bad things still happen to good systems

I’ve been quiet about the whole Wikileaks thing, and I likely will remain so. I don’t have anything to add that hasn’t been said already, and I gravitate closer to the fence than even I probably admit to myself.

Nonetheless, I won’t refrain from posting to nice articles on said subject, like this one from Chris Swan posted at Fudsec. I like his practical thoughts on the subject.

To add: This was a failure in a trusted user leaking docs. Would technology have prevented/alerted on this? Perhaps. But ultimately this still boils down to humans (talented staff, not just in security log-watching…) solving human problems (background checks, education, management…)

Now, maybe if they had body scanners and pat-downs whenever you enter or leave locations where you can view/manipulate sensitive data…