In 1971, the New York Times started publishing excerpts from the closely guarded, highly top secret Pentagon Papers. It was an explosive public exposure of long-held secrets about the Vietnam War, and was a huge controversy. In 2013, the Guardian started publishing excerpts of closely guarded, highly top secret NSA operations. It was an exposive public exposure of the top secret operations of the most well-funded, computer-savvy security organization in the US. There is every reason to believe that security breaches will continue to happen, because the "experts" in charge of security just don't know how to get it done. They didn't know how 42 years ago, they don't know now, and they show no signs of even being interested in learning how to provide effective security.
The RAND Corporation
The RAND Corporation was one of the original top-secret research institutes. It was started after World War II to provide a place for top brains to figure things out that would help the military. In contrast to most places with top secret information at the time, the atmosphere inside RAND was purposefully academic and collegial. There were often open seminars and presentations anyone could attend, so that cross-disciplinary fertilization could take place. You had to have a very high level of background checking and security clearance to be admitted -- but once you were in, you could go anywhere and talk with anyone, since everyone knew that if you were there, you had the appropriate clearances.
People at RAND did truly pioneering work in econometrics, operations research, game theory and computing.
The secrets at RAND needed to be faultlessly secure. While it looked like an ordinary office building close to the beach in Santa Monica, in fact it was a heavily fortified and guarded fortress, with armed guards at every entry point.
Daniel Ellsberg
The story of Daniel Ellsberg and the Pentagon Papers is well known. Mr Ellsberg was a RAND employee, with degrees in economics from Harvard and a stint in the Marine Corps. He was involved in secret studies concerning the Vietnam war in the 1960's, and had access to what became known as the Pentagon Papers while at RAND around 1969. He made copies of literally thousands of pages at RAND ... and walked out the door with them. Fortress RAND and all the armed guards kept the "normal" bad guys at bay -- while letting the former corpsman with a PhD, dressed in a coat and tie and carrying a briefcase, walk calmly out with what they were supposed to be protecting.
David Black
I was a scruffy-looking Harvard undergrad in 1970, and had gotten a summer job at RAND to work on the early ARPA net, the predecessor of today's internet. Before starting work, I had to undergo a thorough security clearance; agents actually visited many of my friends and asked probing questions. By the time I started work in July 1970, I had my SECRET clearance and was pending for TOP SECRET. I had a great time solving pioneering problems with the computers. RAND had an early IBM 360, and it was the first non-DEC machine to be connected to the ARPAnet, so we had to overcome a host of very basic issues, like resolving the conflicting coding schemes (EBCDIC vs ASCII), byte lengths (8 bit vs. 6 bit) and word lengths (32 bit vs. 36 bit), in addition to everything else.
I was also amazed at everything else you could learn at RAND. While protests raged on the streets, inside the protected walls of RAND you could find out what was really going on in Vietnam and Cambodia, from people who had just returned from those places.
In retrospect, I realize that I got a personal demonstration of how to conduct ineffective security that summer at RAND. The protestors had no chance of breaking into RAND and stealing its secrets. In fact, none did. The guards waved through most of the employees coming through the employee entrance. Except for the one who looked too much like the "hippies" outside. I got stopped and triple-checked every time. On the way out, all the clean-cut, well-dressed, brief-case-carrying employees like Daniel Ellsberg were similarly waved through -- no danger there! But that tall, gangly, scruffy Harvard kid? Better stop him and search him thoroughly. He's just the kind of person who would steal our secrets. While they were doing everything but strip-searching me, Ellsberg was shopping the 7,000 pages of secrets he had already brazenly walked out with, under the friendly eyes of the clueless guards.
The NSA leak of 2013
The NSA is more of a fortress than RAND ever was. No way anyone could break in and come out alive. Cyber attack? Unlikely, for the same reason. A clean-cut employee-equivalent? Same story as RAND. Once on the inside, have fun! Do what you want, take what you want -- we're too busy guarding against those scary outsiders to bother with you -- you've got a clearance, you're OK! Except, like Ellsberg, Snowden was not OK.
Ineffective then, Ineffective now
I've previously discussed the standard methods for securing important things like bank and medical records. These methods have two fatal flaws.
First, they take a fortress approach to security. They assume the attacks will come from outside the "walls" by outsiders. They ignore insider attacks, which are the most damaging ones by far.
Second, they take a procedural, legalistic approach to security, assuming that if enough lawyers write enough regulations and procedures, and enough enforcement takes place through audits and certifications, the problem will be solved. They assume that complex, step-by-step procedures spelling out how to implement security are intrinsically better than simple definitions for what must be secured, with penalties for failures.The trouble is, no one executes the procedures perfectly, the procedures themselves are flawed, and the bad guys are always figuring out new ways to be bad.
Either of these flaws is sufficient to explain our never-ending security crises, and our ever-spiralling costs for trying to be secure. Together, bad results are guaranteed.
Summary
Our security systems are straight from the time of castles and knights: we imagine that the threat is from the scary guys in armor charging around on big horses "out there." Then, with the wrong threat in mind, we .. get the lawyers on the case! We bury ourselves in policies, procedures, regulations, certifications and audits, all of which take time and money, and most of which is completely useless. Then the bad guy cleans up his act enough to get hired, ransacks the place, flees laughing all the way ... and we're shocked?? The only shocking thing is that, 42 years after the Pentagon Papers, we're piling even more time and money into ramparts and moats, when the main threat has always been the traitor inside the walls.
Comments