• bigkahuna1986@lemmy.ml
    link
    fedilink
    arrow-up
    50
    ·
    8 months ago

    Why is it that my company keeps better track of random USB drives than the federal government does of classified documents?

    • bane_killgrind@kbin.social
      link
      fedilink
      arrow-up
      21
      ·
      8 months ago

      For real, it’s probably because some classified docs can’t be tracked in an auditable format because the auditors would not have clearance to know those documents exist or any other info about them.

      • Peppycito@sh.itjust.works
        link
        fedilink
        arrow-up
        15
        ·
        8 months ago

        That’s some Philip K Dick level dystopian shit. The auditor has to audit documents he’s not allowed to know about. But he’s also the guy who wrote the documents.

        • bane_killgrind@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          8 months ago

          Philip k dick is SciFi I think you mean Orwell

          I disagree with you because there should be strong opsec around certain topics, and auditors aren’t the author of the documents, they are a 3rd party tracking their dissemination.

            • bane_killgrind@kbin.social
              link
              fedilink
              arrow-up
              2
              ·
              8 months ago

              If this is about the concept of investigators being heavily siloed into independent investigations about the same crime… No this is the opposite. There are no investigators, because there is basically zero information about the activities.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        arrow-up
        7
        ·
        8 months ago

        You don’t need clearance to know a document exists, and you don’t even need to know the contents or even the subject matter of the document. Just give the document an RFID sticker or similar and you can then track it pretty much anywhere on government property. So an audit would just be scanning tags and comparing with a database that says where those tags should be.

        That’s obviously simplistic, but it’s a proof of concept that the people at places like the NSA or FBI could refine. It should be fairly easy to tell if a document is where it ought to be.

        • bane_killgrind@kbin.social
          link
          fedilink
          arrow-up
          5
          ·
          8 months ago

          With long range RFID readers existing that is bad opsec. You don’t need to know the contents of a document to exploit it’s dissemination, in certain cases.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            arrow-up
            2
            ·
            8 months ago

            I’m thinking something like this:

            1. All classified docs are kept in a secure room for storage with external RF blocking; the folder has an RFID (or similar) tag
            2. When an item is requested, the contents are moved to a new folder with a temporary barcode or similar
            3. When the item is returned, the temporary barcode is destroyed and the document is placed back in the secure room

            Step 2 could use a temporary RFID tag as well, which gets replaced at each checkout. That way all an attacker would know is that an RFID tag is being used, they wouldn’t necessarily know it’s a classified document.

            Obviously the approach would need to be refined (I don’t deal with classified documents), but the general approach should work, especially if RFID is used for a bunch of less sensitive documents as well so RFID tags become commonplace.

            What’s nuts to me is that it took so long for authorities to track those documents down, and they didn’t even get them all. They should have all been tracked down between the time Trump lost reelection and the time he left office, and perhaps confined to the White House.

            • bane_killgrind@kbin.social
              link
              fedilink
              arrow-up
              4
              ·
              8 months ago

              I deal with consumer data analytics, and the scheme that you are positing does expose the frequency and density of specific actors and their access to classified information. This is really valuable, you can tell when someone gets a promotion and maybe has access to more info then they are used to or some other exploitable paradigm.

              If it’s just a printed barcode sure, it could be tracked like this without exposing information. Trouble is that classified documents are living documents, and the information only becomes classified when it’s collected by some operative or officer, who may or may not register the documents with this central tracking authority.

              The next issue is the capability of the central tracking authority to review, access, curate all of the reports that it has received, and their confidence that their internal staff do not breach the access rules on these documents hello Snowden.

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                arrow-up
                1
                ·
                8 months ago

                Digital security (like the Snowden leak) is completely separate from physical document security.

                For physical security, it seems plausible to just put a tag on every official document, whether mundane or classified, which would complicate tracking efforts by a potential enemy since they’d have to sift out the noise. If documents aren’t out of storage very long, the tags can be cycled with other documents to further confuse an attacker. That’s a bit “security through obscurity,” but AFAIK that’s kind of the game you okay with physical documents.

                Also, I think the FBI/CIA would be more interested in knowing which of the documents went missing in the event of a leak than having a slight bit more obscurity to prevent long-ish range tracking. If they have a mole that can help them know which documents are interesting, they can just steal the documents anyway.

                Then again, maybe this is why I’m not in OpSec for classified documents.

            • bane_killgrind@kbin.social
              link
              fedilink
              arrow-up
              2
              ·
              8 months ago

              Basically collecting information on the movement of documents is a security risk in itself.

              Papers in a flaming trash can are secured. Not much else.

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                arrow-up
                1
                ·
                8 months ago

                Sure, but it’s not very helpful if most of those documents aren’t very interesting. I’m suggesting we tag every official document, whether interesting or not. An attacker would need to know which tags are interesting to get any value from it.

            • ian@mander.xyz
              link
              fedilink
              arrow-up
              1
              ·
              8 months ago

              I’m thinking there wouldn’t be enough secure rooms to house all the documents, without making it difficult to access them. I

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                arrow-up
                1
                ·
                8 months ago

                The mundane documents don’t need to be stored in a secure room, they just need to reuse tags from the secure vault to help obscure the classified documents.

                Presumably secure storage already exists and blocks RF, so the main change here should be tagging.