Schneier on Security
A blog covering security and security technology.
« U.S. Power Grid Hacked, Everyone Panic! |
| Friday Squid Blogging: Squid Cartoon »
April 10, 2009
How Not to Carry Around Secret Documents
Here's a tip: when walking around in public with secret government documents, put them in an envelope.
A huge MI5 and police counterterrorist operation against al-Qaeda suspects had to be brought forward at short notice last night after Scotland Yard's counter-terrorism chief accidentally revealed a briefing document.
The operation was nearly blown when Assistant Commissioner Bob Quick walked up Downing Street holding a document marked "secret" with highly sensitive operational details visible to photographers.
The document, carried under his arm, revealed how many terrorist suspects were to be arrested, in which cities across the North West. It revealed that armed members of the Greater Manchester Police would force entry into a number of homes. The operation's secret code headed the list of action that was to take place.
Now the debate begins about whether he was just stupid, or very very stupid:
Opposition MPs criticised Mr Quick, with the Liberal Democrats describing him as "accident prone" and the Conservatives condemning his "very alarming" lapse of judgement.
But former Labour Mayor of London Ken Livingstone said it would be wrong for such an experienced officer to resign "for holding a piece of paper the wrong way".
It wasn't just a piece of paper. It was a secret piece of paper. (Here's the best blow-up of the picture. And surely these people have procedures for transporting classified material. That's what the mistake was: not following proper procedure.
Posted on April 10, 2009 at 7:06 AM
• 72 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Indeed a moronic act, but it's human and it happens. It happens though. I recall a few years back, a little after the "war" in Iraq began, classified documents were left I believe in a Starbucks in the beltway area. People are human and errors occur. Statistically though, this is a rare occurrence (fumbles like this). Now if only I can work on getting a 160,000 pension after negligently disclosing secret information, I'd be a happy camper.
It seems to me this shows the need to ban more photography.
How many other forms of speech should we also ban?
Though with something like this, maybe the GB gov should have a bunch of people walking around with sheets of paper labeled "SECRET". Sounds like great counter intelligence.
@Gary - they're already trying that one, thanks. Don't encourage the buggers.
sil, correct me if I'm wrong, but I believe it was in fact a war, not a "war".
I agree -- and add that more surveillance cameras would have caught the terrorist photographers who took these pictures.
Well, the resignation of a senior official over a major mistake is refreshing, anyway. Wish that were a tradition of governance in the US as well.
This is not about procedures. It's simply about common sense; he was the Assistant Commissioner, not just a clerk!
That's just ridiculous, Gary. We just need to mandate that only government-approved photographers can use SLRs. Everyone else can use cameraphones. More than 2 megapixels = terrorist tool.
We've already got poster campaigns exhorting us to report people who look at CCTV cameras, so I don't see that anyone could consider such a move controversial. :-)
Not only should we ban photography, we should also ban newspapers and blogs.
I would hate to think US politicians might become more resigned to major mistakes than they already are.
No way should they ban photographs! The simple and logical solution is that they keep top secret papers covered or better yet, contained inside a locked briefcase. They shouldn't just carry them around under their arm. That behavior is incredibly stupid and very cavalier with secret government documents.
And what makes this stupid mistake so much worse is that Steve Back, the photographer who took the picture of Bob Quick's briefing note, had tried to warn the Government before that photographers were able to read top secret papers when people go through the door of 10 Downing Street:
What puts this in the very stupid category is that the same thing has happened before. In May 2008 the housing minister had her briefing documents photographed as she was walking into Downing Street:
Stop beating up Gary. It's called sarcasm, people.
It's hardly surprising this sort of thing happens, though I think once upon a time the photographers involved would have quietly slid the negatives into a not-for-distribution folder and nobody would have been none-the-wiser. More to the point, there is clearly a culture of complacency with regard to this kind of material within the upper circles of Whitehall and the security organisations. Who walks around with sensitive papers flying around loose to start with? The details of this case are politically complex, as this is the same chap who ordered the raiding of MP's offices in an investigation into parliamentary leaks.
Hmm, I thought the people responding to Gary had recognised the sarcasm and were responding in kind (I know I was).
Shame it's so hard to tell these days...
he even runs a limo service - from his home no less - and his home address can be obtained from the Yellow Pages - how's that for Security-conscious?
We're talking Genius here
I think it is a weird kind of justice that this sort of thing happened in the country of surveillance cameras.
The section about the three operations jumps out at me.
Two of the operations are described simply as "Dynamic entry - firearms."
The third, though, begins with "Unarmed Entry," followed by an explanation.
This illustrates the modern law enforcement mind-set: Your most extreme option is the default, and you'd better be prepared to explain yourself if you call for anything less.
Amazing how clear the photo is; I have a hard time taking a legible picture of documents on my desk. Evidently I need a better camera...
If that happened in the US to some mid level govt contractor employee, they would have their clearance revoked. I am not sure why a high level employee should be any different. If anything, they should have higher standards. They are likely working on the most sensitive of material.
They should cover their secret papers with fake reports, just to mess with the media.
He entered 10 Downing Street by the front door. The only reason anybody used the front door is if they want to be photographed. There is a special area inside the heavily policed security area for accredited press photographers. They photograph everybody who arrives and leaves. Normal procedure is to use the Cabinet Office entrance (10 Downing Street looks like a small town house but is really a facade on a very large office complex, Wikipedia has a pretty detailed page on this).
The supposed motivation for this was that the picture was to be used to reinforce the image of the Prime Minister and Home Secretary having their "fingers on the pulse" of the Anti Terrorist process.
You can see from the document that this was an "intelligence lead" operation. So MI5 did the work of identifying the suspects and gave the package to the Police to allow them to break down doors and, etc. The UK Security Services don't have a very high opinion of the UK Police - you can see why.
The funniest part of the document is probably what reads at the very last line :
Media strategy has been ratified and is "
At least we can still "judge the quick and the dead." :)
Easy solution: put generic cover sheets on all secret documents. Office Space had it right.
Dom Portwood: Ah! Yeah. It's just we're putting new cover sheets on all the [top secret] TPS reports before they go out now. So if you could go ahead and try to remember to do that from now on, that'd be great. All right!
I agree wholeheartedly that this was a stupid mistake by Mr. Quick. It should never have happened. Most articles mention the fact that because of this, the "strike" had to be carried out earlier than planned. HOWEVER, of all the articles I've read about this from all the various reporting agencies and news channels, NONE have called for any reponsibility or consequences to the reporters/news stations/photographers for DISSEMINATING these photographs.
No, the information should not have had the chance to be stolen, but those that did steal it showed no responsibility whatsoever when deciding to release it. Had the waited a few hours until the operation was over, then released it, they could have cause just as much of a stir and embarrassment for Mr. Quick without ruining the operational plans.
Shame on the media for this!! Just as much as for Mr. Quick!!
"sil, correct me if I'm wrong, but I believe it was in fact a war, not a "war"."
Actually, it was a war, not a "war", if you consider Chuck Norris beating up some doddering old fart, no matter how evil, to be a fight not a "fight".
I can haz S3cr3t
make one feel so important
The next version of the terrorism suspect list contained the names of of various photographers and the dates and times they were to be rounded up and sent to Libya for torture.
The photographers, wisely, left the country when they were able to snap photos of the document carried exactly this way.
In the US, we have these amazing, high-tech things called "cover sheets" that go on top of classified documents.
Through the miracle of advanced physics, these "cover sheets" managed to block incoming photons from bouncing off classified documents and thence being detected by advanced photographic equipment.
It's really quite something. For a modest speaking fee (and travel expenses, of course), I'd be glad to come over to the UK and give a demonstration.
@Jake: Agree. Lower level employees and contractors would lose their clearance or get shown the door. Reminds me of John Deutch... and back when Deutch was the Dep SECDEF, he was the signatory on an earlier version of the NISPOM, the document that dictates the rules for safeguarding classified information in industry, yet he had classified data residing on his unclassified laptop PCs at his personal residence.
Instead of losing his clearance, he gets a Presidential pardon and two years later he gets a seat on the Board at Raytheon!
Geez. Ban paper already.
Whatever happened to the paperless office anyway?
That should have been just an electronic message on his portable device. And by electronic message, I don't necessarily mean written. Cast then secure wipe.
I find it difficult to think that anyone would declare that he should not be fired. It's basic accountability.
He was trusted with secret documents. He made the documents public. Yes, it was in error. So what? He fscked up. It's about time someone gets fired or resigns because they fscked up. If only bank, auto and insurance company execs in the states (and elsewhere) would do the same.
He should have quit. He did. It's good.
The gov't did issue a gag order (there's a special name for it that I cannot remember), but that would only apply to photographers that are citizens of the UK, not other photographers that are citizens of other nations. It's also unreasonable to expect another photographer from another country to heed any kind of gag order. Any kind of $EVILDOER would immediately get their information off to the parties interested as soon as possible.
They should not allow secret documents to leave the offices. Once they do, they are out of your control. I seem to recall a situation where a U.S. government official accidentally left top secret documents on the subway. Its easy to do, the only way to stop it is to not allow this sort of stuff to go offsite. If employees need to work with these documents from home, have them vpn/remote into the network and view them, but disallow copies stored on their hard drives.
I haven't yet seen a timeline regarding the dissemination of the documents. I haven't yet seen any accusations that the press actually disclosed the contents of the document before the raids happened.
The impression I had was that the documents were photographed by an unknown number of untrustworthy people, who then offered them to whomever one offers photographs to. The best photo linked was from a freelancer. I don't know for certain how this works, but I'd guess that freelancers send photos to multiple newspapers quickly.
It's quite possible that photos were sent out by people who didn't realize that the documents were legible.
Point is, no matter what, they needed to assume that the wrong people had the documents.
Anonymous said, "sil, correct me if I'm wrong, but I believe it was in fact a war, not a "war"."
Anon, since you claim it was in fact a war, not a "war", I'm sure you'll be able to direct us to the Declaration of War that passed both houses of Congress. Not holding my breath while waiting.
For those of us in the real world, a "war" would be when there's been a Declaration of War, but no shooting goes on. A war is when countries shoot at each other, whether or not the legal niceties have occurred.
Aka, if someone is convicted of murder, but in fact no one was killed, that would be a "murder", while if someone was killed intentionally and outside of legal authorizations, that would be a murder whether or not a conviction has occurred.
Didn't Monty Python have a skit on "How not to be seen"? But this could also be "Ministry of Silly Walks". (Or maybe Silly Ministry Walks...)
This would have been so easily solved by a piece of technology called a "file folder."
It could have even been labelled "TOP SECRET: Operation Pathway", and having photos of that wouldn't have necessarily forced any changes to the operation.
I once wrote the initial test for Canada's CSE (Communications Security Establishment), our equivalent to the NSA. The pay was pretty crummy, at the time, and it would have been "much secrecy over not-so-exciting things," so I never pursued that.
The interesting bit was that during my visit, they had a red light flashing throughout the area I was in. Afterwards, I asked the nice security guy outside if there was anything I should know about the flashing light. He explained that it was on because, since I was there, as an uncleared person, the floor was deemed insecure, and people were required to cover up sensitive material. A simple and effective protocol.
We kind of expect "high security" to involve James-Bondish equipment and protocols. That particular experience impressed on me that a lot of security can and should be arrived at via relatively cheap and mundane means.
Fifteen years later, it is quite clear that there are some high officials who need to understand that sort of thing!
"The gov't did issue a gag order (there's a special name for it that I cannot remember)"
It's called a D-Notice.
They are not "orders" but advisories, usually about things that are covered by either DORA or OSA, so a prosecution would follow if either applied. Back in the 1980's the D-Notice got tarnished by the Thatcher Gov for trying to cover up things that where most definatly "of public interest" and would (probably) not have been covered by DORA or OSA but would still have been politicaly embarasing.
As I understand it the photographers involved informed the "authorities" and a few polite phone calls later to editors they collectivly agreed to keep quite while the raids where carried out and then went to press.
I posted to one of Bruces pages about 'Bob "the blunder" Quick' and his mistake,
Because I could not belive it (and still don't).
He got the "nick name" (based on "Bob the builder" song) after it was revealed his wife was operating a limo service. (supposadly according to one story it came to light due to some young ladies of negoitiable virtue used the service to provide a quick service ;)
He was(/is) a popular officer and had a reputation of being good at what he did. Perhaps he was to "focused" on the job like an "absent minded Prof".
@Christopher Browne: A friend of mine got a bad headache when working on a computer problem at CIA headquarters. Everywhere he went, they turned the flashing lights on.
Kangaroo, it's a rathole in the present context but Tom is definitely correct. In a country that prides - almost defines - itself as being ruled by laws, not whims, a state of war exists when it has been legally declared. Your analogy is worthless, because a murder is a crime and a breach of law, whereas a war is the use of force in accordance with national laws.
I find Ken Livingstone's statement to be the most disturbing detail of the whole matter. There are reasonable, well-meaning people who might make such a mistake, and there are reasonable, well-meaning people who get such things right every time. For this sort of job, one removes any member of the former group any time one identifies them -- it's not about punishment, it's about having the right people in sensitive jobs. The former mayor of a major metropolitan area saying it's not necessary to make this sort of distinction, makes me wonder about everyone he might have hired, and everyone they might have hired, and so on.
If this was a staged incident gone wrong, where a 'getting things done' photo-op was given an inappropriate piece of set dressing, that just means there should be more resignations.
The housing minister wasn't the first either; Tony Blair was photographed carrying a leather folder of notes, with clearly visible tags showing different subjects, on his way from No.10 to the Commons for Prime Minister's Questions.
Mistakes happen in trying times.
Perhaps SECRET is too low of a classification to expect people to follow security procedures?
If one see too many needless things as SECRET it loses all accords.
Perhaps a movie plot scenario is in order, guy must leak data or else...
Losing experienced operators like this is not good.
I am vastly amused. Obviously the Brits are protecting another source by having an accidental 'leak', and are being rather too clumsy and obvious about it. They know about cover sheets, classifications, folders, flash paper and other basics.
If this were a national intelligence matter, I'd bite my tongue, but I don't mind every terrorist in the world suspecting every other terrorist of being a police spy.
I wonder what the guy _really_ did to be volunteered to take the fall. At the higher levels of this business, you sacrifice not your life but your reputation and your place in history. This guy will always be "the idiot with the SECRET document." That's a big sacrifice, and I hope he's vindicated about 25 years from now.
@ Christopher Browne,
"The interesting bit was that during my visit, they had a red light flashing throughout the area I was in."
I've been to one or two establishments like that either as a guest or for designing / installing / maintaining systems.
In one the security guard walked in front of you pushing a device that looked a lot like a floor polishing machine with a pole on it with a flashing light on top. It also emitted an unplesant auditory alert as well. It made me feel like I was an "unclean" leper being taken through "clean society".
At another establishment I had to work "after hours" I was escorted into a room which had two unhappy looking blokes sitting there giving me the hairy eyeball. The reason was that they had to go around and cover up a considerable amount of equipment with multiple layers of black hessian to stop me "seeing it". The place looked like a high tec funeral parlor. The joke of it was nobody had told them what I was supposed to be doing so they had covered up everything. A Keystone cops episode followed where they tried to work out what to do and how to go about it, during which I saw enough to identify 90% of the equipment types being used in the room.
For another place I had been issued with security clearence to quite a high level, unfortunatly they ruined it by puting the eqvivalent of "Not of our Nation" on it, which ment that I was supposed to be accompanied at all times (yup even in the toilet) by an impresively uniformed and armed "shadow". The problem being that yet again it was "out of hours" visiting and the areas I had to go into the "shadow" was not cleared to enter... Nor was I allowed to speak to them communication was via a "carbon copy" note book with numbered pages and appropriate security warnings in non pastal colours. They would take me to the "work area" where my pass would alow entry and the shadow would stand outside (no siting or slouching for them it would crease the uniform ;) To get anything or do anything outside the area would involve me writting a note on the pad, passing it outside the door where the shadow would take it go to the phone to check get clearance etc...
Belive me it's not just the low pay you have to put up with in these places it's having to develop a "them and us" attitude that would make the job of being the "night gaurdian" in a horror movie "Locked Psycho Killer Ward" look like normal social behaviour in comparison.
Mind you it can have it's compensations as one person long ago pointed out on this blog. As a senior sys admin he could send two very unplesant looking armed gentelmen with zero humor quotient to invite and escort unfortunate users to a dressing down in his office for minor rule transgressions. Thus ensuring that they did not forget the experiance and thereby hopefully learn not to do it again.
"This guy will always be "the idiot with the SECRET document." That's a big sacrifice, and I hope he's vindicated about 25 years from now."
If he was taking a deliberate fall then it was in the planning stage quite a while ago...
He has had one or two "blunders" in the past not just his wife advertising where they live via a well established limo hire business but ruffling feathers of various political parties etc. (The search of an MP's office without a warrant for a misdimenor in public office from under his command. Which supposadly caused fellow party MP's to accuse him of political bias and being in Labour's pocket. The apparent leaking of old info about his wife's business which he then accused the "Conservatives" of deliberatly leaking).
Remember he did give up the job as Chief Constable of Surrey to do the job he has just resigned from and his previous jobs indicate a man of great discretion and honesty, which does give rise to the question of why this has all happened of late especialy his out of charecter behaviour.
Some background for you.
First of if you google around you will find articals about a RAF Chinook (2) helicopter that flew into the Mull of Kintyre on the 21st May 94. It was carrying a large number of senior UK anti terrorist people to a secret confrence and unfortunatly killed all onboard.
This happened a short while before a fairly major shake up in Intel/Policing responsabilities in the UK.
Historicaly the Intel community have had a dim view of the "plod" / "flat foots" due to the behaviour of the old "Special Branch" amongst others.
However they Intel community would not "sully their lilly white hands" in such things as international organised crime and domestic terrorism. Both of which where on the up and coming serious threat list a quater of a century ago.
This was obviously an unsustainable situation which ment that the "boys in blue" had to develop their own Intel organisations and had a very significant learning curve to get up (which might account for why the Special Branch got the bad rap).
Thus the initialy inept steping on the toes of the likes of "MI6" and "MI5" gave the Intel community plenty of excuses to politicaly keep the Police on the end of a sharp stick. However the powers that be insisted on more of the Intel work cake being passed over.
Despite the pragmatic behaviour of the likes of Dame Stella Rimington DG of MI5 untill 96 (and now author). The turff war is still in progress and although not realy publicly visable is still vigorusly happening from certain of the "old gaurd" Intel community.
Two of those who have been portraied as "old guard" where the predecessors to the current "C" of SiS (MI6 or more simply "the service") Sir John Scarlett. Sir David Spedding and Sir Richard Dearlove who covered the ten years 94-04.
However this is a little unjust as significant changes where under way as MI6 reorganised it's self into the post cold war world and the conections between international organised crime, non domestic terrorism and national security where starting to become apparent to the public and thus politicians.
Sir John Scarlett is perhaps most well known for his involvment with the cleaque in 10 Downing St and the "dodgy dosier". Many felt and still feel he tarnished the services reputation for political independance irepairably, and was given the top job as payment for services rendered to the Blair cleque.
It is therfore interesting to note that the person who has replaced Bob Quick is the same person who was incharge of the "cash for questions / honours" investigation which brought down Tony Blairs close friend and confident as well as the Labour Party's chief fundraiser Lord Levy in 2007.
It has been sugested that the selection of Bob Quick's replacment is an apeasment to the Conservatives and their London Mayor Boris Johnson.
However this unfortunatly misses the point that John Yates is thought to be one of the most able (both in ability and politicaly) police officers in the country and is viewed to being on his way to the top job and attendant Knighthood.
There are two suggestions that have come up,
1, It is a political manovering campaign between the two main parties that Bob Quick has inadvertantly become an unavoidable victim of. And the same one that has previously claimed the scalp of the Mets previous chief Sir Ian Blair.
2, He is being made "invisable" to do an "oh so secret" job.
3, He did it to keep the G20 death out of the news headlines for the sake of the Met and No 10.
4, He has just had enough due to those who he has served putting his family in danger for the sake of political point scoring.
What ever the reason is he is a man of considerable ability and honesty and well liked by those who have served with and under him. He has survived other ups and downs with descretion and tact which makes the whole thing a bit odd.
Perhaps keeping an eye on his future will reveal more tangable information.
Wow, isn't that interesting: (from the blown up photo) THEIR documents have black bars on the text too!
"high level officials should know better"
In what universe? Ive seen more breeches due to officers, high level officials than Ive seen from clerks. Scooter libby and the plame affair, the CG CKO tipping NYc buds about threat levels. The former had very powerful patrons the latter did lose his clearance. "it's not a crime when the president does it." (or vice?) Didn't Roosevelte lose access to purple before pearle harbor?
Jesus, you people need a humor transplant.
I just wanted to say, thanks for the best blow-up. When the story broke, I thought, "Come on! How much could you see in a photo of a document?" Quite a lot, it would seem.
Whilst the full details of 'proper procedure' are not in the public domain, it's worth noting that the UK Government's overarching Security Policy Framework, which supersedes the earlier (classified) Manual of Protective Security, is in the public domain. See: http://www.cabinetoffice.gov.uk/spf.aspx.
Given the potentially severe legal consequence of non-compliance, it's fairly obvious that someone such as Bob Quick who has a previously unblemished character and who has devoted himself to public service would not have deliberately put himself in breach of published policy.
The DoD policy for "double wrapping" classified documents when being carried between secure spaces (that includes anywhere outside of a security perimeter with locks, gates and guns) has little to do with foiling determined attackers who can break open the bags or rubber hose the couriers. The real reason for the policy is to counteract the inevitable human forgetfulness so when the documents are left in the personal vehicle, in a restaurant or dropped in the parking lot they aren't just out and loose. A double locked bag keeps the 99% of the honest public honest and serves as a check on random inattention.
I agree that something is suspicious about this. Its hard to HAVE a classified document without it coming to you with proper cover sheets.
As for the "paperless office" sugestion, the rules for handling classified media change SNAIL slow (I'm amazed some of DoD's policies don't come from Washington's era, to be honest). Thus the handling of paper is infinity simpler than the handling of electronic data, which is constantly viewed with suspicion.
There are labs out there which don't allow cd PLAYERS out of fear of leaks.
Anyone else find it interesting that security people are constantly defouling "Security Through Obscurity," but all of our national secrets are truly maintained through that tool?
Carlo Graziani wrote:
"Well, the resignation of a senior official over a major mistake is refreshing, anyway. Wish that were a tradition of governance in the US as well."
"I wonder what the guy _really_ did to be volunteered to take the fall. At the higher levels of this business, you sacrifice not your life but your reputation and your place in history. This guy will always be "the idiot with the SECRET document." That's a big sacrifice, and I hope he's vindicated about 25 years from now."
Jacqui Smith, the Home Secreatry (ultimately resposible for domestic security, and therefore Bob Quick's boss) was in political trouble over expense claims. She had "inadvertantly" claimed for two pay-per-view "adult" movies watched by he husband on her broadband subscription, and also other claims for her London living expenses (her constituaency is "up North", as we say) [ http://news.bbc.co.uk/1/hi/uk_politics/... ]. Bob Quick's faux pas could not have been better timed to show her "acting tough" in "accepting his resignation" (i.e. asking to jump before he was pushed) and therefore deflecting media attention away from her problems.... Or am I being too cynical... ?
@RH: Its not "security through obscurity" that you're describing. Its more like "security through careful access control".
"Obscurity" is when the data is out there for anybody to see, and we're relying on a non-obvious encoding or something to prevent them from noticing it. If Bob Quick deliberately left the document uncovered (thinking it was just a quick trip or whatever), then he may have been relying on obscurity; but (a) it seems unlikely that he would deliberately violate the policies for handling of secret material, and (b) he must have known that he would be photographed if he entered 10 Downing st. by that entrance. So it looks like a stupid mistake by Bob Quick that broke their security in this case, rather than bad policy.
Very interesting story and remarks. I thought perhaps government life was imitating satiric art again, having read of this sort of thing before in Americas Finest News Source
A magician's most effective tool is misdirection. Unfortunately, the vast majority of posters, and apparently even Mr. Schneier himself have fallen for it in this case.
It is rather absurd to me that an experienced, high-level official would be caught
1) entering the *front door* of 10 Downing St, while
2) carrying an obviously labeled SECRET document
3) right in front of a spot known to be used by photographers with high-quality cameras.
So please people, get a grip. You are too busy watching the magician's pretty assistant to notice what the magician's hands are doing.
Part of me commends Bob Quick for finding an alternative way of disseminating information; more exciting than the usual British government methods of leaving them on a train or downloading all the info to disc and then losing it in the post.
It is entirely correct that Quick should resign from the anti-terrorist post he was in. However, I don't see that it is necessary that he retire from the police force entirely: the skills that he apparently has might well be employed in a role less in the public eye. Apparently he used to be a county Chief Constable: he could go back to that. Or run an anti-mob unit, or a commercial fraud unit or something similar.
I can not think of a worse strategy for security than to punish this guy. Unless there is evidence showing that he did this maliciously, it needs to be treated as an honest mistake.
When I was in the Air Force as a young officer, I had a safe in my office rated to Secret. In my unit, it was considered acceptable procedure to place confidential files/documents in a desk drawer if you had visitors that weren't cleared to see the documents in your office, but if you left the office, you had to return the documents to the safe.
Now, you can imagine what happens next. One day I put away a classified file in my desk drawer whilst a technician came by to fix a wiring problem in the office. 3 hours later, I had forgotten about that file, and went home for the evening, and as it happens, the weekend. Ooops!
Now, here's the problem with punishment. Monday morning, I come in, I open the drawer, and discover the pink folder lurking there. Now, I had two choices: quietly put the file away in the drawer and never speak of it, hoping that the bad guys haven't noticed the lapse and broken into my office to read said file over the weekend - obviously the advantage to this solution is that I'll won't be punished.
The other choice is to report the lapse. If I do this, the government can take action to protect itself from the incident - forewarned is fore-armed. But, of course intelligence agencies like to punish people for human errors in handling of classified documents, so I had a direct motivation to say nothing. I hesitated for over 30 mins before reporting the breach in security. I was subsequently dragged over the coals. Someone else would not have made that choice, they would have kept quiet. Any security system that relies on people to fall on their sword for making an honest error will fail, repeatedly, and you may never even know that it has failed.
I was walking out of Fort Meade once with someone who was mistakenly carrying a classified document outside of an envelope. One of the guards spotted the banner on the paper, sticking out from between the pages of a book. Needless to say, it was immediately caught and corrected.
The person who made this mistake was noticeably shaken by it and sobbing softly afterwards. So I think they took it pretty seriously.
The document didn't contain anything remotely related to military operations and was mainly classified simply because it was procedurally easier to have it that way.
(It was declassified the next day when I explained that I had to *see* the requirements in order to certify that our product met them.)
Oh noes! My camera is at five times your proposed legal limit!
Also: How to deal with those pesky film cameras?
@Andrew: Successful terrorists already do.
I just realized there's an awful log of blog-estate between Andrew's comment and mine, so heres what I was responding to: "...If this were a national intelligence matter, I'd bite my tongue, but I don't mind every terrorist in the world suspecting every other terrorist of being a police spy."
Successful terrorists already do.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.