Writing on the Double Yellow Line

Militant moderate, unwilling to concede any longer the terms of debate to the strident ideologues on the fringe. If you are a Democrat or a Republican, you're an ideologue. If you're a "moderate" who votes a nearly straight party-ticket, you're still an ideologue, but you at least have the decency to be ashamed of your ideology. ...and you're lying in the meantime.

Location: Illinois, United States

Thursday, June 22, 2006

Billions for Remedy

Billions for Remedy, Not a Penny to Monitor
© 2006 Ross Williams

I've worked for the government[1] or on government[2] contracts almost non-stop for going on three decades. I've got a clearance. I have "access".

I only use my "access" when absolutely necessary, and only after taking every possible effort to avoid it. The problem with "access" is that the information you get with it is often identical [at least in my position] to the information you get without it. Any given piece of data – let’s call it Fact ‘X’ – rarely means anything on its own. More often, it is the analysis of the raw data, Fact ‘X’ placed in the context of facts ‘1’ through ‘9’, which is the secret.

I have access only to raw, classified data, almost none of which is truly “classified”. Why is this a problem? Because if I get the exact same raw, uncontextual data from the "high side" I have to destroy it, or secure it, even if there's nothing specifically "classified" about it. And they [yes, we also worry about the nebulous and notorious "they"] know the difference.

Mishandling classified information is not only grounds for dismissal, but also prosecution. I can be sent to jail for cutting and pasting the same random string of alphanumeric gibberish into an email – if I get the random string from the wrong window. If I cut-n-paste from the unclassified window next to it, and which looks exactly like the classified window, there’s no problem.

As a result, I avoid the classified system[s] I work on with as much energy as I can muster. It's just not worth the aggravation.

So, as someone who has "access", I can sympathize with the schmuck in the VA who took home a laptop which had a disk with 26.5 million names and social security numbers – including mine, by the way – contained in it. The laptop was stolen from his home in what appears to be a routine home invasion-slash-robbery, meaning that the loss of this data was just one of those freaks of badly-timed coincidence we've all undergone at one point or another. I can very easily sympathize with the guy. Yet I still want to smack him in the forehead with my own work computer – which is not a laptop. We in defense don't rate laptops, I guess.

This twerp, apparently not fully understanding the aggravation of dealing with such classified information in the first place[3], is transferring to me the aggravation I've always sought to avoid, and which I really don't need. Along with the rest of the country, too.

It's aggravating because there is a potential, infinitesimal though it is, that this information was taken for the express purpose of using the data – names and social security numbers – for committing consumer fraud. Credit fraud most likely. Creating new credit cards using my credit rating [not to mention the other 26.499999 million other credit ratings] that can be gotten by using the name and social security number combination, and with those potentially millions and millions of new credit cards buy HD TVs and lap tops and lap dances and – if someone has a little more credit than I do – cars and homes.

Chances are real good, though, nearly 100% in fact, that the hoodlum who pilfered the laptop was doing so in order to wipe it and sell it on eBay, in which case it was wiped almost immediately and all the data is now lost, meaning the 26.5 million cases of consumer fraud are – as we say in defense contracting, not to mention in the military – OBE[4].

But if the twink who stole the laptop didn’t wipe it to sell on eBay, chances are real good that he has been listening to the news, realizes that he's got the government's black helicopters after him, not to mention the satellites with all the brain-scrambling mind-rays, and has pitched the laptop into Chesapeake Bay as hard and as far as he could chuck it – after burning it beyond recognition and battering it with a ball bat just to be sure.

But it's also possible that the creep who cribbed the computer is a crack-headed meth-mouth who doesn't pay attention to the world beyond his next fix, and saw millions of names with millions of social security numbers. Seeing dollar signs in his eyes, he might then have sold this data to someone who will indeed use my name and the 26.499999 million others as a vehicle for consumer annoyance which, to date, is only matched by telephone solicitors and mass mailings for – ironically – low 0% introductory rates on yet another credit card.

This hasn’t happened yet, needless to say.

The Veterans Administration is understandably concerned, since responsibility [though not liability] would ultimately filter back to them. So the VA is spending money I don't want to give them to mail me a letter saying, essentially, "Hey! Guess what!!" and setting up a toll-free phone line to sympathize and commiserate with veterans worried about their credit and, likely, listen to the profanity of some other veterans indignant about it. Veterans know a lot of profanity.[5]

The VA isn't stopping there, though. They're drafting a plan[6] by which they will monitor, "free", the credit data of the millions of veterans in the database – me and the 26.499999 million others – whose name and social security number were stolen[7]. I put quotes around "free" because it isn't. The cost will be paid for by the VA, which many people will think is only right. And the money for that will be appropriated[8] by Congress at the request of the White House, and that money will come from ... um, me. And the other 26.499999 million other veterans in the list. Not to mention the other 273.5 million other citizens in this nation of 300 million tax-payers.

It's one thing to send 26.5 million letters at the government bulk postage rate, and pay for a few months of a toll-"free" phone line to provide information to panicky citizens. It's another to spend tens of billions of dollars to safeguard against what isn't happening yet, and likely won't ever. I should be surprised, but in this day of exaggerated response to potential problems and no relevant response to actual problems, being surprised by stupidity means you aren't paying attention. FEMA didn't simply wait for Mayor Nagin and Governor Blanco to quit dithering and pointing fingers and actually request the federal aid as the rules require they do; FEMA sent the aid-givers to a seminar in Atlanta for racial sensitivity training after aid was finally requested.

Unfortunately, it's too much to expect that our government spend money on real problems that exist now. Can't send insensitive relief workers to New Orleans to rudely push the locals onto buses and boats and get them the hell out of the hurricane – that they were told to leave several days earlier. We've got to wait for several locals to drown while we train relief workers to politely shove them onto buses and boats.

We can't wait for a veteran to experience credit fraud traceable to this incident before spending tens of billions of dollars to fix the credit; let's spend those billions now, because it might happen, and hey! let’s spend it on efforts that won't even prevent the credit fraud in the first place.

...and I work for these people.

But the final stupid word[9] on this monumental stupidity will be granted to Congressman Lane Evans[10], from, sadly, my state. He declares, presumably with a straight face, in explaining why the VA should spend tens of billions of public dollars to monitor my credit rating: "veterans and military families must not be punished for the administration's failures."

That's right. A low-level weenie – essentially, someone in the same position in the VA as I have in the DoD office I work under – broke the rules, did what we are told from Day-One we must never, ever, ever do ... and it's all Bush's fault.

I'm glad to know that the next time I cut and paste a random string of gibberish into a work email from the window logged into the high side, and which looks exactly like the same random string of gibberish from the low side, and I get fired and prosecuted for doing so, Congressman Evans will be my expert witness laying blame where it truly belongs.

What a relief!

[1] USAF
[2] DoD
[3] Technically, social security numbers by themselves are fine and not classified in any manner; they are just nine numerals. Only when matched with a name do they become “classified” and it’s not even “secret” or “top secret” or anything cool like that. It’s “Privacy Act” data – as we are told, annually, in our contractually-required security briefing.
[4] Overcome By Events
[5] Fuckin-A!
[6] http://www.chicagotribune.com/technology/sns-ap-vets-data-theft,1,7814054.story?coll=chi-news-hed
[7] …and I’m curious as to how many people thinking this data-mining ought to be done are those who, under other circumstances – specifically, phone calls to and from known terrorists – think data-mining ought not be done on a few million phone numbers … as it’s an invasion of privacy.
[8] synonym for "stolen" by the way:
[9] zymurgy
[10] “Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself.”
– M Twain


Post a Comment

<< Home