nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

back to article
PLA sysadmin gets six months house arrest for yanking US Army docs

And there was me thinking the story was about the Port of London Authority...

9
0
Silver badge

Six months only? House arrest, no jail?

I'm genuinely surprised. It must have been very unimportant classified material.

7
0
g e

Re: Six months only? House arrest, no jail?

No waterboarding either?

6
0

Re: Six months only? House arrest, no jail?

Most classified material is stunningly unimportant.

16
0
Silver badge

Re: Six months only? House arrest, no jail?

In December 2015, he pleaded guilty to making a false statement and damaging a U.S. Army computer.

It doesn't sound as if there was anything espionage related, only deleting the logs ("damaging a U.S. Army computer") and the false statement on the security clearance form.

So perhaps he was intending to use the thumb drive(s) to backup or copy files about within the organization or something like that, i.e. not to pass the data on to someone else.

5
1
FIA
Bronze badge

Re: Six months only? House arrest, no jail?

I'm genuinely surprised. It must have been very unimportant classified material.

Really? It was classified documents he was copying, not media files.

2
0
Anonymous Coward

Re: Six months only? House arrest, no jail?

I'm no militray expert, but isn't classified just a fancing way of saying not for publc viewing e.g. could itsimply be a list of email addresses or the name of the pet dogs vet?

0
0
Anonymous Coward

Re: Six months only? House arrest, no jail?

Its actually quite nasty - any associates may assume he has done a deal, so in 6 months time his life could become interesting.

2
0
Anonymous Coward

"Most classified material is stunningly unimportant"

As someone who has held a security clearance in the past, I can say that while I was exposed to a lot of "Secret" classified material, not one thing I ever saw was something I would be worried if it got into the hands of China, Russia, Iran, ISIS etc. Were they things that conceivably could have been a problem if all sorts of other conditions were met? I suppose, but the over-classification has to make it more difficult to protect real secrets.

Not to mention that things that were in Hillary Clinton's mail that were also "Secret" are more likely to have actually been real secrets, but being classified at the same level as the unimportant IT details like IP addresses of SIPRNET servers makes a joke out of the whole thing. It is pretty obvious the secrets he had were worthless, given that he so clearly violated the law with the apparent intent to sell/give secrets to China but got six months house arrest. At age 62 all it means is he needs to he needs to begin his retirement with an indoor hobby before he can take up golf so it is hardly punishment at all.

Posting anon, just in case I ever need/want security clearance again, since the NSA probably has my Reg username linked to my real identity and a future background check could take a dim view of my lack of conviction that the "secrets" I was entrusted with were in any way important.

3
1
Silver badge

Re: Six months only? House arrest, no jail?

Either a deal turning Queens (or whatever the US equivalent is) or the US don't won't to upset his ultimate employer, the PRC.

0
0

Re: Six months only? House arrest, no jail?

Most classified material is stunningly unimportant.

Indeed. All the aircraft recognition stuff we were given in cadets was marked "Restricted", which was the lowest level of classification at the time. It basically meant they didn't put it on the internet. Every nation on Earth had it (and more no doubt) by virtue of buying a copy of Janes.

We did see some "confidential" marked slides at one stage on a summer camp, but it was fairly dry stuff on the first evening about camp standing orders/operating procedure, location of guard houses/security stuff, etc which I guess would be useful if you were planning a raid on the base, but stunningly boring otherwise (and much of it inferable from Google Earth if you looked closely enough).

Moreover, if it is prefixed "NATO" then everything moves down the scale.

You can assume that everyone including the PLA and Russians have had eyes on anything lower than "NATO Secret", just by virtue of it's wide distribution, there is going to be someone in one of NATO's 28 nations who is working for the other side.

0
0
Anonymous Coward

Re: "Most classified material is stunningly unimportant"

I have observed in the past that the more heavily classified something is, the more boring it is. If someone is actually asking about the fiddly (classified) details of what I'm working on, then either they work with me, or they're trying to pump me for intel. There is no-one who is actually interested in the classified tedium material that I deal with - myself included.

0
0
Silver badge

Have you ever worked for a foreign army?

I was in the PLA for 5 years but I spend all my time goofing off and falsifying my worksheets and travel records. That's not 'working'.

5
0

Re: Have you ever worked for a foreign army?

Sounds like most military and non-military jobs then ...

With modern HR systems and self-administration, "goofing off" and "falsifying records" are actually just the side-effects of trying to do everything properly :(

2
0
Silver badge
Joke

Re: Have you ever worked for a foreign army?

"I was in the PLA for 5 years but I spend all my time goofing off and falsifying my worksheets and travel records. That's not 'working'."

Sounds like you're cut out for ether the civil service or government contracting :)

2
0
Anonymous Coward

Re: Have you ever worked for a foreign army?

"I was in the PLA for 5 years but I spend all my time goofing off and falsifying my worksheets and travel records. That's not 'working'."

Oh, so you were an officer, then. ;-)

3
0
Silver badge

Hmm. I feel like there is something missing, it's all a bit thin, in the linked statements as well. I can get why he clicked 'no' on that form. I'm also assuming that his stint in the PLA had nothing to do with computers and was due to compulsory military service - if he is 62 now, that would have been some 40 years ago.

But everything else seems a little hazy.

6
0
Silver badge
Facepalm

Did the tribunal ask the other question:

Why was anyone, security-cleared or not, able to connect a thumb drive to a military computer connected to a classified Secret-level network.?? Perhaps the US army needs some military-grade epxoy & instructions for using it on USB ports?

10
0
Bronze badge

Re: Did the tribunal ask the other question:

You can create a thumb drive which mimics a keyboard or a mouse and then transfer data to it.

Although DoD standards require configurations which shut down the USB drives to most devices, you still have to allow keyboard and mouse inputs.

1
0

Duh.

Why on earth did they give security clearance to someone who not only was a Chinese citizen, but served in their military too? What next - former ISIS fighers serving as the President's personal bodyguards?

3
4
Gold badge

Re: Duh.

It was probably a low-grade security clearance. Remember that classified secret isn't all that secret. Although in the UK the lowest classification is "restricted", don't know what it is in the US.

When the Manning/Weakileaks stuff came out, it was reported that something like 200,000 people had access to that database. There's no way you can postively vet that many people, so you just have to make sure that there's nothing in there too sensitive, and that you've got decent controls to stop people from dowloading huge chunks of it.

The kind of vetting that you give to people with access to really secret information is quite manpower intensive and takes months to do. It's simply not practical for lower level clearances. Relatives of mine have been postively vetted, and they were sending questionaires round the family (and I'd assume friends and professional contacts) - where they're looking to catch discrepancies that might suggest that lies have been told in the application process. I've also known someone who got a job at the MOD in June, and wasn't allowed to take up his post until October, to give time for his security clearance.

3
0
Silver badge

Re: Duh.

Secret is a very low level of security clearance. Maybe the lowest? But anyway, *I* have secret level clearance for US/UK/Can/Aus/NZ and that background check is less detailed than the ones for working with kids or a credit check. I've even been givn access to stuff that is top secret, which seems to about the level of detail you can find with a quick google.

Actual proper security clearances (which I don't have) take a while to get, and involve pretty much everyone you've ever been involved with from the age of 5 upwards getting interviewed, and confessing all your sins. Had some friends and colleagues get various levels of those, since I got interviewed by some suits for those. While they can't talk about the operational stuff other than in the most generic level (they are all in signals, so it can be assumed they have access to secure comms) some of the interview questions can be quite hilarious.

Having to recount all your homosexual experiences, and then being told you are omitting things because public schoolboys have special rules on what does and doesn't count, while the spooks just care about what could be used to blackmail you. But the general notion that some poor buggers have to go through all your sordid past, and let you know that there's a record somewhere of it all does make me giggle.

0
0
Silver badge

Re: Duh.

"I've also known someone who got a job at the MOD in June, and wasn't allowed to take up his post until October, to give time for his security clearance."

That's quick :)

Knew a chap who got a promotion, but needed a higher clearance* for it. Took ~18 months to get all the background checks done. He did get the higher pay back paid at the end, and got to very thoroughly train his replacement.

0
0
Silver badge

Re: Duh.

I don't understand this either, yet you got 4 down votes. The world has gone mad.

Have an upvote.

1
0

Re: Duh.

Secret is a very low level of security clearance. Maybe the lowest?

Don't know about the US.

In the UK we had UNCLAS < PROTECT < RESTRICTED < CONFIDENTIAL < SECRET < TOP SECRET

They streamlined that to OFFICIAL < SECRET < TOP SECRET, all of which can be sub-marked as "UK EYES ONLY" or CAUKUS ONLY or AUSCANZUKUS ONLY for stuff shared to Five Eyes.

There also exists the STRAP system. Anything properly interesting is often marked with varying levels of STRAP. STRAP is need-to-know system, so you need TOP SECRET (DV) clearance, but also need to know about that specific project or operation as opposed to more "widely" distributed material available to all TOP SECRET personnel.

1
0

Re: Duh.

Me too!

The same mentality I guess of letting someone on two watch lists buy weapons!!!!!!!

0
0

House arrest

I don't have to leave my house for six months and you guys will bring me food? Awesome! Anybody got any good DVDs?

6
0
Silver badge

Re: House arrest

"...I don't have to leave my house for six months and you guys will bring me food? Awesome! Anybody got any good DVDs?..."

And presumably his rent/mortgage and sundry bills are picked up on his behalf during this time?

3
0

deleting logs

Doesnt cover your tracks. It makes them deeper.

A glaring hole only makes me more interested and gives me a very specific window of time to investigate.

If you want to fool a sysadmin you need to make more noise over a broader period of time. Even then you're only slowing us down.

1
0
Anonymous Coward

Re: deleting logs

This is exactly why I delete at least one log file from a random system each day.

3
0

I always

wondered if anyone who has to apply for clearance ticks yes on those really obvious first questions, and always thought nah no one is going to have done these than make an application.

0
0
Vic

Re: I always

wondered if anyone who has to apply for clearance ticks yes on those really obvious first questions

I went to University with a girl who ended up needing a security clearance. One of the first questions was "are you now, or have you ever been, a communist?".

She answered "yes". And that was the end of that. Background checks had already found that out - and the people doing the vetting didn't actually care. She had told the truth - which was imperative - and wasn't in a position to be blackmailed because of her earlier political leanings[1]. She got her clearance.

Vic.

[1] I don't think she's a communist any more; she is substantially richer than I've ever been...

1
0
Silver badge
Pint

"...connected....his own thumb drives....classified Secret-level network..."

"...connected one or more of his own thumb drives to computers at Camp Buehring that were connected to....the classified Secret-level network."

'Secret-level' computers with USB sockets not filled with epoxy? Not disabled by software? Not limited by 'Policy' to approved & encrypted memory sticks?

In this case, he was the Sys Admin. So hopeless...

3
0
Bronze badge

Think about it...

In this case, considering his background and the low level classification of the data taken (even information labeled "For Official Use Only" is considered classified) six months is appropriate.

Because he likely relied on connections back to China, releasing him with house arrest allows lettered agencies to monitor his communications and movement. There's more to gain by monitoring him and making his life a living hell than to put him in prison.

DoD System Administrators who primarily only work on the "Unclassified" networks only require a "Secret" clearance. Administrators who primarily work on networks classified at secret and above require a top secret clearance with access to SCI.

Since he only had a secret clearance, he likely didn't have direct access to highly classified information.

1
0
Anonymous Coward

Phone Book

I'm told that even the phone book is classified as "Secret".

aaw46-jv1<NO CARRIER>

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing