chrisl

If only we had a good simulator to test some of these ideas in? Anybody have any leads?🤣

Milo Minderbinder must have gotten the contract for implementation.  
Everybody has a share.

Milo Minderbinder must have gotten the contract for implementation.  
Everybody has a share.

This ☝️, once armed these improvised FPV drones might be way too dangerous to bring back for recovery. Since they are improvised I am sure there are forty different ways a dozen different shell, rockets and grenades are fiddled with to ensure the go off when the drone hits its target, but I am guessing just about all of them make them less safe to handle. With drones you lose the ability to use the very high Gs of being launched/fired as the primary arming step for the fuse. Far better to send them after almost any Russian target, or even a suspected Russian target. Although both sides seem to employ the kamikaze drones with higher flying recon only drones when possible.

These drones are assembling in Ukraine in numerous quantities for donates. 
For example, here is a part of 500  FPV drones batch, named GOIDA as a mockery of known Russian call "Goida!" on the mass meeting, calling to rise at "holy war with evil West".
And there are many similar drones have been assembling now. 
     

More seriously, it looks like there are at least a few satellites using 532 nm (green) for LIDAR, and if the clouds and angles are right it can be visible from the ground.  

It’s not due to come in til 2130 eastern time (US) tonight.
so it’s probably aliens.

Announced on Friday:
https://www.rocket.com/article/aerojet-rocketdyne-awarded-2156m-supplement-ongoing-modernization-efforts-and-increase-solid

https://www.defense.gov/News/Releases/Release/Article/3362263/dod-strengthens-supply-chain-for-solid-rocket-motors/

Both stories are real and not exaggerated and were told to me directly by the people who experienced them.  For the guy at the conference it was far enough in the past that it was more amusing to him than anything else. He kept his clearance for quite a long time.  The other guy was pretty shaken by the whole thing, and I haven't kept track of where he is now.  (edit: I just looked him up and he stayed at the facility for 20 years before moving on)
The magic waiver doesn't suspend presumption of innocence, but it does make it easier to gather evidence that's admissible.  But most of the time it's just used to gather information to either renew or remove a clearance.  Inadvertent mishandling rarely leads to anything criminal, and doesn't generally lead to things like those two cases (one of which was just random nutjob guards).
I actually expect there won't be all that much heat and light over the leak.  How much was in it that would have surprised anyone here?  Probably not much.  The more notable things seemed to be the weird anomalies (Vagner, confusing miles and km, etc) and at most it probably gave some insight to RU into what kind of information NATO can collect. From what I saw, most of the data were relatively time sensitive and we only saw them well after they'd really be meaningful, if they were even accurate. The ship of the USG turns very, very slowly, and once this disappears from the press the kid will probably end up doing some time and that will be that.  Not much will change about the way the US handles things.
 

It's mostly a lengthy set of rules and procedures. 
As far as revealing it, you know you can't. And in some respects, the government trusts that those who know classified info won't reveal it, because they've been vetted, and the consequences of being caught are severe. In the vast majority of cases this works. They trusted me - and yet, I could walk out of work and write down reams and reams of classified info and hand it to someone - stuff that's just even today rattling around in my head. I never would of course. Know what my security out brief was when I retired "You know what you can and can't talk about. So just DON'T" 
I had a (now) humorous security infraction years ago. Issued a letter proposing we look into a noise abatement technique. Came out of college textbooks, but we applied it to a submarine (in theory). So we issued it as straight NOFORN, not classified. Naval Reactors gets the letter. I get a call "You know this letter you sent out is CONFIDENTIAL-NOFORN, right?"  "Uhhhhhhhh, nooooo?" Explained the textbook part. Nope: a noise abatement technique with name or class of sub in the same letter classifies it. No gunpoint, no yelling - "You know what to do, right?"   "Yes, sir, we'll take care of it" 
"Good" he said and we never heard more about it.  Paper letter issue - just had to retrieve or verify destroyed the 13 issued copies. Probably might have been more of an issue if it was supposed to be SECRET, but still, mistakes do happen.

Dave
 

That's mostly true, but having tried to teach technical things (both ancient, like physics, and modern, like image processing) to college age kids, a lot of them just have holes in their brains.  Take the same people in their mid 20s after they've been out of their parents' house a while and their hormones have settled down and stick them in the same courses and their brains work way better.  (Though there are certain subset who are basically high speed logic machines as adolescents).  The problem is really you don't know who a kid is going to be at 18 and that time between 18 and 25 is when you and they are finding out.  Closer continuous review based on clearance level and role would have probably made a big difference in this case.  If someone were watching this kids social media activity they'd have caught it when he was posting his own summaries that nobody paid attention to and either adjust his access or his behavior, or both.
Part of the network problem is that encrypting and putting different levels of access controls on data at rest makes it much harder (if not impossible) to do effective cross-agency/department/etc data fusion for finding the kind of patterns that were missed in 2000-2001.

That's mostly true, but having tried to teach technical things (both ancient, like physics, and modern, like image processing) to college age kids, a lot of them just have holes in their brains.  Take the same people in their mid 20s after they've been out of their parents' house a while and their hormones have settled down and stick them in the same courses and their brains work way better.  (Though there are certain subset who are basically high speed logic machines as adolescents).  The problem is really you don't know who a kid is going to be at 18 and that time between 18 and 25 is when you and they are finding out.  Closer continuous review based on clearance level and role would have probably made a big difference in this case.  If someone were watching this kids social media activity they'd have caught it when he was posting his own summaries that nobody paid attention to and either adjust his access or his behavior, or both.
Part of the network problem is that encrypting and putting different levels of access controls on data at rest makes it much harder (if not impossible) to do effective cross-agency/department/etc data fusion for finding the kind of patterns that were missed in 2000-2001.

That's mostly true, but having tried to teach technical things (both ancient, like physics, and modern, like image processing) to college age kids, a lot of them just have holes in their brains.  Take the same people in their mid 20s after they've been out of their parents' house a while and their hormones have settled down and stick them in the same courses and their brains work way better.  (Though there are certain subset who are basically high speed logic machines as adolescents).  The problem is really you don't know who a kid is going to be at 18 and that time between 18 and 25 is when you and they are finding out.  Closer continuous review based on clearance level and role would have probably made a big difference in this case.  If someone were watching this kids social media activity they'd have caught it when he was posting his own summaries that nobody paid attention to and either adjust his access or his behavior, or both.
Part of the network problem is that encrypting and putting different levels of access controls on data at rest makes it much harder (if not impossible) to do effective cross-agency/department/etc data fusion for finding the kind of patterns that were missed in 2000-2001.

I agree w you TheCapt that this is sometimes the case but I think it's often not the case.  Lots of hiring managers will have both conscious & unconscious bias against various forms of LGBTQ+.  Or colored hair.  Or tatoos.  If you are biased against tatoos it might be hard to find young employees these days!   I keep wondering when tatoos will no longer be cool -- probably kids growing up now who see tatoos on their parents and it becomes like a matching nike outfit w stripes down the legs which kids wouldn't be caught dead wearing.  I am aware of some of my biases and have to consciously choose to ignore them when I interview people.  All of this gets into what we think someone in some role 'should' look like and how we need to see past that when considering someone for a job.
Meanwhile, the right in the US is currently running its entire world, entire political campaigns, on anti-LGBTQ+ outrage.  Will it work?  We'll find out next year.
But then we look at UKR.  Where pink-haired young women are fighting (remember that post-ambush video early in the war?).   Long bearded metro-hipsters, tattoo covered gamers, multi-pierced medics, etc.  All of these kids that were considered weak and soft are fighting & dying for their country and their freedom.  And I bet the new UKR military graves have plenty of gays in them too.
edit: Having biases can be bad.  Thinking you don't have any is always bad -- because we all do.

See my points on the age problem above.  And we truly are showing our Grey if we think there is a leap of maturity between 21 and 25 in this day and age.  The age thing is going to go nowhere for a lot of good reasons.  Finally before this fossil club gets too far into our own supply, just gonna leave this one here (he was 35 when it started by the way, and again a good Christian)
https://en.wikipedia.org/wiki/Robert_Hanssen
As to the IT/access problem. That is likely where the most heat and light will be placed.  Now what was this kids actual job?  Was he sweeping up the server room floor or was he an admin?  If he was running an entire secure server architecture or on the team who does, then his access was probably pretty wide, hence the clearance.  I suspect they will be looking hard at this but they may run into unworkable solutions based on whatever we bought 10 years ago with respect to IT.
Everyone is looking for a reason right now because, uncertainty.  But the reality is entirely certain, the kid was human and no human system is going to be error free.  Only way to keep a secret between three people is if two of them are dead.  It is an embarrassment to be sure but this is really more good news than bad.  The kid blew up and out really fast, so tied off quickly. The kids was not an insider so really did not understand what he was looking at nor what to really look for.  He loudspeakered as opposed to running silent whispers which could have lasted years.  And he was not being managed as a foreign asset who again could have been a slow bleedout of critical info until his retirement.
In many ways it was better he was a dumb kid and not some disgruntled 50 year old who actually knew where the bodies are buried and how to really hurt us.  While at the same time working around the procedures he likely helped write back in the day.

Aye, it's not the clearance level that's at fault in this big leak case, it's the compartmentalisation of information at this level (possibly across the board, but possibly at the facility where Teixera worked) that's failed. None of those people "in aerospace" with TS/SCI clearance should have access to the high level summary stuff that got leaked, unless it was to do with the job they were actually working on. They need their clearance, just to get in the door of their workspace.
As has repeatedly been said, a network tech shouldn't have blanket access to all documents of their clearance level or lower. They just shouldn't, and I'm pretty sure that, in general, they don't (because the Internet would be nothing but leaked documents if that were the case), and there's a specific failure of compartmentalisation in Teixera's case.
Over-compartmentalisation of information has been a contributing factor to intelligence failures in the past and does need to be avoided, but the broad-brush synthesis stuff should be controlled in some detail, and available only to the analysts that produce it and the supervisory "high level" folks who are meant to be coordinating responses across agencies.
Age should of course be a factor in assessing security clearance levels. The whole exercise is about risk mitigation, and anyone involved in risk management should be aware that youngsters are at higher risk of poor judgement. But it's only one factor.

For TS and higher, they are.  When people are getting their clearances renewed the investigators make appointments and then come around and interview both the person given as a reference on the SF-86 and anybody else that person refers to as familiar with person under investigation.  If they come looking for someone who they didn't have an appointment with they'll even ask random people in the area "hey, do you interact much with X?  I'm here reviewing their clearance, do you have a few minutes?"

Neither of those two factors match up with reality.  
Ukraine is employing a distributed and dispersed C4ISR system linked into western ISR which is outside the theatre.  This means that MANPADs and IADs get cued well out on incoming Russian strike packages early and accurately.  They have enough time to reposition and wait.  We do not have SEAD for passive MANPADs, we have some c-measures but they have not frankly been tested in these environments.  The EW planes cannot blind space-based assets, and OS built on civie IT networks.  And once someone puts a Starstreak on a UAS that MANPAD could hit up past 30k feet.  I am not convinced we could get full air superiority, let alone supremacy, below 20k and might even lose it to denial (A2AD) above that.  Then we are high altitude bombing which comes with so much legal risk as to make CAS nearly impossible.  Troops on the ground would do better with indirect fires and tac UAS to be honest.
ATGMs - “APS will save us”.  Well not from top-down (yet), nor submunitions or decoys.  And last I checked we were not putting those systems on every logistics truck, which is a problem as our tanks need gas too.  I have seen a lot of tank lusters working overtime to show how the tank can be protected and completely ignoring the fact that the tank is just the end of a capability system that reaches back to production lines.
As to western bias, sure.  Almost unavoidable.  But in CMs favour, the battlefield results of Russian armour are not far off how badly they get mauled in CMBS.  In fact the shortfalls in CM are that it was probably too generous with respect to indirect fires and lethality.

For all we know he works for someone who doesn't deal with computers and has him print everything out to read/review/trash.  It's not so common anymore, but it wasn't so long ago that there were managers who would have their secretaries print their email then dictate replies or handwrite and have the secretaries transcribe.  
That's less likely with emails now, but not too unusual with reports and presentations, and they could be printed for an officer who likes to read them on paper instead of a screen. It wouldn't raise any eyebrows, and then he can make off with some of the paper copies if they don't have some other audit mechanism to make sure that everything that gets printed is either stored properly or destroyed.  If the data were never printed it would be easier to restrict and track access by login.  If it's encrypted at-rest it would be possible to keep him from being able to see it, even if his boss could read it on a tablet or laptop by having the appropriate permissions and password or key.
 

"just wanted to inform some of his friends about what’s going on"
 I've seen this a couple times and it seems to be put forward as almost an excuse. What a crock.
It's been 2 years, but I'd say this is not just on him. There is something in the overall classified info handling of the organization that is not working, and lax. Where I was there were so many controls:
a. The entire floor I worked on was a classified repository. No phones, no cameras, no recording devices, no smartwatches, no iPods - nothing with ANY memory of any kind allowed past the combo lock door. There were small lockers outside in the elevator lobby. Everyone had their own assigned to lock up their stuff and there were a bunch for visitors - drop your stuff, take the key. 
b. Inside that Closed Area (that's what it's called), classified computers are in a separate room you have to have access to.
    1.  It's physically impossible to write anything to CD/DVD or USB.
    2. There is a printer, and you can print out things, and you have to log into the printer and it logs the files that are printed, which is routinely audited.
    3. The computer system is routinely (like weekly) audited and if you had tried to access something that you don't have access to, questions will be asked. Most of the time it's innocent. You actually did need to look up something but don't have access to something that you really did need. So you have to put in a request. Your department manager has sign off on it certifying you have a need to know.
    4. If you for some reason DO need something written to CD/DVD there is a group of about 5 people in the company who will do that and provide it, again, requested and management approval. No one else can even physically do it, let alone by rules.
All of the above is for up to Confidential-Restricted Data (Restricted Data is nuclear information, whether propulsion or weapons).
For Secret and Top Secret, there is a separate Closed Area INSIDE the Closed Area. There is a two man rule. Again, NOTHING with any memory allowed inside. Nothing can leave. If you take something out of a file, it either has to be returned and logged back in, or destroyed. You cannot take anything inside to make notes with. There is marked papers inside to make notes and it stays inside.
For disposal, there are burn bags for media, and bins for shredding. The shredding is by an outside contractor, but the locked bins (Like curbside trash bins) are brought to the back door and security watches as they are loaded into the truck sized shredder.
At the door/gate, you can bring in a lunchbox and on the way home it will be checked (randomly). 
I'll stop here, but as you can see, there has to be a significant breakdown in the implementation of procedures for someone to create a security breach like this.  I thought a little context on how it's SUPPOSED to be done might be useful.  Everyone where I worked took security very seriously.  
I'd wager there is more to come after a thorough review of the organization's security procedures. We may or may not hear much about that, unless it's discovered he had active accomplices.
One caveat - this is all where I worked or visited (national labs). The problems at the White House are different. It's obvious from what has happened these last several years that security procedures are "different" there. Rules for thee and not for me.

Dave

For all we know he works for someone who doesn't deal with computers and has him print everything out to read/review/trash.  It's not so common anymore, but it wasn't so long ago that there were managers who would have their secretaries print their email then dictate replies or handwrite and have the secretaries transcribe.  
That's less likely with emails now, but not too unusual with reports and presentations, and they could be printed for an officer who likes to read them on paper instead of a screen. It wouldn't raise any eyebrows, and then he can make off with some of the paper copies if they don't have some other audit mechanism to make sure that everything that gets printed is either stored properly or destroyed.  If the data were never printed it would be easier to restrict and track access by login.  If it's encrypted at-rest it would be possible to keep him from being able to see it, even if his boss could read it on a tablet or laptop by having the appropriate permissions and password or key.
 

For all we know he works for someone who doesn't deal with computers and has him print everything out to read/review/trash.  It's not so common anymore, but it wasn't so long ago that there were managers who would have their secretaries print their email then dictate replies or handwrite and have the secretaries transcribe.  
That's less likely with emails now, but not too unusual with reports and presentations, and they could be printed for an officer who likes to read them on paper instead of a screen. It wouldn't raise any eyebrows, and then he can make off with some of the paper copies if they don't have some other audit mechanism to make sure that everything that gets printed is either stored properly or destroyed.  If the data were never printed it would be easier to restrict and track access by login.  If it's encrypted at-rest it would be possible to keep him from being able to see it, even if his boss could read it on a tablet or laptop by having the appropriate permissions and password or key.
 

For all we know he works for someone who doesn't deal with computers and has him print everything out to read/review/trash.  It's not so common anymore, but it wasn't so long ago that there were managers who would have their secretaries print their email then dictate replies or handwrite and have the secretaries transcribe.  
That's less likely with emails now, but not too unusual with reports and presentations, and they could be printed for an officer who likes to read them on paper instead of a screen. It wouldn't raise any eyebrows, and then he can make off with some of the paper copies if they don't have some other audit mechanism to make sure that everything that gets printed is either stored properly or destroyed.  If the data were never printed it would be easier to restrict and track access by login.  If it's encrypted at-rest it would be possible to keep him from being able to see it, even if his boss could read it on a tablet or laptop by having the appropriate permissions and password or key.
 

The only one I saw where I could read the markings has “Top Secret” on it, but no indication of SCI. It may be a mix of Secret and TS, but SCI is harder to sneak out in your pocket so without seeing it all I’d suspect none was SCI.

One of the problems with the clearance process is that the younger you are and less history you have, the easier it is to get a clearance.  And at that age it's easier to hide wacko properties because there are just fewer people who would have seen them.  
A lot of the investigation is about whether you have questionable connections, or things you're hiding from people that make you blackmailable, etc, and so if you're 22 and fresh out of school there's just a lot less there.  I'm also not convinced that the government has done any really scientific study of what works and what doesn't as evaluation criteria - quite a few of the criteria look like they came right out of the 50s and there are things that make you "questionable" that might have been an issue in 1956 but not only are common today, so common that you may not be able to find people without those characteristics. 
But to your point - they should be able to find people who aren't wackos who are competent, even for pretty obscure things.  You may not always be able to get all the skills/capabilities you want in a single cleared person, but should be able to do it by making a small group of complementary people.  And that's probably more secure in some ways, since they should start noticing if their teammates are wacko.
edit:
But all that said, I'm also not convinced that it's not a psyop.  It's a lot of stuff to get out in one place, and it's got some strange characteristics.  So even if it wasn't originally a US/NATO created psyop, it's possible that it's the product of some random OSINT person (or hobbyist making a game, or troll, or whatever) and the intel people decided they could fabricate a psyop around it. "Yeah, that report about aliens that you found on the internet that says USG all over it? IT'S ALL REAL!!!" and then start feeding stories to the WAPO and NYT "Oh, those aliens, yeah, we've been hiding them for decades and now the jig is up.  We're so effed that the alien technology is about to all get out.  The brits have been teleporting in and out all over the Russian lines and are going to be shut down".