[iwar] Full Disclosure and the CIA
From: Robert W. Miller
From: snooker@iex.net
To: iwar@egroups.com
Sun, 16 Jul 2000 09:09:36 -0600
fc Sun Jul 16 08:12:16 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Sun, 16 Jul 2000 08:12:16 -0700 (PDT)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sun Jul 16 15:06:15 2000)
X-From_: sentto-279987-455-963760235-fc=all.net@returns.onelist.com Sun Jul 16 10:05:13 2000
Received: from fh.egroups.com (fh.egroups.com [208.50.144.71]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id KAA24328 for ; Sun, 16 Jul 2000 10:05:13 -0500
X-eGroups-Return: sentto-279987-455-963760235-fc=all.net@returns.onelist.com
Received: from [10.1.10.35] by fh.egroups.com with NNFMP; 16 Jul 2000 15:10:42 -0000
Received: (qmail 12096 invoked from network); 16 Jul 2000 15:10:28 -0000
Received: from unknown (10.1.10.142) by m1.onelist.org with QMQP; 16 Jul 2000 15:10:28 -0000
Received: from unknown (HELO mail.iex.net) (192.156.196.5) by mta1 with SMTP; 16 Jul 2000 15:10:28 -0000
Received: from oemcomputer (p19-s8.cos1-ras.iex.net [209.151.65.115]) by mail.iex.net (8.9.1/8.9.1) with SMTP id JAA19442 for ; Sun, 16 Jul 2000 09:00:02 -0600 (MDT)
To:
Message-ID:
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
From: "Robert W. Miller"
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Sun, 16 Jul 2000 09:09:36 -0600
Reply-To: iwar@egroups.com
Subject: [iwar] Full Disclosure and the CIA
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
July 15, 2000
by Bruce Schneier
Founder and CTO
Counterpane Internet Security, Inc.
schneier@counterpane.com
http://www.counterpane.com
On its Web site, the New York Times published a previously classified
1954
CIA document about the overthrow of the Iranian government. I'm not
sure
how the New York Times got its hands on the document, but the
newspaper
decided to redact the names of Iranian citizens involved in the plot.
The document was a scanned PDF file. What the Times did was to create
an
overlay on the pages, and drew black boxes over the names they wanted
to
obscure. The result was a file that still had the original digital
information, but contained extra commands to obscure that
information. Predictably, someone reverse-engineered the original
names
(it was suprisingly easy) and posted the restored document. The Times
panicked and removed the original document, but it's too late; copies
are
available on various sites worldwide.
Reactions to this have been bizarre, and almost uniformly missing the
point. Here's one, by William Hugh Murray: "Protecting the identity
of
intelligence sources is one of the few legitimate reasons for
government
secrecy. A 'freedom of information activist' does not serve his own
cause,
much less our national interest, by such reckless behavior." Ignoring
Murray's hubris in claiming to know someone's motivations more
strongly
than he, what does this case have to do with government secrecy? It
was
the New York Times that decided to redact the document, not the CIA.
The
people who gave us the Pentagon Papers decided, on their own, not to
release information that the CIA released to them. This is very
different
than the government trying to keep secrets. The last time I checked,
the
Times is not part of the intelligence community.
John Young, the activist Murray slams, makes classic full-disclosure
arguments. The information was been published by the New York Times.
Even
though it took some work to extract, people are extracting it. Given
this
truth, it is better to release the information so that everyone can
have
access to it -- not only those random few who reverse-engineered the
PDF
file. Young said "Those folks who are named have a stake in knowing
about it."
The opposing side has an equally predictable reaction: The information
should be kept secret. Just because the New York Times erred and made
the
information available to a few people doesn't mean that we should
compound
the error and make the information available to everyone.
It's a complicated question, made even more muddy by the New York
Times's
decision to redact the document. If the CIA gave the New York Times
the
document in unredacted form, why did the Times decide to limit the
public's
knowledge of this information?
To me, this is a classic example of the power of full disclosure. The
information in question -- the names of the Iranian citizens -- has
been
released to the public. Initially, it was known by only those few who
had
the means to reverse-engineer the PDF file, and those who learned as
the
information spread. Left to its own devices, this information would
spread
slowly. Maybe someone who wants to do these people harm would learn
about
this information; he certainly already knows that this information
exists. Maybe some of the people named would learn that they are
named,
and be able to take appropriate action. But this process is slow and
haphazard.
Better is to release the information to everyone, quickly. This
limits the
damage that can be done. The people named are more likely to find out
they
are named, and they are more likely to find out about it quickly.
Those
who want to take advantage of the relative secrecy of the information
cannot. Everyone knows, and this levels the playing field. It is the
situation where only a few random people know, and others find out
piecemeal, that is unstable and dangerous.
News articles:
The document:
Det. Robert W. Miller
Colorado Internet Crimes Against
Children Task Force
Pueblo High Tech. Crime Unit
Pueblo County Sheriff's Office
320 S. Joe Martinez Blvd.
Pueblo West, CO. 81007
Tel (719)583-4736
FAX (719)583-4732
mailto:snooker@iex.net
mailto:cicactf@iex.net
http://www.co.pueblo.co.us/sheriff/
PGP key available at: http://pgpkeys.mit.edu:11371/
search on snooker@iex.net
------------------------------------------------------------------------
Need technology solutions for your business?
Respond.com will Help!
http://click.egroups.com/1/6829/14/_/595019/_/963760235/
------------------------------------------------------------------------
------------------
http://all.net/