| >This is simply not true. All classified information is stored on networks that are not connected to the regular internet. It's not just a VPN: they are completely segregated. I understand that it's true that there is no physical internet connection to the computers that access that data in many cases. I tend to believe it's not so air-tight as supposed but whatever. The Manning case demonstrates that even keeping your computers on a completely independent network doesn't prevent a low-level employee (or someone using his credentials...) from just waltzing in and taking everything. Manning had access far beyond his needs and he was able to download virtually any data that appetized him. Even on a non-internet system, if you have multiple millions of people with that kind of access, you're going to wind up in trouble and you definitely shouldn't assume that data hasn't gone anywhere. I also understand that it requires some initial effort to physically move the data from the private network to a computer attached to a public network, but I don't think this is really sufficient to stop the transfer from occurring. The same thing occurs with paper documents -- technically these are never supposed to leave government property (or corporate property, etc), but it is still really common for someone to take copies home. While it takes some effort to take the copies with you, the effort is obviously worthwhile to ensure easy on-demand access. The same will be in true in cases involving digital documents, and people will take out CDs and email the contents to themselves just out of convenience, so they can pull up the relevant information when they aren't physically at work. I believe that this happens. If your network has a comparative handful of users this is probably something you can manage, but big corporations and governments have a lot of users and I don't believe that they can keep this stuff from leaking out to the real internet in violation of protocol eventually anyway, and I also don't believe that that'd be sufficient to stop leakage even if it were possible. Again, we see from the Manning case that even if the network was not connected to the internet, the security on the system was horrible and allowed far, far too much access. Hackability from the internet isn't the only relevant consideration here. |
True, but it is the central issue in this thread: the documents in question were hacked from a non-classified network.
The scenarios you describe for people circumventing barriers between classified and unclassified systems for the sake of convenience sound quite plausible, until you consider the severe penalties for doing so. With that in mind, only incredibly foolhardy individuals would do so for the sake of mere convenience--a much more serious motivation would be required for most people. In a large enough organization, someone would most likely do it anyway, but it wouldn't be nearly common enough to leave "high security networks...sitting wide open."
Really, the only plausible scenario for significant leakage of classified information is deliberate espionage. I'm not sure why people keep citing Manning as setting some sort of precedent or revealing a previously unknown vulnerability, because this type of espionage has been going on since the beginning of recorded history, and probably even before that. It's the reason why access to classified information requires both a clearance and "need to know." When "need to know" rules are relaxed or ignored, it becomes relatively easy for people to take information that they have no business accessing and simply walk out of the building with it, whether it be hard-copies or soft-copies. This tends to go in cycles, with "need to know" rules gradually loosening until a major incident occurs, after which they are rapidly tightened, and then the whole process repeats. There was a rash of such incidents all at once in the mid-'80s: http://en.wikipedia.org/wiki/1985:_The_Year_of_the_Spy