back to article Massive US military social media spying archive left wide open in AWS S3 buckets

Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing "dozens of terabytes" of social media posts and similar pages – all scraped from around the world by the US military to identify and profile persons of interest. The archives were found by UpGuard's veteran security-breach …

  1. Anonymous Coward
    Anonymous Coward

    YABCSP

    Yet Another Bloody Cloud Security Problem.

    Now if all these were on premises and behind the mandatory MIL Spec Firewall (or three) it would not be news.

    Putting your faith in the Cloud seems to expose any little issue to the world (every man and his dog, cat and mouse)

    And the PHB's, Governments are all queing up to move everything lock stock and NHS Records into this possibly/blatantly insecure environment.

    We are surely doomed, doomed.

    1. Gordon 10

      Re: YABCSP

      The tech is as last as secure as your average company firewall - it's no different to leaving dozens of open ports in your firewall.

      Arguably locking down an S3 bucket is a damn sight easier than configuring an enterprise class firewall.

    2. This post has been deleted by its author

      1. John Smith 19 Gold badge
        Unhappy

        "result of trying to hire the cheapest sysadmin money can buy."

        I think they succeeded.

      2. dan1980

        Re: YABCSP

        @Oliver Jones

        "Not really a cloud problem - just the inevitable result of trying to hire the cheapest sysadmin money can buy."

        Yes and no. I think the problem is two-fold but both related to the 'cloud'. First, you have the notion that the cloud is cheap, cheap, cheap and quick, quick, quick. The second is the feeling of outsourcing to 'the cloud'.

        The two concepts work together with the result that people using the cloud may have a tendency to view it all as someone else's problem - the outsourcing and cheap prices means that you just don't have to be as rigorous as you might with in-house solutions.

        Not in all cases, by any means but it's a pervasive theme - it's a trap that is apparently easy for people to fall into and the marketing and reporting of cloud-based services bolster that.

    3. Amorous Cowherder

      Re: YABCSP

      To be honest this is not a cloud problem, as usual it's a "weakest link" problem. Security is only as good as the weakest link. Most cloud based systems are secure by default. Heck, AWS dumps you into a VPC by default. It's the morons and idiots that open up the security 'cos it's always easier to just switch it off than to actually bother to learn about the security mechanisms correctly.

      The same old story I've seen for donkey's years in IT. The vendor that insists on having root/Administrator/SYSADMIN to install their shitty little application that write 3 records a day to a database. The lazy developer who writes code that only works with sysadmin permissions. The moronic operators who share the sysadmin passwords with all an sundry.

      Just 'cos we've moved to the cloud doesn't mean these fecking eejits have gone away. The Cloud (tm) cannot fix stupidity, it might be useful but it ain't that good!

      1. flyfisher111

        Re: YABCSP

        As we say here in the US, you can't fix stupid, even with duct tape.

        1. handleoclast

          Re: you can't fix stupid, even with duct tape

          Are you sure about that?

          Duct tape wrists behind back. Duct tape over mouth. Duct tape over nostrils.

          Stupid fixed in minutes.

        2. Stoneshop
          Holmes

          Re: YABCSP

          As we say here in the US, you can't fix stupid, even with duct tape.

          Oh, you can. No problem.

          You just have to make sure to dispose of the body afterwards without leaving traces pointing to you.

          1. Anonymous Coward
            Anonymous Coward

            Re: YABCSP

            ...dispose of the body afterwards ... I find that in the Southern states, an alligators and some local swamp in the back 40 are good at this.

          2. kain preacher

            Re: YABCSP

            That's getting of stupid not fixing stupid.

            1. handleoclast

              Re: YABCSP

              @kain preacher

              That's getting of stupid not fixing stupid.

              How else would you fix stupid? If you manage to educate the person, the stupid is no longer there. If you remove the person from situations where the stupid is not a problem, the stupid is no longer there (in the place where it caused you problems). I just gave you a quicker, and more certain, way of removing the problem, which fixes the problem.

      2. Anonymous Coward
        Anonymous Coward

        Re: YABCSP

        Yeah, it is not specifically a 'cloud' problem. However from my experience the move to 'cloud' meant that the people who had direct responsibility for things like the Company Firewall were 'let go' or 'rightsized' or whatever. The snake-oil salesman from AWS or Azure or whoever promised that it would all be taken care of and that the company didn't need to bother with these home grown experts any longer. It would all be done automatically.

        Yeah and pigs might fly someday.

        The PHB's and beancounters saw the reduction in expensive headcount as a guarantee that their job was safe for a bit longer.

        I now spend some of my days quietly telling prospective developers that they are wasting their time learning to code. It will all be done by AI within 10 years.. They should learn AI and Robotics skills instead. The rest of the time, I'm in my shed making stuff from wood.

        1. EarthDog

          Re: YABCSP

          Not just reduction in head count but in shifting liability.

        2. Stoneshop
          Boffin

          Re: YABCSP

          Yeah and pigs might fly someday.

          A couple of JATO rockets, a set of wings and a bunch of ty-raps would do the trick I'd think.

          Knowing where the flight will end is a matter of plugging the right numbers into some formulas, which will at least tell you the area to keep out of.

      3. Doctor Syntax Silver badge

        Re: YABCSP

        "Just 'cos we've moved to the cloud doesn't mean these fecking eejits have gone away."

        It just gives them something else to get wrong.

      4. Bernard2017

        Re: YABCSP

        Sysadmin permissions? You mean root? Please tell me you don't use IIS or whatever they call it now.

    4. Oh Homer
      Mushroom

      Re: YABCSP

      I'm more interested in (or rather, depressed by) witnessing yet another example of America's obsession with controlling the planet, then whitewashing the true motive with the usual "terrorism" rhetoric (where the definition of "terrorism" seems to be "anything that doesn't support the notion of American supremacism").

      Leaks like these only confirm, over and over again, what we've already known for decades.

    5. vytas

      Re: YABCSP

      No, you troglodyte. The point is they didn't configure it behind the mandatory firewall. Just because it's on a different network segment is no reason not to ACL it.

    6. CriticalCat

      Re: YABCSP

      Assuming of course that the information wasn't released deliberately.

      Its not exactly ground breaking news!

  2. JimC

    Mind you

    if all this stuff is publicly accessible and visible social media posts...

  3. Anonymous Coward
    Anonymous Coward

    ... the archive was collected as part of the US government's Outpost program, which is a social media monitoring and influencing campaign designed to target overseas youths and steer them away from terrorism.

    So:

    US military messing with social networks trying to influence overseas citizens to behave in ways they like = good.

    Russian military messing with social networks trying to influence overseas citizens to behave in ways they like = bad.

    Got it, thanks. It's all clear now.

    1. JimC

      Got it, thanks. It's all clear now.

      I must admit the arrant hypocrisy is somewhat glaring. The west has shown no hesitation whatsoever in telling other countries citizens how to vote. Indeed I seem to remember a US President stepping in loudly on the UKs EU referendum.

      Hell, its probably even the duty of one's spooks to try and influence other nations' voters to vote in a way that advantages their own country. And its interesting (and depressing) to consider how much damage has been done round the world in the last decade or so as a result of the US' rather romantic view of revolutions, which is all tied up with their own self deceiving vision of their history.

      This side of the pond we're a bit more aware that revolutions tend to put bad guys in power, even if they are on the right side... and even if they *are* on the right side they are still bad guys.

      1. eldakka

        Re: Got it, thanks. It's all clear now.

        That's what I don't get about the whole "fake news" and "Russian hacking of political parties private, civilian" systems kerfuffle is about.

        For the last few hundred years, what we seem to now be calling fake news directed at political interference, was called propoganda.

        Everyone did, and still does it.

        State sponsored radio/television stations that broadcast into foreign territory promoting you interests. Funding interests groups. Providing arms, money, intelligence, training to rebels. Political assassinations. Treaties with carrot/stick elements (e.g. TPP...) that might influence the potential treaty partners government/bureaucracy/business/citizenry along a certain path. Air-dropping flyers/pamphlets saying how good you are and how bad they are. All the way up to outright military invasion.

        Everyone from tin-pot dictatorships to superpowers does it to influence their neighbours. The only real difference is the definition of neighbours - for tin-pots it's usually countries with shared borders, for superpowers it's the entire world.

      2. oldvlc

        Re: Got it, thanks. It's all clear now.

        Yes, well Obozo was a pathetic neophyte and I am sorry for his arrogance. That arrogance, especially when dealing with our 'opposition' party, did great damage to the reputation of a once ok country. And his operatives tried to upend Israeli elections also if you recall. The current state of US politics is chaotic. I don't recall in my lifetime more rancor here.

        1. JimC

          Re: The current state of US politics is chaotic. I don't recall in my lifetime more rancor here.

          Yes, same this side of the pond. I think its a major problem for our political system. Whereas the other party were once "people with some strange ideas who I suppose probably mean well" now they are "evil monsters who want to destroy civilisation as we know it".

          And the result of having two sides who gallop for the extremes can only be bad for the rest of us.

      3. Alistair
        Windows

        Re: Got it, thanks. It's all clear now.

        @ JimC:

        "consider how much damage has been done round the world in the last decade or so as a result "

        Decade? Dear lord man. CENTURY!

    2. EarthDog

      It depends on which side you want to win. Me, I'm sticking with the obese cheeseburger eaters because *no ne* of value likes borscht.

      1. Voland's right hand Silver badge

        It depends on which side you want to win. Me, I'm sticking with the obese cheeseburger eaters because *no ne* of value likes borscht.

        +1 for the борьщ reference. Valid point.

        I shudder at the the thought while admiring the metabolism of anyone capable of digesting a real one - the one where you stick a spoon and it stays vertical for at least half a minute before starting to slowly tilt to one side. Compared to borsht cheeseburgers and Mountain Due are diet food.

        By the way, if you think Russian borsht is horrid, wait until you try the Ukrainian take on it (Ukrainian cusine is essentially Russian, but with a double dose of cholesterol). Unfortunately we did not take this one into account when taking sides (maybe we should have).

        1. Anonymous Coward
          Anonymous Coward

          +1 for the борьщ reference. Valid point.

          It's "борщ", not "борьщ". And it is quite tasty and rather healthy.

          1. Voland's right hand Silver badge

            It's "борщ", not "борьщ"

            I stand corrected. Too much time spent in other Slavic countries so my Russian spell-fu occasionally gets confused :)

            As far as healthy... If you are going out in -20C to chop wood - yes. If you are eating it and then going back to a desk job - I beg to differ.

            A properly done single portion of the Russian variety exceeds the daily dose of cholesterol and and calories intake for an adult male. The Ukrainian variety is outright lethal unless you have grown up with it so your stomach can digest stuff like that.

    3. Phil O'Sophical Silver badge

      US military messing ... = good.

      Russian military messing ... = bad

      I think it's more generic than that:

      Us messing = good

      Them messing = bad.

      It's always been like that, and always will be. No news here.

  4. The_Idiot

    Meanwhile...

    ... 'give us back doors to, like, _everything_! I mean, we'll keep them safe and secret, we promise!'

    Sigh.

    1. EarthDog

      Re: Meanwhile...

      They did say they would pinky swear.

  5. Amorous Cowherder
    Facepalm

    Wow, 17PB of pictures of cats, people moaning about work, comments on the latest sports event and those bloody annoying memes that remind you to give yourself a "mental hug" every day. Hmmm, valuable stuff indeed!

    1. eldakka

      Not to mention all the sex tapes/photos that are probably doing the rounds amongst the administrators and their friends...

      1. leenex

        Don't mention pizzas. That can get you shot.

  6. Captain DaFt

    Hmm, I wonder..

    "Massive US military social media spying archive left wide open in AWS S3 buckets"

    Or could it be: "How to pull a Snowden without becoming a Snowden?

    The timing does seem to be suspicious what with all the "Russians are gaming our elections!!" hype recently.

  7. Triumphantape

    Meh

    I'm fairly certain you aren't going to get much intelligence from "social media" posts. /smirk

  8. oldvlc

    This is why I sparingly post. Think of all the organizations out there eager to nail anyone, not

    only the US military.

  9. TXITMAN

    I wonder

    How many posts are from el reg?

    Department of Homeland Security (DHS)

    Federal Emergency Management Agency (FEMA)

    Coast Guard (USCG)

    Customs and Border Protection (CBP)

    Border Patrol

    Secret Service (USSS)

    National Operations Center (NOC)

    Homeland Defense

    Immigration Customs Enforcement (ICE)

    Agent

    Task Force

    Central Intelligence Agency (CIA)

    Fusion Center

    Drug Enforcement Agency (DEA)

    Secure Border Initiative (SBI)

    Federal Bureau of Investigation (FBI)

    Alcohol Tobacco and Firearms (ATF)

    U.S. Citizenship and Immigration Services (CIS)

    Federal Air Marshal Service (FAMS)

    Transportation Security Administration (TSA)

    Air Marshal

    Federal Aviation Administration (FAA)

    National Guard

    Red Cross

    United Nations (UN)

    Assassination

    Attack

    Domestic security

    Drill

    Exercise

    Cops

    Law enforcement

    Authorities

    Disaster assistance

    Disaster management

    DNDO (Domestic Nuclear Detection Office)

    National preparedness

    Mitigation

    Prevention

    Response

    Recovery

    Dirty bomb

    Domestic nuclear detection

    Emergency management

    Emergency response

    First responder

    Homeland security

    Maritime domain awareness (MDA)

    National preparedness initiative

    Militia Shooting

    Shots fired

    Evacuation

    Deaths

    Hostage

    Explosion (explosive)

    Police

    Disaster medical assistance team (DMAT)

    Organized crime

    Gangs

    National security

    State of emergency

    Security

    Breach

    Threat

    Standoff

    SWAT

    Screening

    Lockdown

    Bomb (squad or threat)

    Crash

    Looting

    Riot

    Emergency

    Landing

    Pipe bomb

    Incident

    Facility

    Hazmat

    Nuclear

    Chemical spill

    Suspicious package/device

    Toxic

    National laboratory

    Nuclear facility

    Nuclear threat

    Cloud

    Plume

    Radiation

    Radioactive

    Leak

    Biological infection (or event)

    Chemical

    Chemical burn

    Biological

    Epidemic

    Hazardous

    Hazardous material incident

    Industrial spill

    Infection

    Powder (white)

    Gas

    Spillover

    Anthrax

    Blister agent

    Chemical agent

    Exposure

    Burn

    Nerve agent

    Ricin

    Sarin

    North Korea

    Outbreak

    Contamination

    Exposure

    Virus

    Evacuation

    Bacteria

    Recall

    Ebola

    Food Poisoning

    Foot and Mouth (FMD)

    H5N1

    Avian

    Flu

    Salmonella

    Small Pox

    Plague

    Human to human

    Human to Animal

    Influenza

    Center for Disease Control (CDC)

    Drug Administration (FDA)

    Public Health

    Toxic Agro

    Terror Tuberculosis (TB)

    Agriculture

    Listeria

    Symptoms

    Mutation

    Resistant

    Antiviral

    Wave

    Pandemic

    Infection

    Water/air borne

    Sick

    Swine

    Pork

    Strain

    Quarantine

    H1N1

    Vaccine

    Tamiflu

    Norvo Virus

    Epidemic

    World Health Organization (WHO) (and components)

    Viral Hemorrhagic Fever

    E. Coli

    Infrastructure security

    Airport

    CIKR (Critical Infrastructure & Key Resources)

    AMTRAK

    Collapse

    Computer infrastructure

    Communications infrastructure

    Telecommunications

    Critical infrastructure

    National infrastructure

    Metro

    WMATA

    Airplane (and derivatives)

    Chemical fire

    Subway

    BART

    MARTA

    Port Authority

    NBIC (National Biosurveillance Integration Center)

    Transportation security

    Grid

    Power

    Smart

    Body scanner

    Electric

    Failure or outage

    Black out

    Brown out

    Port

    Dock

    Bridge

    Cancelled

    Delays

    Service disruption

    Power lines

    Drug cartel

    Violence

    Gang

    Drug

    Narcotics

    Cocaine

    Marijuana

    Heroin

    Border

    Mexico

    Cartel

    Southwest

    Juarez

    Sinaloa

    Tijuana

    Torreon

    Yuma

    Tucson

    Decapitated

    U.S. Consulate

    Consular

    El Paso

    Fort Hancock

    San Diego

    Ciudad Juarez

    Nogales

    Sonora

    Colombia

    Mara salvatrucha

    MS13 or MS-13

    Drug war

    Mexican army

    Methamphetamine

    Cartel de Golfo

    Gulf Cartel

    La Familia

    Reynosa

    Nuevo Leon

    Narcos

    Narco banners (Spanish equivalents)

    Los Zetas

    Shootout

    Execution

    Gunfight

    Trafficking

    Kidnap

    Calderon

    Reyosa

    Bust

    Tamaulipas

    Meth Lab

    Drug trade

    Illegal immigrants

    Smuggling (smugglers)

    Matamoros

    Michoacana

    Guzman

    Arellano-Felix

    Beltran-Leyva

    Barrio Azteca

    Artistic Assassins

    Mexicles

    New Federation

    Terrorism

    Al Qaeda (all spellings)

    Terror

    Attack

    Iraq

    Afghanistan

    Iran

    Pakistan

    Agro

    Environmental terrorist

    Eco terrorism

    Conventional weapon

    Target

    Weapons grade

    Dirty bomb

    Enriched

    Nuclear

    Chemical weapon

    Biological weapon

    Ammonium nitrate

    Improvised explosive device

    IED (Improvised Explosive Device)

    Abu Sayyaf

    Hamas

    FARC (Armed Revolutionary Forces Colombia)

    IRA (Irish Republican Army)

    ETA (Euskadi ta Askatasuna)

    Basque Separatists

    Hezbollah

    Tamil Tigers

    PLF (Palestine Liberation Front)

    PLO (Palestine Liberation Organization

    Car bomb

    Jihad

    Taliban

    Weapons cache

    Suicide bomber

    Suicide attack

    Suspicious substance

    AQAP (AL Qaeda Arabian Peninsula)

    AQIM (Al Qaeda in the Islamic Maghreb)

    TTP (Tehrik-i-Taliban Pakistan)

    Yemen

    Pirates

    Extremism

    Somalia

    Nigeria

    Radicals

    Al-Shabaab

    Home grown

    Plot

    Nationalist

    Recruitment

    Fundamentalism

    Islamist

    Emergency

    Hurricane

    Tornado

    Twister

    Tsunami

    Earthquake

    Tremor

    Flood

    Storm

    Crest

    Temblor

    Extreme weather

    Forest fire

    Brush fire

    Ice

    Stranded/Stuck

    Help

    Hail

    Wildfire

    Tsunami Warning Center

    Magnitude

    Avalanche

    Typhoon

    Shelter-in-place

    Disaster

    Snow

    Blizzard

    Sleet

    Mud slide or Mudslide

    Erosion

    Power outage

    Brown out

    Warning

    Watch

    Lightening

    Aid

    Relief

    Closure

    Interstate

    Burst

    Emergency Broadcast System

    Cyber security

    Botnet

    DDOS (dedicated denial of service)

    Denial of service

    Malware

    Virus

    Trojan

    Keylogger

    Cyber Command

    2600

    Spammer

    Phishing

    Rootkit

    Phreaking

    Cain and abel

    Brute forcing

    Mysql injection

    Cyber attack

    Cyber terror

    Hacker

    China

    Conficker

    Worm

    Scammers

    Social media

    1. Flocke Kroes Silver badge

      Re: I wonder

      You missed tails (warning: clicking the link will put you on a list, but please help make it a big list).

    2. Anonymous Coward
      Anonymous Coward

      Re: I wonder

      You forgot the Mattress Police

      1. Sir Runcible Spoon

        Re: I wonder

        tl;dr

  10. vytas

    I dont know....

    What's worse, a lowest bidder government contractor, or a government employee.different sides of the same coin?

  11. WashingtonWetneck

    Computer Security ???

    It should be obvious to everyone by now that there is no such thing as "computer security", only the "illusion" of computer security.

    It seems that not a week goes by that a new security breech of some sort or another is announced. And this is by firms that make computer security their business, such as the US Department of Defense, Credit bureaus, big banks, etc.

    1. Anonymous Coward
      Anonymous Coward

      @WashingtonWetneck

      "And this is by firms that make computer security their business"

      Has the possibility ever occurred to you that those businesses could also be doing a terrible job? And then obviously blame it on something else.

  12. flyfisher111

    Its easy to forget that somebody owns that cloud - how much can they be trusted?

    I cannot trust them with even my highly unclassified files. Any hacker would surely die from boredom, but I don't trust them not to lose my data.

  13. JazzDude

    So tired of all the political lies and games… both parties!

    HERE, THIS WILL CHEER YOU ALL UP THOUGH!

    http://youtu.be/rCBNBD1dm4o

    http://youtu.be/F3-TUN7AQbU

  14. Anonymous Coward
    Anonymous Coward

    AWS - Not the only Cloud

    AWS is not the only Cloud. It's perhaps the easiest. But serious incompetence all the way around here. Best to go with a Tier 1 enterprise class solution provider instead of something designed for use by Mom & Pops and Pinteresters.

  15. HappyJohn

    Missed the Point

    "...all scraped from around the world by the US military to identify and profile persons of interest."

    The point missed: US military created a database using social media to track people. No one else thinks that's scary?

    1. Adrian 4

      Re: Missed the Point

      No one else thinks that's scary?

      Yes, but not news.

    2. Roj Blake Silver badge

      Re: Missed the Point

      Scary? Yes.

      Surprising? No.

  16. steelpillow Silver badge
    Coat

    Archive

    The Wayback Machine should be told!

  17. chivo243 Silver badge

    Has to be considered

    ...these buckets were a free source of information to mine.

    Honeypot?

    They're gathering social media info, why not info on people who stick their beak into dangerous places?

    1. katrinab Silver badge

      Re: Has to be considered

      I'm guessing that is done by a different department.

      In the UK, this sort of thing is done by BBC Monitoring in Caversham whereas the secret stuff is done by GCHQ in Cheltenham, and the even more secret stuff, presumably by another group somewhere else.

  18. Chairman of the Bored

    Why cloudy?

    I'm not going to defend inherent hypocrisy of policy pointed out by previous posters.

    But I think I can explain why this is a cloudy mess. Suppose for a moment you're an army civilian or contract employee sitting behind the mil-spec firewall. You are subjected to hundreds of written and unwritten rules concerning config, hardware, software... many different rule sets from warring bureaucracies above you - each eager to prove its the One True Fount of Authority. On the other hand you've got a job to do. On the third hand you can outsource this pain to a fly by night subcontractor - or a dodgy bit of a major contractor - and let them do whatever they want outside your overlord's realm.

    Blue or red pill, which will you take?

  19. joedrager

    Sounds like Amazon is in the CYA mode for the security breach.

  20. jlfliberty

    Who are these fools in charge today? We have treasonous soldiers walking off the battle field jeopardizing soldiers’ lives resulting in harm to them and nothing is really done about it.

    Does anyone think these fools have any clue of how serious security is? Does anyone remember WW2 loose lips sink ships? The men and women in charge of security that were required under threat of treason to keep their mouth shut?

  21. Anonymous Coward
    WTF?

    The hypocrisy is astonishing...

    "which is a social media monitoring and influencing campaign designed to target overseas youths and steer them away from terrorism."

    An "influencing campaign" huh? Didn't I hear major outcry's a few months ago that the Soviets might have influenced the presidential elections through some posts on social media? That was obviously not done because how dare they try to influence stuff by sharing "false" information.

    And here we are, the US doing exactly the same thing. Oh, sure, this time it's different because you're trying to "help the children". Well, bollocks. Everyone will have their reasons, depending on your point of view, but that doesn't change the fact that the hypocrisy is shining. When someone else does something it's foul play and actions need to be taken, but if you yourself do the exact same thing it's suddenly "different"?

    I don't think so.

    1. Version 1.0 Silver badge

      Re: The hypocrisy is astonishing...

      No, it's not "different" - they've been doing it for years, it's just that the politicians are suddenly caught by surprise when it's revealed that the "other side" has cottoned on to it and is doing the same thing. That's been well known too in the inner circles of organizations that have no names - it's just that nobody told their masters in the West. So now the public is aghast - the rest of us are yawning.

  22. David 55

    File listings

    Can Amazon just disable file listings already and make it a hard option to activate (and then only for specific users)? This is getting ridiculous.

  23. DanielR

    I don't believe they scrape. I believe they exploit security holes in the Facebook API. They just need the profile ID.

  24. Mark 75

    Why is it even on the internet?

  25. Sir Runcible Spoon

    usually talking to the armed forces is a "one-way street," Vickery said.

    Typically to a certain extrajudicial gaol.

    I won't put a joke icon on here, because it isn't really that funny. Shooting the messenger has become an international sport these days.

  26. JeffyPoooh
    Pint

    Failing to secure data scraped from public postings on social media

    What next? An unsecure database of images taken of advertising billboards?

    1. GSTZ

      Re: Failing to secure data scraped from public postings on social media

      One would assume that by scraping gazillions of postings from social networks the US military wanted to add real value for their own purposes. Whether such activity is good or legal is yet another discussion.

      But they certainly did not intend to voluntarily serve that added value to anyone else having access to the Internet (in particular, they probably did not want to provide the results of their work to potential enemies). Even from that very simplicistic perspective, those responsible for handling the collected data did a horrible job that was highly counterproductive.

      But they also created a very dangerous asset that was potentially available to everyone. Some postings here and there from some people may be relatively harmless, but creating enormous amounts of data about nearly everyone can be a very dangerous weapon in the hands of other nations/groups with bad intentions. Effectively doing that kind of dirty work for them can't be something not be taken seriously. Some nations including the US and the UK haven't yet experienced a dictatorship ruling their country - some other nations have or had that ugly experience, and hence do value such oldfashioned terms like freedom and democracy.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like