mentat@walt.cc.utexas.edu (Robert Dorsett) (03/17/89)
In article <1596@csd4.milw.wisc.edu> roberts@csd4.milw.wisc.edu (Timothy P. P. Roberts) writes: > I am not a hater of Soviets nor Communist Chinese but I do Believe in >discipline and state secrets. While in the Marine Corps, I was based on a >military station with plenty of "secrets" as my everyday surroundings. I am >now a student of astrophysics and a little disgusted by SDI research. However, >I do Not and will never reveal information to public access that (while hurting >SDI) would reveal secrets or just little known facts that any fool could tell >were damaging to U.S. Security. > Think twice if you were ground crew or involved with the SR-71 program >before you set us straight about our whimsicle rumors. Considering how meaningless "security" and technology restrictions are these days (i.e., public-knowledge except the public shouldn't know about them), I have no problem with people commenting half-remembered experiences. More to the point, I'd be surprised if the "opposition" didn't know all about a 25- year-old airplane. > Don't throw away your secret status by foolishly blabbing on the network. I think we're mostly adults here. I would be surprised if people working on the SR-71 did not have to sign a contract, providing for mucho penalties for security violations. Let the individuals make up their own minds on what to post. If they break the law, well--that's their own problem. We don't need someone to set us straight on what's "correct" to talk about. Robert \ Dorsett, who's never had a security clearance, and hopes never to have one. :-) Internet: mentat@walt.cc.utexas.edu UUCP: ...cs.utexas.edu!walt.cc.utexas.edu!mentat
ugthomps@cs.Buffalo.EDU (Gregory Thompson) (03/21/89)
In article <11254@ut-emx.UUCP> mentat@walt.cc.utexas.edu (Robert Dorsett) writes: >Considering how meaningless "security" and technology restrictions are these >days (i.e., public-knowledge except the public shouldn't know about them), >I have no problem with people commenting half-remembered experiences. More >to the point, I'd be surprised if the "opposition" didn't know all about a 25- >year-old airplane. Security and techonology restrictions are by no means "meaningless". Consider the level of knowledge that you *think* you have. How far up is it really? Do you know for a fact? Let's take a nice simple fact that is a very commonly asked question: how deep does say, a trident class sub go? Do you know the answer? I thought not. Restrictions are not meaningless,in fact far from it. >I think we're mostly adults here. I would be surprised if people working on Considering the fact that it is adults who give away the overwhelming majority of secrets,the fact that we are adults in any sense of the word is rather gutted of meaning. >the SR-71 did not have to sign a contract, providing for mucho penalties for >security violations. Let the individuals make up their own minds on what >to post. If they break the law, well--that's their own problem. We don't >need someone to set us straight on what's "correct" to talk about. No it's not just their problem. It is the nation's problem. It is not just] law they are breaking. If a person with a security clearance reveals data that endangers this nation, it very quickly becomes your problem as well. The person who gave us that reminder about security was not in the wrong.E Even those of us who have security clearances occasionally need refreshers. In fact in many areas of security it is common practice to have refreshers. This person was doing a favor to us and the nation he represents. >Robert \ >Dorsett, who's never had a security clearance, and hopes never to have one. :-) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ How do you feel qualified to comment? I don't know your history, but if you have never had a security clearance, then what do you know about it?? - G
pat@leadsv.UUCP (Pat Wimmer) (03/21/89)
Please move this discussion elsewhere. While discussion of security matters might be interesting, it doesn't belong in this news group.
macs%worke@Sun.COM (Manuel Cisneros) (03/22/89)
In article <4806@cs.Buffalo.EDU> ugthomps@sunybcs.UUCP (Gregory Thompson) writes: >Even those of us who have security clearances occasionally need refreshers. I would think that there is a mechanism whereby those given security clearances are "refreshed" by the issuer of the clearance. Besides, I still think that those who do have the clearance are responsible/mature enough to know what they are doing, otherwise how else would they have gotten the clearance in the first place? Manuel.
raveling@vaxb.isi.edu (Paul Raveling) (03/23/89)
In article <4806@cs.Buffalo.EDU> ugthomps@sunybcs.UUCP (Gregory Thompson) writes: >In article <11254@ut-emx.UUCP> mentat@walt.cc.utexas.edu (Robert Dorsett) writes: > >>Robert \ >>Dorsett, who's never had a security clearance, and hopes never to have one. :-) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > >How do you feel qualified to comment? I don't know your history, but >if you have never had a security clearance, then what do you know about it?? I'd like to comment as one who'd sign the same way -- I've never had a security clearance, don't want one, and if anyone ever convinces me it's necessary to get one, I'll want to see clearance documentation for whoever wants to see mine. My basic opinion is that secrecy is often overrated and is sometimes abused. In any case it's a pain in the whatnot. The most meaningful secrecy I've seen has been in the corporate world, topped by the electronic games industry. Mattel Electronics in '83 used security measures that didn't fall short of military secrecy by much. I've been close to military secrecy in several projects. Some notes on secrecy in each follow, but the worst case is the one at the end, courtesy of my wife. 1. Military Message Experiment -- A C**3 technology demo dealing heavily in classified message traffic (categories were unclassified, confidential, secret, & top secret). They used our stuff to handle actual classified message traffic in Hawaii. We Loved those bug reports: Them: "The software did something screwy." Us: "How did it go screwy?" Them: "We can't tell you." Us: "What was happening at the time?" Them: "We can't tell you. Just fix it." It does slow down the course of progress a bit. 2. B1-B Central Air Data computer At Garrett we had functional specs for everything we needed, such as CADC functions & interfaces to aircraft systems, but we didn't have real data for a few things. A few algorithms could be tuned by coefficients to produce wildly different behaviors, once the classified values were supplied. For the few sensitive items, Rockwell gave us artificial but seemingly realistic data for testing. So what sort of thing was classified? The most sensitive item I recall was a large set of coefficients for computing static source error correction (SSEC). That's the function to correct the raw static pressure for variables such as angle of attack, mach number, & such. I never figured out why that stuff was classified. 3. Standard Central Air Data computer -- Digital replacement for analog boxes on F-111's, F-4's, A-4's A-7's, A-6's KC-135's, C-141's, & probably some I'm forgetting right now. Just as it was surprising that the B-1's big secret was static source error correction, an example of a not-so-secret item was the F-111's top speed. I believe the public info was something like mach 2.5, which would be consistent with our functional requirement to measure up to mach 2.8. Chatting with an F-111 pilot tended to confirm that the unclassified number was realistic. 4. Most recently, Integrated Interfaces -- a research project whose application domain was the morning briefing to the admiral at CINCPACFLT (Commander IN Chief, Pacific Fleet). On this one we got a sanitized copy of the Navy's IDB data base with classified info replaced by 0's. This data base includes info on ship movements and readiness status that legitimately should be classified. We didn't have much trouble with classified info on this, and the Navy was quite helpful. 5. A word for my wife, who managed a couple VAX installations with Tempest capability for Northrop (she had a secret clearance): This is is a ROYAL PAIN, especially for a machine that can be switched between secret and unclassified work. Picture a VAX in a room built as a Farady cage. To use it in a networked unclassified environment, you haul cables across the floor, coming in from the hall through the only doorway. The room's electrical shielding can't be pierced, and no external connections are allowed for classified work. Worse yet, on switching from classified to unclassified you have to back up the classified disks onto tape, erase the disks, and verify that they're erased. Only then do you get to restore whatever you need for unclassified work. And, there's roughly the inverse process for the opposite switch. It's easy to waste hours of transition time to run a classified job, even if it only runs a few minutes. And how much work REALLY needs to be secret -- I can just envision hours upon hours of overhead per computing minute for refining SSEC coefficients for the B-2. Secrecy is expensive, & our tax bucks finance it. ---------------- Paul Raveling Raveling@isi.edu
ugthomps@cs.Buffalo.EDU (Gregory Thompson) (03/24/89)
In article <95166@sun.Eng.Sun.COM> macs@sun.UUCP (Manuel Cisneros) writes: >In article <4806@cs.Buffalo.EDU> ugthomps@sunybcs.UUCP (Gregory Thompson) writes: >>Even those of us who have security clearances occasionally need refreshers. > >I would think that there is a mechanism whereby those given security clearances >are "refreshed" by the issuer of the clearance. Besides, I still think that >those who do have the clearance are responsible/mature enough to know what they >are doing, otherwise how else would they have gotten the clearance in the first >place? > >Manuel. Manuel, You seem to be making an assumption here that simply because these people who do have the clearances are mature and responsible that they don't need training in the development and implementation of security. The military does not assume common sense prevails. People are trained in security measures. The issuer of the clearance is the military, and they do refresh. However, if I saw someone who was obviously leaking information I wouldn't just wait for the next refresher course to catch it. I would tactfully take care of the situation immediately. Security reviews are a necessary part of the military. Someone reminding us on the network of our duties with relation to security (for those of us who have access) is, by my viewpoint at least, not out of line. - G