http://www.estripes.com/article.asp?section=104&article=28818 By Lisa Burgess Stars and Stripes European edition May 3, 2005 ARLINGTON, Va. - U.S. commanders in Iraq posted a version of the U.S. investigation into the Italian checkpoint shooting from which it was possible to recover classified information by simple manipulation of the electronic file. The report, issued by Multinational Forces-Iraq, or MNF-I, over the weekend, was heavily redacted, with classified sections obscured by black boxes. The report was posted in a "PDF" format, used by the U.S. government to generate documents of various kinds. While downloading the information, however, the global "blogging" community quickly discovered that the classified information could easily be recovered. MNF-I officials said Monday that the report's full release was an accident, but could not pinpoint how it occurred. "The procedures that we used [to safeguard the classified information] were inadequate," Air Force Col. C. Donald Alston, MNF-I’s chief of strategic communications, said Monday. "We consider this a very serious matter." MNF-I officials took the report down from their own site over the weekend. The classified sections of the report have information about the number and type of insurgents attacks on the road to "Route Irish," the 7.5-mile east-west road along south Baghdad that runs from the International Zone in downtown to Baghdad International Airport. The unclassified portion of the report says that the four-lane road is known as "IED Alley" for the large number of improvised explosive devices that have been planted there by insurgents. The report also delves into the securing of checkpoints, as well as specifics concerning how soldiers manned the checkpoint where the Italian intelligence officer was killed. In the past, Pentagon officials have repeatedly refused to discuss such details, citing security concerns. The information technology community quickly began linking to the report site and discussing the security breach. "There have been many reports in the press of how people have published Microsoft Word documents with their history easily revealed through Word's "track changes' feature," blogger David Berlind commented in his Internet technology blog, "Between the Lines" at ZDNet. "But you rarely hear about problems like this when it comes to PDF files." "It will be interesting to see how this security debacle unfolds, where the finger gets pointed, and how it changes the way PDF files get handled in the future [by organizations of all types]," Berlind wrote. _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Wed May 04 2005 - 04:00:12 PDT