ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

Knight to queen's bishop 3 - Snowden charged with espionage.

<< < (4/139) > >>

Stoic Joker:
There is one thing about this that has been bothering me...from an Administrative stand point. Yes Snowden was an admin...which means he would need access to the relevant systems to perform his job. However... as a Systems Admin, he would...or rather should not have access to the data on those systems...as it isn't necessary for the performance of his job.

As an example, I manage networks for several medical facilities. I have free and unrestricted access to their systems that allow me to verify that their Patient Health Information (PHI) is online and available. I do not however have access (e.g. any login information) for those databases ... Which acts as a protection for both them and I.

Here's the thing, years ago (e.g. pre 9/11) there was a downloadable security profile (Windows domain group policy template) that was available from the NSA. And accompanying documentation that outlined various security policies that should be in place for segregating how much of what access should be allowed at what level to prevent ... Well shit like this.

So if they already knew how to prevent...this... WTF happened?

40hz:
So if they already knew how to prevent...this... WTF happened?
-Stoic Joker (June 25, 2013, 07:07 AM)
--- End quote ---

I think you're seeing yet another manifestation of The Snafu Principle  which says: Clear and accurate communication is only possible between equals.

Because you have multiple tiers of security authorizations, with tiers and tiers of additional clearances contained within them, there's a good likelihood some key person in Snowden's administrative chain was not aware of of these policies and resources because they weren't cleared to be told about them.

That's the problem with the excessive compartmentalization and zeal for classification our government indulges in. It increases the likelihood of security holes by not allowing sufficient communication between the people that need to communicate with each other to effectively do their jobs.

It's totally ridiculous. I had a work associate who was involved in "government work." he used to laugh about the security procedures he had to comply with. The unnamed agency he worked for had a policy of automatically classifying every document it held as "Top Secret."

He had an incident where he was unable to tell a contractor about a network switch fix that absolutely needed to be made because the agency's copy of the document which detailed the fix (a document that was freely available for download from the manufacturers support website btw) had been stamped "Top Secret" - and the contractor only held "Secret" clearance.

And even more ridiculous, because the doc was "Top Secret," he couldn't even tell the contractor that an unclassified public copy was available elsewhere. He couldn't even acknowledge he knew about it.

You'd think the document's classification would have been reduced...but that's not the way these people worked. They had a policy. All agency documents were to be classed as Top Secret. Period. End of discussion. It's the friggin' policy, man! Can't you read?

The solution? After struggling with a network issue (for which there was a documented fix) for about three weeks, the agency finally realized there was a "Big Problem" with what they were currently doing. So they canned the guy they had - and hired a new contractor. This time they made sure they got one who already had Top Secret clearance.



Do any of us really wonder how some of this nonsense can happen? I mean seriously? ;D

wraith808:
So is he *really* good... or *really* dead?

http://www.bbc.co.uk/news/world-europe-23045790

And when I say *really* dead, I mean like these others...

MI6 Codebreaker Found Dead in Bag Was Likely Killed, Coroner Says

http://www.wired.com/threatlevel/2012/05/mi6-coder-death-foul-play/

Dead Codebreaker Was Linked to NSA Intercept Case

http://www.wired.com/threatlevel/2010/08/codebreaker-death/

Two Strange Deaths in European Wiretapping Scandal
European investigators are tracking the mysterious deaths of two security experts who had uncovered extensive spyware in their telecommunications firms.

http://www.alternet.org/story/40485/two_strange_deaths_in_european_wiretapping_scandal

The Men Who Knew Too Much? NSA Wiretapping Whistleblowers Found Dead in Italy and Greece
Adamo Bove and Costas Tsalikidis: Both uncovered a secret bugging system and both met untimely ends.

http://www.bradblog.com/?p=3305

The Athens Affair How some extremely smart hackers pulled off the most audacious cell-network break-in ever

http://spectrum.ieee.org/telecom/security/the-athens-affair

40hz:
 

CWuestefeld:
If Snowden is caught and brought to trial, here's what I think the next move ought to be:

Snowden should claim that everything he said previously was a lie. And there's no law against telling lies to our enemies, right?

To make its case, the government would need to prove that the stuff Snowden said really was true, thus forcing the government to admit, at the very least, the truth of Snowden's claims.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version