[LINK] Australian Diplomat whose cable was leaked by the governmentwhen it suited them

Roger Clarke Roger.Clarke at xamax.com.au
Wed Dec 8 13:43:54 AEDT 2010 

At 12:51 +1100 8/12/10, Tom Koltai wrote:
>Leaking everything without vetting it is possibly more harmful than not
>leaking anything.
>For example, there can be no defence for the releasing of a document
>about the locations of globally crucial infrastructure.

I'm actually in two minds about that one.

(1)  It would be unwise to assume that your adversaries can't use 
open source intelligence just as well as you can

(2)  In fact, there's an argument that they're more highly motivated 
to collect and analyse such data than you are, and that therefore 
their analyses will be better than yours anyway

(3)  So there's a strong chance that the disclosure of a country's 
list of vulnerabilities will only be sensitive to the extent that 
adversaries have found some that the country's own people haven't 
(because the un-found ones could be expected to be even softer 
targets than the found ones).  [So the rational countermeasure by 
each country is to put absolutely *everything* on a piece of paper 
that purports to be the authoritative list, and leak it]

(4)  There's an arguable public interest in a country's analysis of 
its vulnerabilities being available to the public of that country

As an example, let's take the rattlesnake anti-venene factory.  (I 
find that at least counter-intuitive and frankly quite barmy, but 
that's beside the point).

If I live next to a major military installation, power station, dam, 
etc., I could interpolate for myself that I and my family have a 
higher risk of suffering collateral damage than other people have.

But a rattlesnake anti-venene factory that I didn't even know was there??

Suppose I have a bedridden dependant in the house.  I've already done 
calculations about flood-proneness, ambiguity of address, etc.  Now I 
know that I need to re-compute my risk assessment about where I live.


-- 
Roger Clarke                                 http://www.rogerclarke.com/

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list