1
There are some problems that can't be fixed with duct tape.
Posted by: Steven Den Beste at Mon Dec 6 13:01:48 2010 (+rSRq)
2
I suspect you could fix Assange pretty thoroughly with enough duct tape.
Technical solutions? Tough to say. There's plenty of software that can manage large document collections while logging access and limiting what users can do with the data. Even that's not totally foolproof (can't defend against a camera pointing at the monitor, or a hacker editing their client's program), but it should be enough to prevent this kind of large-scale leak.
Of course, that requires someone to be looking at the access logs for patterns (or at least "hey, why is PFC Manning downloading tens of thousands of dispatches?") All the monitoring in the world does no good if nobody pays attention to the output...
Posted by: Avatar_exADV at Mon Dec 6 15:58:20 2010 (pWQz4)
3
I've worked in businesses where getting that data out would have been in the difficult to impossible range, and that's while pretending that your users have rights. Simple things like disabling writeable usb media (a registry switch), not including writable optical media in the machine or disabling writing except on privileged accounts (another registry switch) covers a chunk of it. Then you set up your email server not to accept attachments or bodies in excess of a certain size or containing certain keywords and you've gotten most of the options. Filtering web access to certain types of sites gets most of the rest.
As for what to do now that the information is out, there isn't much you can do other than push things to the full extent of the law and make examples of anybody and everybody possible "por encourager les outres". That's not a technical solution, although you might chose a technological flavoring to dealing with examples, such as particularly nasty DDOS attacks on anyone who hosts the data, combined with attacks on a stuxnet level.
Posted by: David at Mon Dec 6 16:11:26 2010 (rj+nH)
4
If we're trying to "lance the boil", as you say, about the only option is to have a team go through, find anything embarrassing to anyone, and publish a summary detailing it immediately; with luck a lot of the negative effect would get swamped by pushing it all out at once.
Then make it clear that anyone who wants to be offended, well, that's their problem; if they want to play ball with us we can go on with business as usual, and if they don't, then -we won't play ball-. Irrational overreaction is a useful technique, if not the nicest one. The chance that the Obama administration would implement this is slightly smaller than my chances of winning the lottery... twice... in consecutive weeks.
Posted by: Avatar_exADV at Mon Dec 6 17:32:18 2010 (pWQz4)
Hide Comments
| Add Comment
