Schneier on Security

Well, the first thing that comes to mind is the obvious fact that not all operations are "vile secret operations and plots" so John Young is clearly throwing out the proverbial baby with the bathwater (assuming he actually cares about the baby).

I'm not sure what exposing a list of names is going to do. Even if these are actual names of undercover agents, presumably undercover agents aren't going to be working undercover using their real names. Unless they're particularly stupid undercover agents.

At best it couldn't be any more effective than a sort of anti-terrorist watch list. People would be at more risk from false positives than anything else.

Although hardly along the same lines (regarding severity of disclosure) this also reminds me of the April 1, 2005 attack on the (ISC)2 website that exposed all the CISSP contact information. The date was used to justify the attack as a "joke". It now circulates around the net along with juvenille commentary about how "embarassing" the situation must be for the organization.

@ jconde

It's not hard to tie together a name with other data such as DOB, photo, etc.

@jconde

If you have the names of 276 British Intelligence Agents and you suspect that one or more of them may have infiltrated your organization (this assumes that you have a need to be worried), you could assign someone you trust to research those names (using Google or whatever and maybe come up with a picture/description/etc. You could then match that image/description/etc with members of your organization and if there was a match, the spy would be found out.

Another example, would be in the aftermath of a successful covert mission, in which many, but not all of a criminal/terrorist organization are killed or captured. That spy, now returns home and assumes is regular life under his real name (which is on this publicly available list). The spies real identity would probably come to light in a trial or whatever. Now you have terrorists still on the loose able to track down the agent that betrayed them, find his home address and exact their revenge.

While both of these examples are unlikely, they illustrate that publishing this list is probably not the best thing for John Young to be doing.

@Davi

Generally speaking, I agree with you. But his position follows a certain logic.

If exposing agents causes a secret operation to fail, that could SAVE lives, if that operation involved killing people, directly or indirectly. So if blowing agents' covers willy-nilly saves more lives than it endangers, to some, that would then be worth it.

It all boils down to what you think these secret operations are. Since they're secret, we don't know. Our biases are our guides. Clearly Mr. Young thinks many (or all) secret operations by British agents are "nefarious"--or at least enough to justify the risk. You and I don't share this view. But because the operations themselves are secret, our opinions are just as uninformed as Mr. Young's.

I think he's done a bad thing, but I can't ever prove it. He thinks he's done a good thing, and he can't ever prove it. This is therefore an IDEAL topic for blogging ;-)

I can appreciate it as sousveillance against a country with a fetish for mass surveillance. Seems like an appropriate response.

Davi:

The CISSP lists that are circulating have not, to my knowledge, been tracked to their origin, but none of them that I have seen that the CISSPs have noted matches perfectly any of the lists, public or private, at any known point in time. Many long-standing members are not named on versions of the list that have newer members. There are names that are not and have never been in the public lists, and some publicly-listed names are not present.

All in all, there seems little, either in the lists' content or any forensic evidence, to corroborate the notion that these lists (and there are many) were obtained by gaining privileged access to the Consortium's servers, so (ISC)2 has not really paid much attention. Further, some of the lists have been around since well before 4/1/2005.

So apparently the "attack" was indeed a joke - a hoax rather than a prank.

I would be more afraid of one of the 276 deciding posting the list was a bad idea than anything else...

The point being missed here is that these agents identity was already compromised before this list was published. Someone out there already knew who all these people were. If there are operations underway that require their identity to be secret the intelligence agency is better off knowing the person's cover is blown than having some subset of people know that may not include them.

Additionally, the particular list of people may give some hint as to who discovered it and what methods they used.

This action may have caused more people to have found out the names sooner, but that is the trade-off, the timing, not that the information was already out there. The horse left the barn and it's a matter of deciding whether it's best to avoid talking about it for a little bit (and letting the information continue to be sold on the black market a little longer).

@Davi:

I am not familiar with this hoax/prank, but ISC^2 used to run a queryable database so that CISSPs could be looked up. This is similar to what NSA does right now with its list of IAM-certified folks: http://www.iatrp.com/IEMIndivu2.cfm

On the question of the morality of "outing" spies, it depends on the cirumstances. Doing it as a political hatchet job (Karl Rove and Valerie Plame) is morally wrong. Doing it to, say, prevent a black bag job against a democratically-elected Latin American chief executive whose opinions are a tad too pink for these parts? Maybe not so bad.

What Young is doing is pretty pointless, and misguided in any event. Outing a couple of hundred secret agents is unlikely to make a dent in the espionage apparatus of a large nation like the US, Russia or the UK. What will make a dent is a general public intolerance of secret actions being undertaken by their government. Young assumes that the public is helpless to change the situation, and therefore attempts to take matters into his own hands, shedding light on something that most of us have no problem with leaving hidden. While less spectacular, a more useful tack is to engender a desire for more government transparancy within the voting public of one's nation. A populace that promptly votes out of office any politician that appropriates funds for spy organizations (or refuses to explain where such moneys are going) will soon find that they don't have much of an espionage community within their borders. They can then deal with the positive and negative consequences of that state of affairs. But attempting to effect that level of social change is a long and thankless job, and the truly zealous rarely have that kind of patience. (Of course, there is also the fact that a lot of people in Young's position/frame of mind don't really believe that their nations are democracies, with empowered voters, but that's a different argument.)

A lot of intelligence officers are put in plain sight in other countries, with their real names but under assumed positions. They may work for the CIA, FSB, MI6, or whatever, but they're attached to embassies and consulates as officials of other agencies, acting as trade experts, cultural liaisons, functionaries, and other roles that allow them to talk to people to gather intelligence without appearing like a spy. With diplomatic credentials, the worst that can usually happen is to be declared persona non grata, forced to leave the country. Those sent in without such cover are subject to arrest and prosecution, or worse.

I think these are a good idea - I don't want these types tracking me under the mistaken belief I'm a terrorist, particularly if it is followed by them jumping on me and blowing my brains out.

So let's have a few lists from the US as well. Nothing improves the functioning of a government like a bit of daylight.

Vik :v)

Young ignores the possibility that the people on the list are **not** agents and that his black list could easily get innocent people killed.

One only has to look to John Loftus' publicly outing of a "terrorists" home address on FOX news to see the danger of outing people alleged alleged to be agents. Loftus' information was 3 years out of date and continues to endanger an innocent family who now lives in the home as well as the alleged "terrorist."

In an age of shrinking civil liberties, this is an incredibly stupid example of pulling the tiger's tail. Hopefully it's not as bad in the UK as it is in the US as far as clueless politicians passing bills they haven't even read goes, but over here such an action would most likely result in some asinine and unneccessary law being enacted to prevent asshats like the guy that runs cryptome from doing this stuff.

Am I justified in calling him an asshat? He goes around posting information like this under the assumption that it would do more good than harm. Considering the position these people may be in, the results will be somewhere in the range of nothing happenning to starting a major war. While the true result will very likely be somewhere deep in between those two extremes, should any one person with very little information be going around casually forcing these risks on the world? Even if you disagree with the policies of the UK's goverment, is it worth risking the lives and livelyhoods of what are basically underpaid civil servants to make whatever point (if, indeed, there is one)?

I believe very strongly in the right to freedom of speech and freedom of press. However, it really annoys me that many people forget that with rights come responsibilities. Right or wrong, it's pretty hard to describe the action of posting this list as 'responsible'. In our current age of paranoia, media hype (Mr. Schneier's 'Movie Plot' threats) and clueless legislation, this action is one that can do almost no good and mountains of harm.

The proff that these list are not fake??

@ Vik: how will having people's names help you know if you're being tracked?

I think a lot of these discussions revolve around the question of whether this particular incident has had/will have/could have any major effect, when the more interesting discussion is whether the identities (not just the names) of such agents should be made public.

In the very short term, an unannounced publication like this, where the agencies in question have no chance to warn agents that their identities may be made known, there is certainly no increased protection for agents, as with their covers blown, they face an unknown array of risks which may involve arrest, murder, and so on.

In the medium term, if this sort of practice were to continue, agencies would realise that the risk of using such agents was too great, as they would be discovered too soon. This would cause the agencies involved to stop using the agents, and thus people who would have been agents would end up doing other, presumably lower-risk jobs, and be safer.

In the long term, the repercussions of such a policy are unknown, and would depend on how important the information the agents were gaining was. A situation where intelligence agencies are unable to use agents has, to my knowledge, never been encountered, and without in-depth knowledge as to what the agents are doing, it is impossible to guess the long-term effects.

Firstly, maybe this is a real world example of security by obscurity. In that scenario the government would then be the vendor who getting upset by disclosure. The government position is the disclosure itself creates risk. The disclosure's position is less clear to me.

Also, I expect that if this guy can find a list without the weight of government resources behind him then it can't be that hard for a government or other large and well funded organisation. If true it makes the proposition the information in question is secret fairly thin.

Agree with ac that what this argument may boil down to is what one thinks of the operations of the agents/agencies in question. I'd rather not resort to example, since that's really just anecdotal evidence moved a step further from reality. I would, however, consider the following - posting that list explicitly *disallows* the argument (or meta-argument) over whether what those agents/agencies are doing is worthwhile/proper/etc.

In other words, the act of posting that list has run a shortcut around what I personally would consider to be a necessary and responsible step - the discussion among a polity as to whether or not the actions of its government are desirable and/or worthwhile.

I am troubled by this posting, because I am firmly of the belief that transparency is good. However, is this 'transparency' or 'tarring' (as in ...& feathering)? Without a proper validation that these lists are correct (as others have brought up) then the onus falls entirely on Mr. Young to make sure that his spotlighting has not caused innocents to suffer. Given the degree of 'accuracy' much government information seems to display, is Mr. Young willing to stipulate that *all* the people on those lists are, in fact, really MI6 agents - even bypassing the 'justified' argument? If he is not, then his action is irresponsible (IMHO) because he has arrogated to himself the decision of publicizing the identity of someone whose safety may depend on their anonymity, and more importantly because he has essentially decided that anyone mistakenly included on those lists deserves to suffer whatever repercussions might befall them. The latter is true (again, as others have noted) despite their actual involvement - and they have no recourse. If Mr. Young objects at all to such programs as Secure Flight, then he should think very, very carefully about creating lists himself.

I believe the origin of the (ISC)2 attack is described here: http://vmyths.com/mm/whisper/2005/0401/cissp.txt

The author explains "Your current 'Website Access Policy' forbids any program that collects
information for any purpose other than indexing of search engines. For
the record, I used no collector/harvester program. I just typed each
vowel (a,e,i,o,u,y) by hand into your search page and then I stripped the
duplicates."

Something that (surprisingly) hasn't been brought up is the inevitable reaction of the government. Here in the US, we have an unfortunately strong tradition of trying to classify or otherwise supress agregations of obscure but public information (like the "don't fly near nuclear power plants" edict followed by a "please don't generate a map of where you're not allowed to fly" request). This doesn't appear to be necessarily public information to begin with, but how does one deal with collections of data which is, by itself, innocuous, but when agregated forms a 'dangerous' document?

"Since they're secret, we don't know"

True perhaps, in advance of an operation, but we still should be able to find out more after the fact assuming reasonable disclosure practices. Historically I think we can agree that not ALL missions have been "vile secret operations and plots".

If we seriously consider the role of ethics (even simple utilitarian concepts of taking one life to save many) in order to dis/allow operations, then I still am not sure I would want every Tom, Dick and John Young with a website to have veto authority.

What risk is there with just an alleged list of names ?

Most of the names published by Cryptome are on the published Diplomatic lists of embassy staff, and include the names of several Ambassadors.

None of these people are "undecover agents", and are at no more or less risk than any other British Embassy staff.

Are the alleged lists of names of MI6 agents any more or less useless than alleged lists of names terrorists, (there are several such lists on the Cryptome website, especially regarding Northern Ireland), which also contain obvious errors, and/or deliberate smears.

Surely the lists to be worried about are not those published, for what they are worth, on Cryptome, but those compliled by Government agencies ?

If International Civil Aviation Authority Biometric Passports really do work, then they will make life at least as difficult for "legitimate" Government spies as for alleged "terrorists".

A Government may well be able to issue several false Passports, to their own "undercover agents", or military special forces, undercover police and customs agents etc., but surely these will raise alarms at borders if the Biometric Identifiers recorded are compared with those recorded on previous visits, under different names, perhaps even during holidays or business trips before the agents were even recruited.

Will Biometric Passports / "e-borders" put their "secret identitiies" and possibly their lives, at risk ?

It seems that this fellow is espousing a greater principle that should be considered, "John Young ... 'welcomes' secret documents for publication".

(Not that I believe he isn't hiding behind this to justify his particular actions) he seems to be saying that nothing is entitled to be secret. (Based on his personal determination of what is ethical - someone else might determine that exposing the identities of all those suspected of downloading 'protected' intellectual property was ethical.) If this is so, then how about extending this to all sorts of realms? How would you feel, Bruce, if Young decided to publish the salaries and personal details of all of your employees? It would probably create a lot of discord in most places even though so much of this information isn't that hard to obtain. How about publishing all of the 'personal information' that so many security people say need to be better protected?

As other have demonstrated above - publishing false information makes the matters worse - as an example if a relative in your company was reported to make substantially more than they really did.

Just like the publishing of computer system exploits, full disclosure forces the source of the compromised data to deal with the problem so it doesn't happen again. IE: the real problem here is that these lists were able to be compiled at all, not that John Young (however misguided he may be) chooses to publish them.

As much as people like to believe that government operations are run truly "securely", (e.g. that it is impossible to know certain secrets) this is not really the case in practice, in most cases. A tremendous amount of "security" of this nature relies on obscurity. Not ideal? Too bad, there are simply too many real-world considerations involved. All these people who are saying that lists shouldn't exist and ideally this and ideally that have no idea what they're talking about.

One thing I don't understand about conspiracy theorists... if these government agencies have this nefarious agenda, and truly care little about the people they supposedly protect, why are they letting someone live who has a list of their agents?

Not to say that all government operations are lily white. There are undoubtedly government activities going on that the general public would decry as uncivilized. However, "They" can't be as amoral as guys like this say, or they would swat him like a bug, no?

Does not the existence of conspiracy theorists provide evidence to the fact that their doomsday theories are farfetched? Or is The Man so sophisticated that he allows the nuts to do their thing, making it appear trivial by a lack of response, when in fact we are all controlled by the Illuminati?

This is the sort of discussion that has me chuckling in my beer.

I personally think it's reprehensible to post this sort of list simply on the assumption that they're out there doing more harm than good.

Were this a case of whistle-blowing involving agents whose assignments were known to be highly questionable (perhaps after some goof with dire consequences), that would be a different story.

None of the names on the list are people I was
at Cambridge with, so it's obviously a fake.

Paddy Ashdown?!

It must be a fake!

It's treason I tell you, hang the fu**er! Bloody liable it is! What about those who share the same names, pointless, self-promoting bollocks.

I know of at least one rogue MI6 agent who isn't on the list. I doubt they use their real names anyway, as they all carry more than one passport, etc.
My guess is that the list is not real, nor does it carry any authority. If it was real, the website owner might get a "visit" and a free trip to Cuba, if you know what I mean. I was threatened with the same, but managed to avoid it by using my intelligence (ironically, the intelligence services do not encourage intelligence in their assassins).

Good points by most of the above.

As others have stated, even if the names are wrong / spurious / based on a mere suspicion, publishing them potentially does create a danger for civillians mistakenly ID'd as a name on the list.

What was this chap thinking? I'm going to stop now before I go off on a lengthy rant. Suffice to say - not amused.

I agree with Pat Cahalan on this one, the Tin Hat community on the whole seems to be a little gullible and excitable at times. I think this links in with what Bruce was saying about Peggy Noonan slightly with people who just may watch one too many movies.

I can imagine that there might be an outside chance that sme of these names might, just might be real. But, like before with the mentioning of Paddy Ashdown, especially with his current job may suggest where this supposed link may come from.

If they were real then, regardless of whether these people are, or are not involved in 'vile' plots or not, it could potentially put their lives at risk.

It'd be interesting to see if any of this picks up to any real momentum, which as with the other lists I doubt it will, as the press never picked up on tens or hundreds of British nationals, or Embassy staff suddenly returning to blighty ... or I doubt they ever will.

Real or not, I beleive this was a bit of a stupid idea. This differs from releasing security exploits in software etc as it involves real people, regardless of whether you think what they do is vile or not.

The one this us brits are good at is lying while proclaiming the virtue of fair play. The fact that only 35 names appeared on two lists and none on three makes it likely that there is some disinformation going on.

As for morality it is handy for an agent to know if his ID has been revealed, I would guess that having the information leaked but the leak not known about is worse than everyone knowing.

Hi,

I'm Michael Thomson, but not *the* Michael Thomson on the list. What am I supposed to do?

"The one this us brits are good at is lying while proclaiming the virtue of fair play."

Aww, come on, be fair. We're never like that!

If not naming them (supposedely) places MORE lives in jeopardy, then naming them does place some lives in jeopardy. This guy knows that he is endangering lives and he does not care.

Since he welcomes leaked secret documents, I think the solution is to provide him with some. I, for one, nominate the name "Norman Spinsky" to be placed on such a list. Oh, and "Caroline King". A little disinformation can go a long ways.

If this guy is a Brit, then he is a traitor. If he disagrees with his country's policies, there are ways of furthering that which do not involve tampering with its current activities. Here's a litmus test: if they are as evil as he says they are, he will be quietly murdered. If they are not, he will get to go on with his perfidy. We'll see. I for one cannot see any moral difference in this kind of act -- outing clandestine agents -- than if someone were to protest the Iraqi war by blowing up a troop train. How much better would it be to provide proof of all the evil nasty things that MI6 is up to, and garner a groundswell of public discontent which would force the government to change? No. That would be too much like work.

Security through obscurity? Seems to me this isn't so much like a private encryption algorithm being revealed. It's more like plaintext being revealed. The identities of agents is a secret, not a method of keeping a secret.

Sometimes secrecy is the only thing that works. For example, it would be very difficult to win a high-stakes poker games without keeping your cards secret.

All that said, I'm deeply distrustful of government secrecy, and have a great deal of sympathy for cryptome. I tend to think we'd be a lot better off with complete transparency in government. With immense power should come immense public accountability.

"If this guy is a Brit, then he is a traitor."

By that reasoning, if he is not a Brit, he is a national hero for his counterintelligence work.

@Dennis:

{SNIP}
... With immense power should come immense public accountability.
{SNIP}

This is indeed a laudable objective. However, for various reasons certain things, certain operations *must* remain confidential. Otherwise there exists the certainty that anyone who personally disagrees with the objectives of a certain option would be able to stop it dead in its tracks.

This is indeed a good thing in the event of a rogue or illegal operation. However, it would be virtually impossible to then stop a subversive / terrorist or even baseline criminal from also scuppering operations against them. The Police / security services would then be totally impotent to controll all those things that the press makes such a fuss about.

Um, I'm more worried about the comments in this thread than the list. Noone is in anymore danger because of this list, not civilians and not undercover agents.

Look at the cryptome links. The first set of 116 names came from a publication of Lyndon H. LaRouche, Jr. His publications have a lot of humor value, but nothing more.

The second and third lists are from a usenet group. Usenet, you know, the place where anyone can post anything. Another publication that only has value as humor.

The only legitimate source of names comes from a publicly available link to the U. K. government, but that is a list of all overseas government personel, not spies.

So, no spies are at risk.

And no civilians, either. Anyone who acts on this list is stupid. We already have the risk of stupid people acting on weak pretense anyway. There are thousands of fake lists like this one. Names appreaing on this list are also on other lists stupid people could act on. One additional list added to thousands of others increases a civilians risk only slightly.

The people who share names with people on the cryptome list are at a greater risk of spam mail than anything else.

>>"If this guy is a Brit, then he is a traitor."

By that reasoning, if he is not a Brit, he is a national hero for his counterintelligence work
<<

Actually he's a New York architect (I've met him). Lots of his material is just posted 'as is' without assertions for its validity; a sort of scattershot sunshine approach.

He has in the past had hassles from the US govt for posting non classified but 'sensitive' documents and taking video of an NSA building from a public highway.

I think we need more folks like him (in different jurisdictions).

@wac -

"The point being missed here is that these agents identity was already compromised ... the intelligence agency is better off knowing the person's cover is blown"

You're absolutely right - if this list is true, it's good for the agency (and spy) to know.

Is it good for the spy's targets to know, too?

What some of the above posters seem to miss is the following, taken from the second list (the one published about ten days ago):

"HM Diplomatic Service Overseas Reference List, August 2005, which lists most of these persons and shows that their 2005 positions and stations match those listed here."

This is followed by two links to publicly accessible files on a webserver operated by the British government.

So how sensitive can this information really be if even the government itself is publishing it on the Internet?

There are four separate problems to consider.

* First problem: Is the list true?

The answer to this is, quite simply, that we do not know. Anyone can publish anything they like and claim that it's true; ultimately, the question boils down to the credibilty of the persons who make the claim. In this case, I personally have no reason to ascribe any credibility to these people, and many reasons to doubt that they were able to do what they said they did. Anyone who claims to have obtained such a closely-guarded list must offer extemely credible proof of this incredible claim -- and a simple narrative, combined with hand-waving, does not constitute proof.

* Second problem: Does the list endanger the names of the people on the list?

Absolutely. Although all members of Her Majesty's government are potential targets for terorists, designation as an operative of MI6 carries new dangers. Even though the terrorists may be skeptical of the identification, or (more likey) dismiss it outright, they can use the identification in two ways. (a) Terrorism directed against people on the list will be highly disruptive to the morale and functioning of Her Majesty's government. The act of terror will upset the usual calculations and perceptions of risk; all members on the list will suddenly find themselves to be particular targets. (b) The terrorists will use the listing to generate yet another series of spurious "explanations" for whatever atrocity they perpetrate.

* Third Problem: Is This Treason?

Certainly. The people who revealed this information are deliberately attempting to harm the UK -- this, regardless of whether the information is actually true or false, because the information is definitely harmfull in either case. Although the offense may not meet the criteria for a criminal charge of treason, treason it remains. Furthermore, although the people offering the information on the Internet are citizens of the US and not the UK, in my opinion their actions still meet the definition of treason. During WWII, a US citizen who revealed the plans of the UK to the Axis would have been comitting an act of treason. The UK is still an ally of the US, this in a time of active military operations worldwide.

* Fourth Problem: Is it Moral?

Simply because something is treasonous does not make it immoral; treason against a dictatorship is not only moral, in some cases, but ethically imperative in others. Is listing the names of MI6 agents a correct moral act?

In my opinion, most certainly not. The US suffered a massive terrorist attack, the UK likewise; good intelligence information is crucial to preventing the next round of attacks.

Gathering intelligence relies on secrecy, human intelligence, dilligent work, and placing the lives of agents at risk; you cannot simply Google to find your local neighborhood terrorist cell. The deliberate destruction of intelligence-gathering assets is utterly reprehensible; and since the intelligence would help protect those who attempt to destroy it, these acts of treason are so completely self-destructive that they border on outright lunacy.

It seems odd to me to claim that a citizen of one country, in that country, can commit "treason" in the eyes of another country. I don't buy "in this time of active military operations worldwide"; there probably hasn't been a time in world history when there were no active military operations somewhere in the world. And it seems especially odd in a world where the U.S. collects and rejects allies at a moment's notice, depending on their foreign policy whims.

"Treason," to me, is a specific crime of turning against your own country. If I spy on the British Government, I am a spy -- I am not committing treason.

@ DarkFire

"anyone who personally disagrees with the objectives of a certain option would be able to stop it dead in its tracks"

I think you're giving too much credit. A common threat to secretive operations can be anyone who is "unfamiliar and unprepared" to evaluate the objectives (the nature of limited exposure) and yet jumps at the chance to disagree based on the bit(s) they are exposed to.

@ csrster

"people I was at Cambridge with"

Good point, although I've heard they're actually recruited out of LSE now.

Bond. James Bond.

but not:

Bond, James Bond - MI6 Agent 007.

The trouble here isn't the disclosure of names (there are 118 J. Bonds living in London) but that the agent in question is probably working as a press secretary in a consulate somewhere, not fighting communists on the wing of an airplane.

Everybody knows this is how things work, but the question is always, "which ones?"

So, John Young makes this guessing job much easier, even if there are four Ian Jones'es working in any particular British embassy.

Now, the trick is John just assumes that their plots are vile. We know John doesn't really know what their plots are, otherwise he would have published that too.

Do the intelligence agencies do vile things? Yep.
Is that mostly what they do? Nope.
If it were uncovered that an intelligence agent is secretly collecting soil samples near a factory in the middle of Africa for analysis would that garner a story in the New York Times? Nope, that's the grunt work of intelligence, no story here.
Would the revelation of a vile thing get such a story? Yep.
So does the publicly available information skew highly in the direction of the vile? Yep.
Has John's opinion been manipulated? Yep.
Is this just politics? Probably.

Interesting to note that "MI6 is attempting to persuade Hamas to renounce violence and enter negotiations with Israel".

Israel, of course, objects to MI6 establishing diplomatic relations (not exactly espionage, it seems) with a group that Israel considers a terrorist organization. However, based on their USSR work, MI6 relations with Hamas could primarily be a process of infiltration. But that makes it even stranger that the story ended up in the news:
http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2005/08/21/wmid121.xml&sSheet=/news/2005/08/21/ixnewstop.html

Someone also just pointed out to me that the new head of MI6, John Scarlett, is extremely well known from his testimony in the Hutton Inquiry -- related to the death of weapons expert David Kelly. Scarlett is certainly far more exposed to the public than his virtually unknown and invisible predecessor. Is this a sign of the times?
http://news.bbc.co.uk/2/hi/uk_news/politics/3689779.stm

"Mr Scarlett, who will be the first head of MI6 to be pictured in the media"

And speaking of MI6 exposures, a former spy (Richard Tomlinson) published a book and and posted the story of his experiences online, clearly in spite of objections from the agency:

http://www.antioffline.com/bigbreach/bigbreach.html

> A populace that promptly votes out of
> office any politician that appropriates
> funds for spy organizations

This would require a special vote for "none",
which would dismantle the government
if it gets "elected".
As it stands, you can vote for any of the
parties that would do more or less of the
same things anyway, just with slightly
different priorities.
Funny that, that you have the choice,
but you don't have it.

@Davi Ottenheimer

"Good point, although I've heard they're actually recruited out of LSE now."

It might be worth me introducing you to a more common British trait here. It's called sarcasm.

@ Mike

That's funny and ironic. I WAS being sarcastic.

Two points: (1) in this day and age it should be obvious that we can not trust the government and (2) to the extent this is "treason" the Bush adminstration is equally guilty with respect to CIA's Valerie Plame.

Regarding (1) above, perhaps it is not "obvious" that we can not trust government as we rely on the media to report.

Should anyone reading this think that the government is trust worthy, I would suggest searching the internet for detailed information about US crimes at Abu Ghraib with respect to the on going cover-up and denial of responsibility.

The fact that this egregious violation of international law has been assigned to a handful of non-commissioned reservists without trial defies any reasonable application of intelligence.

To the extent that the American public is oblivious to this absurdity, we should be seriously afraid of our own society.

Regarding (2) above, this web page explicitly details 21 top Bush adminstration officials who are directly associated with the "treason" committed when they exposed the idenity of CIA agent Valerie Plame:

http://www.thinkprogress.org/leak-scandal

scosol:
RE:"Just like the publishing of computer system exploits, full disclosure forces the source of the compromised data to deal with the problem so it doesn't happen again. IE: the real problem here is that these lists were able to be compiled at all, not that John Young (however misguided he may be) chooses to publish them."

Exactly! The only security benifit as such is that a weakness in the system has been highlighted.
The disadvantages then are the obvious privacy/security implications for those on the list.

This entire issue has to me raised a fundamental problem about media reporting of goivernment activities: lack of oversight.

Take this for one example. In my job if I carry out clandestine survellence on a target without any supporting intelligence that suggests that person is doing anything illegal, or without the propper authorisations & paperwork, collateral human rights impact assessments etc. etc, it costs me my job. No questions asked. Plus I can be liable in all sorts of other criminal & civil matters.

However, if a newspaper, nightly news channel or some individual with a web page & an axe to grind posts a load of information on the web, who are they responsible to? Their readers - hardly. If this were true no one would by tabloid papers or other such pointless sensationalist rags.

Media personalities so often trumpet theirselves as the guardians of free speech / freedom / civil liberties etc. In general the editors are solely interested in what they are able to publish in order to sell copies / air time or whatever. They are never interested in stopping for a moment to think whether they SHOULD publish something.

Of course, the D-notice system exists to prevent the publication of any material harmful to national security, but in this day & age of instant on-line news, how effective are they? Not very.

I watched a TV programe a few years ago which featured some woman who ranted on about the radar site at RAF Fylingdales being a "secret nuclear base" where aliens are being stored! to be sure, this is an extreme example, but sometimes I strenuously object to the fact that the media and individuals have no thought for the responsibility that should come with the freedom to publish information that they hold.

End of rant...

I am not a citizen of UK, therefore I cannot expect british government agents to act in my interest except by lucky coincidence.
The more I know, the more adequate my responses to the surrounding world become, so I welcome any information that discloses secrets held by anyone who is not acting in my interest.
In short, they're not my agents, so I prefer that they fail at whatever they try to accomplish secretly.

When you are walking in a town center next time, look at the People, of all diffreant faiths, relions and race, living there lives, yet vunrable to the threat of terrisom.
If anyone thinks for one minute that exposing a persons identity who serves his/her country, and puts there lives on the line is a good idea, is as bad as the terroists!!! Wake up we are facing a new enemy.