Re: Petraeus

[mark seiden <mis () seiden com>]

two comments:

1. i don't know if you noticed that petraeus and paula were sharing a password for a 
gmail account and leaving drafts for each other.

so no actual mail transmitted the network.

so far the only factoid that has not leaked out is the content of the harassing mail
that made paula a POI in the first place.   i would like to see if it rises to the bar
of being a threat.  it's usually really hard for a victim to get anyone to investigate these 
things, because the threats would not be considered by a reasonable person as either 
specific nor credible.

(i worked as an expert on a case where a federal judge was threatened so i know 
a bit about the general subject).

2. it's more important to be able to manage intelligence as the head of the CIA than to 
perform operations yourself.

the manner in which the fbi is selectivly leaking stored communication without any
criminal charges being filed is incredible to me.   i don't think petraeus should have
resigned, either.

i recommend you all read the joe nocera op-ed on this subject

http://www.nytimes.com/2012/11/17/opinion/nocera-hacking-general-petraeus.html

which begins:

"This is not going to end well for the F.B.I.".
 




On Nov 21, 2012, at 7:18 PM, Rich Kulawiec <rsk () gsp org> wrote:

> On Mon, Nov 12, 2012 at 01:17:56PM -0700, phester wrote:
> > > 4. If the internal mechanisms of government aren't sufficient to (quickly)
> > > catch a very very senior person having an affair -- and doing it
> > > incompetently -- then why should we believe that they're sufficient to
> > > catch a well-trained, careful, diligent spy?
> >
> > By reading their personal mails? Should this be done by an
> > algorithm, or live person?
>
> a) I would hope that any competent spy would encrypt their email *or*
> would use covert channels (possibly over SMTP, possibly not).
>
> b) Of course that still permits traffic analysis, and that certainly
> has its counter-espionage uses.  Add geolocation data from headers
> and it's even more useful.
>
> c) But to answer your question: both have their features/drawbacks.
> Automation scales and doesn't get tired or careless.  But natural
> language parsing and pattern recognition is still done better by
> humans.  Automation can be hacked, people can be bought.  Automation
> is cheap, people are expensive.  So I dunno.
>
> Maybe we should make it a job requirement: you cannot be Director
> of the CIA unless you can demonstrate that you're clueful enough
> to have an affair and get it away with for at least 6 months.
> If you're not at least that crafty, duplicitous, underhanded, sneaky,
> careful, etc. then what makes you think you're qualified to run the CIA?
>
> ---rsk
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.