Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
U.S. may change how it monitors the web after missing leaked documents for weeks (nbcnews.com)
38 points by VagueMag on April 15, 2023 | hide | past | favorite | 29 comments


Headline reframed, MSM running cover for how US is ALREADY monitoring the web and now using the truth exposure event to leak their global monitoring programs.

The gov learned a lot with the Snowden leaks - stop relying on hidden spy programs, flip the US media to be a propaganda tool and prime people into believing this is for their own good.


Main thing they learned is to control both sides of the narrative.

Make the “wrong side” look like flat-earther types through coordinated information poisoning. That’s the true advancement in PsyOps in the last 10 years.


"Incompetence" has been used as the justification for broadened power so many times at this point it would be surprising if they aren't feigning it from time to time.


And as we know, "Incompetence" never gets fixed. All that happens are changes made in a manner only proves Incompetence is someone else's fault. I am sure changes made will have nothing to do with the real issue.



I have to say, this is the aspect that almost shocks me the most. The leaker himself doesn't seem like the most sympathetic character, and it might be very well be that he was some rightwing gun nut who shares this for entirely questionable motives.

And yes, I'd also condemn publishing detailed military positions or names of sources.

Nevertheless, I think it's unsettling how quickly media, politicians and the public are to treat any kind of leaking as a grave crime. From what I understood, the documents contained evidence of illegal activity by us agencies - spying on allies, and possibly misleading the public about casualty numbers (that seems questionable though). Yet everyone is condemning the leaker for exposing this stuff instead if demanding an investigation.

Looks like the US press really learned their lessons from the Snowdon leaks - and it weren't the ones he intended.

You can see it in the naming conventions as well - he is called "leaker" now, not "whistleblower" - or, if any media has to, it's "self-described whistleblower".


> spying on allies

That is one of the exact purposes those agencies exist for in almost every country of the world.

> possibly misleading the public about casualty numbers

The numbers given in the documents are consistent with the numbers publicly stated by the US military.

> demanding an investigation

For what? I don't see how he is a whistleblower when he hasn't exposed any illegal activity. It's pretty clear from what he friends said that he was doing this solely to impress his friends, which is pretty clearly illegal.


> spying on allies, and possibly misleading the public about casualty numbers

Are either of these things illegal? Because what the leaker did absolutely _is_ illegal.


Good question. Not on a national level, I'm sure, though I'd have thought there were international treaties or UN rules about this.


Laundering intelligence through the media unfortunately isn’t new, also pretty wild seeing them use the media to hunt people down. They really want the PATRIOT Act 2.0. Whistleblowers are bad now.


Foreign countries learned the same thing decades ago. The best placed spy is sometimes no match for the U.S. media, especially in this day of must-get-clicks. Like when Tim Weiner wrote an article for the NYT exposing a CIA asset because he could, and in doing so got the man killed. Weiner has said he feels zero remorse for it because he was doing his job. Many journalists appear to feel the same way: It doesn't matter the harm the reporting causes, because that's their job.


I both agree-ish but also, I relish less the conspiratorial grade thinking as the internet commentator M.O. after years of QAnon & other similar malarkey.


The "malarkey" provides easy cover for real, and much more boring, usurpation of human rights by governments.


Sounds like this will start another push in the US to eliminate E2E Encryption or at the very least force the use of back-doors.

Seems this will never end. I heard about a push 1 year or 2 ago, but I have not heard much since. So, here we go again.


There is no widespread use of end-to-end encryption beyond 1:1 chats and small groups.

Discord, Telegram, and similar platforms do not use end to end encryption. So I would read this as "we need to get even better at monitoring literally all public or semi-public means of communication".


You're assuming that the push will follow reasonable conclusions. That's now how government works. They will try to come after encryption, they will use an event like this to do it if not this one, and I believe they will fail.


The solution is to isolate systems with SIPRNet access and not permit writable media to be attached to them nor access to printers. This has been possible for decades. The problem is that the military doesn't take security seriously. They should have learned their lesson with Manning and clearly didn't.


>nor access to printers

You fail to realize what you're asking. The military is a system where the older you are while surviving the institution, the more pull you have. These dinosaurs are what stop this from happening. They ignore a reality where the things THEY understand do not exist and have priority. The average O-1 officer can't imagine themselves or their command not having certain communication tools. The Boss at the top? Just yell louder, it's how wars have been won in the past, it should work now. The joint chiefs of staff are not young, and have every intention to keep it that way.

Telling the DoD no printers would legit cause an existential crisis for career officers. You cannot suggest something less popular among them. This is not an exaggeration. Do you think a tank platoon commander, or submarine commander, can imagine an operations room without paper laying around? Because they cannot imagine it, it does not exist. While I agree this is the way forward, it will not happen for another 20 years.


It wouldn't be a stretch to commission a modern secure Kindle DX for document handling. The rule wouldn't be no printers ever. It would be no exfiltration of secret materials. That stuff doesn't need to be handled in a sheaf of papers. Everyday non-secret (ie low impact damage) material can continue as is.

DoD contractors are under heavy scrutiny and face severe repercussions for leaks. They've been operating this way for decades.


I don't know what they do in the USG but discord is so popular for this sort of stuff, it's my go to (and slack or github) for exfiltrating data (legitimate pentest or adversary simulation). It's very easy to get a webhook URL for a chatroom and just upload data to it or generate a url to download arbitrary attachments.

Now, I would imagine anyone worth their salt would use dedicated rooms or servers for anythint nerarious. But in the corporate world there are sooo many security vendors that specialize in "dark web monitoring" which includes popular criminal forums but anywhere at all including discord, 4chan, reddit, telegram (very very popular now) and other places that attract anyone that will trade information. They monitor keywords that are related to your company and alert you, even pretend to be one if them and get the data to see what is being sold.

Now I have seen USG entities do a lot more than this against targeted individuals. My guess is they just don't have enough people to do dragnet monitoring at their very large scale (even to look at keyword matches or tune rules). They'll probably just outsource this to google (owns mandiant now who have nation state level intel collection capacity) or crowdstrike.


Sightly off topic, but where can I view the documents? All of the news sites just talk about it without providing the original source.


Just because the documents were leaked doesn't mean they have been declassified. Which is why no one is sharing the documents.


that explains it. But I remember during the wikileaks saga, there was easy access to the documents. I wonder why then it was so much easier to find the original sources


Honestly why not just make a database like GIFCT [0], for classified documents? You could make it possible to both preserve the current status quo (e.g. most social medias already run a check against some databases to prevent you from uploading terrorist content and CSAM) and stem the flow of classified documents. No need to ban E2E encryption, no need to have a watchful eye over everyone on the internet, no need for back doors to scan data on private devices or monitor private chat rooms.

However, somehow I doubt that we want to make a database like that given that, even if the hashes are irreversible, the database itself could be used to glean information.

Of course, a better solution could still be the one suggested in the article: stop over-classifying, and reduce access to classified materials overall.

[0]: https://gifct.org/hsdb/


This is not a solution, it also adds a whole slew of other problems.

Also saying hashes are irreversible doesn't actually make that so.


I remember a few years ago, when the big internet was talking about censoring the fringe (and calling it not censorship) that there were people talking about how the discussion follows the fringe and you can't silence the fringe, you can only push them elsewhere. And now, the government, still mostly monitoring the big internet, predictably misses the very impactful information exchange happening where it was driven to.

Will they learn their lesson? Well, that requires a genuine desire for self reflection and improvement, so I doubt it.


Strikes me as a low signal-to-noise endeavor. How many "government leaks" are someone trolling the internet with a forged document? Aliens, Kennedy assassination, political out-group targeting, etc.


I wish the selfish kid who leaked this information realized that beyond exposing secrets, this event will no doubt be used to bang the drums for more surveillance. Given the recent legislation proposal (RESTRICT Act) on that topic, this event is going to be a narrative to push it through or make it even worse.


The "selfish kid" jad nothing on the existence-at-all-costs grip the U.S. exercises it's classification authority with.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: