December 06, 2010

Wikileaks Open Thread

Any ideas?

Seriously.

There are several genuine computer geniuses who occasionally drop in here. I'm curious what your thoughts are on the feasibility of preventing/mitigating a future fiasco of this magnitude given the realities of technology.

Are there any realistic options?

Given that there seems to be a good deal of info unreleased and getting it back is pretty much impossible, is it feasible to somehow try and 'lance the boil' so to speak on this current catastrophe so we don't have to deal with the 'drip...drip...drip' effect while trying to conduct   all manner of delicate negotiations?

Any ideas?

Posted by: The Brickmuppet at 04:53 AM | Comments (4) | Add Comment
Post contains 102 words, total size 1 kb.

1 There are some problems that can't be fixed with duct tape.

Posted by: Steven Den Beste at Mon Dec 6 13:01:48 2010 (+rSRq)

2 I suspect you could fix Assange pretty thoroughly with enough duct tape.

Technical solutions? Tough to say. There's plenty of software that can manage large document collections while logging access and limiting what users can do with the data. Even that's not totally foolproof (can't defend against a camera pointing at the monitor, or a hacker editing their client's program), but it should be enough to prevent this kind of large-scale leak.

Of course, that requires someone to be looking at the access logs for patterns (or at least "hey, why is PFC Manning downloading tens of thousands of dispatches?") All the monitoring in the world does no good if nobody pays attention to the output...

Posted by: Avatar_exADV at Mon Dec 6 15:58:20 2010 (pWQz4)

3 I've worked in businesses where getting that data out would have been in the difficult to impossible range, and that's while pretending that your users have rights. Simple things like disabling writeable usb media (a registry switch), not including writable optical media in the machine or disabling writing except on privileged accounts (another registry switch) covers a chunk of it. Then you set up your email server not to accept attachments or bodies in excess of a certain size or containing certain keywords and you've gotten most of the options. Filtering web access to certain types of sites gets most of the rest. As for what to do now that the information is out, there isn't much you can do other than push things to the full extent of the law and make examples of anybody and everybody possible "por encourager les outres". That's not a technical solution, although you might chose a technological flavoring to dealing with examples, such as particularly nasty DDOS attacks on anyone who hosts the data, combined with attacks on a stuxnet level.

Posted by: David at Mon Dec 6 16:11:26 2010 (rj+nH)

4 If we're trying to "lance the boil", as you say, about the only option is to have a team go through, find anything embarrassing to anyone, and publish a summary detailing it immediately; with luck a lot of the negative effect would get swamped by pushing it all out at once.

Then make it clear that anyone who wants to be offended, well, that's their problem; if they want to play ball with us we can go on with business as usual, and if they don't, then -we won't play ball-. Irrational overreaction is a useful technique, if not the nicest one. The chance that the Obama administration would implement this is slightly smaller than my chances of winning the lottery... twice... in consecutive weeks.

Posted by: Avatar_exADV at Mon Dec 6 17:32:18 2010 (pWQz4)

Hide Comments | Add Comment

Comments are disabled. Post is locked.
26kb generated in CPU 0.03, elapsed 0.0239 seconds.
66 queries taking 0.0119 seconds, 267 records returned.
Powered by Minx 1.1.6c-pink.