That proves nothing though. US Government data is so siloed it’s possible Snowden would not have access to UFO info even if he had access to essentially everything the NSA had access to.
The classified stuff wasn’t really that siloed. He had access to everything CIA, DIA, NSA, etc. He talked about this in his book. Searching for evidence of aliens was one of the first things he did when he got access.
Didn't he have a special PRIVACC designation that allowed him to bypass traditional "need to know" silo boundaries, under the auspices of being a sysadmin or whatever?
These systems are commonly air-gapped. Unless he physically went around to the various SCIFs, where the information would be, it doesn't matter what kind of access he had.
Do you have direct experience? Because this is contradictory to my own experience.
When I was in the Air Force we had access to various classified networks at levels up to and including TS. You often needed to be in a SCIF and/or have TEMPEST-rated equipment to log in, depending on the context, but the systems are networked nonetheless.
I worked in a SCIF for a short time for a defense contractor. It was a while ago, and I'm fuzzy about what I can and cannot say about how things worked in there, so I'd rather not say anything specific.
What I can say is that it's trivial to keep things you don't want leaving a SCIF in the SCIF.
Fair enough. My experience is fairly recent but it might also be a military vs intelligence agency thing.
All the classified/SCIF systems I used were networked, though the networks were physically segmented and most of the classified systems I used did not have internet access. Whether that counts as "air gapped" in your book I dunno, but I never came across anything like the room out of the original Mission Impossible film where the machine has no network access at all. In fact I question the utility of such a machine.
Air-gapped just means physical segmentation (as far as I'm aware). So you can consider the networks you're talking about to be air-gapped as well. Seems like the network I worked on was more isolated that what you're describing. I worked with a TS/SCI clearance though, and I know there are varying degrees of "C".
I’m definitely not military, so I can’t speak from experience here.
I just find it hard to believe that the military puts all of this information into decentralized air-gapped silos that are completely cut off from the outside world.
Information isn’t useful when it can’t be searched, cross-referenced and analyzed. How does data enter a SCIF? because it obviously doesn’t originate there. Do people walk in with thumb drives and load it into a computer? That sounds like a security nightmare to me
When I was there, it could only be brought in via read-only disc, and only via authorized parties. Any writable media was prohibited from entering as far as I was aware/concerned.
We weren't generating information though, we were generating products. Products (physical or non-physical) get "used" as opposed to "searched".
He leaked documents from British and Australian intelligence according to his wiki page, so he obviously had broad access. I’m paraphrasing, but he’s specifically talked in interviews that he had access to almost everything.
> He leaked documents from British and Australian intelligence according to his wiki page, so he obviously had broad access. I’m paraphrasing, but he’s specifically talked in interviews that he had access to almost everything.
Whilst this is true, he leaked only one document related to Australian intelligence, so if there was a lot of sharing between the two then Snowden clearly didn't have access to a lot of it.
For anything like this to stay a secret this long, it's obviously not discoverable by a keyboard jockey having root privileges across the network. You don't need to know more acronyms to infer such things.
Reminder that we live in the same universe where China has basically entirely pwned our government networks, Russia has done a good number, and a 20 year old desk worker had the ability to post insanely high level stuff to a discord server for quite some time before anyone even noticed.
Which should be considered surprising in the era of modern international communications, technology, and intel sharing.
The odds of evidence of a UFO hitting the wrong comms channel and then not being seen by someone before getting scrubbed are staggeringly low. So for someone to have wide access across multiple silos and then hear nothing, one must assume either the conspiracy to hide the evidence of UFOs is supernaturally good or the conspiracy is both still using off-grid solutions to coordinate internationally and is somehow suppressing information that should be in their silo from ever landing in the wrong silo.
Is there significance in the parent commenter saying "UFO" and the child comment saying "aliens"? Asking because they are not necessarily the same thing and searching for one may not yield results for the other. I suspect both terms would catch the eye, so this still seems like an interesting contradiction; probably just a difference between the comments that I noticed.
> The classified stuff wasn’t really that siloed. He had access to everything CIA, DIA, NSA, etc. He talked about this in his book. Searching for evidence of aliens was one of the first things he did when he got access.
Not to be pedantic but this isn't entirely true. There is a set of what the NSA call "core secrets" that were never leaked, these were all classified at ECI.
The best we got what was a list of digraphs, codenames and vague descriptions, you can actually workout that at least one them is likely Crypto AG (HISTORY / HST).
Yup. Not military, but have significantly researched the U.S. secret keeping system because I’ve long been enthralled by espionage. As I understand it, any classified document can be SCI, secure compartmentalize information(I think this is used for spy stuff, barely anyone needs to be able to link a spy’s real ID to their assumed ID, the less people who know the better), or be part of an SAP, Special Access Program(which is more about highly secret projects, it seems, like the 6th gen fighter we’re probably building/have built), both of which have access control which is granted on a need-to-know basis.
And, fyi, as I understand it, “I’m your superior”, is not a valid reason to need-to-know. Need-to-know is, as I understand it, at the discretion of the secret keepers.
It's almost unbelievable how little anyone knows of this and I can't entirely figure out why. Some small details of the system itself are classified, but not the broad strokes. The Intelligence Community (IC), i.e. the CIA, NSA, NGA, NRO all use the SCI system to compartmentalize top-secret data. Additionally, data can get distribution restrictions, usually FVEY or NOFORN, indicating they can be released to five eyes or to no foreigners at all, regardless of clearance. The compartments can get iffy, but the biggest ones are TK for satellite imagery data and SI for signals intelligence data.
After 9/11, for the most part, this data was shared as widely as possible. The IC networks are all able to connect to each other over JWICS, which is the military's top-secret network. Data only classified at the Secret level is shared over SIPRNet, the military's secret network. When you get an account on any agency network, you are issued an IC PKI identity, which includes a client certificate. Every time you attempt to access any system or even just a static site, your client cert is used to grab your clearance attributes from your agency's online database (as in, basic ABAC, something you almost never see on the regular Internet). Access to view is granted based on these attributes that give your clearance level and compartments. Sites have to be deployed in such a manner that they can be redacted element-by-element rather than denying an entire site.
The DoD, on the other hand, uses the SAP system to compartmentalize data. Any data generated by an SAP program is accessible only to members of that program (and to the president, who implicitly has clearance to see literally everything).
Other than the president, you're right that nobody can just pull rank to get clearance. SAP access is granted by the program office of each specific program. SCI compartments are granted by your agency. The clearance itself is granted by a government-wide cross-agency adjudication board based on recommendations from counterintel agents who receive data gathered from the OPM, by investigators who are typically contractors.
Why do I know all this? Because I was a cleared system administrator of a top-secret software environment. This was a IAM user with Administrator policy assigned in AWS, in this case C2S, the CIA's top-secret private version of AWS that is shared and used by the entire IC. It's the same as having Administrator access to an AWS commercial account. It doesn't grant you administrator rights to the entire Internet, just to the resources in your cloud account. Individual applications even still may or may not give you administrator access as well, depending on whether you need it, which has nothing to do with your clearance level. This is regular infosec "does this person actually need to be an admin" considerations. And it includes separation of duties. Typically, admins in one system can't be admins of another unless there is no one else who can do it.
Edward Snowden absolutely did not have access to anywhere near just about everything classified. Nobody has that access. Even the president can't just login into a terminal and grab anything. He can ask and his aides will find someone who can do that, but there is no such terminal that is physically capable of accessing everything, no matter who is logged into it.
Right, but somebody has to maintain those IT systems, and if the government is anything like other huge, data-hoarding corporations, then they deploy sysadmins who have an incredible amount of access because they have to in order to maintain the system. IT systems do not run themselves.
Why do you need IT systems for a program that has allegedly been running covertly since a decade before Bletchley Park started building Colossus?
Let’s just presume that the people running this are recruited both for their competence and their ability to keep a secret. Would they immediately commission an IT team?
NSA needs IT. It’s essential. These programs - if they exist - are all about avoiding recording anything or communicating anything other than face to face.
