Leaked CIA Documents

I haven't seen much press mention about the leaked CIA documents that have appeared on WikiLeaks this month.

There are three:

These documents are more general than what we've seen from Snowden, but -- assuming they're real -- these are still national-security leaks. You'd think there would be more news about this, and more reaction from the US government.

Posted on December 29, 2014 at 6:22 AM • 28 Comments


Jorge TolengoDecember 29, 2014 7:03 AM

No me parece correcto que en un blog de seguridad se divulgue contenido de carácter confidencial (aunque sea solo enlazando), por más de que sea de un organismo gubernamental.

Creo seriamente que la divulgación de información confidencial de forma no autorizada no solo puede constituir un delito sino también una mala práctica.

Si esos documentos fueran de una empresa que deberíamos proteger ¿cómo actuaríamos?

SoWhatDidYouExpectDecember 29, 2014 7:07 AM

Once again, stuff they may want you to see to distract from stuff they don't want you to pay any attention to (like the torture report). A red herring...

Thanks BruceDecember 29, 2014 7:46 AM

Thank you once again for keeping us informed, Bruce. To @Betelgeuse, both of those documents are on the same page. What a year!

QDecember 29, 2014 7:49 AM

Perhaps the lack of attention is a result of a release approach finally backfiring. There are so many documents which have been leaked over such a long period of time that many Americans have become acclimatized to the drip, drip, drip and have now accepted that this is their government with a shrug of their shoulders.

Jan DoggenDecember 29, 2014 9:06 AM

And this is marked 'secret'???? I just scanned the secondary screening document and it is just a collection of intelligence 'facts' that anyone can notice or think of. The only 'news' value of the document is that a number of those facts are now brought together in one document. It would give someone wanting to avoid attraction a limited (definitely not exhaustive) list of thinks to check off.

AnontinaDecember 29, 2014 10:42 AM

The stuff that scares me the most is the MKULTRA type of thing that Clinton declassified. This dates back to when J. Edgar Hoover was likely in charge of all the country with all of his elaborate blackmailing and eavesdropping techniques. The CIA ran all kinds of wonderful mind control experiments including subjects under the influence of LSD being exposed to God knows whatever, of course that drug became publically popular later. If you're a coder then you might say there are a great many "code smells" in history and what "they" have been up to.

El AuraDecember 29, 2014 10:59 AM

There is a typo in the name of the European border control area: It should read 'Schengen Area' with a 'c', as it was named after the town Schengen in which the treaty governing it was signed/negotiated.

shank_steakDecember 29, 2014 12:28 PM

This is pretty rich material. It can be used to corroborate other material to get a bigger picture of the depth/methods of domestic surveillance.

PDF page 5: Pre-Arrival Screening

Countries requiring advance
passenger information include...[many]. PNR
information comes from airline reservation
systems and contains personal information
such as credit card number, e-mail address,
and seating preference.

Good thing there is no domestic spying program to plug that travel information into for a complete record of a law abiding individual's every activity.

g59h7g8h4h7December 29, 2014 1:22 PM

Maybe it's because anyone who been on a international flight at least once already knows 3/4 of the contents?

I'd be surprised if these docs were not in relatively low-security environments..

Coyne TibbetsDecember 29, 2014 5:04 PM

@Q, "...many Americans have become acclimatized to the drip, drip, drip..."

You know the common joke about someone who notices a dripping ceiling, just before it collapses, releasing a flood?

Well, CIA might be keeping it to a drip now, but there's a lot of us quite sure there is a flood of bad news feeding the drip. (If it was good news, they wouldn't be dripping.)

goodintentDecember 29, 2014 6:32 PM

@Jorge Tolengo

aside from protecting it's country, this governmental organism is known for staging coups on democratic governments, drug running, and other not-so-nice things.

Dirk PraetDecember 29, 2014 6:57 PM

@ Jorge Tolengo

Er, Jorge, you may wish to comment in English on this blog. I do understand Spanish, but many other folks don't and may mistake you for a spammer or a troll.

wumpusDecember 30, 2014 8:20 AM

@Jan Doggen
It is marked "secret" because it is unlikely the CIA can create documents with any lower classification*. "Secret" clearances are pretty easy to get and nothing like the issues with "top secret" (and above). Note that the NSA was willing to hand "top secret" information by the terabyte to sysadmins like Snowden without any thought: don't expect "secret" information to require any protection at all.

There was a washingtonpost series covering the explosion of various classified levels of data after 9/11 (and presumably the "need" to share it with everyone and his brother) a year or two ago (lots of job ads in the Washington DC area include "current top secret with poly clearance"), it might still be online.

* any lower classification won't require a clearance, but might be restricted to US citizens or limit publication. I suspect that employees are graded on how secret the data the produce are as well as the volume, thus encouraging anything that can be top secret or higher to be so.

WhateverDecember 30, 2014 9:50 AM

shank_steak: No, this is shite, and who ever classified this as secret should get his/her head examined.

wumpus: How about CONFIDENTIAL? Or just FOUO? The truth is probably something more simple like a new hire getting all excited about the job.

NetoDecember 30, 2014 10:58 AM

@Jorge Tolengo: (reply in spanish, below, translation)

Primero de todo, sería ideal utilizar el idioma inglés en un blog en inglés.

Como llegaste a este blog? Porque Bruce Schneier viene haciendo esto hace años.

El contenido "confidencial" que se divulga

a) Ya está en el dominio público por lo que compartirlo o escribir acerca de el (periodismo) no representa amenaza adicional alguna.

b) El contenido generalmente demuestra que los gobiernos están cometiendo actos ilegales o amorales muchas veces mintiéndole a los ciudadanos que deberían ser los que deciden como opera el gobierno y no al revés.

> Si esos documentos fueran de una empresa que deberíamos proteger ¿cómo actuaríamos?

Esto es una falacia. El gobierno no es una empresa. Les compete a todos y afecta a todos y además, si una empresa hiciese algo ilegal estaría justificada la denuncia y exposición de crímenes.

(The guy basically criticized linking to "confidential" content even if it's a gov organization). Then said it was a crime and a bad practice and used the fallacy of "what would you do if it was a company you had to protect?)

First, speak English please.

I basically answered that Schneider has been doing this for years and how did he come to this blog if he didn't know that.

a) it's already out there and this is journalism. It's not really a further threat.

b) The content often shows illegal activities by the government. People should be able to decide how the government operates, not the other way around.

Re: the fallacy: Gov is not a company. It affects everyone and, furthermore, if a company did something illegal one would be justified to denounce it and expose their crimes.

shank_steakDecember 30, 2014 1:15 PM


Of course they are going to label something with some usefulness to someone, somewhere, Top Secret. They do the commercial equivalent at big IT shops too.

They would seriously consider classifying the coffee grounds from the commissary as Top Secret.

AdjuvantDecember 30, 2014 2:50 PM

Shall we begin taking bets as to whether Jorge is an irritated Chilean immigration official?

GreenSquirrelDecember 31, 2014 3:50 AM

I am a bit confused as to what their guidance is on selecting the classification for each paragraph.

For example:
"Referral to secondary screening can occur if irregularities or questions arise during any stage of airport processing—immigration, customs, or security—and regardless of whether the traveler is arriving, in transit, or departing. Officials may also randomly select travelers. The resulting secondary screening can involve in-depth and lengthy questioning, intrusive searches of personal belongings, cross-checks against external databases, and collection of biometrics—all of which focus significant scrutiny on an operational traveler. (S//NF)"

I really fail to see how that is "secret" information and even if it was, what there is which should be restricted from foreign nationals.

Surely this is all public knowledge.

Clive RobinsonDecember 31, 2014 5:47 AM

@ Green Squirrel,

I really fail to see how that is "secret" information...

Think of it like the old communist block joke about two prisoners in the gulag and the youngesg one does not know why he's been given a life sentance of hard labour. The old hand asks him what happened, and the youngster says,

    There I was being sentanced for a parking violation because my bumper was half a centimeter over the line, the judge says two weeks, so I lean over to my lawyer and say "anyone can see this judge is an idiot" the next thing I know I wake up here.

The old boy smiles and says, "What other sentance is there for telling state secrets".

GreenSquirrelDecember 31, 2014 7:33 AM

@Clive - :-).

Looking over the HVT Ops document one interesting thing is that the measures of success are pretty dodgy.


"In Iraq, Jaysh Muhammad (JM) suffered a significant setback in late 2004 after British
forces captured the head of JM and his replacements in short succession, according to the Jordanian General Intelligence Directorate."

So, the value of this process is supported by vague reports by third party intelligence agencies with no obvious corroborating reporting.

Hmm. In a previous life, I'd have been beaten senseless by a senior desk officer for making a report with this sort of statement.

How significant? Why cant we notice the impact of the setbacks? How long were they set back for? Etc.

Oh how times change....

Clive RobinsonDecember 31, 2014 10:48 AM

@ GreenSquirrel,

Looking over the HVT Ops document one interesting thing is that the measures of success are pretty dodgy.

Yes and it's a significant "tell" as to the nature of the work being carried out.

To put not to fine a point on it, it's "makework for fiduciary gain".

Unlike in times past where the targets of intelligence were both credible and substantial, the majority of todays targets are more of a danger to themselves than others outside of small areas.

When you add in the change from intel gathering from "Salaried Officer" to "job based contractor", the issue of "pay by result" arises along with "wallpaper your 455" thinking to ensure the continued flow of money.

Thus it's in nobodies interest to reduce the scope of intel gathering, target investigation etc. The only requirment is to show --mainly-- meaningless results that show intangible reasons to continue or expand activities.

The problem with this is the haystack issue, adding more hay irrespective of the quality is not going to stop the danger of the needle, it's just going to make the searching resources less focused and thus less reliable. Arguably it's the reason that the likes of ISIS are what they have become, because the warning signals looked just like another myriad or so of warning signals.

As you are aware when intelligence operations are run properly they are in effect "risk based" as part of that there is an acceptance that you cannot stop everything. Unfortunately this is not what the politicos have promised, and thus the reason intel spending etc is now compleatly out of control and in effect devouring various nations economies, sadly the results of this devouring take time to work their way down the pipe line and thus will grossly overshoot before the issue becomes readily apparent to the public eye. By which time it will be like watching the meter in a taxi with no brakes running down the side of a mountain. You know how it's going to end and you also know it's to late to get out, however what you don't know is when or what the final cost will be, only that it is going to hurt a lot when it gets there.

bobDecember 31, 2014 11:33 AM

People keep talking about overclassifying stuff; or rather are amazed at how obvious and well-know stuff is that is marked (S) or (TS).

The root of the problem is this: people are interested in things that are unclassified as well as things that are classified on the same subject at the same time.

You dont want to have to correlate three different databases in your head, but you also cant store classified in an unclassified information store.

You CAN however elevate unclas info to a classified information store and so a lot of open-source material gets mixed in with secret stuff in order to be able to link it all together. And once in, its cursed, like level -4 armor in Rogue; the unclas info cant get back out without a huge amount of labor.

ProcopiusDecember 31, 2014 10:38 PM

When I was in the Air Force sixty years ago I spent a year as a low-level worker ant in SIGINT. I saw a fair amount of classified material, and felt that 95% of it was at least over classified, if not unworthy of classifications at all. I think there are several things working here at once. First is Parkinson's Law. As one mark of importance, bureaucrats seize the power of classifying things, so they can claim to know things other people don't. Then there's an analogy to grade creep. In Ivy League universities where most people were once satisfied with "a gentleman's C," there is now a demand for "at least a B." Things that were once reluctantly restricted with FOUO now are routinely stamped SECRET. Of course I think most people here know that the highest classifications are for things that are not dangerous to national security at all, but somebody thinks would be embarrassing if they became widely known. That's why we see the most draconian legal pursuit of whistleblowers who expose useless or fraudulent probrams, and why Snowden is so excoriated.

SpaceJunkJanuary 1, 2015 3:54 AM

When I write CLA documents for our project, it is not always upfront obvious what CLA level it is. The information domain is often huge and no one knows all the rules. Its therefor easier to upgrade the level, than to have to raise a security incident and clean up the shite afterwards.

ChrisJanuary 2, 2015 6:20 PM

Good readings, I have had the luck to be able to monitor the border guards in a country that I dont want to specify because of their lack of security back then, they used a motorola encryption with fallback mode, and they were aloud to turn the encryption off which they did because they didnt like the sound of it, so sometimes you heard them both in clear and sometimes one was in clear and one was encrypted.

Anyhow: I can tell that in this particular country they had at least the following approaches:
2-3 civilians mainly girls running as passengers, they also used somekind of computer systems that they got their leads from that where flagged and everyone in that system were automatically checked and had civilian persons waiting for them so they dont lose them.

They where VERY intrested in single passengers, especially if they where from business class and had nice bags. They had flagged flights from moscow, london, amsterdam and bangkok perhaps more than those. They were very intrested in looking at the difference between a bag and the ticket and the person, and yes pretty much all thats in that pdf makes sence to me!

There were more things that they searched for but all and all the cia documents covers them pretty well, so this is real stuff and not bullshit!

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.