Why keep documents in your home? I get that people emailed HRC, and so that's why she had email with contents that shouldn't have been on a server in her home. But boxes of documents? Trump or Biden...why?

-----------------

Part of the reason this is happening is because of the lack of functionality in the systems used to classify and physically secure top-secret content. After the security breach related to Jack Teixeira came to light in April of 2023, I wrote about the numerous flaws in current information security systems here:

https://watchingtheherd.blogspot.com/2023/04/natio...

Due to the ease of transmitting crucial information electronically and challenges with tracing WHERE electronic information flows after its release, we currently exist in a world where a printed PHYSICAL copy of a document is in many ways deemed more secure than an electronic copy. As a result, when ten officials are invited to a meeting in the Situtation Room to discuss new spy satellite photos about an adversary seemingly prepping for war, it's more likely that ten copies of a 20-page PowerPoint containing the photos, alternative strategies and military response recommendations are PRINTED and left on the table in front of each chair than that same PowerPoint is EMAILED to each participant as an encrypted, password-protected file that can only be opened ONCE within a limited window of time plus or minus 60 minutes before or after that meeting. Nor are security tools used along with standard desktop applications that block such files from being forwarded or exported from the original PROTECTED document into a NEW document that lacks any of the access / forwarding restrictions.

The other problem is that role-based access rights are not administered within government networks in ways which remotely reflect the underlying complexity of schemes used to categorize national security secrets. One can easily argue that is a reflection of TWO different problems. One is that current operating systems and applications used to create / view documents lack the features required to attach security attributes that can reflect not just the LEVEL of the person with rights to see information but explicitly WHERE in the entire universe of top-secret information that person is allowed to view information. As I wrote in 2023,

----------------
Using the earth as a metaphor for all possible areas of sensitive information, this classification scheme implies that current practices are more focused on the "altitude" of a person (how high up the scheme they are) rather than the "latitude and longitude" of their need to know. Information within the Compartmentalized tier is obviously more segmented but at lower levels, access seems to be quite wide. Conceptually, if you are trusted to view information at two thousand feet, you are trusted to look at any point on the planet at that two thousand foot level.
----------------

To better identify the "pinpoint" of specific secret information involved in a document (either by its content or originator role), I suggested devising new applications and operating system functions that could use the security equivalent of a ZIP code -- a short, 7-character alphanumeric string that could logically encode the NATURE of the security information within a document and be interpreted electronically at any point of access or transmission to drive access restrictions and trace the document's electronic spread.

----------------
In essence, government systems need to implement a new process based on something I'll call a "ZIPIT" code. Like a ZIP code, a ZIPIT code would be a relatively short character string that would be automatically created any time a confidential document is created electronically or printed that would encode information about the originating agency, department and possibly author. How much information could be embedded in a ZIPIT code? If the code was kept to seven alphanumerics (digits and upper case), that would be 37^7 or 94,931,877,133 combinations.

Theoretically, this concept would allow over 94 billion unique areas of information to be identified for subsequent use in identifying the source of a document and information about the organization and author that created it, allowing searches to rapidly trace the document's trail if leaked. If a ZIPIT code was also embedded with a document and used to trigger an event when read electronically, such read confirmations could be collected and searched to instantly diagram a document's sharing history and identify parties that viewed the document. The tasks of synthesizing such codes at document creation and generating "read tags" as documents are passed and opened is child's play for modern big data systems. Amazon processes more details on your search behavior on their portal than would be generated by this type of system.
----------------

Of course, the OTHER conclusion from all of these events is that humans will ALWAYS be the weakest link in any attempt to maintain a national security state and that attempting to operate a democracy amidst a system like the current state that creates so many distinct, microscopic categorizations of "national security information" is NOT actually protecting the country (because the processes required are too onerous) and in fact is only creating bureaucracy and inefficiency that is likely HARMING the goals of protecting the country -- by luring us into believing the current protection schemes are bullet-proof. They're not.


WTH

US Policy FAQ

---

Contact Shrewd'm
Contact the developer of these message boards.