We’re an empire now. And when we act, we create our own reality. –Senior Bush Advisor to Ron Suskind

 

It can be said, therefore, that ideology, as that instrument of internal communication which assures the power structure of inner cohesion is, in the post-totalitarian system, something that transcends the physical aspects of power, something that dominates it to a considerable degree, and therefore, tends to assure its continuity as well. It is one of the pillars of the system’s external stability. This pillar, however, is built on a very unstable foundation. It is built on lies. It works only as long as people are willing to live within the lie. –Václav Havel, “Power of the Powerless“

In his essay, Power of the Powerless, Václav Havel described how citizens of “post-totalitarian” societies perform certain rituals–his central example was a green grocer putting the sign, “Workers of the World, Unite!” in his shop window every morning, but he saw the “dictatorship of consumption” to work similarly–to signify their adherence to the ideology on which power in the system rests. The system relies on (and rewards, with access to a comfortable livelihood) the universal performance of such rituals to sustain the ideology that gives the raw power behind the system some legitimacy. He argued that if people began to live within the truth–stopped putting up the sign every morning and paid the consequences in terms of lost benefits–it might expose the lie behind the myths people told themselves about their society.

But the moment someone breaks through in one place, when one person cries out, “the emperor is naked!”–when a single person breaks the rules of the game, thus exposing it as a game–everything suddenly appears in another light and the whole crust seems then to be made of a tissue on the point of tearing and disintegrating uncontrollably.

For Havel, the moment that started the Charter 77 movement, and ultimately, a decade later, the Velvet Revolution, was the 1976 trial–on charges of disturbing the peace–of the underground rock band, Plastic People of the Universe. In a feuilleton called “The Trial” Havel described how the event exposed the illegitimacy of the authorities and their ideology. Yet even as that became clear–even as it became clear that this rather ordinary event was going to take on much deeper significance–the government continued to play its part, thereby delegitimizing itself. Havel used the language of theater to describe what happened.

What is even stranger, nothing could be done about it: the play, once it started, had to be played through to the end, thus finally showing how terribly its initiators had entangled themselves in the net of their own prestige. They did not dare to halt the whole thing and admit their error, but rather went through with the embarrassing spectacle to the very end. At the same time the actors in this spectacle found themselves in a paradoxical situation: the more honestly they played their parts, the more obviously they uncovered their unforeseen meaning, thus becoming the co-creators of an entirely different performance than they had thought they were playing, or had wanted to play.

Out of that moment, Charter 77 formed as a fairly amorphous group designed to insist the government fulfill the human rights commitments it had signed onto:

Charter 77 is a loose, informal and open association of people of various shades of opinion, faiths and professions united by the will to strive individually and collectively for the respecting of civic and human rights in our own country and throughout the world.

[snip] Charter 77 is not an organization; it has no rules, permanent bodies or formal membership. It embraces everyone who agrees with its ideas and participates in its work. It does not form the basis for any oppositional political activity. Like many similar citizen initiatives in various countries, West and East, it seeks to promote the general public interest. It does not aim, then, to set out its own platform of political or social reform or change, but within its own field of impact to conduct a constructive dialogue with the political and state authorities, particularly by drawing attention to individual cases where human and civic frights are violated, to document such grievances and suggest remedies, to make proposals of a more general character calculated to reinforce such rights and machinery for protecting them, to act as an intermediary in situations of conflict which may lead to violations of rights, and so forth.

Out of that movement (and more generally since the Prague Spring), as Havel describes in Power of the Powerless, might be built a “parallel polis,” a culture growing out of people’s urge for self-organization and living in the truth. As it happened in Eastern Europe, this included underground rock, samizdat, free universities, and so forth. Havel hoped (writing in 1978, over a decade before the Velvet Revolution) this parallel polis would,

slowly but surely become a social phenomenon of growing importance, taking a real part in the life of society with increasing clarity and influencing the general situation.

As history played out, that parallel polis played perhaps an even larger role in Czechoslovakia’s history than the man who would one day serve as its President might have hoped.

When he spoke of post-totalitarian society, Havel meant communist, not capitalist, society. But as I suggested, he didn’t believe post-capitalist countries were much better.

People are manipulated in ways that are infinitely more subtle and refined than the brutal methods used in the post-totalitarian societies. But this static complex of rigid, conceptually sloppy, and politically pragmatic mass political parties run by professional apparatuses and releasing the citizen from all forms of concrete and personal responsibility; and those complex focuses of capital accumulation engaged in secret manipulations and expansion; the omnipresent dictatorship of consumption, production, advertising, commerce, consumer culture, and all that flood of information: all of it, so often analyzed and described, can only with great difficulty be imagined as the source of humanity’s rediscovery of itself.

He predicted it would take far more for those in democratic countries to wake up to the way the system ideologically co-opted people.

In democratic societies, where the violence done to human beings is not nearly so obvious and cruel, this fundamental revolution in politics has yet to happen, and some things will probably have to get worse there before the urgent need for that revolution is reflected in politics.

I can’t help but think what an appropriate time it was–almost exactly a year to the day after Mohamed Bouazizi’s self-immolation did, world-wide, what the Plastic People of the Universe trial did in 1976: show everything in a different light and set off the potential disintegration of the system. And, too, Havel died as the US government finally set in motion Bradley Manning’s trial, one that like that trial in 1976 may well have a predictable outcome that nevertheless will damage the legitimacy of the government.

Havel lived to see oligarchy ascending into power in the developed world. And he lived to see the nearly worldwide reaction against globalized oligarchy–a global moment akin to the events of 1968 and 1989 that Havel played such a key role in. This moment, it seems, was an appropriate time for Havel to pass on the torch of dissidence.

Ellen Nakashima had a long article on Thursday using the 2008 thumb drive infection of DOD’s networks (including, she mentions in passing, the top-secret JWICS system) to describe the evolution of our approach to cybersecurity.

The whole thing is worth a close reading. But I’m particularly interested (as always) in reading it with WikiLeaks in mind. As Nakashima notes after describing the supposedly stringent response to the 2008 infection, which included “banning” thumb drives, Bradley Manning is suspected of downloading entire databases via the same means, removable media.

As the NSA worked to neutralize Agent.btz on its government computers, Strategic Command, which oversees deterrence strategy for nuclear weapons, space and cyberspace, raised the military’s information security threat level. A few weeks later, in November, an order went out banning the use of thumb drives across the Defense Department worldwide. It was the most controversial order of the operation.

Agent.btz had spread widely among military computers around the world, especially in Iraq and Afghanistan, creating the potential for major losses of intelligence. Yet the ban generated backlash among officers in the field, many of whom relied on the drives to download combat imagery or share after-action reports.

[snip]

The ban on thumb drives has been partially lifted because other security measures have been put in place.

[snip]

What is clear is that Agent.btz revealed weaknesses in crucial U.S. government computer networks — vulnerabilities based on the weakest link in the security chain: human beings. The development of new defenses did not prevent the transfer of massive amounts of information from one classified network to the anti-
secrecy group WikiLeaks, an act that the government charges was carried out by an Army intelligence analyst.

Now, first of all, is it really a stunning revelation that introducing removable media into a secret or top-secret network might be a “vulnerability”? It took an attack to make that clear?

And if DOD has put so many security measures in place, then how did the Creech Air Force Base, which controls our drones, get infected?

Then there’s Nakashima’s discussion of how DOD could respond to “an attack” in the United States. She makes it clear that in the aftermath of the thumb drive attack, the military decided (to its chagrin) its rules of operations should not allow it to bring down a server in this country.

By the summer of 2009, Pentagon officials had begun work on a set of rules of engagement, part of a broader cyberdefense effort called Operation Gladiator Phoenix. They drafted an “execute order” under which the Strategic and Cyber commands could direct the operations and defense of military networks anywhere in the world. Initially, the directive applied to critical privately owned computer systems in the United States.

Several conditions had to be met, according to a military official familiar with the draft order. The provocation had to be hostile and directed at the United States, its critical infrastructure or citizens. It had to present the imminent likelihood of death, serious injury or damage that threatened national or economic security. The response had to be coordinated with affected government agencies and combatant commanders. And it had to be limited to actions necessary to stop the attack, while minimizing impacts on non-military computers.

[snip]

The debate bogged down over how far the military could go to parry attacks, which can be routed from server to server, sometimes in multiple countries. “Could you go only to the first [server] you trace back to? Could you go all the way to the first point at which the attack emanated from? Those were the questions that were still being negotiated,” said a former U.S. official.

The questions were even more vexing when it came to potentially combating an attack launched from servers within the United States. The military has no authority to act in cyberspace when the networks are domestic — unless the operation is on its own systems.

Ultimately, Nakashima seems to say, the government decided DOD should not be able to disable a server in the US.

But then, the next year, someone disrupted WikiLeaks servers, including–probably using political, not cyber force–its US-based Amazon servers. Aside from the supposedly “former” special forces member who claimed credit for the first attacks, we’ve never had adequate explanation of how and under what authority the government brought down WikiLeaks.

And check out the standards–more of the Executive Branch deciding who our enemy is in secret–they used.

The provocation had to be hostile and directed at the United States, its critical infrastructure or citizens. It had to present the imminent likelihood of death, serious injury or damage that threatened national or economic security.

Did someone decide WikiLeaks met these terms? If so, is the standard for a threat to national security so low that the WikiLeaks disclosures would merit such an action? Really?

And where does the use of other authorities–pressuring Visa and MasterCard and PayPal and Amazon to stop doing business with an entity–come into this?

Nakashima’s sources seem to want to suggest that they have no authority to stop attacks in the US. But someone does–and has already used it. And used it against an entity DOJ had not yet created an exception for in its definition of media.

A number of bloggers are pointing, with concern, to an Oregon case in which a blogger got hit with a $2.5 million defamation judgement.

Oregon law provides special legal protections against defamation lawsuits to journalists associated with traditional media outlets. Such publications are immune from defamation suits unless the defamed individual first requests a retraction. Journalists at recognized media outlets are also protected from revealing confidential sources. Cox argued that she was eligible for protection under both provisions and asked the judge to set aside the verdict.

But Judge Marco Hernandez disagreed. “Although defendant is a self-proclaimed ‘investigative blogger’ and defines herself as ‘media,’ the record fails to show that she is affiliated with any newspaper, magazine, periodical, book, pamphlet, news service, wire service, news or feature syndicate, broadcast station or network, or cable television system,” the judge wrote. “Thus, she is not entitled to the protections of the [Oregon journalist shield] law.”

That result was apparently dictated by the text of the Oregon shield statute, which singles out those specific media technologies for legal protection.

But as Kashmir Hill notes, even aside from the outdated terms of Oregon’s law, the woman in question had set up a series of websites pretty much designed to hurt the reputation (and especially the Google searches) of the firm in question, and then sent an email asking for $2,500 a month for “reputation management” services to undo her work.

The Oregon case, in other words, is more complicated than it has been portrayed.

DOJ Doesn’t Consider Many Bloggers News Media

But while we’re talking about whether bloggers are protected under media guidelines, we probably ought to be looking at DOJ’s recently changed Domestic Investigation and Operations Guide, which also don’t consider bloggers to be protected as media (I wrote about these changes here, but the guidelines themselves have been released, in heavily redacted form). Unlike Oregon, DIOG does include online news in its definition of media (PDF 157).

“News media” includes persons and organizations that gather, report or publish news, whether through traditional means (e.g., newspapers, radio, magazines, news service) or the on-line or wireless equivalent. A “member of the media” is a person who gathers, reports, or publishes new through the news media.

But then it goes on to exclude bloggers from those included in the term “news media.”

The definition does not, however, include a person or entity who posts information or opinion on the Internet in blogs, chat rooms or social networking sites, such as YouTube, Facebook, or MySpace, unless that person or entity falls within the definition of a member of the media or a news organization under the other provisions within this section (e.g., a national news reporter who posts on his/her personal blog).

Then it goes onto lay out what I will call the “WikiLeaks exception.”

As the term is used in the DIOG, “news media” is not intended to include persons and entities that simply make information available. Instead, it is intended to apply to a person or entity that gathers information of potential interest to a segment of the general public, uses editorial skills to turn raw materials into a distinct work, and distributes that work to an audience, as a journalism professional.

The definition does warn that if there is any doubt, the person should be treated as media. Nevertheless, the definition seems to exclude a whole bunch of people (including, probably, me), who are engaged in journalism.

DOJ Has Made It Easier To Investigate Journalists’ Contacts

Though to some degree, it doesn’t matter, because the new DIOG treats the media so poorly in any case. It considers investigations sensitive (and therefore requiring special approvals) only if the member of the news media (or religious or political organization, or academic institution) is the subject of the investigation, not if they are a witness, as media almost always will be in leak investigations.

Just as troubling, the new DIOG seems to make it a lot easier to get news media contact records in national security investigations. A heavily-redacted section (PDF 166) suggests that in investigations with a national security nexus (so international terrorism or espionage, as many leak cases have been treated) DOJ need not comply with existing restrictions requiring Attorney General approval before getting the phone records of a journalist. The reason? Because NSLs aren’t subpoenas, and that restriction only applies to subpoenas.

Department of Justice policy with regard to the issuances of subpoenas for telephone toll records of members of the news media is found at 28 C.F.R. § 50.10. The regulation concerns only grand jury subpoenas, not National Security Letters (NSLs) or administrative subpoenas. (The regulation requires Attorney General approval prior to the issuance of a grand jury subpoena for telephone toll records of a member of the news media, and when such a subpoena is issued, notice must be given to the news media either before or soon after such records are obtained.) The following approval requirements and specific procedures apply for the issuance of an NSL for telephone toll records of members of the news media or news organizations. [my emphasis]

So DOJ can use NSLs–with no court oversight–to get journalists’ call (and email) records rather than actually getting a subpoena.

The section includes four different approval requirement scenarios for issuing such NSLs, almost all of which are redacted. Though one only partly redacted passage makes it clear there are some circumstances where the approval process is the same as for anyone else DOJ wants to get an NSL on:

If the NSL is seeking telephone toll records of an individual who is a member of the news media or news organization [2 lines redacted] there are no additional approval requirements other than those set out in DIOG Section 18.6.6.1.3 [half line redacted]

And the section on NSL use (see PDF 100) makes it clear that a long list of people can approve such NSLs:

• Deputy Director
• Executive Assistant Director
• Associate EAD for the National Security Branch
• Assistant Directors and all DADs for CT/CD/Cyber
• General Counsel
• Deputy General Counsel for the National Security Law Branch
• Assistant Directors in Charge in NY, Washington Field Office, and LA
• All Special Agents in Charge

In other words, while DOJ does seem to offer members of the news media–which is itself a somewhat limited group–some protection from subpoena, it also seems to include loopholes for precisely the kinds of cases, like leaks, where source protection is so important.

The Oregon case is important because it reminds us how little protection is accorded those of us working on line. But it’s probably not the biggest threat to bloggers, or even other online media professionals.

The government has responded to ACLU’s FOIA for a bunch of WikiLeaks cables by releasing redacted versions of just 11 of the 23 cables they FOIAed (I’ve copied, ACLU’s inventory of what they got below the fold).

Some of their redactions are unsurprising–details that show officials from other governments sucking up to the US. But some of the redactions clearly serve only to “hide” details of the government’s own cover up of its torture program. For example, consider  this passage, which is part of a substantial redaction in the FOIA release.

Meanwhile, the Embassy has been involved in DOJ-led talks to have Zaragoza – who attended the April 16 press conference – lead a four-person team of GOS officials to Washington for a possible meeting with U.S. Deputy AG David Ogden or AG Eric Holder during the week of May 18. Zaragoza’s wife, who is Conde Pumpido’s chief of staff, would reportedly be one of the four.

The passage only describes internal discussions between Embassy personnel in Spain and DOJ; there’s no mention of any Spanish actions or statements.

Yet it’s tremendously damaging to the Obama Administration because it explains how discussions between the US and Spain got from this April 1, 2009 suggestion Chief Prosecutor Javier Zaragoza made (this is also redacted but could easily be claimed as one of those embarrassing exchanges with a foreign government official).

Zaragoza noted that Spain would not be able to claim jurisdiction in the case if the USG opened its own investigation, which he much preferred as the best way forward and described as “the only way out” for the USG.

To Obama’s April 16 assurances there would be no prosecutions for torture, to Eric Holder’s August 24 announcement (in the wake of the OPR Report, which was itself an investigation) of the John Durham investigation. In other words, the redacted paragraph provides key details showing that Spanish legal representatives met with DOJ as DOJ decided to launch an investigation that couldn’t seem to find a crime in years of torture evidence.

Similarly, this entire cable was withheld, including this passage which records only what the US Deputy Chief of Mission said to Germany’s Deputy National Security Adviser (so again, it doesn’t show anything embarrassing the Germans did).

In a February 6 discussion with German Deputy National Security Adviser Rolf Nikel, the DCM reiterated our strong concerns about the possible issuance of international arrest warrants in the al-Masri case. The DCM noted that the reports in the German media of the discussion on the issue between the Secretary and FM Steinmeier in Washington were not accurate, in that the media reports suggest the USG was not troubled by developments in the al-Masri case.

But, as I noted in this post, the passage appears to show Condi using her German counterpart to create the appearance that she had no concerns about German subpoenas.

Now, of course, this evidence of our government’s efforts to cover up their own torture isn’t really hidden. But so long as the government maintains that it remains classified, no one can use it–say, in a legal proceeding–to show high level obstruction of our own duty to investigate and prosecute this torture.

At least according to this short piece, the US and Europe are holding a war game today to “simulat[e] how they would in future stop a Wikileaks-type hack.”

I find this to be a really troublesome development. After all, the way to stop a “Wikileaks-type hack” is for DOD, by itself, to implement some very basic security measures on their networks. You know? Like preventing soldiers from inserting writable disks with a Lady Gaga label into SIPRNET-linked computers?

Granted, they have resisted such basic security measures for years, even in the face of two viruses and the WikiLeaks leak. But they don’t need the EU’s help to implement very basic security fixes.

Where they would need help from Europe, though, is in choking off a media outlet by denying it both funding and server space–something they tried to do with WikiLeaks, with only partial success. While they did succeed in choking off funding, they failed to prevent the publication of WikiLeaks generally.

Indeed, when DOJ was recommending Bank of America work with a private spying company to combat WikiLeaks, the plan was to go after WikiLeaks’ server in Sweden.

Need to get to the Swedish document submission server. Need to create doubt about their security and increase awareness that interaction with WikiLeaks will expose you.

Not only does this suggest DOD is still looking elsewhere to solve the problem created by their own abysmal network security.

But it also means the US and Europe are plotting out ways to shut down free speech in the future.

As you may recall, one of the most explosive revelations from the Iraq War Logs released by WikiLeaks pertains to US forces ignoring Iraqi torture of other Iraqis.

The biggest headline from Friday’s Wikileaks dump (everywhere but the NYT, anyway) is that the “US ignored torture.” But the way in which an official policy ignoring torture was followed by collaboration with one of Iraq’s torture squads raises the question whether the US involvement in Iraqi torture was more direct.

Did the US “ignore” torture, or “encourage” it?

The basis for the claim that the US ignored torture comes from references to Frago 242, which officially instituted a policy of looking the other way in cases of Iraqi on Iraqi abuse.

This is the impact of Frago 242. A frago is a “fragmentary order” which summarises a complex requirement. This one, issued in June 2004, about a year after the invasion of Iraq, orders coalition troops not to investigate any breach of the laws of armed conflict, such as the abuse of detainees, unless it directly involves members of the coalition. Where the alleged abuse is committed by Iraqi on Iraqi, “only an initial report will be made … No further investigation will be required unless directed by HQ”.

Another cable showed that US forces turned over detainees to an Iraqi unit known to torture.

By the end of 2004, according to the Wikileaks dump, the US was handing over detainees to a US trained group known to torture.

In Samarra, the series of log entries in 2004 and 2005 describe repeated raids by US infantry, who then handed their captives over to the Wolf Brigade for “further questioning”. Typical entries read: “All 5 detainees were turned over to Ministry of Interior for further questioning” (from 29 November 2004) and “The detainee was then turned over to the 2nd Ministry of Interior Commando Battalion for further questioning” (30 November 2004).

Which is why the following detail–from a UN report issued yesterday describing the systematic use of torture in Afghan prison interrogations–is so important.

[UN Assistance Mission in Afghanistan]’s detention observation included interviews with 89 detainees who reported the involvement of international military forces either alone or with Afghan security forces in their capture and transfer to [National Directorate of Security] or [Afghan National Police] custody. UNAMA found compelling evidence that 19 of these 89 detainees were tortured in NDS facilities namely, NDS Department 90/124 and NDS Laghman and three in ANP custody (ANP in Kunduz and Tirin Kot). This situation speaks to the need for robust oversight and monitoring of all transfers of detainees to NDS and ANP custody and possible suspension of transfers where credible reports of torture exist.

[snip]

The US and other ISAF military forces, including Canada and the UK reportedly transferred approximately 2,000 individuals to Afghan custody in 2009 and 2010.166 Judicial rulings in Canada and the UK resulted in suspension of transfers of detainees by those countries’ military forces to various NDS facilities over different periods of time.167 In both cases, the courts’ decisions were based on the credibility of information that NDS abused and tortured detainees in selected locations (Kabul and Kandahar). The UK stopped transfers to NDS Kandahar and NDS facilities in Kabul. Canada ceased transfers to all NDS facilities in Kabul, but continued to transfer to Kandahar’s MoJ Sarapoza prison. Canadian and the UK governments also implemented monitoring programmes in detention facilities where they handed over detainees to custody of Afghan authorities.
The US has not yet put in place a monitoring programme to track detainees it hands over to Afghan authorities. A US government official advised UNAMA that the US Embassy finalised plans for a post‐transfer detainee monitoring programme and a proposal is with the Afghan government for its consideration. The Embassy stated that it regards the proposed programme as a positive way for the US to continue its work with the Afghan government to ensure its detention system is safe, secure, and humane.168

In early July 2011, US military forces stopped transferring detainees to NDS and ANP authorities in Dai Kundi, Kandahar, Uruzgan and Zabul based on reports of a consistent practice of torture and mistreatment of detainees in NDS and ANP detention facilities in these areas.169 ISAF advised UNAMA that it asked the Government to investigate these reports and indicates it will not resume transfers until the situation is satisfactorily addressed.
In early September 2011, in response to the findings in this report, ISAF stated that it stopped transferring detainees to certain installations as a precautionary measure.170

That is, even though our coalition partners had already stopped transferring detainees to Afghans known to use torture in interrogations, the US continued doing so until last month.

And this torture is happening almost exclusively to obtain confessions.

Out of 273 detainees interviewed, 125 (46 percent) reported they had been tortured while in NDS custody. The forms of abuse most commonly reported were suspension (being hung by the wrists from chains attached to the wall, iron bars or other fixtures for lengthy periods) and beating, especially with rubber hoses, electric cables and wires or wooden sticks and particularly on the soles of the feet. Other forms of abuse reported included electric shock, twisting of the detainee’s penis and wrenching of the detainee’s testicles, removal of toenails and forced prolonged standing. Detainees also reported blindfolding and hooding. According to detainees, these abuses almost always took place during interrogations and were aimed at obtaining a confession. Only two percent of those detainees who reported abuse by NDS said that any abuse took place at the time of arrest or in any other context.

[snip]

Based on the interviews it conducted, UNAMA found compelling evidence that officials at Department 90/124 systematically tortured detainees for the purposes of obtaining information and confessions. According to UNAMA’s findings, NDS officials in Department 90/124 used beating, suspension, and twisting and wrenching of genitals as means of torture. Two detainees also reported receiving electric shocks, two detainees reported their beards had been pulled, and three detainees reported having their heads banged against the wall.57 All of the abuse took place in the context of the interrogation process. In most cases, the detainee’s account of the sequence of events makes it clear that NDS officials used abusive interrogation procedures to obtain information and formal confessions.

It’d be nice if we did more than stop turning over detainees to prisons known to use torture now that the UN has formally put us on notice about it. It’d be nice if we reviewed when the US became aware of this practice and why we kept turning people over to the Afghans.

But I guess that would amount to looking backward.

On Friday, Wired broke the news that the DOD suffered yet another breach because they continue to leave computers exposed to outside storage systems. (h/t WO) In this case, the Ground Control Stations they use to control drones got infected with a keylogger virus.

But time and time again, the so-called “air gaps” between classified and public networks have been bridged, largely through the use of discs and removable drives. In late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. The Pentagon is still disinfecting machines, three years later.

Use of the drives is now severely restricted throughout the military. But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use.

After a virus was introduced into computers in Iraq three years ago via thumb drive, DOD claimed it had prohibited the use of any removable media with their computers. But then Bradley Manning allegedly removed hundreds of thousands of classified cables from SIPRNet using a Lady Gaga CD. Rather than making all computers inaccessible to removable media at that point, DOD left 12% of their computers vulnerable, deploying a buddy-system to prevent people from taking files inappropriately; but human buddy systems don’t necessarily prevent the transmission of viruses.

The good news is that the Host-Based Security System implemented in response to Wikileaks discovered the virus–two weeks ago.

But here’s the other interesting wrinkle. To get rid of these viruses, techs have resorted to wiping the hard drives of the targeting computers.

In the meantime, technicians at Creech are trying to get the virus off the GCS machines. It has not been easy. At first, they followed removal instructions posted on the website of the Kaspersky security firm. “But the virus kept coming back,” a source familiar with the infection says. Eventually, the technicians had to use a software tool called BCWipe to completely erase the GCS’ internal hard drives. “That meant rebuilding them from scratch” — a time-consuming effort.

Given what little we know about the Anwar al-Awlaki assassination (which, as Wired points out, happened after the virus had knowingly infected these computers), this should not affect the computers that ten days ago killed two US citizens with no due process. The Newsweek story describing the CIA’s targeting process says that targeting is done in VA, not NV, where the virus hit.

But particularly given the questions about Samir Khan’s death, consider if that weren’t the case. That would mean a key piece of evidence about whether or not the US knowingly executed an American engaging in speech might be completely eliminated, wiped clean to fix a predictable virus.

That’s not the only risk, of course. We’ve talked before about how long it’ll take for Iran or Mexican drug cartels to hack our armed drones. If this virus were passed via deliberate hack, rather than sloppiness, then we might be one step closer to that eventuality.

All because DOD continues to refuse to take simple steps to secure their computers.

[youtube]xpOMlDVaXzc[/youtube]

In the AP’s first report on the NYPD’s CIA-on-the-Hudson, they quoted City Councilmen Peter Vallone reassuring that his private conversations with Ray Kelly were adequate oversight.

“Ray Kelly briefs me privately on certain subjects that should not be discussed in public,” said City Councilman Peter Vallone. “We’ve discussed in person how they investigate certain groups they suspect have terrorist sympathizers or have terrorist suspects.”

A month and a half of damning new revelations later, Vallone is not so sure.

Peter Vallone, the chairman of the council’s Public Safety Committee, said the council doesn’t have the power to subpoena the NYPD for its intelligence records. And even if it did, he said the operations are too sophisticated for city officials to effectively oversee. More oversight is likely needed, he said, perhaps from the federal government.

“That portion of the police department’s work should probably be looked at by a federal monitor,” he said after Police Commissioner Raymond Kelly testified Thursday at City Hall.

But Kelly–whose cops are being filmed on an increasingly frequent basis beating and pepper spraying peaceful protestors–likes it just fine with no oversight.

Kelly told council members that the department’s internal accountability was rigorous and ensured that civil rights were being protected. And he said everything the department does is in line with court rules, known as the Handschu guidelines, that limit how and why police can collect intelligence before there’s evidence of a crime.

“The value we place on privacy rights and other constitutional protections is part of what motivates the work of counterterrorism,” he said. “It would be counterproductive in the extreme if we violated those freedoms in the course of our work to defend New York.”

[snip]

“The AP stories make it hard to believe we’re getting the balance right,” said Brad Lander, a Brooklyn councilman.

“That’s your opinion,” Kelly said. “We’re following the Handschu guidelines.”

With regard to Kelly’s racial profiling program (as opposed to the overreaction to Occupy Wall Street), it’s not actually clear who, with City Council abdicating their oversight role, can perform that oversight. The AP notes that the Obama Administration and Congress aren’t in a rush to exercise oversight over the CIA-on-the-Hudson either.

Which is precisely how Ray Kelly gets away with doing what he’s doing.

While supervisors from the NYPD are pepper-spraying peaceful political protestors, the Department is also coming under scrutiny for its past (and presumably ongoing) civil liberties abuse, the profiling of Muslim and Arab residents of NY.

As the original AP story on the NYPD’s profiling program described, in the 1980s, the city was put under court orders limiting the kind of intelligence-gathering programs it could conduct.

Since 1985, the NYPD had operated under a federal court order limiting the tactics it could use to gather intelligence. During the 1960s and 1970s, the department had used informants and undercover officers to infiltrate anti-war protest groups and other activists without any reason to suspect criminal behavior.

To settle a lawsuit, the department agreed to follow guidelines that required “specific information” of criminal activity before police could monitor political activity.

In September 2002, [NYPD Intelligence Unit Head David] Cohen told a federal judge that those guidelines made it “virtually impossible” to detect terrorist plots. The FBI was changing its rules to respond to 9/11, and Cohen argued that the NYPD must do so, too.

“In the case of terrorism, to wait for an indication of crime before investigating is to wait far too long,” Cohen wrote.

U.S. District Judge Charles S. Haight Jr. agreed, saying the old guidelines “addressed different perils in a different time.” He scrapped the old rules and replaced them with more lenient ones.

As the AP has been exposing the NYPD profiling program, it has never been entirely clear how this agreement simply got put aside, not least because the intelligence department was also involved in the 2004 RNC abuses.

And the question is more pressing given that Anthony Bologna, the pepper sprayer, is part of the NYPD’s counterterrorism group. I

It’s bad enough, after all, that the NYPD is profiling the city’s Moroccan restaurants, but it seems to be abusing the kind of political persecution the court order–Handschu v. Special Services Division–was supposed to prevent.

Today, the NYCLU is asking more questions about what is going on.

The New York Civil Liberties Union and partnering civil rights attorneys today filed papers in federal court seeking information on the NYPD’s surveillance of Muslims in New York City to determine whether the spying operation violates an existing court order. The filing is part of the Handschu v. Special Services Divisionproceedings, a decades-old federal case that has produced a series of court orders regulating NYPD surveillance of political and religious activity.

The filing asks the court to initiate a discovery process pertaining to the NYPD’s surveillance of Muslims to determine whether those efforts have violated a 1985 consent decree in the Handschu case that restricts the Police Department’s ability to conduct surveillance targeting political and religious activity. The filing also asks the court to order the NYPD to preserve any records relating to its surveillance of Muslims while the discovery process takes place.

“The NYPD’s reported surveillance of local Muslim communities raises serious questions concerning whether the Police Department has violated court-ordered restrictions on its ability to spy on and keep dossiers on individuals,” said NYCLU Legal Director Arthur Eisenberg. “In order to know whether the NYPD is violating the court order, we need a more complete explanation of the NYPD’s surveillance practices.”

To be clear, this is a response to the ethnic profiling, not the crack-down on #OccupyWallStreet.

But if the NYCLU effort succeeds, it may succeed in exposing a lot more about how the NYPD became the CIA-on-the-Hudson. Anthony Bologna’s aggression is already being investigated by the NYPD itself and the DA. But with this NYCLU action, other activities of the NYPD may get scrutinized by the courts, too.

Someone down at Occupy Wall Street noted that a bunch of food trucks are gathering around the protest. Four of them would be able to take orders for the protesters. So if you want to feed those trying to hold the banksters accountable, call one of these food trucks.

Lemongrass Grill – Thai – 212.809.8038

Alfanoose – Middle Eastern – 212.528.4669

Toloache Taqueria – 212.809.9800

Liberatos Pizza – 212.344.3464