back to article FBI raids home of spy sat techie over leak of secret comms source code on Facebook

The FBI has raided the home of US intelligence contractor John Weed who is suspected of leaking classified blueprints online via a fake Facebook account. On Monday, the Feds confirmed to The Register they have executed a search warrant at the Virginia home of John Glenn Weed, who worked for the National Reconnaissance Office …

  1. Anonymous Coward
    Anonymous Coward

    "Weed is also accused of earlier nicking $340,000"

    Sounds like this guy lost the plot!

    But there is a lesson here for more level headed folks.. When you borrow equipment from work, make sure you return it and get a receipt - else if you piss your employer off or quit, they can use it against you (with extreme prejudice).

    1. DJO Silver badge

      Re: "Weed is also accused of earlier nicking $340,000"

      The correct way to "borrow" equipment from work is to stick it in a big box and then get the security people to give you a hand loading it into your car.

      In some cases it's worth stashing the kit at the back of a cupboard for a few months first to see if anybody misses it.

      1. Sir Runcible Spoon

        Re: "Weed is also accused of earlier nicking $340,000"

        "In some cases it's worth stashing the kit at the back of a cupboard for a few months first to see if anybody misses it."

        Pretty sure this is how most kit goes missing in DC's.

    2. Anonymous Coward
      Anonymous Coward

      Re: Sounds like this guy lost the plot!

      Actually, it sounds like this guy is a high functioning but untreated schizophrenic. It will be interesting to see what his defense ends up being.

    3. JaitcH
      FAIL

      Re: "Weed is also accused of earlier nicking $340,000"

      Guess the exit door security isn't very good.

      My employer sticks RFIDs on all equipment, and vehicles, mainly for equipment location in our offices. Naturally, there are RFID readers on all exits and gateways. Our equipment losses and misplacement are minimal.

      But I guess US high security buildings haven't kept apace with technology.

    4. I3N
      Angel

      Re: "Weed is also accused of earlier nicking $340,000"

      On the other hand, a properly signed Letter of Marque, kept on-person at all times, for any and all equipment ...

      Along with the appropriate DD Form 250's and 1149's for the non-returning stuff.

      Ken a Welshman in the Royal Navy, told us that when the HMS Sheffield sank, the joke was about how much equipment was 'lost with proper paperwork' in that incident.

  2. Anonymous Coward
    Anonymous Coward

    Well, I still have my employer's Zotac, suitably wiped.

    ... nobody wanted to use it.

    > finding classified blueprints online on a fake Facebook account

    That's pretty anime, bro.

  3. Mayday
    Holmes

    Idiot.

    Clearance holders know from the start what they can and can't do. The fact he was doing stuff that was so easy to trace is mind boggling.

    1. Mark 85

      Re: Idiot.

      He and other like him probably believe either they are above the law or the rest of the world isn't as smart as they are. I daresay we've all seen it... the one person who thinks they know everything and are so "special" that the rules don't apply to them. Usually doesn't end well* for them.

      *For some, it's being fired, for others... jail time..

      1. 404

        Re: Idiot.

        Lord... I've been doing this stuff for 25+ years and I'll never know it all - the more I know, the more I realize I don't know shit.

      2. Dave Harvey
        Black Helicopters

        Re: Idiot.

        Dunning–Kruger effect as applied to security.

      3. Anonymous Coward
        Anonymous Coward

        Re: Idiot.

        "For some, it's being fired, for others... jail time.."

        For others it is promotion to senior management positions. It has been said that it is not unusual for a senior manager to fit the profile of a psychopath.

        1. Oengus

          Re: Idiot.

          it is not unusual for a senior manager to fit the profile of a psychopath.

          I thought that was an essential requirement for senior managers.

    2. Doctor Syntax Silver badge

      Re: Idiot.

      "The fact he was doing stuff that was so easy to trace is mind boggling."

      We keep seeing this. Those who are doing intelligence acquisition seem to be not very good at maintaining their own security at both an individual and corporate level. We should remember this when evaluating their notions of how to go about their business, especially their calls for back doors.

  4. Anonymous Coward
    Anonymous Coward

    Iran issues

    But where did he run to? I do enjoy these crazy contractor stories, why on earth would you post that to Facebook?

    1. David 132 Silver badge
      Coat

      Re: Iran issues

      Iran is "so far away", according to A Flock of Seagulls...

      1. 404

        Re: Iran issues

        ... and he couldn't get away...also Flock of Seagulls lol

      2. lafnlab
        Boffin

        Re: Iran issues

        That puts a whole new perspective on "If I had a photograph of you..." A Flock of Seagulls must have worked for the NRO!

        Avatar in lieu of hairdo

  5. Chairman of the Bored

    RDP connection from score system to home?

    I sure hope that's not what I just read, because that raises my WTF knob to 11.

    1. This post has been deleted by its author

    2. Alan Brown Silver badge

      Re: RDP connection from score system to home?

      My WTF knob gets raised that you can GET from a secure system to the public Internet.

  6. dnicholas

    So he used his own internet connection...

    Quite the evil genius, or being thrown under the bus very sloppily

  7. StargateSg7

    What TRULY shocks me is that they actually GET HIRED....YES! I know that most coders are basically anti-social loners with large chips on their shoulders after all those upper form school years being bullied by 200 lbs+ rugby players...still...I don't UNDERSTAND HOW they could even PASS most security clearance background examinations. There are almost ALWAYS behavioural flags that arise that any decent psychologist SHOULD be able to pickup and relay to the hiring team.

    Ironically, the best coders I like and want to hire on security-sensitive systems are ex-military enlisted (not officers!) who have switched over from in-field technical operations into coding based upon trying to improve their lives. They are usually Master Corporals or Sergeants and have great self-discipline, integrity and aren't afraid to work hard. These types I can put in any Special Access Programs (SAP) or Compartmentalized Access Program (CAP) and the only thing I need to do is make sure they are paid well and ENSURE that every Friday has a barbecued prime-rib Steak and Chips (fries) lunch all ready for them. I also make sure I don't tick them off with micro-management and unreasonable demands. That keeps them happy and the end-of-project bonus and family plane tickets to Florida, Hawaii, Bermuda, Italy or France keeps them well-motivated to hold their secrets!

    Maybe the agencies need to STOP ticking off their employees AND/OR start hiring people that are actually SUITED and psychologically PRE-DISPOSED to stable, sane personal lives!

    1. Trollslayer

      Because 200 lb rugby players aren't much good at this stuff.

      1. Spanners Silver badge
        Headmaster

        Translation

        Rugby players are not generally from the USA so giving 200lb as a weight is fairly silly.

        14 stone 4 pounds is more useful. If you are trying to give some meaning of that to someone under 60, that's just under 91kg.

    2. Alan Brown Silver badge

      "Maybe the agencies need to STOP ticking off their employees AND/OR start hiring people that are actually SUITED and psychologically PRE-DISPOSED to stable, sane personal lives!"

      In order to do that, they'd have to stop hiring asshole managers. You sound like quite the exception.

    3. Anonymous Coward
      Anonymous Coward

      @Stargatesg7...

      Let me tell you as someone that has gone through the process of high level clearance a few years ago that there's actually not that much that would make you ineligible.

      The primary ones are debt that appears to be unmanageable, addiction of any kind, behaviour such as anything that is considered criminal of overtly anti-patriotic or the big one - being caught lying during the process.

      If anything flags (at least this is how it used to be in the UK) then you can be monitored, have a lower-duration for being cleared before you have to renew etc.

      Generally weirdness, what others may consider perversions etc aren't that high on the list as long as you can't be blackmailed. "What is the impact of this getting out about you?" is the main idea. Can it be used to coerce. None/no? Good to go then.

      The background checks are tediously invasive and frankly some aspects of holding it become a pain in the backside.

      I no longer hold any clearances. By choice, I might add :)

      1. Anonymous Coward
        Anonymous Coward

        "[...] behaviour such as anything that is considered criminal [...]"

        IIRC that probably didn't matter at the highest levels - as long as the applicant told the vetting people about it. They don't like not knowing about something that can then be used for blackmail.

        At the lower security levels it is probably more of a tick list that will result in rejection.

        1. Robert 22

          I recall trying to hire a summer student about 15 years ago. Although this was for an unclassified position, the security types would not provide the necessary approvals, apparently on account of his having written a bad check to a video store.

          I have the distinct impression that there is a fair bit of subjectivity involved.

      2. teknopaul

        "debt that appears to be unmanageable..."

        Thats what did for Jared's security clearance, didnt apply to his dad in n law tho? I presume he could prove that he really doesn't give a fuck about huge debts.

        1. Anonymous Coward
          Anonymous Coward

          Under the (current) US system the President doesn’t need clearance. He (or she) gets access by virtue of being elected.

          There is not a chance in hell Mr Trump would have received even secret clearance

      3. GruntyMcPugh Silver badge

        @AC I held Full SC for a while, as it was required for one customer, and it seemed like it was a breeze to get. Not sure if it helped that one of my references was a school chum who has previously worked for the MoD and latterly a research company that was a spin off from Qinetiq. I did a contract for a bank and their vetting was deeper, in particular the financial probes, they knew about, and wanted explanations if you'd ever been overdrawn.

        1. This post has been deleted by its author

        2. Anonymous Coward
          Anonymous Coward

          @Grunty

          SC is frankly a piece of piss to get: you fill in a questionnaire and there's some basic checking.

          DV on the other hand really is a proper background check. Back when I did the then "new, shortened" form, it was in excess of 50 pages. For my face-to-face interview (mine was a simpler one so only took a shade over 3 hours), my interviewer pulled out her own copies of my bank statements to compare line by line.

          They interviewed friends and family members as well as previous bosses from up to 5 years ago.

          Because of certain other add-ons we required at the time, we even had to submit our holiday plans' flight paths to ensure we weren't crossing airspace that was considered too unfriendly.

          The whole process took several months to complete. It is not something I would ever care to go through again, if I am perfectly honest - the benefits simply are not worth the hassles.

          And yes, financial institutions have checks that fall somewhere in between the two extremes.

    4. BinkyTheMagicPaperclip Silver badge

      I don't know precisely where you live in the US, but that's not my experience of coders in the UK, or indeed many places elsewhere.

      Even (especially?) in the open source world, people generally don't like coders that go it alone, or are resistant to feedback. It only causes problems later, especially if their component becomes important.

      There's plenty of opportunity for coders to socialise, and work together, and it occurs regularly.

    5. Anonymous Coward
      Anonymous Coward

      Judging by that commentary

      I hope neither myself nor anyone else I know in the industry ends up working for you, considering the opinion you have of people who code for a living.

    6. Loyal Commenter Silver badge

      I know that most coders are basically anti-social loners with large chips on their shoulders

      You KNOW this do you? Or are you just repeating the stereotype that has somehow settled in your otherwise empty-sounding head?

      Personally, I work in quite a large office surrounded by other software developers of varying skill levels. Most are reasonably gregarious outgoing, and sociable. Most work well as part of a team (a vital prerequisite if you are going to work on code that is maintainable). Many are fitness freaks (how does that fit in with your 'wimp bullied by rugby players' concept?)

      Personally, I have to admit that at school, I was, on occasion, bullied by the odd rugby player. I'd suggest that this wasn't so much down to my demeanour as being down to the fact that the bullies and the rugby players tended to have quite a large overlap on the Venn diagram, and bullies are notoriously unselective in who they pick on. In other words, the brutish thickies tended to focus on sport because holding a pen without hurting themselves was difficult.

      1. Anonymous Coward
        Anonymous Coward

        @Loyal Commenter

        Pot meet kettle.

        You don't like being stereotyped but have no problem stereotyping others.

        What a nice person you are. Not.

  8. Anonymous Coward
    Anonymous Coward

    Another loose cannon

    This guy should spend a lot of time in the Iron Bar Hotel, IMO.

  9. Anonymous South African Coward Bronze badge

    Which's preferable?

    A plain sysadmin job sans security clearances vs a high security sysadmin job?

  10. Andy The Hat Silver badge

    Time line

    I'm just wondering what has happened between 2013, when the majority of this story seems to have occurred, and today ...?

    1. teknopaul

      Re: Time line

      AI in Facebook that scans fotographs looking for code?

  11. Anonymous Coward
    Anonymous Coward

    felt that the rules didn't apply to him

    I was going to reveal a piece of wisdom like "politicians do it all the time!", but then I had to confirm another completed torrent of a linux distro via p2p so, you know, I got distracted. Anyway, POLITICIANS DO IT ALL THE TIME!!! LONG LIVE DOUBLE AND TRIPLE STANDARDS, COMRADES COMMENTARDS!

  12. JimboSmith Silver badge

    Personally I'd like to see a radio that's worth $200k.

    1. Sir Runcible Spoon
      Joke

      I could show you a glorified PC with some extra network cards for $100k if that helps?

    2. Chairman of the Bored

      Radio costs .gt. $200k?

      But worth absolute zip? I give you the US Army JTRS. $15billion failed development program. Yes, that's with a "B". Nothing to show for it except billions in continued orders of legacy radios.

      http://www.nextgov.com/it-modernization/2012/08/pentagon-shutters-joint-tactical-radio-system-program-office/57173/

      So, yes, it's easy to hold a $200k radio but you might want to wash your hands when done...Oh, wait - Boeing's JTRS ground "mobile" radio prototype was 90kg. Hold in your hand? Um, no.

      Maybe in some muddled way this luser was actually a patriot trying to hurt our enemies by giving them crap radios?

      1. I3N
        Coat

        Theranos, mere child's play ...

        That link, TOTAL BS ...

        a better read - https://arstechnica.com/information-technology/2012/06/how-to-blow-6-billion-on-a-tech-project/2/

        'Ding! Ding! Commander arriving' ended up deputy running the place at one point ...

    3. DJO Silver badge

      There's a world of difference between "worth $200k" and "costs $200k", especially when it comes to military procurement.

      1. John Brown (no body) Silver badge

        "There's a world of difference between "worth $200k" and "costs $200k", especially when it comes to military procurement."

        And not forgetting the US law industry preponderance to "load up" the charges. It's entirely possible that and and all equipment that's been filched or just mis-laid has been added to the list of kit he's accused of stealing. It's even possible that when asked to check, someone took a few bits for themselves and listed it as "missing".

      2. JimboSmith Silver badge

        Exactly my point it may cost $XX,XXX but actually worth that? Maybe they had it blinged by those folks who cover mobiles in gold that I saw on Dragons Den? I've watched someone put together an order for kit that in my opinion wasn't worth half what they were about to be charged. That one got stopped after it was determined that there hadn't been any price comparison with other makes and suppliers. A bit like ordering from Maplins instead of CPC Farnell.

        I can imagine that the Watkins Johnson catalogue back in their day had some models in it which were on the pricey side. $200K is for just one radio that was obviously manportable and fairly small. I say that because otherwise surely he would have been stopped walking out with it. One of my ex-employers used (as mentioned above) RFID tags on equipment and another had compulsory bag searches. I would hope that people can't just walk out with large pieces of equipment from somewhere with high security like the NRO/CIA/NSA etc.

        1. DJO Silver badge

          people can't just walk out with large pieces of equipment from somewhere with high security

          You'd be amazed. Large kit is far easier to purloin than pocketable stuff, you just wheel it out the loading bay in the middle of the working day and the security guys will hold the door open for you.

          They get suspicious at going home time but during the day it's all normal business.

          Actually there's a little bit more to it than that but I'm keeping shtum, wouldn't want to encourage naughtiness.

          1. Chairman of the Bored

            Naughtiness?

            @DJO,

            How's this for technique? New property management bureaucracy in place. But I'm doing an urgent test and need to liberate a spec an and take it into the field right now! No time to fight the pencil pushers.

            What to do? Grab the spec an and walk it up to the security desk like a boss. Tell the guard to watch after it a sec... "Real important that nobody takes it... We will all be in dheep schitt!" Hit the men's room, return, thank the guy and walk right out the door with it. That, sir, is proper tradecraft.

            1. DJO Silver badge

              Re: Naughtiness?

              How's this for technique?

              Yes, that's the sort of thing.

              In my younger days I went to a lot of gigs but wasn't too enthusiastic about paying or queuing up in the rain so I'd just stride through the stage door as if I owned the place. I doubt if it'd work today but back in the day I was never questioned.

              1. John Brown (no body) Silver badge

                Re: Naughtiness?

                "so I'd just stride through the stage door as if I owned the place."

                Not forgetting to greet whoever was on the door with a cheery "evenin' George!". (They were all called George, even when they weren't, and greeting by name, even the wrong one, made them feel good if you looked important or might be famous)

          2. JimboSmith Silver badge

            You'd be amazed. Large kit is far easier to purloin than pocketable stuff, you just wheel it out the loading bay in the middle of the working day and the security guys will hold the door open for you.

            Apparently I would and have worked in places with better security than the NRO. Who'd have thought that!

        2. Dave 126 Silver badge

          Value Vs Cost

          > Exactly my point - it may cost $XX,XXX but actually worth that?

          If I'm stranded on sandbank with no fresh water, then a satellite radio that costs £5,000 would be worth a helluva lot more to me!

    4. JaitcH
      Happy

      High End Radios Are Disappointing In Appearance

      I used to work with multi-channel radio receivers and transmitters and they were simply rack-mounted boxes with numerous antennae connections and a couple of LAN sockets. BUT when attached to a computer and screen, they will make you drool.

      Even the attached antennae mini-farm would make a technician excited.

      The old No. 19 was far more exciting to look at AND you could hear Radio Luxembourg!

      1. JimboSmith Silver badge

        Re: High End Radios Are Disappointing In Appearance

        Even the attached antennae mini-farm would make a technician excited.

        Any suppliers names or prices?

        1. Chairman of the Bored

          Re: High End Radios Are Disappointing In Appearance

          @Jimbo,

          A Rohde and Schwarz FSW series signal analyzer / receiver with all the software needed to handle, say, 802.11 protocols and Bluetooth + intercept antennas will set you back about $400k US.

          https://www.rohde-schwarz.com/us/products/test-measurement/signal-spectrum-analyzers/signal-analyzer-rohde-schwarz/pg_overview_63665.html

          Totally worth it if you need the expensive ultimate in test and measurement receivers. And I used to be an HP bigot, back before they sucked...

          Had one at work. It had its own room, and was the domain of The Master Technician. We engineers MIGHT be able to use the system if the master tech felt that we were sufficiently competent. And morally pure. You did not bring drink into the room. You did not bring food into the room. You did not think impure thoughts in the room...

  13. Mr Dogshit

    Wah wah waaaah

    See also: Brian Patrick Regan

  14. Steve McGuinness

    Despite all the security screening

    The department was once again unable to Weed out the bad guys

    1. Sanguma

      Re: Despite all the security screening

      "The department was once again unable to Weed out the bad guys"

      Smokie and the Bandits ... Your Dept is Stoned!

  15. Anonymous Coward
    Anonymous Coward

    A "fake" Facebook account?

    Stuff the main story, I want to know how you create a fake Facebook account.

    Do you set up a site that pretends to be Facebook? DNS redirect? 'Coz as far as I know, all accounts of Facebook are real. The names may be fake, though, but the only not-real accounts of Facebook are present during any presentation to investors. From the dive I've seen their shares take today, there won't be many of those for a while other than possibly in court as they are apparently now sued..

  16. Dodgy Geezer Silver badge

    Sack the bloke, of course....

    ...but, more importantly, sack the the person or team who gave him clearances. And then check out all the other people this disfunctional team gave the keys of the secret cabinet to...

  17. DelM

    Editorial/pedant note: If this is the same company that I used to work for, it's offically "TASC" and not "(The) Analytic Sciences Corporation". "The" was part of the name - and hence "TASC" - very early on in the game. I was there in the Reading, MA, office in the late 80s through the early 90s, departing just prior to the Primark acquisition of TASC.

    That the fellow had a clearance until 2012ish isn't surprising. What is surprising is that he was "allowed to take work home" and that *anything* was still in his possession after he was let go. Gads.

  18. Anonymous Coward
    Anonymous Coward

    Honestly

    Well, when a criminal organization hires people, what do they expect?

    It's the culture of the spy world to be dishonest.

  19. Cynic_999

    An excellent employee

    Most employers would be delighted to have someone who was so dedicated that they took their work home and even featured it in their social media account.

  20. Anonymous Coward
    Anonymous Coward

    He'll get off

    He's got arseburgers.

  21. Florida1920

    $200,000 radio

    Our tax dollars at work. But whatever it is, I want one.

  22. Sanguma

    "It seems, though, that when it comes to contractors, the US government still doesn't quite have its security ducks in a row."

    Being a security contractor is not all it's quacked up to be, obviously ... but they're such a loverly bunch of coconuts ...

  23. Archivist

    Security

    Guard: Good evening, what's that you're taking out?

    Dubious employee: It's a Treeplespongegropper

    Guard: I'll just write down 'equipment'. Has it got a serial number?

    Dubious employee: Yes, look - 230V50HZ

    Guard: I'll write it down

    Dubious employee: I'll be returning it in the morning so you'll be able to just cross it off

    Guard: I'm the 'late' man' you'll see Fred tomorrow

    Dubious employe returns next day with a wall wart... Guard Fred is happy.

  24. Chairman of the Bored

    JTRS waste

    My father was a Ranger, then a civil servant, and finally a contractor. So he got to see every side of the US defense industrial complex, as have I.

    He would speak of the "three D's model" of acquisition and administration. I've found it accurate.

    The USAF is "dazzling". Nobody can spend money like the Air Force; even the blades of grass on the golf course are gold plated. NRO falls into this bucket. If you nick $340k I'm amazed they even notice - that's probably one day of golf course upkeep for a single numbered Air Force.

    The Navy is "deceptive". These guys never tell you what they really want. Everything is a mind game, and everyone is treated abusively - esp sailors and contractors.

    The Army is "dumb". No explanation required. That explains JTRS.

  25. RahulJhnson22

    Distict Court papers say that John was given the $200,000 radio set to work on at home in 2005, similarly with the "Blue Force Trackers" as well. If this is the case, why did the FBI not confiscate them in 2013? If John had bad intention, why did he not do anything with those items ever? If he was a "real threat to national security" why was he not arrested on the spot? If the "secret codes" that he posted on facebook were actually "secret" he should have been cuffed on the spot. Sounds like someone high up doesn't like this guy and wants to take him down.

  26. Anonymous Coward
    Anonymous Coward

    Latest on this Story

    John G. Weed has been completely exonerated of these accusations.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like