind of traffic even at these levels is relatively trivial.
But again, this is a risk-based business decision. If you’ve done basic training in the military or as part of an intel agency, and I’ve run intensive background investigations on you, and you’ve agreed to comply with heavy reporting requirements, and you’ve more or less signed your legal rights away if you do anything remotely against the rules using my assets, why would I feel the need to spend a lot of resources monitoring your behavior on my highly protected network? These wikileaks are embarrassing, but I sure hope PFC Manning thought it was worth it, because he’s pretty much martyred himself here. And for what cause? A vain attempt to validate the anti-Iraq-war sentiments as justified, after the dust has already been settled and troops are coming home anyways because they’ve more or less accomplished their mission? That’s some pretty haughty moral masturbation right there!
It’s been interesting to see some of the memes destroyed by these leaks. For example, it turns out Iran’s Arab neighbors in the Middle East have been the ones pressing the hardest for the U.S. to attack Iran — not Israel. Kind of destroys the credibility of pessimists who predicted that war with Iran would cause a worldwide economic crisis and regional instability / chaos in the Middle East. So now that we’ve already undergone the worldwide economic crisis, and since it turns out the actual nation-states of the Middle East are not concerned about war with Iran and actually welcome a U.S. attack, can David, dcl, jim kelly, or anyone else please explain how we right-wing nutkooks have been wrong to pine for war with Iran? Faster please.
Uh…. right…. first off, there was never any point where it wasn’t known that Iran’s neighbors in the Middle East did not want them to get the bomb. The rivalry between the Arab (and mostly Sunni) Middle East and the Persian (mostly Shia) Iran is pretty old.
Further, the idea that because a state welcomes an action against one of its neighbors that this would not lead to instability is laughable. Iran welcomed action against Afghanistan and look how that worked out. Iran now has instability on its borders.
Alasdair
Jim K – that is just such first millennium thinking – I’m disappointed in you, I thought you knew better …
That is, if I canceled out enough of the multiple negatives you convoluted …
I’m no national-security-over-disclosure zealot, but this whole WikiLeaks business strikes me as bullcrap.
It’s been reported that [m]ore than 3 million US government personnel and soldiers, many extremely junior, are cleared to have potential access to this material, even though the cables contain the identities of foreign informants, often sensitive contacts in dictatorial regimes. Am I the only one who finds that startling?
At the end of that same article is (sort of) an explanation:
Facilitating info sharing to prevent another 9/11 = giving 3 million access to diplomatic cables? Sounds more like an excuse than an explanation to me.
I’d be interested to see which network they are talking about, but in general, just because you are “cleared” to access a network, doesn’t mean you can access anything and everything on the network.
Really, the “3 million” isn’t disconcerting. I do think some of the “junior” types don’t always understand the big picture and the potential ramifications of abusing their access privileges, but in general, a PFC in the Army has gone through basic training, mission training, and is ready to die in the line of duty. Making a hard line that says privates and junior officers shouldn’t have access to these networks to perform particular intel functions is about as stupid as saying you can vote or enlist at 18 but can’t drink until 21.
To clarify, I wasn’t concerned about “junior” soldiers (PFC Manning notwithstanding) having access to such information so much as the sheer number of people, many if not most of whom are non-military personnel. I figured that the Secretary of State, ambassadors, etc. won’t be the ones actually handling the ins and outs of all these sensitive diplomatic cables, but 3 million people having a purported reason or need to access such information seems rather high to me.
As a Mainframe Computer Geek, I have to wonder that *someone* didn’t notice Joe-the-Peon accessing stuff he wasn’t supposed to in the first, ohhh, thousand or so page accesses and *then* have an initially-polite conversation with him …
After all, if dinosaur mainframes can handle record-level security and catch folk rifling through celebrity patient records, then I would hope that military folk are at lease as computer-savvy, wouldn’tchathink ?
I guarantee you, while 3 million might be cleared for access to the network on which this kind of cable traffic is kept (and even that number is probably high), there are not 3 million with access rights to that data. Getting a security clearance doesn’t mean you get an all-access briefing and the ability to poke around classified networks and see every single piece of sensitive / classified data out there. As a simplistic point of comparison, my company’s network is probably one of the five or ten largest in the world, but I can guarantee you only a very small percentage on that network can access the portals and applications that store sensitive corporate financial data.
Alasdair, depending on the ACL “Joe-the-Peon” was on, the security settings might not have been set to trip based on page views. The other thing to consider is, the barriers to get onto a network like that are fairly high, so from a risk management standpoint, there’s probably little business justification to support devoting a ton of resources to internal policing based on such flimsy criteria as volume of page views.
AMLTrojan – I wasn’t keying off the number of page views … I was referring more to the *hope* that the sensitive stuff would be monitored for *any* accesses (logged/audited) – and that, by the time the perpetrator had accessed more than just a few of the quarter million plus, someone would have noticed …
Nowadays, it is trivial to routinely monitor accesses and retain logs of who did what …
I do understand that many places still rely upon physical control of security … sort of the abstinence version of computer access … (grin) …
Alasdair, would it change your opinion much if the quarter million cables represented a minute fraction of the overall volume available in the system? Think of cables as email, text message, and listserv traffic, and you can begin to understand the relevant volumes. Even so, you’re correct that monitoring this kind of traffic even at these levels is relatively trivial.
But again, this is a risk-based business decision. If you’ve done basic training in the military or as part of an intel agency, and I’ve run intensive background investigations on you, and you’ve agreed to comply with heavy reporting requirements, and you’ve more or less signed your legal rights away if you do anything remotely against the rules using my assets, why would I feel the need to spend a lot of resources monitoring your behavior on my highly protected network? These wikileaks are embarrassing, but I sure hope PFC Manning thought it was worth it, because he’s pretty much martyred himself here. And for what cause? A vain attempt to validate the anti-Iraq-war sentiments as justified, after the dust has already been settled and troops are coming home anyways because they’ve more or less accomplished their mission? That’s some pretty haughty moral masturbation right there!
It’s been interesting to see some of the memes destroyed by these leaks. For example, it turns out Iran’s Arab neighbors in the Middle East have been the ones pressing the hardest for the U.S. to attack Iran — not Israel. Kind of destroys the credibility of pessimists who predicted that war with Iran would cause a worldwide economic crisis and regional instability / chaos in the Middle East. So now that we’ve already undergone the worldwide economic crisis, and since it turns out the actual nation-states of the Middle East are not concerned about war with Iran and actually welcome a U.S. attack, can David, dcl, jim kelly, or anyone else please explain how we right-wing nutkooks have been wrong to pine for war with Iran? Faster please.
Uh…. right…. first off, there was never any point where it wasn’t known that Iran’s neighbors in the Middle East did not want them to get the bomb. The rivalry between the Arab (and mostly Sunni) Middle East and the Persian (mostly Shia) Iran is pretty old.
Further, the idea that because a state welcomes an action against one of its neighbors that this would not lead to instability is laughable. Iran welcomed action against Afghanistan and look how that worked out. Iran now has instability on its borders.
Jim K – that is just such first millennium thinking – I’m disappointed in you, I thought you knew better …
That is, if I canceled out enough of the multiple negatives you convoluted …
Better luck next time, old chap !
Thanks for your complete non-contribution to the thread.
Yours too Jim…..