COMMENTARY

Workforce: Get used to the WikiLeaks mindset

George Smith is a senior fellow at GlobalSecurity.org and a writer and commentator on the science and technology of national security.

Back in the early 1990s, I edited an electronic newsletter that dealt with the culture of amateur virus writers — hackers who wrote mobile malware. Julian Assange was a subscriber. This is only to illustrate Assange's bona fides as someone from the original world computer underground, a place where one of the driving philosophies was to reveal the secrets of institutional power.

Once confined to what was considered a computer geek fringe, that ideology is now entrenched. It's no longer an outsider mindset, and it hasn't been for a long time. Now it's inside, with its originators entering middle age. And younger adherents of the philosophy are coming along all the time.

They're everywhere — employed by government, the military and corporate America. And because we have come to the point that the United States is considered by some to be a bad global actor — whether you share that point of view or not — the government is faced with a problem it cannot solve. Its exposure is thought by many to be deserved.

In this new reality, as in nature, a vacuum is abhorred. The mainstream media no longer fulfills the role of speaking truth to power. It opened the door for Assange and WikiLeaks.

Even then, however, the real damage was done by Bradley Manning, an employee who apparently was so bored at his job that he was driven to assiduously exploit the U.S. government's desire to use world-networked computers to share volumes of secret and sensitive materials and its willingness to make that information available to all its legions, regardless of whether they need access to it or not.

There is no effective defense to be mounted against those potentially willing and positioned to perpetrate a WikiLeaks-type operation. And it stands to reason that there might always be insiders like Manning who have the old hacker philosophy as part of their DNA.

There is no simple answer. More paranoid employee reliability screenings or a view that all employees need continuous scrutiny won't solve the problem. And networked computers are incompatible with secrecy as practiced by the government, so adding layers of restrictions and other barriers won't help. That's just an old practice.

But the good news is that, although you can't eliminate the Bradley Mannings, they won't be common. Not everyone who is disgruntled is willing to risk a long jail sentence and professional and personal ruin.

And one more point worth mentioning: Although the U.S. executive branch and Congress are responding aggressively to WikiLeaks, there have been no such actions against the traditional media outlets that are driving WikiLeaks' Cablegate dump.

Whatever one might think of Assange's legal travails, the WikiLeaks operation is apparently proceeding in the manner of traditionally protected and legitimate journalism. To argue for an end to WikiLeaks seems, therefore, to repudiate a core value of democracy.

Featured

Reader comments

Mon, Mar 7, 2011 Ralph

Where was the supervisor oversight ? I can't believe there are not controls/triggers to flag such voluminous downloads...oh wait this is the government. Now is Mannings management being help accountable? Basic controls should have limited the damage, but that requires active management.

Mon, Jan 31, 2011 Major Variola

All you have to do to get rid of anonymous irrevocable publication is get rid of networked computers. Otherwise, get used to it. Anyone can set it up. The tools ---SSL, TOR, other P2P anonymizing transports--- are useful by themselves; a WL infrastructure can merely ride on top of this. Or just get rid of networked computers. Much safer world.

Mon, Jan 31, 2011 Sumner Blount Arlington, MA

You make some good comments, but I disagree with several of your statements. Specifically, you state that there is "no effective defense". That should read "no foolproof defense", because defense against any attack or breach attempt is a continuum - more controls may help reduce risk, but can never reduce it to zero. But, there ARE solutions that could dramatically reduce the risk of these kind of breaches. For example, strong role-based access management, access certification, least-privilege policies, and last but not least, a strong data loss prevention mechanism. Used correctly, these could have most likely prevented Bradley from gaining access, and if he gained access, they probably could have prevented or at least detected the disclosures.

Sat, Jan 29, 2011 Mike

If you want to further explore the conflict between national security and government transparency, especially transparency that can be delivered via the Internet, check out a recently published novel, The Unsanctioned. Although fiction, this novel cuts straight to the Wikileaks dilemma and makes every reader consider where they might draw the line between freedom of speech and national security, especially if put in the position to have to make that decision.

Thu, Jan 27, 2011 Earth

"It [appears] that however certain forms of government are better calculated than others to protect individuals in the free exercise of their natural rights, and are at the same time themselves better guarded against degeneracy, yet experience [has] shown that, even under the best forms, those entrusted with power have, in time and by slow operations, perverted it into tyranny." --Thomas Jefferson: Diffusion of Knowledge Bill, 1779
We live in a free and benevolent society in direct proportion to its openness. It is only in secrecy that political half-wits will do that which they would not like the public to find out about. Ipso Facto greater openness results in a freer and more benevolent society and that is to be desired. That others are less open and therefore less benevolent is no excuse to reduce yourself to their level of openness and lack of benevolence.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above