funsec mailing list archives
Re: Petraeus
From: mark seiden <mis () seiden com>
Date: Wed, 21 Nov 2012 20:34:45 +0100
two comments: 1. i don't know if you noticed that petraeus and paula were sharing a password for a gmail account and leaving drafts for each other. so no actual mail transmitted the network. so far the only factoid that has not leaked out is the content of the harassing mail that made paula a POI in the first place. i would like to see if it rises to the bar of being a threat. it's usually really hard for a victim to get anyone to investigate these things, because the threats would not be considered by a reasonable person as either specific nor credible. (i worked as an expert on a case where a federal judge was threatened so i know a bit about the general subject). 2. it's more important to be able to manage intelligence as the head of the CIA than to perform operations yourself. the manner in which the fbi is selectivly leaking stored communication without any criminal charges being filed is incredible to me. i don't think petraeus should have resigned, either. i recommend you all read the joe nocera op-ed on this subject http://www.nytimes.com/2012/11/17/opinion/nocera-hacking-general-petraeus.html which begins: "This is not going to end well for the F.B.I.". On Nov 21, 2012, at 7:18 PM, Rich Kulawiec <rsk () gsp org> wrote:
On Mon, Nov 12, 2012 at 01:17:56PM -0700, phester wrote:4. If the internal mechanisms of government aren't sufficient to (quickly) catch a very very senior person having an affair -- and doing it incompetently -- then why should we believe that they're sufficient to catch a well-trained, careful, diligent spy?By reading their personal mails? Should this be done by an algorithm, or live person?a) I would hope that any competent spy would encrypt their email *or* would use covert channels (possibly over SMTP, possibly not). b) Of course that still permits traffic analysis, and that certainly has its counter-espionage uses. Add geolocation data from headers and it's even more useful. c) But to answer your question: both have their features/drawbacks. Automation scales and doesn't get tired or careless. But natural language parsing and pattern recognition is still done better by humans. Automation can be hacked, people can be bought. Automation is cheap, people are expensive. So I dunno. Maybe we should make it a job requirement: you cannot be Director of the CIA unless you can demonstrate that you're clueful enough to have an affair and get it away with for at least 6 months. If you're not at least that crafty, duplicitous, underhanded, sneaky, careful, etc. then what makes you think you're qualified to run the CIA? ---rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Petraeus, (continued)
- Re: Petraeus Richard Golodner (Nov 12)
- Re: Petraeus Marc (Nov 12)
- Re: Petraeus Paul Ferguson (Nov 12)
- Re: Petraeus Danny McPherson (Nov 12)
- Re: Petraeus lists (Nov 12)
- Re: Petraeus David M Chess (Nov 21)
- Re: Petraeus phester (Nov 12)
- Re: Petraeus Paul Ferguson (Nov 12)
- Re: Petraeus Rich Kulawiec (Nov 21)
- Re: Petraeus mark seiden (Nov 21)