A (probably apocryphal) story which I heard when spending a few weeks at a facility deemed of the greatest interest to spooks a couple of decades ago was that the security services tended to identify infiltrators by questioning the bar maid at the local pub.
Apparently, regulations required the agents to only have small beers, presumably to avoid indiscretions while inebriated.
Only problem was, none of the locals ever ordered small beers, as the general practice was to get wasted enough to forget what a godforsaken place you'd wound up in, if only for an evening.
>"The invariable indicators...agency officers usually had more than one working foreign language, their cover was usually as a “political” or “consular” official (often vice-consul); internal embassy reorganizations usually left agency personnel untouched"
Reading stuff like this is really irritating. Do the author and editors not know the meaning of "unchanging and invariable"? It just makes the entire article seem idiotic.
I am a native English speaker and have never heard someone use "unchangeable" or "invariable" to mean anything other than the correct meaning: "not variable; not changing or capable of being changed; static or constant."
And "impossible" means "difficult". I believe this feature of natural language is called hyperbole, and its study is part of the Linguistics subfield of Pragmatics.
The Mossad had a big embarrassment some years ago. Wearing ties is not common in Israel, but, for forged credentials, people were usually photographed wearing a tie. The photography shop provided people with a tie.
The Mossad used the same three ties for everybody.
I doubt CIA Technical Services was burned down and reconstructed for every mission. Seems like intelligence agencies are always going to want some shared, reusable resources.
"The CIA has a different health insurance plan from the State Department. The premium records, which are unclassified and usually available to local employees, are a dead giveaway."
I wonder if this is still the case? Seems like a very externally observable difference, especially today.
it would be fascinating to have an update about these ideas, and a look at which signals have changed, what signals are the same, and what new signals might exist.
I generally get the feeling that people were way more wreckless before the 80's. The level of technology at the time is surprisingly low. Card catalogs and the dewey decimal system represented a nominal level of information technology, rendering many audit trails nearly opaque.
Of course, physical, structural security was bad too. Break a window and climb on in, just repair the window when you leave and maybe that'd be enough to capture some records. If it wasn't a bank or a prison, a building probably wasn't a fortress unless it was extra special.
People cared a lot less about how life turned out 40 or 50 years ago. Alcohol, tobacco, diseases everywhere, and medicine was kind of terrible. You get a feel that risk taking was normal.
Now, people clench up at the thought of breaking any rules. Call it the new technological superstition. We don't believe in god, but we believe in logs.
The funny part is, today people take reckless risks with technology like telling Facebook & Google all about themselves, or carrying a tracking device in their pocket with them at all times. They also take risks by becoming dependent on technology. Who knows the answer to a question without Googling it? Who is capable of running a British hospital when all the computers are WannaCrypted?
Even so, risk-taking is underrated. A risk is a chance of something happening; it's not guaranteed to happen every time. Whereas a measure you take to mitigate a risk, you end up having to do that every time, or else rationally there's no point to it. You have to lock the front door 100% of the time, to feel like you've successfully guarded against an intrusion that realistically might have only a 0.1% or 0.01% probability. If the cost of the mitigation measure is small, you don't notice. You're just being rational. But over time you accumulate a cowardly attitude. Put on your bike helmet and knee & elbow pads, grab your first-aid kit, pepper spray, some cash, tracking devi-- errrr phone, backup battery for phone, towel, jacket, air pump & flat tire repair kit, evidence-gathering videocameras, backup batteries for evidence-gathering videocameras, and then lock the front door, hide the key in your shoe along with the cash, and go for a bike ride, sticking to the bike lanes at all times, or off-street trails better yet (unless you're allergic in which case also bring an epi-pen and/or allergy pills, and since it might be rural better also bring a knife, a way to make fire, and a signaling device). Enjoy your freedom!
Having worked with some departments where the average age was 50+ I've definitely seen flagrant rule bending for risky behavior (e.g. not carrying radiation detectors, working on roofs without proper "safety" equipment, etc). The thing is these people got the job done. The younger generation (which I belong to) would likely throw up their hands and claim they couldn't complete the task because some prerequisite for a rule wasn't in place.
Why would you work in an unsafe environment without proper tools and safety measures? If you get injured the insurance company won't pay a cent, since you broke the safety protocol, and the employer will probably just fire you. Dead people can't sue for damages either.
If you are an just an employee, it makes perfect sense to throw up your hands and claim you can't solve a problem, when the alternative is taking risks that reward the company, rather than yourself.
It depends on values. Many of a certain age grew up in an environment that placed less emphasis on benefits to an individual and/or their employer and more on "gettin' it done".
Not endorsing either POV, just noting that one's formative era affects one's behavior.
Also, in an entity large enough, you may find that your incentives clash all the time as different parts of the organization have different views of what constitutes success; one department may put the organizational equivalent of barbed wire and minefields in your path, while another department, blissfully ignorant of said minefields, order you to charge ahead.
So, what do you do?
a) Throw up your hands in despair and do nothing, annoying whoever asked you to wade through barbed wire only to find the minefield.
b) Get down to it, step on a few mines after getting cut to shreds on the barbed wire, annoying the people who placed the mines as well as the ones who asked you to charge ahead (which are, by now, annoyed that you didn't complete the task on schedule.)
c) Try to point to the inconsistencies of The System and ask for clarification and advice. Annoy both the people who put down the mines (who fail to see why anyone wouldn't want a mine field there, it's not like they put them down for fun!) and the people who simply want you to do your job (noting that you complain that the sappers keep you from doing it well, rather than just getting down to it.)
My pet theory in big organizations is that the next cohort of workers (40-50 year olds) have been mostly languishing waiting for old people to die, because big organizations are mostly not growing.
The younger people get stuck in a mid career cul de sac because the dinosaurs rule the important things, so career success is on peripheral things like the PMO. Those jobs are great for getting promoted, but not great for actually knowing anything.
I'm in my mid-50s, and I definitely agree that I'm a lot less risk-averse than younger people. (Hell, I still ride a bicycle and roller skate without a helmet haha!) I don't really give a shit if what I say on the internet becomes associated with me, even though I use the standard 90s protocol of using fake names. I know it can be traced by someone, somewhere, in some government agency, and certainly by some asshole like Mark Zuckerberg. So what? I have very little to lose. The people who know me already know what an jerk I can be and yet they still let me come around, and the job I have wouldn't bat an eye since my private opinions have zero effect on their corporate image.
Every generation feels like they're waiting for the next generation to retire. I feel that way about Baby Boomers. (No, I'm not a Baby Boomer. I'm more like Gen X, but that's not quite right either. I'm in between those two, which is why I have feelings of contempt for the people who invent sociological models....but I digress.)
I am at an age where my experience counts for something with some organizations, and is considered a complete liability for other organizations. I have changed fields entirely several times in my life. Some of the skills I have that make me uniquely qualified to do valuable things for big organizations are completely unmarketable to those same organizations because I do not have an appropriate credential they can accept to certify my knowledge and expertise. I have given up on them, too.
My point is that there is always room for younger people to really shake up the dinosaurs, but if you are trying to influence my generation, you'd better be willing to take some risks and really just say it straight. I know that's difficult for people younger than me, and I know that people in my daughter's generation (she's 29) aren't very good at being blunt and usually screw it up when they try, but truth-telling without worrying about political nuance or whatever the hell it is that everyone worries about that keeps them from just saying what they're thinking is very attractive and useful, at least to people my age.
Oh, and don't whine when you're telling the truth. Not many people who are my age like whiners.
The generation in-between is Generation Jones, to which I regard myself the anti-thesis of that.
In my 20's, my work environment was literally refered to as pirates vs dinosaurs. I learned that the dinosaurs had a lot to teach and that a lot of pirates weren't willing to go too deep. Easily intimidated. If you were willing to go deeper into things your peers were afraid of, you could make quite a nice niche for yourself.
>and usually screw it up when they try
Best advice I got when I was 24: "kid, you need to screw up enought to get noticed"
Reading this, you could be talking about me. So, I wonder if this attitude is something tied to being in between. I'm stuck between the millennials and Gen-X folks, not really belonging well to either.
Yup. I'm in this club too. Born in '83, not exactly a gen-xer nor a millennial. It's a weird spot to be... I, with all due respect, find that a lot of my older colleagues are too stuck in their ways, and find that the younger ones are self-entitled "everyone gets a prize" whiners :). Tough to navigate; at least the ones my age and older appreciate when I tell it like it is. The younger ones I feel like I have to be careful around, lest there be hurt feelings.
I work in volunteer convention running. I made someone cry once because I called their plan a "dumb idea" - this person mind you has a Ph.d in physics. I was dumbfounded.
I get frustrated by the younger folks because they all want everything RIGHT NOW (for no work), and I get frustrated by some of the older folks, because they're unwilling to question the status quo.
If you were born in '83, you're a (senior) millennial. While the definition of "Millenial" is fuzzy - you were a young adult (17 y.o.) when Y2K happened
If you can line up some 80 or 90 year olds to back up this opinion, it might be more interesting. As it stands it seems like ahistorical speculation. I guess maybe Ulrich Beck's work on risk is relevant?
Just look at the way crime sorts itself out, and it's pretty obvious. People robbed banks, got away with murder, disappeared and took up new lives in the circus.
Now? The really pent up people just snap, shoot a bunch of people, and kill themselves, because they know they can't get away with anything anymore.
Reminded The gold rush era song. "Oh what was your name in the states?"
What was your name in the States?
Was it Thompson or Johnson or Bates?
Did you happen to draw on your mother-in-law?
Or sink the old lady with weights, my friend,
Eh, What was you name in the States?...Oh!
He actually _did_ get away with the initial heist, but screwed it up by trying to do it again. Did a few years in prison, but from the sounds of it, the banks only recovered a few million dollars, not the whole amount!
I thought that was an interesting story :) Mild-mannered programmer, biggest heist ever!
Like I mentioned, I couldn't find a definitive set of data concerning unsolved/total bank heists versus unsuccessful heists or arrests.
So I invite you to do what I did, which is look at the list and note how many were either shot, arrested, or otherwise eventually 'failed.'
The post I'm replying to makes it sound like folks got away all the time and that doesn't appear to be the case.
And if nothing else, you can find some interesting details in there. NYC burglaries in the 1850s and 1860s were patronized by a female German-immigrant while she simultaneously hob-knobbed with the society set.
My main point is that I don't think folks 'got away with it' as much as we might like to romanticize.
It's a fact, though, that operational security is /really/ difficult to do well all of the time. And your overall security is driven by your weakest link (like Ross Ulbricht found out).
The original article points out some ways informaiton leaked in the 70s; my guess is that there are similar leaks in the present day.
There were a couple of things I found interesting. One was the article's assertion that David Bruce was clearly regular Foreign Service, yet his bio shows he worked for the OSS, the direct predecessor of the CIA.
>Bruce, David KE--b Md 2/21/98, m (Evangeline Bell).
>Princeton U AB 19. Mem Md bar. US Army 17-19,
>42-45 col overseas. PRIV EXPER ...
>GOVT EXPER with Off Strategic Sers 41-45
The other is the date of publication, just before the Church committee crippled the CIA for a number of years. It makes me wonder how this fits in with all the other events of that time.
Good eye. It does say "GOVT EXPER with OSS" (emphasis on 'with') rather than "XYZ of OSS", implying some sort of external role – such as helping establish chain of command in the early days, or some other bureaucratic help. A glance at the register itself shows that most OSS involvement is cited with the "of" convention: https://archive.org/stream/biographicregist1950unit/biograph... (BR, 1950 edition)
The distinction of "with" and "of" is interesting in itself. I guess he may have coordinated external logistics or something else during the war for them. '41-'45 is a long involvement, either way; surely he knew plenty of people there. Makes me wonder about the motives for bringing up his name then dismissing him as anything but career foreign service in the original article.
And that's exactly what makes spy work so interesting to observe in the first place: trying to figure out the motives, reality vs. cover, intent, etc. of complete strangers. It's all fun and games until you become their target, I suppose.
I always assumed if the CIA recruited someone from another government agency for covert activities, the recruitment would be "dotted line" on paper, i.e. that person would officially still work for the military, FBI, State Dept or whatever.
As I understand the situation, the agents that are placed this way have only the shallowest cover and their job is to interface with the agents and sources that are actually secret.
The overt description of covert operations, made by the CIA, in their career description, is that agents handle sources and sources do whatever dirty deeds the agency really wants done. Of course, the CIA has entirely different sections with military or hacking capability but basic "game" of embassy based agents interfacing with covert agents interfacing with actual sources remains.
I was surprised to find the Central Intelligence Agency in my weblogs. This means they both leave JavaScript on and use the company IP for casual browsing. I'd expect that they make attack vectors as small as possible and have access to IP ranges that can not be so easily traced back to them, but maybe the rules are more relaxed for casual browsing/research.
Don't these agencies, militaries, and companies (BAH, Lockheed, Boeing, Dell) get micro-targetted exactly like this? I'd imagine foreign intelligence agencies use websites and ad networks to drop zero-days on persons of interest.
The FSL still exists; don't know about the Biographic Register -- haven't seen that. Essentially the FSL is provided to host countries with a listing of all personnel on diplo passports. NOCs are obviously not listed.
Probably a silly question, but how do you know they're not active on Twitter? I mean, outside of well known elected officials here (like the US president, UK prime minister, mayors, etc) I'm not sure there's much of a reason for people to state they work for the government on social media sites.
Might be a fair few government employees who just don't tie their social media presence to their real identity for one reason or another. If I get a role in the UK civil service I'm certainly not putting a job description in my Twitter profile, but that doesn't mean I work for MI5.
So this story at then end suggest that the human intel is out dated and we should rely on technical means. This is what we did and it ended up being a major cockup that led to failures to understand and predict issues, Iran and Iraq being some of them. We are still rebuilding our human intel assets. The Russian who lacked the technical expertise have always relied on human intel and it shows (trump, et.al)
I started reading this but had trouble maintaining my interest. Near the beginning (called the "hook" in journalism) it said that the station chief had had his own office bugged.
- Could someone who read through to the end mention what the eventual answer the journalist gave, as to why?
(I see I got almost instantly downvoted[1], but could you answer the question?)
I didn't ask for a synopsis, but whatever. reading articles isn't "work" and not everyone has to be interested in every aspect of everything, all the time.
Apparently, regulations required the agents to only have small beers, presumably to avoid indiscretions while inebriated.
Only problem was, none of the locals ever ordered small beers, as the general practice was to get wasted enough to forget what a godforsaken place you'd wound up in, if only for an evening.