Daniel Ellsberg on Secrets

Daniel Miessler just wrote a post about his attitude toward attribution. I'm not going to comment about it, but I wanted to provide the source of the story he mentioned, along with the specific excerpt. It's from Secrets by Daniel Ellsberg.

Kevin Drum posted the same excerpt in 2010, but I'm going to print it here for my reference.

As an intro, Ellsberg was working for RAND, and approached Henry Kissinger at a party in 1968. Ellsberg begins:

    "Henry, there's something I would like to tell you, for what it's worth, something I wish I had been told years ago. You've been a consultant for a long time, and you've dealt a great deal with top secret information. But you're about to receive a whole slew of special clearances, maybe fifteen or twenty of them, that are higher than top secret.

    "I've had a number of these myself, and I've known other people who have just acquired them, and I have a pretty good sense of what the effects of receiving these clearances are on a person who didn't previously know they even existed. And the effects of reading the information that they will make available to you.

    "First, you'll be exhilarated by some of this new information, and by having it all — so much! incredible! — suddenly available to you. But second, almost as fast, you will feel like a fool for having studied, written, talked about these subjects, criticized and analyzed decisions made by presidents for years without having known of the existence of all this information, which presidents and others had and you didn't, and which must have influenced their decisions in ways you couldn't even guess. In particular, you'll feel foolish for having literally rubbed shoulders for over a decade with some officials and consultants who did have access to all this information you didn't know about and didn't know they had, and you'll be stunned that they kept that secret from you so well.

    "You will feel like a fool, and that will last for about two weeks. Then, after you've started reading all this daily intelligence input and become used to using what amounts to whole libraries of hidden information, which is much more closely held than mere top secret data, you will forget there ever was a time when you didn't have it, and you'll be aware only of the fact that you have it now and most others don't....and that all those other people are fools.

    "Over a longer period of time — not too long, but a matter of two or three years — you'll eventually become aware of the limitations of this information. There is a great deal that it doesn't tell you, it's often inaccurate, and it can lead you astray just as much as the New York Times can. But that takes a while to learn.

    "In the meantime it will have become very hard for you to learn from anybody who doesn't have these clearances. Because you'll be thinking as you listen to them: 'What would this man be telling me if he knew what I know? Would he be giving me the same advice, or would it totally change his predictions and recommendations?' And that mental exercise is so torturous that after a while you give it up and just stop listening. I've seen this with my superiors, my colleagues....and with myself.

    "You will deal with a person who doesn't have those clearances only from the point of view of what you want him to believe and what impression you want him to go away with, since you'll have to lie carefully to him about what you know. In effect, you will have to manipulate him. You'll give up trying to assess what he has to say. The danger is, you'll become something like a moron. You'll become incapable of learning from most people in the world, no matter how much experience they may have in their particular areas that may be much greater than yours."

    ....Kissinger hadn't interrupted this long warning. As I've said, he could be a good listener, and he listened soberly. He seemed to understand that it was heartfelt, and he didn't take it as patronizing, as I'd feared. But I knew it was too soon for him to appreciate fully what I was saying. He didn't have the clearances yet.

I appreciate this text on several levels. Having been cleared since 1991, and having been trained as a professional military intelligence officer, I understand the powers and limitations of classified information.

If anyone claims superior knowledge only because their source is classified, you must beware. That person is falling into one of Ellsberg's traps.

This is a very subtle point. What I'm saying is this: if you were to read any document, and give it more credibility simply because it is marked (S), then you are failing to appreciate the problems inherent in many parts of the intelligence community and its consumer base. (This 2013 story called it the secrecy heuristic and warned about the problem after conducting scientific experiments to measure it.)

On the other hand, if you see any sort of "secret" (i.e., non-public) report, and you trust the producer of the intelligence, then you recognize that any handling markings are there to keep the information out of the hands of the adversary. The classification level or "secrecy" does not inherently provide a reliability or trustworthiness ranking.

Note the terms I highlighted. A report is a product of an intelligence process. It is only as good as all of those elements. This is why trust is the key issue in the attribution debate.

Also note that this warning applies to information that is not strictly "classified" by government entities. It could apply to any sort of non-public information.

I have more to say on this topic, but this is my fourth post today.

On a short related note, I didn't invent the term "Sony truther." I read it in Gizmodo's December 24th story Meet the Sony Hack Truthers and Tweeted about it that day.


dre said…
Richard, on your related note, you need to give it up and apologize. You are right about attribution and you are right about secrecy.

What you are wrong about is even using the word "truther" implies that security professionals who don't believe the DPRK SPE attribution are akin to "911 truthers" who typically blame the government for something far more nefarious than simple negligence. I'm not one of these security professionals -- like you, Daniel Miessler, and many others -- I'm of the opinion that a North Korea leader (probably even the one formally identified) led a mission that resulted in, at the very least, pieces of the SPE breach intended as a cyber attack. Were other nation states or criminals involved? I don't know -- which is what most security professionals are trying to argue.

Security professionals are not trying to argue (at least I have not seen this yet) that the USG hacked SPE, created Destover, and covered up all of their actions and involvement through plausible deniability. This is what 911 truthers typically did, so your analogy is offensive in nature and you should apologize.
Dre, I appreciate the tone you took in your comments. It's one of the more reasonable arguments I've seen. And that's the problem.

It's time for parts of the so-called security "community" to examine how they interact with others using social media. It's appalling, but thankfully it's not everyone, as you've shown.

I appreciate everyone who has shown mutual respect and integrity, despite having different views on this subject. You know who you are.

I linked to the original December 24th Gizmodo "truther" story for a reason. I suggest everyone read that article, and interpret my subsequent comments in that context.

Popular posts from this blog

MITRE ATT&CK Tactics Are Not Tactics

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4