Response to Exclusive: Years After Manning Leaks, State Department Cable System Lacks Basic Security:
“First, the article obscures the fact that the massive leak of State cables via WikiLeaks was not primarily a State hardware and security problem. The system that was hacked was SIPRNet, a classified cable system run by DoD. State’s mistake was in assuming that the Pentagon’s computer security was better than its own, and in trusting that if it shared its cables on the system, they would not be compromised.” - Both sides hold equal responsibility. State ditched a program that would have given more access control in favor of SharePoint. DoD couldn’t control its users, State couldn’t control its access. Why would State dump varying levels of sensitive cables onto their DB in one big pile, when the access rules for its own employees was far more structured? “Out of the box software with a few security tweaks is a vastly more workable solution for an organization that has proven time and again that its technical prowess is more suited to the era of quill pens and manual typewriters than it is to the modern age.” - Or hire a competent development team and implement basic security/code/stability standards. The bigger issue here is the lack of technological cooperation between the agencies. Communications is no different, each agency hoarding their marbles like kids in a playground. Our failure is to recognize real security concerns from those that are overblown red herrings, either for political reasons or to grab a bigger share of appropriations. We can kill terrorists with drones from a 1,000 miles away, yet can’t muster the integrity or moral responsibility to act on critical intelligence, that if was acted upon as a manner urgency could have prevented four of OUR people from driving into an ambush costing their lives. But fair points on the rest.