>While I am sure there are protocols that are followed and motions gone through, I don't believe even a little bit that everyone with access to NATO SECRET documents follows these protocols very closely.
We all know how this thing goes. We know we should be using GPG all the time, we know we should be using exclusively unique, long, random passwords for each web site we visit, we know we shouldn't enable JavaScript or Flash unless we have a good reason to trust the site, etc., but out of convenience we ignore almost all of these things that we know are potential security problems.
There's a key difference between the security measures you describe, which people tend to neglect, and the protocols that keep classified information off of unclassified systems: the measures you describe are tedious and time-consuming, so people tend to cut corners on them. When it comes to moving information between classified and unclassified networks, the opposite is true: they are completely segregated, so you have to go out of your way to move information back and forth. The simplest way to do it is by sneaker-net, and even that is made difficult because these days the computers on military networks are set up to not mount flash drives, so you would have to burn the files to a CD, then get that CD past various layers of physical security. It can be done, but you have to deliberately go out of your way to do it. It's not something that would happen because someone was being lazy or trying to cut corners.
>...almost every computer network out there, even so-called "high security" networks from whitehats, intel agencies, etc., is just sitting wide open and waiting for someone to come along and ask for its contents.
This is simply not true. All classified information is stored on networks that are not connected to the regular internet. It's not just a VPN: they are completely segregated.
>This is simply not true. All classified information is stored on networks that are not connected to the regular internet. It's not just a VPN: they are completely segregated.
I understand that it's true that there is no physical internet connection to the computers that access that data in many cases. I tend to believe it's not so air-tight as supposed but whatever. The Manning case demonstrates that even keeping your computers on a completely independent network doesn't prevent a low-level employee (or someone using his credentials...) from just waltzing in and taking everything. Manning had access far beyond his needs and he was able to download virtually any data that appetized him. Even on a non-internet system, if you have multiple millions of people with that kind of access, you're going to wind up in trouble and you definitely shouldn't assume that data hasn't gone anywhere.
I also understand that it requires some initial effort to physically move the data from the private network to a computer attached to a public network, but I don't think this is really sufficient to stop the transfer from occurring. The same thing occurs with paper documents -- technically these are never supposed to leave government property (or corporate property, etc), but it is still really common for someone to take copies home. While it takes some effort to take the copies with you, the effort is obviously worthwhile to ensure easy on-demand access.
The same will be in true in cases involving digital documents, and people will take out CDs and email the contents to themselves just out of convenience, so they can pull up the relevant information when they aren't physically at work. I believe that this happens.
If your network has a comparative handful of users this is probably something you can manage, but big corporations and governments have a lot of users and I don't believe that they can keep this stuff from leaking out to the real internet in violation of protocol eventually anyway, and I also don't believe that that'd be sufficient to stop leakage even if it were possible.
Again, we see from the Manning case that even if the network was not connected to the internet, the security on the system was horrible and allowed far, far too much access. Hackability from the internet isn't the only relevant consideration here.
>Hackability from the internet isn't the only relevant consideration here.
True, but it is the central issue in this thread: the documents in question were hacked from a non-classified network.
The scenarios you describe for people circumventing barriers between classified and unclassified systems for the sake of convenience sound quite plausible, until you consider the severe penalties for doing so. With that in mind, only incredibly foolhardy individuals would do so for the sake of mere convenience--a much more serious motivation would be required for most people. In a large enough organization, someone would most likely do it anyway, but it wouldn't be nearly common enough to leave "high security networks...sitting wide open."
Really, the only plausible scenario for significant leakage of classified information is deliberate espionage. I'm not sure why people keep citing Manning as setting some sort of precedent or revealing a previously unknown vulnerability, because this type of espionage has been going on since the beginning of recorded history, and probably even before that. It's the reason why access to classified information requires both a clearance and "need to know." When "need to know" rules are relaxed or ignored, it becomes relatively easy for people to take information that they have no business accessing and simply walk out of the building with it, whether it be hard-copies or soft-copies. This tends to go in cycles, with "need to know" rules gradually loosening until a major incident occurs, after which they are rapidly tightened, and then the whole process repeats. There was a rash of such incidents all at once in the mid-'80s:
http://en.wikipedia.org/wiki/1985:_The_Year_of_the_Spy
We all know how this thing goes. We know we should be using GPG all the time, we know we should be using exclusively unique, long, random passwords for each web site we visit, we know we shouldn't enable JavaScript or Flash unless we have a good reason to trust the site, etc., but out of convenience we ignore almost all of these things that we know are potential security problems.
There's a key difference between the security measures you describe, which people tend to neglect, and the protocols that keep classified information off of unclassified systems: the measures you describe are tedious and time-consuming, so people tend to cut corners on them. When it comes to moving information between classified and unclassified networks, the opposite is true: they are completely segregated, so you have to go out of your way to move information back and forth. The simplest way to do it is by sneaker-net, and even that is made difficult because these days the computers on military networks are set up to not mount flash drives, so you would have to burn the files to a CD, then get that CD past various layers of physical security. It can be done, but you have to deliberately go out of your way to do it. It's not something that would happen because someone was being lazy or trying to cut corners.
>...almost every computer network out there, even so-called "high security" networks from whitehats, intel agencies, etc., is just sitting wide open and waiting for someone to come along and ask for its contents.
This is simply not true. All classified information is stored on networks that are not connected to the regular internet. It's not just a VPN: they are completely segregated.