Everyone's angry at what this 21 year old in the Air National Guard did. And that's certainly reasonable.
But as ever, the real problem is that he was able to do it.
It's almost as if the US needs to improve their encryption and data security measures....
Oh wait, the current legislation is defeating security...
@pieist And we won’t see any heads rolling.
@pieist I work at a behavioral health outpatient center. My patient charts are audited every week. Every Friday I get a nasty email from out compliance officer about any damn document that hasn't been signed or is missing from a damn chart. I don't get a "Fuck it, I'll file it when I get back on Monday." How the HELL do classified documents not have a damn compliance officer keeping up with who has access, who used it last, and has it been returned. It's one damn Excell spreadsheet with three damn columns!!!!!🤬🤬🤬
@pieist There's only so much they can do to prevent people with access from misusing sensitive information. I suppose they could tighten up access, and impose further controls. But if someone is determined to misuse the information they have access to, I don't know what can be done.
@slcw All of which skirts the core question: is our naive supposition even remotely true that restricted, highly sensitive information is actually restricted to the smallest possible set of carefully vetted personnel who actually have a need for it?
@barks @slcw As a supposition it's pretty famously untrue. i was at a talk by a former intelligence chief who talked about the dilemma faced by our intelligence partners:
If they don't share intelligence with us, they're cut out of a vital loop, but if they do, their intelligence will be dissipated into a vast and unguarded US public sector and discussed openly by first-year congressional aides brown-bagging their lunches in DC parks.
@slcw @pieist “only so much”? I’m afraid that it’s clear that no one did enough. This alleged leaker was a reservist apparently with access to a load of TS documents. What possible need did he have to view them, let alone be able to copy and transmit them? I’ve spent my working life having to follow certain procedures when handling classified, but only that stuff I needed to see. If any old Joe can access TS perhaps the system is not fit for purpose.
Do you really imagine that all sensitive information goes into a single basket with a single classification, and a Massachusetts Air National Guard member IT person should reasonably have access to all of it? What did any of what was released have to do with the Massachusetts Air National Guard?
@slcw @barks Even hospitals do better than this. I've worked in medical informatics for large swathes of the last two decades. Patient data is very tightly controlled, and personnel can only see what they need to see. That our military and intelligence community can't do better than our cheap, profit-obsessed, cost-cutting private-sector hospitals is behond disgraceful.
@slcw @pieist I agree with the need to avoid speculation, at least with others (always in my head, perhaps). But the question remains: why so easy to access and copy TS information? When I worked for the USAF (a Brit abroad) it was difficult to get hold of information which my country had provided and important for my job (instructing on F16s).
In other words, "the tens of thousands of people who have completely unwarranted access to highly sensitive information need to be more trustworthy" is not even remotely the correct problem statement.