Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FBI Wiretapping Audit Secrets Uncovered Via Ctrl+C

kdawson posted more than 6 years ago | from the c'mon-guys-it's-not-even-obscure dept.

It's funny.  Laugh. 231

mytrip notes a story in Wired's Threat Level blog on the latest boneheaded government moves with redaction. (We've been discussing redaction follies here for years.) This time it's an FBI report (PDF) on implementing CALEA — you can select text from redacted areas, copy it, and paste into a text editor, as University of Pennsylvania professor Matt Blaze discovered. From Wired: "Once again, supposedly sensitive information blacked out from a government report turns out to be visible by computer experts armed with the Ctrl+C keys — and that information turns out to be not very sensitive after all... [Among] the tidbits considered too sensitive to be aired publicly: The FBI paid Verizon $2,500 apiece to upgrade 1,140 old telephone switches. Oddly the report didn't redact the total amount paid to the telecom — slightly more than $2.9 million dollars — but somehow the bad guys will win if they knew the number of switches and the cost paid."

cancel ×

231 comments

Sorry! There are no comments related to the filter you selected.

Let me guess... (4, Funny)

Phyrexicaid (1176935) | more than 6 years ago | (#23473644)

If they were running a website, they would use:
<FONT
style="BACKGROUND-COLOR: black">Top Secret!</FONT>

Re:Let me guess... (4, Funny)

Slashdot Suxxors (1207082) | more than 6 years ago | (#23473758)

Come on, at least make your top secret docs standards compliant. :(

Re:Let me guess... (5, Funny)

Phyrexicaid (1176935) | more than 6 years ago | (#23473782)

<quote>Come on, at least make your top secret docs standards compliant. :(</quote>
I wanted it to be realistic :P

Re:Let me guess... (1)

aliquis (678370) | more than 6 years ago | (#23473870)

Hey, it's what we all use on vbulletin forums! (well, not black then, but anyway.)

Sheesh (1)

AltGrendel (175092) | more than 6 years ago | (#23473648)

You'd think that they would have learned by now.

Your government dollars at work!

Too much UNIX for me (5, Funny)

mikael_j (106439) | more than 6 years ago | (#23473652)

The headline and summary made took a minute for me to grasp, I just couldn't understand how you could get data out of something by halting execution.

Then my brain woke up and I realized they were thinking of the Windows command Ctrl+C which copies the marked text..

/Mikael

Re:Too much UNIX for me (5, Funny)

hackstraw (262471) | more than 6 years ago | (#23473794)

Then my brain woke up and I realized they were thinking of the Windows command Ctrl+C which copies the marked text..

Right. Me too. I don't use windows, so I think Ctrl+C == SIGINT.

I saw a similar thing on another article here where they had Ctrl+Z in the article, and that took me a minute to figure out as well. I thought, WTF does suspending a task have to do with anything??? I then had to figure out that Ctrl+Z is the undo command in windows.

Re:Too much UNIX for me (-1, Offtopic)

bubbl07 (777082) | more than 6 years ago | (#23474180)

What about OS X? It's cmd+C for some of us, you insensitive clods.

Re:Too much UNIX for me (5, Funny)

SharpFang (651121) | more than 6 years ago | (#23473858)

very simply...

Welcome To FBI Info Booth.
Please press:
1 to open contact form
2 to learn about the organization
3 to get the latest news
4 to access the current most wanted list
5 to access other FBI resources
Your choice: _ [ctrl+C]
Terminated.
root@booth975.fbi.gov# cat ./wiretaps.txt

Re:Too much UNIX for me (1)

x2A (858210) | more than 6 years ago | (#23475228)

Err... I can only assume 'cat' was compiled for a different processor, but there must be emulation or something... I dunno... it just said "illegal instruction", but carried on anyway???

Re:Too much UNIX for me (4, Informative)

Tim C (15259) | more than 6 years ago | (#23473868)

Ctrl+C, Ctrl+X and Ctrl+V were increasingly common shortcuts in Linux apps the last time I used Linux on the desktop, which is going back a good few years now.

Yes, they still do "different" things in a terminal, but they're by no means "Windows commands" any more.

Re:Too much UNIX for me (2, Insightful)

Anonymous Coward | more than 6 years ago | (#23473966)

yeah, you're 100%.

those guys were just involved in a dick-measuring "biggest nerd" contest.

Re:Too much UNIX for me (2, Informative)

Anonymous Coward | more than 6 years ago | (#23474998)

those guys were just involved in a dick-measuring "biggest nerd" contest.

The above explains the run that Home Depot had on tweezers and magnifying glasses.

Re:Too much UNIX for me (1)

lilomar (1072448) | more than 6 years ago | (#23473976)

Agreed. I've only been using Linux for about 3 years now, but this is the first I have heard of those commands referred to as "Windows commands".

It's more like they are very common hot-keys for any GUI app. They don't work in windows apps about as often as they don't in linux.

Re:Too much UNIX for me (1)

harry666t (1062422) | more than 6 years ago | (#23474308)

> They don't work in windows apps about as often as they don't in linux.

Right, Emacs runs on both Linux and Windows :P

Re:Too much UNIX for me (0, Offtopic)

SpinyManiac (542071) | more than 6 years ago | (#23475346)

Right, Emacs runs on both Linux and Windows
In soviet Russia?

Re:Too much UNIX for me (3, Interesting)

mikael_j (106439) | more than 6 years ago | (#23474036)

I think my problem is that for regular *nix I don't use KDE or Gnome and thus I'm still using what I'm used to (mark + middle click to paste) from when I started using X11, and for macs I find myself either drag'n'dropping or using cmd+c which has become differentiated from ctrl+c in my mind (as I use ctrl+c to shut down processes, not copy data).

/Mikael

Re:Too much UNIX for me (5, Informative)

dbitch (553938) | more than 6 years ago | (#23474302)

These are the IBM Common User Access commands [wikipedia.org] . So, they were never "Windows commands" to begin with.

Funny how history works, huh?

Re:Too much UNIX for me (1)

MightyYar (622222) | more than 6 years ago | (#23474740)

Not a flame, but why would you use Ctrl+C when just selecting the text puts it in the pasteboard?

Anyway, they aren't "Windows" shortcuts, because the Mac uses them too (and first, I believe). They can probably be called MS shortcuts, though, because I think they first showed up in Word for Mac.

(Yes, I know Macs use Command instead of Control - but that point is moot since in 1984 Macs had no "Control" key)

Re:Too much UNIX for me (3, Informative)

sqldr (838964) | more than 6 years ago | (#23474884)

There's actually two pasteboards. Selecting it puts it into the X11 pasteboard, ctrl+c puts it into the gnome/kde pasteboard. There are differences, eg. the gnome/kde one has metadata and can contain images, links etc. It also seems to be more limitless - pasting 50000 lines from the X11 buffer rarely works.

It's actually really useful to have two paste buffers in certain issues - ctrl-v to paste one, middle to paste the other.

Re:Too much UNIX for me (1)

value_added (719364) | more than 6 years ago | (#23474856)

Yes, they still do "different" things in a terminal, but they're by no means "Windows commands" any more.

I don't think the terminal vs. non-terminal distinction is necessarily valid.

Text can copied from a Firefox window, for example, the same way in which text is copied from a terminal, that is by simply by selecting it. Pasting is similarly identical for both, using SHIFT+INSERT. No CTRL keys required.

Re:Too much UNIX for me (1)

Peet42 (904274) | more than 6 years ago | (#23475126)

they're by no means "Windows commands" any more.


They never were; they were inherited from WordStar for CP/M; the original programmers of Windows included them for their own convenience, but they were initially undocumented.

Re:Too much UNIX for me (1)

JasterBobaMereel (1102861) | more than 6 years ago | (#23475192)

They don't work in a Windows console/DOS box either...

Copy & Paste Reveals FBI Wiretapping Audit Sec (5, Informative)

FlameWise (84536) | more than 6 years ago | (#23473912)

Honestly, same here. Some of those headlines are becoming really hard to read.

"Wiretapping": verb. The FBI is wiretapping something. "is" omitted as in many headlines.

"Audit": verb. The FBI's act of wiretapping is auditing something (Huh?)

"Secrets": verb. The Audit of the FBI's wiretapping is leaking something. Wait isn't "secrete" writting with an extra "e"?

"Uncovered": verb, passive. By now I'm sort doubtful I got it right in the fourth attempt.

"Via Ctrl+C": By what?

It took me reading the link in the original post to figure they meant a key press and not a screen name or a publication I wasn't familiar with, also helped me sort the four verbs into some semblance of legal grammar.

How about: "Copy & Paste Reveals FBI Wiretapping Audit Secrets"?

Remember school: Passive is bad for you.

Re:Copy & Paste Reveals FBI Wiretapping Audit (4, Funny)

FlameWise (84536) | more than 6 years ago | (#23473928)

Right, I had one moment where I thought that hitting Ctrl+C would somehow reveal that the FBI is auditing you, too.

Re:Copy & Paste Reveals FBI Wiretapping Audit (1)

digitig (1056110) | more than 6 years ago | (#23474536)

Headlines usually make extensive use of noun phrases to premodify nouns. In the case of that headline, the only verb is "uncovered".

Re:Copy & Paste Reveals FBI Wiretapping Audit (1)

AmaDaden (794446) | more than 6 years ago | (#23474660)

Remember school: Passive is bad for you.
I can't find the story but I remember hearing that passive is actually good for naming stories on the internet. People tend to search with passive words so your stuff is more likely to come up.

Re:Too much UNIX for me (1, Informative)

Zarhan (415465) | more than 6 years ago | (#23473958)

"Ctrl+C" isn't just "Windows" standard, it's actually coming from much older days. You are looking for

http://en.wikipedia.org/wiki/Common_User_Access [wikipedia.org]

and it's actually originating from IBM. Personally I'm *glad* that Linux desktop environments are also pretty much implementing the standard - I *like* being able to always hit F1 for help, Shift+F12 for save etc. I've even seen CUA bindings setup for Emacs but cannot find a link right now..

Re:Too much UNIX for me (1)

Chris Mattern (191822) | more than 6 years ago | (#23474240)

"Ctrl+C" isn't just "Windows" standard, it's actually coming from much older days.


Um, no it isn't. CUA was introduced in 1987. Windows was first released in 1985 and CUA mostly codified the Windows interface. CUA is a Windows-centric standard.

Re:Too much UNIX for me (1)

Curien (267780) | more than 6 years ago | (#23475030)

"Ctrl+C" isn't just "Windows" standard, it's actually coming from much older days.
Um, no it isn't. CUA was introduced in 1987. Windows was first released in 1985 and CUA mostly codified the Windows interface. CUA is a Windows-centric standard.
The CUA is not Windows-centric. It was designed during the heyday of DOS-based graphical programs, when Windows was hardly ever used. In fact, Windows mostly copied the Apple spellings: Cmd+ZXCV, which are from the Apple Lisa and original Mac (and thus predate Windows) became Ctrl+ZXCV. The IBM CUA uses Ctrl+Del, Ctrl+Ins, and Shift+Ins for cut, copy, and paste, respectively.

Re:Too much UNIX for me (1)

Hawke666 (260367) | more than 6 years ago | (#23475338)

Shift+Del is for cut. I don't think Ctrl+Del does anything.

Re:Too much UNIX for me (0)

harry666t (1062422) | more than 6 years ago | (#23474264)

No, you're not having too much Unix. It's the rest of the world that is having too much Windows. Ctrl-C & stuff really sucks.

Re:Too much UNIX for me (1)

neural cooker (720830) | more than 6 years ago | (#23475244)

Same thing happened to me. I was trying to imagine someone killing an audit process and was then able to debug it.

It's easy... (5, Interesting)

johannesg (664142) | more than 6 years ago | (#23473654)

Look, the point of blacking out is not just to remove critical information, it is also to get you used to large parts of documents being blacked out. It is a way of hiding a signal within a lot of noise.

By randomly blacking out stuff, you will never know if there is vital information hiding underneath the black text. And you will become more and more accepting of documents that have barely any text at all.

The purpose is, of course, to allow more and more freedom to the agencies doing the blacking out. And less and less to you.

Re:It's easy... (2, Funny)

PatboyX (968493) | more than 6 years ago | (#23473710)

Washington Irving at it again!

Re:It's easy... (1)

ThePilgrim (456341) | more than 6 years ago | (#23473872)

Except all it does is get me in the habit of copying and pasting the whole document to see if they have screwed up again.

Re:It's easy... (0)

Anonymous Coward | more than 6 years ago | (#23474346)

Except all it does is get me in the habit of copying and pasting the whole document to see if they have screwed up again.
But if you assume what the GP said is true then they would only "accidentally" reveal benign information. They would do this to reinforce the suspicion that there isn't always important information redacted and keep people from poking around for the important stuff.

Re:It's easy... (2, Funny)

FudRucker (866063) | more than 6 years ago | (#23473922)

lol, they might as well publish everything with lorem ipsum on it...

---TOP SECRET--- "Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum."

Re:It's easy... (0)

Anonymous Coward | more than 6 years ago | (#23474354)

Just because it doesn't mean anything to you or me or anyone else on slashdot, doesn't mean the information is not sensitive. It could still cause harm to national security in the hands of someone else with more information than we have.

Re:It's easy... (1)

jmv (93421) | more than 6 years ago | (#23474368)

I would also suspect a lot of the badly redacted stuff is made on purpose to make people believe the "redacted" info. That or to distract people away from the non-redacted info.

No suprises (2, Informative)

Lumpy (12016) | more than 6 years ago | (#23473656)

Most of the time something deemed "secret" rarely is. Also when I was last in the public Sector, IT was woefully underfunded and overall employee training was even worse. Things like this will continue to be a major mess.

Secrets Kept to avoid Embarrassment (5, Insightful)

curmudgeon99 (1040054) | more than 6 years ago | (#23473660)

This is a classic example of secrecy being used not for national security but to avoid embarrassment. There are likely thousands of these types of secrets that cost money to keep but that are for no reason at all. Ass clowns.

Re:Secrets Kept to avoid Embarrassment (0, Offtopic)

Iamthecheese (1264298) | more than 6 years ago | (#23473754)

I am an ass clown, you insensitive clod!

Re:Secrets Kept to avoid Embarrassment (0)

CogDissident (951207) | more than 6 years ago | (#23474774)

I thought you were cheese...

Not really (3, Interesting)

Anonymous Coward | more than 6 years ago | (#23475182)

The calia network as outlined originally, would have used a fraction of the switches. That number of switches indicates that they were monitoring a LOT more. IOW, this was not about wireless but about the entire world wide network. FBI is tapping all of Verizon.

The one big embarrassment out of that, is that it shows that they had total access to the network, and yet 9/11 occurred. So, does that mean that this was not being used for terrorism, or does this indicate that we did know and ignored what was to happen.

Entertaining to whom? (2, Insightful)

Anonymous Coward | more than 6 years ago | (#23473664)

Can we get a new category, like "Gallows Humor"?

Besides, we shouldn't be reporting on this stuff-- our only defense against this government anymore is its own monumental stupidity.

Re:Entertaining to whom? (1)

Dr. Cody (554864) | more than 6 years ago | (#23474134)

...or dare I say, "gallulz"

Implementation (5, Informative)

Graywolf (61854) | more than 6 years ago | (#23473686)

"Redacted" was apparently implemented by covering the area with a white rectangle. Since the PDF has real text/vector graphics (as opposed to a bitmap), the information is still present in the file and even the standard Acrobat viewer can access it. Someone "Failed at Behaving Intelligently"

Re:Implementation (1)

Farmer Tim (530755) | more than 6 years ago | (#23473740)

Someone "Failed at Behaving Intelligently"

Of course, why do you think they work for the government?

Who's responsible..? (4, Insightful)

ricebowl (999467) | more than 6 years ago | (#23473702)

"Once again, supposedly sensitive information blacked out from a government report turns out to be visible by computer experts armed with the Ctrl+C keys

What confuses me is that, and I might be too generous in my assumption, I assume that there's an IT professional somewhere that looks over these released files prior to their release? I know that common sense is entirely too uncommon these days, but if I were to release a digital file (whether to an individual or the public) I'd make sure that someone from the IT department looked it over before release.

Otherwise it's like having a flu vaccine released by managers that went nowhere near an immunologist or virologist.

Still, I'm sure that, sometime soon, MS will remove the Ctrl+C combination. For national security, of course.

Re:Who's responsible..? (4, Insightful)

MrMr (219533) | more than 6 years ago | (#23473760)

...assume that there's an IT professional somewhere that looks over these released files prior to their release?

Apparently you have never worked for a government department.

Otherwise it's like having a flu vaccine released by managers that went nowhere near an immunologist or virologist.

or in the pharmaceutical industry.

Re:Who's responsible..? (4, Funny)

Thanshin (1188877) | more than 6 years ago | (#23473814)

...assume that there's an IT professional somewhere that looks over these released files prior to their release?

Apparently you have never worked for a government department.

Otherwise it's like having a flu vaccine released by managers that went nowhere near an immunologist or virologist.

or in the pharmaceutical industry.
It's not lack of knowledge, it's optimism. Don't pop the pink bubble.

Re:Who's responsible..? (1)

maxume (22995) | more than 6 years ago | (#23474156)

Aren't those the same thing?

Re:Who's responsible..? (1)

Missing_dc (1074809) | more than 6 years ago | (#23473776)

I assume that there's an IT professional somewhere that looks over these released files prior to their release?

Well, it was an IT guy, but no-one calls him a professional.

Re:Who's responsible..? (2, Insightful)

Bushcat (615449) | more than 6 years ago | (#23473790)

No, the "IT professional", if any, will have been excluded by the "incredibly thick underlings" thinking they actually have a clue. I've worked in such environments: the thicker the person, the more that person thinks s/he knows, and the more important that person believes s/he is.

Re:Who's responsible..? (1, Insightful)

Tim C (15259) | more than 6 years ago | (#23473968)

I know that common sense is entirely too uncommon these days, but if I were to release a digital file (whether to an individual or the public) I'd make sure that someone from the IT department looked it over before release.

A month or so ago our HR director distributed professionally-printed copies of the new Employee Handbook to everyone in the company.

It is full of typos, grammatical errors, strange changes of tense or person, weird extra line breaks, etc. You'd have thought that someone would have proof read it, or at the very least approved a sample print before the full run was produced.

Point being that people take it upon themselves to do things all the time without seeking input from others.

Re:Who's responsible..? (1)

Jesus_666 (702802) | more than 6 years ago | (#23474102)

Actually, they will just remove the C key from all keyboards.

Re:Who's responsible..? (1)

Hyppy (74366) | more than 6 years ago | (#23474350)

At least in the military, and government contracting, IT personnel are seen as the "obnoxious geeks" that just get in everyone's way and try to make work hard. They don't understand that MySpace and certain advertisers are blocked for a reason. They don't understand that you have to provide a justification for that firewall modification because IT is trying to protect the network, not because they hate you.

Military officers ESPECIALLY despise IT. They were generally raised in a slightly more privileged environment, and therefore believe that their "education" makes them intellectually superior to others in every aspect.

It becomes a game of cat and mouse. The IT personnel scramble to keep things running on a minimal budget, while the "management" does everything it can to stop IT from doing its job.

Re:Who's responsible..? (1)

nolife (233813) | more than 6 years ago | (#23474812)

Agree with your opinions but...
IT departments working in a non IT business is to serve the users. IT does not run the business. If the users are not satisfied and can not do their work they want, you have failed. Your job is to point out the potential problems (in writing if possible) of doing things their way from an IT prospective and let someone else make the business decision if they want to do that or not. If you have a strong IT department manager, you will be able to achieve a balance of ease of use and security.

Meaning:
If someone wants to run no firewall and allow direct access to their PC from the internet so they can work from home bypassing your RSA frontend, you should point out the security problems with that setup in writing/email/group forum to your supervisor and/or to that person. If they choose to still do it, come up with a plan to minimize the risk as much as possible or present alternatives with what that user wants. At that point, you've done your job that you were hired to do and you should move on to the next issue.

Re:Who's responsible..? (1)

jcgf (688310) | more than 6 years ago | (#23475260)

What happens when they don't listen to your warnings and make you set up the network to be totally un-secure and then still blame you when they get hacked? Those meeting minutes with your warning will be gone if it prevents Colonel Pomp from looking bad. I think the gp poster is right to cover his ass first.

Re:Who's responsible..? (1)

Thrashing Rage (157543) | more than 6 years ago | (#23474532)

Still, I'm sure that, sometime soon, MS will remove the Ctrl+C combination. For national security, of course.

BUT you still will have CTRL-Insert

HA!

Re:Who's responsible..? (0)

Anonymous Coward | more than 6 years ago | (#23474542)

At my place of employment, we have third party tools to handle that automatically. Any time a specific file type is attached to an email addressed to someone outside of the company, you will be prompted when hitting send to view a "risk assessment" of the information hidden in the document and a chance to strip the metadata or convert the document to a different format, like a PDF image for example. It is completely up to the user on the decision of what to do but the automation and seemless integration into Outlook makes it really easy for them. These same tools are avialable outside of mail of they choose to put files on CD, thumbdrive etc..

Workshare Professional is one of the tools we use.

You think thats bad... (1)

hyperz69 (1226464) | more than 6 years ago | (#23473718)

They have done real boneheaded stuff like xxxx xxx xxxxxx xxx xxxx xx xxxxx xxxxxx xxx. Wonder why no one has ever talked about it before.

Note: This post had been edited by the FBI for your protection. Thank you for your continued co-operation.

Re:You think thats bad... (1)

kellyb9 (954229) | more than 6 years ago | (#23475090)

Haha - took me a little longer to realize why that was boneheaded then I would've liked. I wonder why they don't just encrypt text they feel is sensitive and turn it into garbage and then black out the garbage. Apparently from TFA it seems, most of the governments secrets are already garbage anyway.

Re:You think thats bad... (1)

pipatron (966506) | more than 6 years ago | (#23475102)

Are you sure it was edited by the FBI? I tried to copy the redacted parts and paste into my editor but nothing shows up. Are you using the same algorithm?

Not everything is censorship. (5, Informative)

R2.0 (532027) | more than 6 years ago | (#23473802)

Sometimes items are redacted because of contractual commitments or confidentiality agreements. Take the example in the story; now, all Verizon's competition needs to do is bid $2,499 per switch and they get the job. So what if they could have supplied the switches at $2,200 and still made a healthy profit - they just need to be low. So that's $299 extra per switch that the government (aka, taxpayers) will have to pay because the competitive bid environment has been contaminated.

But hey, they made their point about evil government masterminds being wholly incompetent, so what does logic matter?

Re:Not everything is censorship. (1)

NiceGeek (126629) | more than 6 years ago | (#23474256)

If I'm not permitted to have secrets, why should they?

Re:Not everything is censorship. (1, Informative)

Anonymous Coward | more than 6 years ago | (#23474668)

Once bids are awarded they are in the public domain.

Re:Not everything is censorship. (0)

Anonymous Coward | more than 6 years ago | (#23475128)

Iâ(TM)m not saying this is the case here, but it might be that this bit of information in the right context is sensitive. Having worked with secrets you would find that most are seemingly benign, but when taken with a handful of other seemingly benign bits, they make a secret. This is the difficulty of working with sensitive information. For example, itâ(TM)s possible to get into a reply chain of emails and unknowingly construct a secret document. Again, Iâ(TM)m not saying that is the case here, but just because one bit looks trivial doesnâ(TM)t mean that it is taken in the entirety of the redacted document.

LOL! (4, Insightful)

sm62704 (957197) | more than 6 years ago | (#23473820)

visible by computer experts armed with the Ctrl+C keys

The FBI is trying to trick me into thinking they're all stupid so they can find out where I've got the 500 acre marijuana farm with its fiftten thousand tons of marijuana in the barn, 500 beautiful hookers and the casino downstairs, where you can buy white lightning and moonshine.

Meanwhile, Osama's still loose.

Attention FBI: Look, dumbasses, print the damned thing out, black out the parts that embarrass the President and your Director with a magic marker and scan it to a TIF file (that's a graphics format, guys. Pay attention!) and "print" THAT to PDF.

But you already know that, you're trying to find my pot gambling hooker farm!

Re:LOL! (3, Funny)

Thanshin (1188877) | more than 6 years ago | (#23473914)

print the damned thing out, black out the parts that embarrass the President and your Director with a magic marker and scan it to a TIF file (that's a graphics format, guys. Pay attention!) and "print" THAT to PDF.
WRONG!

The official method is:

1 - Print the document.
2 - Cut the private parts away with a cutter.
3 - If you've not castrated yourself, you should have a paper with holes. Put it in a wooden table.
4 - Make a photo of said table.
5 - Load the photo in a power point.
6 - publish the ppt file.

Re:LOL! (0)

Anonymous Coward | more than 6 years ago | (#23474682)

Also wrong!

The approved method by the current administration is:

1 - Print the document
2 - Painstakingly cut sensitive info out with an X-Acto knife
3 - Destroy redacted bits of paper in burn bag
4 - Store the person who saw the sensitive information in one of Cheney's man-sized safes
5 - Order another man-sized safe
6 - Deny existence any document

Re:LOL! (1)

stimuli_ii (1266556) | more than 6 years ago | (#23474974)

You forgot:

7 - Profit!

Re:LOL! (1, Troll)

Inda (580031) | more than 6 years ago | (#23474092)

The magic marker ink will not hide the printer ink. It will show up on the scan.

Better luck next time. Thanks for playing.

Re:LOL! (2, Funny)

genderbunny (1190319) | more than 6 years ago | (#23474144)

I'm also inept. Now where might this farm be located?

Well, actually... (0)

Anonymous Coward | more than 6 years ago | (#23473902)

This is the sort of thing that seems innoculous, but, in theory, could be used to compromise an investigation.

For example, if I was a bad guy and I suspected the FBI might be on to me, and I could have my buddy who works for verizon watch for $1,500 payments from the FBI. And then see where techs are dispatched. If one is dispatched to my area, even if it was unrelated, I'd move my safe house, or the very least cease talking about bad guy things on the phone. Goodbye weeks of work getting wiretap warrant (well, now that the lids been blown off, its back to weeks).

This is also the sort of information that could be used in a social engineering attack. (This is verizon, we haven't yet recieved our payment for the upgrade to switch XXX-XXXX)

The New Math (2, Interesting)

nqz (778393) | more than 6 years ago | (#23473906)

Maybe the FBI should stick to something, like wiretapping for example, rather than performing simple math for a report ... 1140 x $2,500 $2.9 million (see the reverse pacman sign)

The mosaic effect (3, Insightful)

Anonymous Coward | more than 6 years ago | (#23473936)

Now, I'm all up for good gov't conspiracy, and working for the gov't, I know how they spend inappropriately.

But there is something called the mosaic effect. The short of it is that you have two (or more) documents. None of them by themselves are sensitive, but as a group, they become sensitive because they give you a complete picture. It's quite possible that this redacted info gives that picture.

In addition, gov't entities regularly leave out the specifics like the number of switches because they do not want to demonstrate the scope of their operations. Not for any malicious reasons, but for what they perceive as a security risk. It might be a false risk, but it's not malicious.

Follow the evil overlord tips (4, Insightful)

vecctor (935163) | more than 6 years ago | (#23473986)

When I read this, the first thing I thought of were the evil overlord rules - specifically this one:

One of my advisors will be an average five-year-old child. Any flaws in my plan that he is able to spot will be corrected before implementation.
They just need to have some intern to sit around and spot obvious flaws in document security. Any idiot giving this doc a cursory examination would have found this.

It looks like you're trying to redact a document! (5, Informative)

Halo- (175936) | more than 6 years ago | (#23474000)

For me, the best part of the article was the link to the NSA redaction guidelines. Interesting reading I suppose, but the fact that throughout the entire paper the screencaps of MS Word had that damn Clippy-substitute cat sitting in the corner was classic. I'm not sure I'd trust someone (even at the NSA) to give me advice on MS Word options and settings when they can't even turn of the animated assistant.

How much!!! (4, Insightful)

JaJ_D (652372) | more than 6 years ago | (#23474008)

The FBI paid Verizon $2,500 apiece to upgrade 1,140 old telephone switches. Oddly the report didn't redact the total amount paid to the telecom â" slightly more than $2.9 million dollars â" but somehow the bad guys will win if they knew the number of switches and the cost paid.

It's more likely that the total number is large and people go "ok must be a lot" but at 2.5k usd per switch people would go "how fucking much!!!" - that's what they may want to avoid

Jaj

Re:How much!!! (0)

Anonymous Coward | more than 6 years ago | (#23474242)

I think the big question is why did our tax money pay for Verizon's Equipment!

I need a new computer. Will the FBI chip in? Not like I have any privacy anyways.

Use by common (small town even) police departments (1)

AtariDatacenter (31657) | more than 6 years ago | (#23474030)

Figure B: "SCREENSHOT OF ASKCALEA HELP DESK DATABASE"

It shows requests from:
Montogmery County, MD
Baltimore County (state not listed)
Omaha branch of the FBI
Kenner, Louisiana
US Secret Service
Racine (Wisconsin?)
Taylorsville, Utah

Look at all of those small towns. Given that even the very small towns are using CALEA, it looks like the use of wiretaps is very widespread.

this just goes to show (4, Insightful)

v1 (525388) | more than 6 years ago | (#23474044)

how abused and misapplied all those "in the interest of national security" procedures are when there is no oversight in place. When will the legislators ever learn, anything that can be abused or misused, will be abused and misused in the absence of oversight? It's not even "might" or "is very likely". It always happens. It's human nature to take advantage for personal gain without risk. They censor anything that they want to, for any agenda, because they can. And this just exposes that truth.

Now watch how they react to it. Do they straighten up their censorship policies? of course not. They'll simply make the abuse harder to discover.

Be happy its still number of switches (3, Interesting)

AHuxley (892839) | more than 6 years ago | (#23474152)

In the USA you still only have to do the math on the 'number' and 'quality' of roving witetaps.
The use of public or released data to see what police forces are doing is interesting.
In India you have to count the number of dead.
"The records show that Durgiyana Mandir ground was one of three cremation sites in Amritsar
illegally used by the police.
It takes about 300kg of wood to burn a single body and each wood purchase is written in a register.
The police subverted the system, by burning more than one body on each pyre.

http://news.sbs.com.au/dateline/india__who_killed_the_sikhs_130052 [sbs.com.au] [sbs.com.au]

If you have Adobe Acrobat Try This (1)

ronbo142 (942105) | more than 6 years ago | (#23474166)

If you are running MS-Office and Adobe Acrobat..... 1. Select the text that has been "REDACTED" 2. Right Click 3. Select Open Table in Spreadsheet Opps.... Look what I found!

Protecting Verizon's competitive secrets... (1)

dpbsmith (263124) | more than 6 years ago | (#23474280)

...must be high on the FBI's list of priorities.

Verizon: We'd love to help you, but, you know, if we do this for you, we'd have to do it for everyone.

FBI: Don't worry, we'll never tell.

apiece??? (1)

dwater (72834) | more than 6 years ago | (#23474358)

IINM, normal usage of the word "apiece" implies multiple recipients - eg "My children received pocket money of $10 apiece." which means I was out $20.

Think there was a previous deletion that was successfully hidden and there's actually another recipient involved?

Re:apiece??? (1)

iNaya (1049686) | more than 6 years ago | (#23474584)

WRONG!!

'Apiece' denotes multiple objects and means pretty much the same as 'each'. Whether they are recipients or not doesn't matter.

E.g. My children received $10 apiece.
Works fine, so does
I bought 5 pencils at $4 apiece.

If you're gonna be a grammer Nazi, at least be correct!!

All Your Base (1)

longacre (1090157) | more than 6 years ago | (#23474464)

The FBI paid Verizon $2,500 apiece to upgrade 1,140 old telephone switches. Oddly the report didn't redact the total amount paid to the telecom â" slightly more than $2.9 million dollars â" but somehow the bad guys will win if they knew the number of switches and the cost paid."
The day the evildoers learn to use the * key for multiplication is the day of the apocalypse.

Why would the FBI pay $2.9m to Verizon? (0)

Anonymous Coward | more than 6 years ago | (#23474518)

I've not seen anyone ask -- but why would the FBI pay Verizon $2.9m to upgrade it's network switches?

Intentional leak (1)

Luyseyal (3154) | more than 6 years ago | (#23474524)

This strikes me as an intentional leak perpetrated by an employee who thought it was dumb to retract all of that. Just a gut feeling. I have no way to back that up.

-l

You idiots... (2, Funny)

rpp3po (641313) | more than 6 years ago | (#23474714)

this is reverse psychology! Hide some nonsense behind CRTL+C and the people point at you laughing about hiding such nonsense. Give 'em nothing but black bars and they will be afraid what terrible things are behind them and shout for more transparency.

this isn't about national security (1, Interesting)

Anonymous Coward | more than 6 years ago | (#23474788)

The FBI paid Verizon $2,500 apiece to upgrade 1,140 old telephone switches. Oddly the report didn't redact the total amount paid to the telecom â" slightly more than $2.9 million dollars â" but somehow the bad guys will win if they knew the number of switches and the cost paid.

This is not about giving too much information to the enemy (whatever the current boogie man is). This is about PR and keeping the public misinformed, while pandering to their national security concerns.

"We spent 2.9 million US$ on improving our communication system" will trigger a "Great! That's tax dollars well spent!" while on the other hand a "We paid 2500 US$ for each of the 1140 telephones we recently purchased" will earn you a "WTF? Is that what our tax money is wasted for??"

according to TFA... (2, Interesting)

DragonTHC (208439) | more than 6 years ago | (#23474808)

the FBI had spent $500 Million for these sort of upgrades. If verizon only cost them $2.9 million, and the other carriers cost only slightly more, where's the other $475 million dollars?

no ctrl+c needed (1)

skorf (832428) | more than 6 years ago | (#23475012)

using doc viewer all you have to do is select the "hidden" boxes and you can read the text. I guess you need ctrl+c ctrl+v if you would like to print the hidden message, but otherwise a simple select all will do it!

Linux makes things even easier! (2, Informative)

1336 (898588) | more than 6 years ago | (#23475018)

In Ubuntu if you use the default PDF viewer (Evince), you can see the "sensitive information" in the tables by simply HIGHLIGHTING the text.

No need to even use the keyboard to copy/paste the data! ;)

Wow (1)

kellyb9 (954229) | more than 6 years ago | (#23475150)

I just have to say... wow.. i'm amazed... wait, no, I'm not. I've worked for a government organization and this doesn't surprise me. But I was thinking a simple solution is to encrypt sensitive text, turn it into garbage, and then black out the garbage.

We monitor on behalf of small town companies (0)

Anonymous Coward | more than 6 years ago | (#23475262)

I cannot reveal who I am or where I work, but we became CALEA-compliant in 2006. We receive several requests every few months to 'monitor' someone's telephone connection. Being that I have access to the account database that shows this sort of thing, the reasons behind the wiretaps are usually suspect. If you think that your phone connection is safe, you are wrong.

Feel free to respond and ask questions.

The naivete! (5, Interesting)

wfolta (603698) | more than 6 years ago | (#23475290)

It hurts my brain. The person who (incompetently) redacted the document was probably just following guidelines. My guess is that there's a guideline that says that specific numbers and costs cannot be published in reference to secure systems used by an intelligence or law enforcement agency. Only aggregate costs, as necessary to inform the public and lawmakers.

No conspiracy. No corruption. No deeper meaning than a guideline that requires sticking your neck out and making a case if you want to violate it.

Makes sense, actually, as most intelligence gathering is probably not about sentences like, "John Doe is our super-secret mole in the office of the director", but rather "the phone system has 1100 switches for all of North America, and is taken down every 2 weeks at 1 am for maintenance."

And this leaves me wondering if those who are laughing or outraged at the attempted redaction (as opposed to the incompetence in implementing it) are also the same people who insist that they must have military-grade encryption and anonymous re-routing, using spread-spectrum wireless transmissions to public access facilities, in order to protect their private emails to grandmother. Sigh.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>