The wikileaks don't add up

The wikileaks don't add up

Summary: The wikileaks don't add up - not only couldn't the leaks happen as described without gross negligence somewhere, but the contents seem remarkably one sided.

SHARE:

There's something not right about the story behind the wikileaks documents.

First of all, we're told that Manning simply took rewriteable Lady Gaga DVDs to work, copied text files to them, and walked them out for eventual file re-assembly and transfer to wikileaks.

If the server(s) involved ran one of the Unix or zOS derived OSes cleared for use in secure environments access logs would have been created automatically - and at least in the case of zOS or Solaris alarms sent to the duty officer responsible for data center operations within a few seconds of the first byte being written to a detachable storage device.

Further, had he done this using a USB or DVD drive connected to a Sun Ray served from Solaris, that officer could have replaced or erased the file before the device could be dismounted.

In both cases, furthermore, software that looks for patterns in file accesses comes with the security upgrades - meaning that repeated accesses neyond his need to know would assuredly have triggered security interest.

It's also possible that he used a PC accessing one or more Wintel servers. While I regard allowing wintel on a secure system as demonstrating both incompetence and negligence, some people argue that the cost/benefit trade-off in doing it is acceptable and have thereby created a market for software intended to mitigate the more obvious risks.

The bottom line is that no matter the technology he had to have help to pull this off - although whether that assistance was intentional or simple gross negligence by many people concurrently isn't clear.

And there's a corollary here, I think, for those of us who work in civilian IT - because an Oracle case study on this could sell a lot of gear, software, and support to lawyers and others handling customer confidential information simply by pointing out that the logging software is standard on Solaris, alerting scripts are trivial, and the connection of external devices like USB drives to Sun Rays need not be allowed for most users.

The second thing that's not right about the wikileaks story is content related: in both rounds much of what came out was already known; became politically damaging only because the journolist community choose to notice; isn't a threat to national security; doesn't expose many good guys - defined as people working for the security and defense of the United States - to hazard; trails irresistible information in front of their opponents; and, exposes a lot of foggy bottom thinking to public ridicule.

Both leaks also managed to expose a lot of hypocrisy: The New York Times, for example, refused to publish the climategate letters exposing some of the global warming fraudsters on the grounds that the material had been stolen from University servers, but immediately published material believed stolen from American DoD servers - presumably because community rejoicing in the pentagon papers episode halos Assange as a kind of folk hero for their side of the political debate.

Both leaks also lend support to Bush era policies - from comments on WMD found in Iraq to background on activities in and by Iran and North Korea, there's a lot in both rounds to prevent future historians from taking the NYT/Economist axis seriously as a source of factual information.

All of which leads to a moral dilemma: I cannot condone leaking classified material even if that classification is often inappropriate and being misused to shield the guilty - but I've worked in secure environments and simply don't believe even wintel style pretend security could have let this happen undetected and undeterred; overall rather like the results; and keep thinking that Sun Tse might, were he alive today, see something deeply honorable in the risks taken, and the obstacles overcome, in making this happen.

Topics: Hardware, Open Source, Operating Systems, Oracle, Security, Servers, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

29 comments
Log in or register to join the discussion
  • Those "Climategate" emails

    Were vetted by at least 3 different (reputable) organizations - who found that the scientists were acting stupidly, but their research was sound. Scientific research is a (never ending) search for truth. Don't confuse the "searchers" with the end results (truth).

    As for Windoze "security" - you're preaching to the choir. Luckily our enemies are as stupid as we are (see the Iranian nuclear facilities being plagued by viruses). For some (strange) reason, I kind of like that a single person can expose government fraud like that. A private in the Army can show the world how full of sht we are . . .
    Roger Ramjet
    • More than "acting stupidly"

      @Roger Ramjet<br><br>They showed that a cadre of climate scientists were deliberately using "peer pressure" in an attempt to prevent the publication of scientific articles that contradicted their preferred narrative that humans are causing global warming. This is a no-no in scientific research. All ideas and evidence must be entertained (at least initially), but only the ideas that can be validated by testing of actual phenomena, or observation of the same, should be used as bases for further research. This is just "scientific method 101".<br><br>They also showed that a few scientists were deliberately trying to hide their research methods. One of them said they'd rather frustrate the disclosure process than reveal how they arrived at their data. This is just plain unscientific methodology. By definition science is about the sharing of theories and data, and full disclosure of the methods by which they were obtained (again, "scientific method 101").<br><br>When researchers went into the CRU's archives, after the "climategate" incident occurred, and looked for original data related to information that was in the e-mails, they were told that the original data had been deleted years ago. All that was left was the massaged data. Yeah, I'd say that's "acting stupidly". That alone should've brought the research into serious doubt, because, again, it didn't allow researchers to look into how the massaged data was derived. I think in any other field of research the CRU data would've been rejected for its sloppiness. But these guys get a pass, as usual.
      Mark Miller
      • RE: The wikileaks don't add up

        @Mark Miller

        Oh god, hope the tinfoil hat fits.

        So it's a cadre of evil scientists and scientific facts are "preferred narrative". Go pedal your conspiracy theory to someone who cares.

        Whoops that'd be Rudy wouldn't it.

        Oh and please let us have your qualifications Mark, I'm sure they'd make light reading.
        tonymcs@...
      • RE: The wikileaks don't add up

        @Mark Miller I have pretty good scientific qualifications. I've even read the papers. Given all of that, I'd say there's a 95% chance of man made global warming. A 99% chance of an anthropogenic affect on climate that can scientifically be called neither cooling nor warming. And I consider both confidence levels "soft." There's a strong a priory p(warming) that is not sufficiently explicit in the non Bayesian statistics used in all research in this field for me to have hard confidence in any of it. In other words, unless I do the analysis myself, it's all too political to trust any of it absolutely. Especially the discussion sections or UN summaries that are beyond the translation layer from math to words.
        caburlingame
      • RE: The wikileaks don't add up

        @Mark Miller There were no 'scientific articles' being suppressed. Even the ludicrous crap flowing from the Cato institute was published before the STOLEN emails were revealed.
        cdmsr
    • what happened to populargadgetnews doesn't add up

      It seems to have dissappeared, has paul left the planet?<br><br>@Roger Ramjet
      sparkle farkle
    • WHAT WHAT does not make sense... why...

      @Roger Ramjet

      The government trusted u and others to prevent this...
      U got paid u f up....

      I think that INTRUSION detection systems that I have BUILT check it comming and going....

      IF ditected going out.... POOOOOOF.....

      Working in the Pink Diamond Mine.... large discovery....

      Create Chaos Pandoria13@hotmail.com

      A very unique occurrence in nature has been found;
      analyzed; assessed; weighed; tested; enhanced;
      implemented and deployed in the pink diamond mine's of the Mainframes'.

      www.z390.org and www.zCOBOL

      zCICS; zVSAM; zSORT etc... etc... etc...

      read all about it !!!!!!!!!! Then Try IT !!!!!!!!

      Supporting Newest z196 instruction set execution through emulation x86 & x64 in JAVA

      Interfaced with IBM DB2 Express-C batch SQL capabilities; [ I actually help in doing some of this, really ]

      Deployed onto the CloudShare Pro CLOUD [ I actually DID this in Jan of 2011, really ]

      Running on Win & Linux or J2SE supported platform's

      100% JAVA Open Source... 100% F R E E ...

      caution... please, read the ton's and ton's of documentation provided, it saves you a lot of time...
      caution... please, ton's and ton's of examples, it saves you a lot of time...
      caution... please, join the group, and read all of the group posting's from the beginning, it saves you a lot of time...
      caution... please, ask questions, you will be amazed at the cut right to the chase on the subject requiring attention,
      it saves you a lot of time...
      caution... please, you might find yourself rummaging around the attic or garage for that dang old source code you developed back when,
      that may not save you time...
      caution... please, you might just actually save your company and you, very serious monies...
      caution... please, SHARE, share, ShArE, sHaRe...
      caution... please, introduce yourself, you just might find that Old Code Slinger Buddy from back a while ago, you forgot about...
      caution... please, don't take my word for it, that it WORK's, try it, you find a REAL BUG [$ 1.00 reward ],
      Mr. Don Higgin's will rule if it a BUG or NOT...
      caution... please, believe found myself doing that nasty bit fiddling thing again,
      and I can do that in xxxx instructions, like name that tune...
      caution... please, believe found bunche's of JAVA, IBM HLASM Assembler, COBOL, WIN, LINUX & etc........
      WIZARD's still exist, that were locked away in the back room like me.
      caution... please, O P E N S O U R C E is the only way to GO...
      caution... please, you can donate or not donate, that is entirely up to YOU...
      caution... please, it is advisable, to look out the window and see if the sun has risen...
      caution... please, Lot's of thing's to get involved with, no offer of assistance has ever been refused so far...
      caution... please, ... ... ... .... .... flower box's are still kool

      caution... please, Adviable to Display Entering Pink Diamond Mine Unlimited Work Zone Area...

      Pandoria13@hotmail.com

      2011 is gonna,,,,, Rock, and Rock, and Rock.......
      Page-Cray
  • This was held back by zdnet for some reason I don't understand

    This should have been released at the usual time - 12:15 AM PST on Saturday. It wasn't - and no one has bothered to explain why.

    As a result, expect this to be my last post here.
    murph_z
    • Oh come on

      @murph_z

      Your post was released at 6:00 AM instead of 12:15 AM PST. You might have missed some early risers in the east, but I doubt the "regulars" even noticed. I usually read this blog at work, so I don't see it until Monday anyway.

      Close your eyes, take a deep breath and repeat "There's no place like ZDnet" . . .
      Roger Ramjet
    • Promise???

      @murph_z

      I see that you still couldn't help dropping the Sun barrage again....You just can't keep from living in the past as the world passes you by. Sun is gone, move on. It's healthier that way.
      linux for me
      • Sun is gone

        @linux for me

        Not from what I see. The last 2 jobs I've had, they were increasing their purchases of Sun. What I DON'T see is anyone buying HP big iron. I would bet you that HP-UX will disappear before Solaris.
        Roger Ramjet
      • RE: The wikileaks don't add up

        @linux for me
        I agree with Roger and I'm no Sun fan. HP appears blaise about it's high end server strategy. While IBM and Oracle have released new high end lines... HP seems to be content about letting Intel dictate the shots for their server equipment and right now Intel, is putting their eggs in the x86 basket, not x64. Oracle's strategy for the long term may be one of going kicking and screaming... x64/Unix units will probably disappear, for the most part, from the computer landscape by the end of this decade.

        Paul's analysis is flawed... most likely the information copied was from email servers... which usually don't run on z/os or Solaris. Also most major 'security' breaches, especially nowadays, are usually inside jobs, not unauthorized access.
        Also in murph's defense, I don't see him mentioning Sun microsystem, anywhere in his blog.
        scotth_z
    • RE: The wikileaks don't add up

      @murph_z

      Oh frabjous day, caloo calay, Rudy is leaving.

      Yes Rudy, it must be censoship, literally tens of people are hanging on until they can read your latest fantasy.

      SPOILER ALERT

      It's all the fault of Windows and MS, the OOP programmers, left-wing liberals and the critics of the flat earth society.

      They just don't appreciate you Rudy - do a Palin and leave - that'll teach em. Or are you still smarting from your rap over the knuckles for your political piece?
      tonymcs@...
    • RE: The wikileaks don't add up

      @murph_z
      Yay! About time you hung up the tinfoil hat.
      ITLeader
    • stupid post..... read this u jerk...

      @murph_z

      get a life..

      Working in the Pink Diamond Mine.... large discovery....

      Create Chaos Pandoria13@hotmail.com

      A very unique occurrence in nature has been found;
      analyzed; assessed; weighed; tested; enhanced;
      implemented and deployed in the pink diamond mine's of the Mainframes'.

      www.z390.org and www.zCOBOL

      zCICS; zVSAM; zSORT etc... etc... etc...

      read all about it !!!!!!!!!! Then Try IT !!!!!!!!

      Supporting Newest z196 instruction set execution through emulation x86 & x64 in JAVA

      Interfaced with IBM DB2 Express-C batch SQL capabilities; [ I actually help in doing some of this, really ]

      Deployed onto the CloudShare Pro CLOUD [ I actually DID this in Jan of 2011, really ]

      Running on Win & Linux or J2SE supported platform's

      100% JAVA Open Source... 100% F R E E ...

      caution... please, read the ton's and ton's of documentation provided, it saves you a lot of time...
      caution... please, ton's and ton's of examples, it saves you a lot of time...
      caution... please, join the group, and read all of the group posting's from the beginning, it saves you a lot of time...
      caution... please, ask questions, you will be amazed at the cut right to the chase on the subject requiring attention,
      it saves you a lot of time...
      caution... please, you might find yourself rummaging around the attic or garage for that dang old source code you developed back when,
      that may not save you time...
      caution... please, you might just actually save your company and you, very serious monies...
      caution... please, SHARE, share, ShArE, sHaRe...
      caution... please, introduce yourself, you just might find that Old Code Slinger Buddy from back a while ago, you forgot about...
      caution... please, don't take my word for it, that it WORK's, try it, you find a REAL BUG [$ 1.00 reward ],
      Mr. Don Higgin's will rule if it a BUG or NOT...
      caution... please, believe found myself doing that nasty bit fiddling thing again,
      and I can do that in xxxx instructions, like name that tune...
      caution... please, believe found bunche's of JAVA, IBM HLASM Assembler, COBOL, WIN, LINUX & etc........
      WIZARD's still exist, that were locked away in the back room like me.
      caution... please, O P E N S O U R C E is the only way to GO...
      caution... please, you can donate or not donate, that is entirely up to YOU...
      caution... please, it is advisable, to look out the window and see if the sun has risen...
      caution... please, Lot's of thing's to get involved with, no offer of assistance has ever been refused so far...
      caution... please, ... ... ... .... .... flower box's are still kool

      caution... please, Adviable to Display Entering Pink Diamond Mine Unlimited Work Zone Area...

      Pandoria13@hotmail.com

      2011 is gonna,,,,, Rock, and Rock, and Rock.......
      Page-Cray
    • Be very disappointed if it happens

      Murph is one of the few at ZDNet with real enterprise IT experience. Don't let it further slip into the MS play school.
      Richard Flude
    • RE: The wikileaks don't add up

      @murph_z Good. Your gratuitous shot at a long-disproven 'fraud' shows you to be out of your depth in the real world.
      cdmsr
    • Murph, if you leave the terrorists win...

      @murph_z ...or whatever. Some technical glitch shouldn't keep the only different voice around here from keeping silent. At least give us a lead on where you'll be blogging next.
      Stormbringer_57th
  • RE: The wikileaks don't add up

    Interesting analysis. What a brilliant, risky gambit!
    kenosha77a
  • I'm not sure what the fuss is all about....

    1) The figure I keep running across is that 2.5 million people were cleared to access the documents. I'm pretty sure that Russia, China, UK, and Israel had already read them before Wikileaks got their hands on them.
    2) We, the American Allies, already know that the US spies on us. We spend a lot of resources on countering those efforts. American enemies have also made this assumption.
    3) We've all already known that American consular efforts have increasing been devoted to espionage, and less to ambassadorial efforts. The big tip-off would have been that CIA agent who was the Ambassador's wife got outed during Bush era.
    4) The only real harm is to American espionage efforts inside American Allied nations. You know that counter-espionage units are now combing the cables to see which sources need plugging, which sources are still working. Knowing that America spies on us, don't you think we may be feeding you some disinformation? The cables will tell us which "sources" are trusted. Of course, now that you know that we know that you know....

    This will blow over.
    snberk341