I guess all the MDM and document restrictions in the world can't help you against photos of screens. Is it even possible to protect against this, short of only allowing access to confidential files in secure no-cell-phone zones?
0: https://www.echomark.com/post/goodbye-to-analog-how-to-use-a...
Those kinds of watermarks seem like they'd fail to a sophisticated actor. For instance, if that echomark-type of watermark becomes widespread. I supposed groups like the New York Times would update their procedures to not publish leaked documents verbatim or develop technology to scramble the watermark (e.g. reposition things subtly (again) and fix kerning issues).
With generative AI, the value of a photograph or document as proof is probably going to go down, so it probably won't be that big of an issue.
Then have an AI or intern paraphrase it.
When a competent journalist gets a leaked document, they'll learn to only summarize it, but won't quote it verbatim or duplicate it. That'll circumvent and kind of passive leak-detection system that could reveal their source.
Then the only thing that would reveal the source is if the authority starts telling suspected leakers entirely different things, to see what gets out.
This is called a canary trap [0], a well-trodden technique in the real world and fiction alike.
Isn't that how congressmen and senators view them in the US? At least, that's how I've understood it to be. If so, what's good for the goose...
Similarly you could hypothetically exfil binary data by visually encoding it (think like a qr code) and video recording it in the same way.
https://github.com/CiscoCXSecurity/QRCode-Video-Data-Exfiltr...
A leaker with a smartphone on a tripod capturing video while they scroll through files etc. could probably deal significant damage without much effort.
The main reason not to bring a phone into the room is that the phone could be compromised. If the person is compromised then a device isn't your problem, because they could view the documents and copy them on paper or just remember the contents to write down later.
Or do you think non-immigrants can't do these jobs? We certainly don't need to have other people than citizens already here and born here do these things.
The question was is it possible to protect. What I said is possible and would protect against the problem. It would be good for the country and American citizens in many ways including national security.
Yeah. National loyalty is not the only motivating force why someone would leak something. The common reasons why someone becomes an insider treat is MICE: Money, Ideology, Compromise, and Ego. It is not specific to immigrants.
At age 32? That's a bit old for a student, though possible I guess. But also working at Google? Student visas severely restrict employment options, as far as I understand it.
Only a lawyer could write this with a straight face
Keep reading.
It’s either extreme incompetence or cheeky disclosure while also technically not naming the company.
Redactions / aliases are sometimes quite transparent. When policy dictates that it must happen they do it even when it is not hard to puzzle out who the redaction / alias hides.
There is the famous interview where the NTSB was interviewing an expert in relation to the Oceangate tragedy. The expert's name was redacted, but he was described as "Co-Designer / Pilot of the Deepsea Challenger" which is already quite a specific thing. Not a lot of people can claim that. And then the interview started like this:
Q: So how did you get yourself started into submersible operations? <redacted>: Well, I'm sure you are familiar with my film Titanic.
I'm leaving the solution as an exercise for the reader. But it is a real world "Lisa S. No, that's too obvious. Uh, let's say L. Simpson." situation.
This is part of why we are where we are as a country. We have this whole web of charging instruments in our legal system that dance around the main thrust of what investigations are about. It makes people who would think of doing these things think that they could get off easy if they were caught.
They're handing over sensitive info (we have sanctions and embargoes on Iran) to an enemy power. If you're an anal-retentive lawyer, you call it "stealing trade secrets". If you're a person with any amount of common sense, you call it espionage. One is something that should be applied when a company steals info from its competitor; the other should be applied when people are handing over sensitive info to an enemy power. One would be punishable by a decade in prison, the other punishable by life in prison or worse.
Sort of.
But if the government is hosting its email with Joe, and Joe hires an intern who installs a backdoor for Russia: that would be treason.
Despite the fact that it's a quaint allegory, it's actually a closer one to the reality of the situation.
As long as the US is not at war with Russia, spying for Russia can't be treason.
> "Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort."
That probably makes it espionage, not of the corporate kind
Shocking.
On the other hand, it’s corporate espionage which is actually fairly common. However, due to the influx of immigration around the world you are going to see this occur a lot more often.
But your example cites a "natural born American", not an immigrant?
If your hiring program is built around increasing diversity, and you have an enemy state who would count as diverse by default then you have quite literally opened the door for exploitation.
All the handwringing in the sibling comments are not even trying to contend with this.
Also, it seems to be second generation migrants with greater affinity for extremism and patriotism for their parents country - despite never living there (this is the case in Sweden at least), and those are usually full citizens: this is very difficult to contend with for security services who use citizenship as a proxy for weeding out potential disloyalty).
You'd be surprised. If I were to emigrate because of economic reasons (which is by far the most popular reason to emigrate) my loyalty would stay with my paychecks. I don’t see how it could be otherwise. What binds me to my new country? My history, my character, my race, my religion…? Guess not.
A company hires immigrants.
It's possible the company has hired immigrants loyal to their country.
Logically, it works like that.
Not necessarily true. Source: I have friends and family who came to the US from Russia and are still loyal to Russia. When the topic comes up, they tell me they would fight for Russia in a hypothetical US/Russia war.
It's entirely possible to love your country and still seek out a better life elsewhere for practical reasons.
Edit: To clarify, this isn't universal. Some folks who came over absolutely hate the country of their birth, some still love it, while others are ambivalent. But you can't make a blanket statement like "people loyal to their country tend to stay there" when there are stark financial and quality of life advantages to moving from one place to another.