Hacker News new | ask | show | jobs
by bradknowles 3033 days ago
There’s another part to the story which I have told to the folks at SJG, but to which they never responded.

In late 1990, I was working in the basement of the Pentagon, supporting the Joint Chiefs of Staff, in the J4 Logistics Readiness Center, inside the National Military Command Center. I was a gamer, but I also had a TS/SCI security clearance. I had heard about the SS raid on SJG, and I was pissed off. So, I decided to spend a lot of money and go out and buy one copy of every GURPS book that I could find at my friendly local gaming store (FLGS).

I had a copy of GURPS CyberPunk, and didn’t think very much of it. I was already in a CyberPunk game, and the GURPS version was a pale imitation. But there was another book that drew my attention. It was oriented towards espionage, and among other things it gave a very accurate description of how satellite surveillance worked. It also happened to use an actual classified military code word in the context of explaining what a classified military code word was and how they were used.

The latter was a clear violation of the law, and as soon as I saw it, I reported it to my security officer. He confirmed that this was a legitimate leak of a classified military code word, and he said he would report it further up the chain of command.

I never heard anything more about it from inside the government, but I have to believe that the SS and the FBI would use a coverup like pointing at a different book, if this was the actual reason that they were doing a raid on SJG.

So, there you go — almost 30 years later, yet another clue as to what might have been the real reason for the raid.

NB: When a classified military code word is leaked, they have to go through a huge process to reclassify all the documents that were covered under the old code word. This is a massive undertaking, and would cost millions or possibly even billions of dollars. And then there is the cost of the damage to National Security by all the documents which might already be in enemy hands but where they didn’t know what the code word covered or what compartment those documents were in. So, a leak of this type would be ... a really big deal.
5 comments
evgen 3033 days ago
I find this highly unlikely for a couple of reasons, but the primary reason is that GURPS Cyberpunk was not published until _after_ the SS raid on the company as a part of operation SunDevil.

The actual chronology is closer to something like this: feds target a bunch of hackers, one such hacker is also working on a game for SJG, during raid on his house feds notice all of the galley drafts and docs for GURPS Cyberpunk (some of which may have been internal phone company docs and manuals that would look very suspicious to a non-technical agent who signed up to look cool standing next to the president and has no idea about most of this stuff) and so they ask him about it, he happens to mention all of the other docs are just down the road at the SJG office, some fed gets a bright idea and a bunch of them head over to SJG to make a very big mistake...

Source: Straight from the mouths of Steve and Loyd. I was hired by Steve to start Austin's first real ISP with the money he won in this case and my future brother-in-law worked for SJG at the time of the raid.

link
gonzo 3033 days ago
Long live io.com
link
wolco 3033 days ago
Billions of dollars to reclassify a code word? That sounds implausable.

But your story could be the reason behind the raid.

link
bradknowles 3033 days ago
Domino effect. It’s not just reclassifying documents, it’s reclassifying entire projects, and so many more things that can fall out from that trigger.

I don’t have first hand knowledge of any such cases, but I can certainly conceive of them.

link
bradknowles 3033 days ago
So, I'm sure that some people here are still unclear on how I can come to the values I referenced above. Let's do a little thought experiment, and I'll show you my thinking on the subject.

Let's say that someone in the military decides to use the word PANDA as a classified military code word to cover a certain type of activity -- for example, all signals intelligence (see <https://en.wikipedia.org/wiki/Signals_intelligence>). We will abbreviate PANDA as "PX", and if you have a TS (Top Secret, see <https://en.wikipedia.org/wiki/Top_secret>) SCI (Sensitive Compartemented Information, see <https://en.wikipedia.org/wiki/Sensitive_Compartmented_Inform...) clearance and you have been read onto this compartment, then you can be said to have a "TS/SCI/PX" clearance.

Now, PANDA (or PX) covers all signals intelligence. All satellite surveillance of any type. All "bugging" technologies. All interception of digital communications, human or otherwise. Basically, pretty much everything that the NSA does. And a good part of what the CIA does. A TS/SCI/PX clearance is the minimum necessary to work at the NSA, CIA, White House Communications Agency, or pretty much any of the other dozens and dozens of intelligence agencies in the country.

Any compromise of PANDA would mean that hundreds or thousands of classified military projects would be impacted, some of which might be so sensitive that they have to be shut down entirely rather than be associated with a now-compromised keyword. Each of these projects might have to spend thousands or millions of dollars to reclassify their work, and to do what they can to mitigate the damage done. Each project might have hundreds or thousands of personnel who might no longer have jobs, either for the short term or the long term, because of the compromise.

Now, let's assume that some silly person decides to write an article about PANDA, using it as an example of how an SCI code word is used and what it covers, and publishes that in Wikipedia (or Hacker News). And maybe that also gets published on the front page of the Wall Street Journal.

Any time you get a single intelligence agency to run around like a chicken with their head cut off because of some minor compromise, that event probably costs hundreds of thousands if not millions of dollars. Now imagine what it would cost if the code word for the largest SCI compartment was exposed, and all of the intelligence agencies in the country were running around like chickens with their heads cut off. And all of DoD, for that matter.

Do the math.

Frankly, I think just "billions of dollars" might actually be low-balling the numbers somewhat with regards to the upper boundary, but then I'm just guessing -- I have no first hand knowledge of that kind of activity or cost.

But I do know which compartment was affected by the book I saw.

link
algorias 3033 days ago
Sorry, but this seems like cartoon logic to me. What power would knowing the word PANDA give me in this case? None. What knowledge does it give me? That the US does signals intelligence, and that someone on wikipedia/HN claims that such SI includes programs X,Y,Z, without any actual evidence.

For all I know, SJG picked a cool sounding word a 16 year old would like, e.g. SHARK, and it just happened to be an actual code word.

link
LanceH 3033 days ago
I think they had to do this once before when Roosevelt was photographed and the code word stamped at the top was legible. I think they gave up when the puzzle palace book revealed the replacement word around '90.
link
pjc50 3033 days ago
I'm not saying this isn't true, but I am going to say that it's nuts to do this without evidence that there is actually a compromise rather than a coincidence. Otherwise I could put up a pile of randomly generated pages ("AARDVARK is a classified keyword" etc for all dictionary words) and render the system unworkable.

Maybe this is why the F35 is so far behind and expensive.

Famously the Times crossword on the day prior to D-day included several of the codewords, but this appears to have been a total coincidence.

link
HelloNurse 3033 days ago
But what would the enemy know because of this "leak"?

That someone who is known to have a TS/SCI/PX clearance is a signal intelligence expert? Where is the threat, compared to other easy ways to figure out someone is a NSA employee?

What a budget item is about? Somewhat interesting, but hardly compromising security (assuming the budget wasn't obfuscated, e.g. by splitting entries and adding fake ones, to begin with).

That PANDA is probably small enough to have no subcompartments? A lot of data would be required to confirm such an hint, and clearly not a running around like a chicken with their head cut off matter.

link
bradknowles 3033 days ago
In more concrete terms, how much was the total cost of the SR-71 and associated A-12 program? Or the F-117 program? Or the B-2 program?

What if they had to cancel or mothball multiple programs of that size?

What would it have cost if they had to cancel or mothball all stealth programs?

I’m not saying that is what actually happened, but that would give us a reasonable top end for the potential costs involved.

link
walterbell 3033 days ago
Using this logic, what would be the estimated impact of the OPM breach?

https://en.wikipedia.org/wiki/Office_of_Personnel_Management...

link
e12e 3033 days ago
I don't see what you're getting at here: if the raid was about stopping the publishing of a gurps mod of "top secret" or something ; it'd be a pretty poor job as you bought the book after raid.

Second, I believe it's a matter of record that SJG got caught in "operation sundevil" - a massive crackdown driven by a couple of high profile hacks, mixed in with paranoia driven by such authorative sources as the fictional move "war games"...

[ed: whops, no - that's one of the top ten false facts; apparently sundevil was limited to credit card fraud]

See also: Bruce Sterling, hacker crackdown.

link
_0ffh 3033 days ago
"It also happened to use an actual classified military code word in the context of explaining what a classified military code word was and how they were used."

Was the true meaning of the code word described, or might it just have been a coincidence? Like, if I used the words "CASE NIGHTMARE PINK" as an example of a military code word, and it just so happened to be a real military code word? Because stuff like that is probably bound to happen.

link
wernsey 3033 days ago
It has actually happened before. In 1944 a bunch of codenames used by the allies for the D-Day invasion appeared as answers to the crossword puzzle in The Daily Telegraph newspaper.

https://en.wikipedia.org/wiki/D-Day_Daily_Telegraph_crosswor...

link
fulafel 3033 days ago
How likely is it that the game was really the first outing of a leaked secret name? A random name clash or copying from another source seem just as likely.

Also, making names secret under threat of criminal punishment sounds quite problematic. A name itself after all doesn't convey information, and you have to be able to name something to, for example, contest its secret status through legal channels available to a citizen.

link
LoSboccacc 3033 days ago
Beside those names are quite generic on purpose, so I can imagine there are a lot of possibilities for collisions

like, see the list of WWII operations https://en.wikipedia.org/wiki/List_of_World_War_II_military_...

Operation Menace - Corkscrew - Dracula - it's extremely likely to have a name collision if anyone where to come up with secret operation names.

link