On Sun, Jan 19, 2014 at 12:43 AM, coderman wrote:

On Sat, Jan 18, 2014 at 2:59 PM, grarpamp wrote:

...

... Though lacking a reference, I believe members of congress may speak/leak at will on the floor in open public session and shall not be held to any crime for doing so. Of course in return the government or the public may not support their ongoing candidacy.

citation? my understanding is that statements in congress are public, and subject to same unauthorized disclosure laws. only the POTUS can unilaterally decide to "leak" something in public without legal repercussions (impeachment aside).

they cannot speak/leak neither can the executive branch > see dick cheney -- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Twitter: @carimachet https://twitter.com/carimachet Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.

interesting how little the constitution is functioning they do not leak information - not that i am aware of anyway - do you know of an instance? this is shocking that they are protected basically with immunity BUT it does say "treason, felony and breech of peace" so anything could be thrown in those bags - they are effectively gagged On Sun, Jan 19, 2014 at 8:53 AM, grarpamp wrote:

On Sat, Jan 18, 2014 at 6:49 PM, Cari Machet wrote:

...

On Sun, Jan 19, 2014 at 12:43 AM, coderman wrote:

...

On Sat, Jan 18, 2014 at 2:59 PM, grarpamp wrote:

...

... Though lacking a reference, I believe members of congress may speak/leak at will on the floor in open public session and shall not be held to any crime for doing so. Of course in return the government or the public may not support their ongoing candidacy.

citation? my understanding is that statements in congress are public, and subject to same unauthorized disclosure laws. only the POTUS can unilaterally decide to "leak" something in public without legal repercussions (impeachment aside).

they cannot speak/leak neither can the executive branch > see dick cheney

""" US Constitution - Art 1, Sec 6: The Senators and Representatives ... shall in all Cases, except Treason, Felony and Breach of the Peace, be privileged from Arrest during their Attendance at the Session of their respective Houses, and in going to and returning from the same; and for any Speech or Debate in either House, they shall not be questioned in any other Place. """

The bit after the semicolon is interesting. It appears to grant immunity outside Place of Congress for speech in Congress, and since Congress has no real internal law/police/judge/jail of its own, speak all you want. This has been subsequently developed... https://en.wikipedia.org/wiki/Speech_or_Debate_Clause

Then there's Art 1 Sec 5 PP2 and PP3 and so on that might be applied after the fact. Though right now there is CSPAN and observation balconies for the public/press, so any speech bombs that someone drops would make it out to the world.

Congress (Sen/Rep) is not the Executive (VP), so different rules can and do apply there.

-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Twitter: @carimachet https://twitter.com/carimachet Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.

On Sat, Jan 18, 2014 at 11:53 PM, grarpamp wrote:

... """ US Constitution - Art 1, Sec 6: The Senators and Representatives ... shall in all Cases, except Treason, Felony and Breach of the Peace, be privileged from Arrest during their Attendance at the Session of their respective Houses, and in going to and returning from the same; and for any Speech or Debate in either House, they shall not be questioned in any other Place. """

The bit after the semicolon is interesting. It appears to grant immunity outside Place of Congress for speech in Congress, and since Congress has no real internal law/police/judge/jail of its own, speak all you want

now describe to me what happens when the session is over, their attendance complete, they return home, and then still find themselves having leaked classified information without authorization. i'm trying to find the legal basis for commander in chief to unilaterally declassify as desired. my public info skills less judicial more osint, alas. perhaps i made it up in some mental fiction of blurred experience... ;) best regards,

Indeed, Daniel Ellsberg planned to have Congresspeople speak about the still-classified Pentagon Papers via this part of the Constitution. Senator Mike Gravel did it. You can read about it in Sanford J. Ungar's book The Papers & the Papers: an Account of the Legal and Political Battle over the Pentagon Papers. If I'm not mistaken, Gravel has spoken out in favor of Snowden. Douglas On 01/19/2014 06:06 PM, grarpamp wrote:

On Sun, Jan 19, 2014 at 10:26 AM, coderman wrote:

...

now describe to me what happens when the session is over, their attendance complete, they return home, and then still find themselves having leaked classified information without authorization.

...

""" US Constitution - Art 1, Sec 6: The Senators and Representatives ... for any Speech or Debate in either House, they shall not be questioned in any other Place. """

As before, it's rather clear, speak/leak all you want in session, nothing criminal happens. The deleted part refers to non-congressional activities/crimes/places... like murder, or to congressional activities/crimes/places such as taking bribes... that are not speech/debate on the floor or activities directly related to that, like storing classified leaks in your office pursuant to leaking them.

More, just read it all yourself... https://en.wikipedia.org/wiki/Gravel_v._United_States https://en.wikipedia.org/wiki/James_Traficant https://en.wikipedia.org/wiki/Category:Congressmen_stripped_of_committee_ass...

coderman for congress!

People always seem to overestimate how hard it would be to sneak the CP, democratic rational thought scientific problem solving forward looking openness world peace warp drive or any other sane agenda into Congress. Congress is filled by people who can bullshit other people [1], that's it. If you can do that, you're in. Rise to some committee chair and if you still haven't turned to the dark side by then, well... it's your place, have fun remodeling. [1] And those who never grew up with or know the internet. When the last decade of teen torrent pirates and hackers finish college or turn politics in second life, things should get interesting. Permeation of all things internet has simply never happened before in history and is now on tap. Certainly many of you early adopting BTC hodlers could bankroll a good campaign with it before BTC goes to zero.

On Sun, Jan 19, 2014 at 5:56 PM, Philip Shaw wrote:

reading documents into the public record would be useful (since it would give us all legitimate access), it wouldn’t help subsequent publishers.

It's public record at that point... when acting under that context, anyone can read and publish it. Be it the Press/WL or Jane Public. Or perhaps even congressperson, NSA, military, executive branch, etc... so long as they were say officially off work as anyone might be in the evening at the library or on vacation visiting their capitol... though you probably wouldn't want to actually try it (ref also: the military blocking WL website from soldiers), just let the Press do it. You just can't be cleared/NDA'd and do the initial leak, unless you change policy by fiat (exec order), or are Rep/Sen and speak in congress.

On Sun, Jan 19, 2014 at 10:05 PM, Philip Shaw wrote:

do state legislatures have an equivalent of parliamentary privilege

That's in the first link I sent.

and if so does it protect state legislators from federal law?

Afaik, states / state legislatures are not bound to protect classified fed secrets that just appear on their doorstep, only their own... they're separate entities. But with LEA/FOUO there are lots of data sharing memorandums and general enabling law between state and fed, ie: state driver bureaus, criminal records. geo resources, etc. Unlikely outside of such interagency use that fed top secrets would even make it to the state legislatures... largely irrelevant to their interests unless it's about where to get good Cuban cigars. All afaik, you'd have to research more. Also: FAS secrecy blog, US national archives, foia, etc.

On Mon, Jan 20, 2014 at 2:33 AM, coderman wrote:

i was wrong, and the POTUS angle by Executive Order 13526 implies he/she/$POTUS can clarify at will.

seems there is a longer history of not just presidents but also congress leaking secrets. does anyone know the specific instances covered in these texts? - Burn Before Reading, Stansfield Turner - The Deadly Bet, Walter LaFaber - Seeds of Terror, Gretchen Peters - Classified Information in "Obama's Wars", Jack Goldsmith, Lawfare

also interesting that classifying non-government-generated information has not been tried in the courts;

Classification are internal handling rules. The gov can stamp top secret on their copy of my private or public doc and do what they want with it (subject possibly to my copyright/license/patent/etc stamp, charges of theft/1stAmend etc to copy/take my copy,). They don't have any purview over my copy, unless mine is stolen, copied, etc where it might be a crime itself. It's not been tried because it seems covered by the 1stAmend. Ref also: Banned books lists, cypherpunks list, Cryptome, etc. So besides the usual "we'd really like if you didn't publish that" and co-op'd self-censor, has forced classification ever been done, links?

the Sean P. Gorman incident not applicable as my understanding is that he received clearance and they built a SCIF on the university campus for him to finish studies and perform research in an official capacity for USGov.\

I don't think his work was gov funded and/or classified, and believe it was cooperatively self-censored, with no known full release (JYA would have been all over that if so, and was not party to the media or quasi-gov consultations/releases). The funding part would be noted in the uncensored version of the papers, which also seem hard to find... ie: where is the canonical distribution point?

On Mon, Jan 20, 2014 at 11:59 AM, coderman wrote:

... i'll dig up the archives later today... the paper was "sanitized" but the real concern was all of the vast and detailed fiber, power, gas, transportation, and other infrastructure mapped at sufficient detail for edges to have sufficiently useful capacity ratings for evaluation in the graph algorithms highlighting high degree, high risk nodes / links in the network. access to "sensitive critical infrastructure information" ever after actively squelched.

there is some likely usual bit rot around this story, for now read at: http://seclists.org/isn/2003/Jul/28 and i may be wrong; they describe the cinderblock, unconnected, multi-factor auth fortress where the work was moved, but this article doesn't say SCIF and implies the contracts still in progress. still digging... JYA do you remember this hullabaloo? have convenient docs to link? best regards, except SONET pairs sharing same right of way over aerial and buried plant. --- http://www.washingtonpost.com/wp-dyn/articles/A23689-2003Jul7.html By Laura Blumenfeld Washington Post Staff Writer Tuesday, July 8, 2003 Sean Gorman's professor called his dissertation "tedious and unimportant." Gorman didn't talk about it when he went on dates because "it was so boring they'd start staring up at the ceiling." But since the Sept. 11, 2001, attacks, Gorman's work has become so compelling that companies want to seize it, government officials want to suppress it, and al Qaeda operatives -- if they could get their hands on it -- would find a terrorist treasure map. Tinkering on a laptop, wearing a rumpled T-shirt and a soul patch goatee, this George Mason University graduate student has mapped every business and industrial sector in the American economy, layering on top the fiber-optic network that connects them. He can click on a bank in Manhattan and see who has communication lines running into it and where. He can zoom in on Baltimore and find the choke point for trucking warehouses. He can drill into a cable trench between Kansas and Colorado and determine how to create the most havoc with a hedge clipper. Using mathematical formulas, he probes for critical links, trying to answer the question: "If I were Osama bin Laden, where would I want to attack?" In the background, he plays the Beastie Boys. For this, Gorman has become part of an expanding field of researchers whose work is coming under scrutiny for national security reasons. His story illustrates new ripples in the old tension between an open society and a secure society. "I'm this grad student," said Gorman, 29, amazed by his transformation from geek to cybercommando. "Never in my wildest dreams would I have imagined I'd be briefing government officials and private-sector CEOs." Invariably, he said, they suggest his work be classified. "Classify my dissertation? Crap. Does this mean I have to redo my PhD?" he said. "They're worried about national security. I'm worried about getting my degree." For academics, there always has been the imperative to publish or perish. In Gorman's case, there's a new concern: publish and perish. "He should turn it in to his professor, get his grade -- and then they both should burn it," said Richard Clarke, who until recently was the White House cyberterrorism chief. "The fiber-optic network is our country's nervous system." Every fiber, thin as a hair, carries the impulses responsible for Internet traffic, telephones, cell phones, military communications, bank transfers, air traffic control, signals to the power grids and water systems, among other things. "You don't want to give terrorists a road map to blow that up," he said. The Washington Post has agreed not to print the results of Gorman's research, at the insistence of GMU. Some argue that the critical targets should be publicized, because it would force the government and industry to protect them. "It's a tricky balance," said Michael Vatis, founder and first director of the National Infrastructure Protection Center. Vatis noted the dangerous time gap between exposing the weaknesses and patching them: "But I don't think security through obscurity is a winning strategy." Gorman compiled his mega-map using publicly available material he found on the Internet. None of it was classified. His interest in maps evolved from his childhood, he said, because he "grew up all over the place." Hunched in the back seat of the family car, he would puzzle over maps, trying to figure out where they should turn. Five years ago, he began work on a master's degree in geography. His original intention was to map the physical infrastructure of the Internet, to see who was connected, who was not, and to measure its economic impact. "We just had this research idea, and thought, 'Okay,' " said his research partner, Laurie Schintler, an assistant professor at GMU. "I wasn't even thinking about implications." The implications, however, in the post-Sept. 11 world, were enough to knock the wind out of John M. Derrick Jr., chairman of the board of Pepco Holdings Inc., which provides power to 1.8 million customers. When a reporter showed him sample pages of Gorman's findings, he exhaled sharply. "This is why CEOs of major power companies don't sleep well these days," Derrick said, flattening the pages with his fist. "Why in the world have we been so stupid as a country to have all this information in the public domain? Does that openness still make sense? It sure as hell doesn't to me." Recently, Derrick received an e-mail from an atlas company offering to sell him a color-coded map of the United States with all the electric power generation and transmission systems. He hit the reply button on his e-mail and typed: "With friends like you, we don't need any enemies in the world." Toward the other end of the free speech spectrum are such people as John Young, a New York architect who created a Web site with a friend, featuring aerial pictures of nuclear weapons storage areas, military bases, ports, dams and secret government bunkers, along with driving directions from Mapquest.com. He has been contacted by the FBI, he said, but the site is still up. "It gives us a great thrill," Young said. "If it's banned, it should be published. We like defying authority as a matter of principle." This is a time when people are rethinking the idea of innocent information. But it is hardly the first time a university has entangled itself in a war. John McCarthy, who oversees Gorman's project at GMU's National Center for Technology and Law, compared this period to World War II, when academics worked on code-breaking and atomic research. McCarthy introduced Gorman to some national security contacts. Gorman's critical infrastructure project, he said, has opened a dialogue among academia, the public sector and the private sector. The challenge? "Getting everyone to trust each other," McCarthy said. "It's a three-way tension that tugs and pulls." When Gorman and Schintler presented their findings to government officials, McCarthy recalled, "they said, 'Pssh, let's scarf this up and classify it.' " And when they presented them at a forum of chief information officers of the country's largest financial services companies -- clicking on a single cable running into a Manhattan office, for example, and revealing the names of 25 telecommunications providers -- the executives suggested that Gorman and Schintler not be allowed to leave the building with the laptop. Businesses are particularly sensitive about such data. They don't want to lose consumer confidence, don't want to be liable for security lapses and don't want competitors to know about their weaknesses. The CIOs for Wells Fargo and Mellon Financial Corp. attended the meeting. Neither would comment for this story. Catherine Allen, chief executive of BITS, the technology group for the financial services roundtable, said the attendees were "amazed" and "concerned" to see how interdependent their systems were. Following the presentation, she said, they decided to hold an exercise in an undisclosed Midwestern city this summer. They plan to simulate a cyber assault and a bomb attack jointly with the telecommunications industry and the National Communications System to measure the impact on financial services. McCarthy hopes that by identifying vulnerabilities, the GMU research will help solve a risk management problem: "We know we can't have a policeman at every bank and switching facility, so what things do you secure?" Terrorists, presumably, are exploring the question from the other end. In December 2001, bin Laden appeared in a videotape and urged the destruction of the U.S. economy. He smiled occasionally, leaned into the camera and said, "This economic hemorrhaging continues until today, but requires more blows. And the youth should try to find the joints of the American economy and hit the enemy in these joints, with God's permission." Every day, Gorman tries to identify those "joints," sitting in a gray cinderblock lab secured by an electronic lock, multiple sign-on codes and a paper shredder. No one other than Gorman, Schintler or their research instructor, Rajendra Kulkarni, is allowed inside; they even take out their own trash. When their computer crashed, they removed the hard drive, froze it, smashed it and rubbed magnets over the surface to erase the data. The university has imposed the security guidelines. It is trying to build a cooperative relationship with the Department of Homeland Security. Brenton Greene, director for infrastructure coordination at DHS, described the project as "a cookbook of how to exploit the vulnerabilities of our nation's infrastructure." He applauds Gorman's work, as long as he refrains from publishing details. "We would recommend this not be openly distributed," he said. Greene is trying to help the center get federal funding. ("The government uses research funding as a carrot to induce people to refrain from speech they would otherwise engage in," said Kathleen Sullivan, dean of Stanford Law School. "If it were a command, it would be unconstitutional.") All this is a bit heavy for Gorman, who is in many ways a typical student. His Christmas lights are still up in July; his living room couch came from a trash pile on the curb. Twice a day, Gorman rows on the Potomac. Out on the water, pulling the oars, he can stop thinking about how someone could bring down the New York Stock Exchange or cripple the Federal Reserve's ability to transfer money. On a recent afternoon, he drove his Jeep from the Fairfax campus toward the river. Along the way he talked about his dilemma: not wanting to hurt national security; not wanting to ruin his career as an academic. "Is this going to completely squash me?" he said, biting his fingernail. GMU has determined that he will publish only the most general aspects of his work. "Academics make their name as an expert in something. . . . If I can't talk about it, it's hard to get hired. It's hard to put 'classified' on your list of publications on your résumé." As he drove along Route 50, he pointed out a satellite tower and a Verizon installation. Somewhere in Arlington he took a wrong turn and stopped to ask for directions. It has always been that way with him. He's great at maps, but somehow he ends up lost.

On Mon, Jan 20, 2014 at 4:16 PM, grarpamp wrote:

... In US, besides the utilities themselves which do not give out detail info,

there are data providers for this, even today. they appear to charge on the order of $400/mo to $50,000/yr for various metro and long distance fiber information. they're US companies and presumably screen the hell out of you before order and scrutinize your usage after. you can call for a quote ;)

... I'm not saying he didn't compile that street level of information, only that he would have had to interact with well over a thousand entities and different data sets, even down to the individual deed, to even begin to extract that information.

huge amounts of this info used to be publicly available, much intentionally so. also, most of the plats are not so useful; you want to focus on the high capacity backbone links, transoceanic fibers, etc. these represent the vulnerable highly concentrated edges between "high degree nodes" when looking at aggregate traffic capacities. the degree of centralization / concentration is highest in communications, yet still significant in every other critical infrastructure.

... Outside of a few target areas like downtown NYC that he may have focused on for show, I doubt it was more than overlaid national powerpoints reminiscent of JYA's eyeball series.

it was much more than this. a combination of both an excessive collection he ggathered during an opportune window (pre 9/11), joined to novel application of graph theory to identify critical high degree nodes in these systems and estimate the impact of severing one or few links. (then further refined by others into a good paper i'll need to dig up, which shows that it is exceptionally difficult to win this defense against a motivated attack. e.g. almost all models for robust critical infrastructures assume random / natural failures and not targeted attacks by coordinated attackers.)