State Department Employee Faces Firing for Posting WikiLeaks Link

A veteran U.S. State Department foreign service officer says his job is on the line after he posted a link on his blog to a WikiLeaks document.

Peter Van Buren, who has worked for the department for 23 years and just published a book that is critical of U.S. reconstruction projects in Iraq, said this week that the State Department had launched an investigation against him earlier this month for disclosing classified information.

His crime, he said, was a link he posted on August 25 in a blog post discussing the hypocrisy of recent U.S. actions against Libyan leader Muammar Qadaffi. The link went to a 2009 cable about the sale of U.S. military spare parts to Qadaffi through a Portuguese middleman.

We recently recapped the weird history of US-Libyan relations, focusing on how, after years of hating on and bombing Qaddafi, soon after the Iraq war commenced we suddenly decided we liked him. The US opened diplomatic relations in 2009 and had all sorts of warm feelings for the once-pariah state. Then somehow in 2011 he started hating on and bombing Qaddafi again.

New cables, on Wikileaks, now give us a hint at how cozy the US-Libyan relationship (briefly) was.

To start, Libya needed lots of spare parts for its military after years of embargoes. The US was happy to assist. An unclassified cable from 2009 outlined that the US sold “Miscellaneous parts, components, accessories, and attachments for the L100 aircraft and T56 engines belonging to the Libyan Air Force,” conveniently through a Portuguese middleman. Wonder if any of those refitted aircraft played any part in the recent unpleasantness in Libya? The cable asked Embassy Lisbon and Embassy Tripoli to check up on these exports, as they had (duh) military usage and cordially concludes “Department is grateful for Post’s assistance in this matter.”

Van Buren wrote in a post published on Tuesday, the same day his new book, We Meant Well: How I Helped Lose the Battle for the Hearts and Minds of the Iraqi People is being released, that he was interrogated by State Department officials twice this month.

Van Buren said he was under investigation for allegedly disclosing classified information — even though he had merely linked to documents that were already widely available on the internet. The cable was just one in a cache of more than 250,000 State Department cables that WikiLeaks allegedly obtained from former Army intelligence analyst Bradley Manning last year and has been posting piecemeal online with media partners in the U.S. and Europe since last November.

“In other words, a link to a document posted by who-knows-who on a public website available at this moment to anyone in the world was the legal equivalent of me stealing a Top Secret report, hiding it under my coat, and passing it to a Chinese spy in a dark alley,” Van Buren wrote this week.

The State Department investigators, he said, demanded to know who had helped him with his blog and told him that every blog post, Facebook post, and tweet by State Department employees had to be pre-cleared by the Department prior to publication. They also drilled him about the details of his publishing contract — including how much he had been paid — and told him that his refusal to answer questions would lead to his firing. And they warned him against writing about their interrogation, saying he could be charged with interfering with a government investigation if he did so.

Van Buren said the Principal Deputy Secretary of State subsequently wrote his publisher demanding small national security redactions from his book, which had already shipped to bookstores. Among the cuts requested was a vignette that he said was based on a scene from the movie Black Hawk Down.

Van Buren linked to the cable after WikiLeaks abruptly opened the spigot on its cache of cables in August, spewing out more than 130,000 over a few days after a news story in a German news weekly revealed that the entire database of cables had already been inadvertently leaked online by WikiLeaks supporters, along with the password to unlock the file.

“The State Department and its Bureau of Diplomatic Security never took responsibility for their part in the loss of all those cables, never acknowledged their own mistakes or porous security measures,” Van Buren wrote this week. “No one will ever be fired at State because of WikiLeaks—except, at some point, possibly me.”

Van Buren said his real crime appeared to be speaking critically about U.S. policies in the Middle East.

“The advantage of all this? It gets rid of a ‘troublemaker,’ and the Bureau of Diplomatic Security people can claim that they are ‘doing something’ about the WikiLeaks drip that continues even while they fiddle,” he wrote. “Of course, it also chills free speech, sending a message to other employees about the price of speaking plainly.”

The State Department did not respond to a request for comment.

Photo: Torie Partridge

SSL authenticity evolution

After attending the annual GrrCON in Grand Rapids, Michigan I thought I would share my thoughts on the keynote address delivered by Moxie Marlinspike. Moxie detailed the problems with the existing certificate authority system and proposed his ideas for a solution.

OnStar Alters Course, Won’t Track Canceled Subscribers

Bowing to public pressure, OnStar said Tuesday the Detroit navigation-and-emergency company would not monitor vehicles after customers cancel service.

The decision to change course comes a day after Sen. Chuck Schumer (D-New York) called on the Federal Trade Commission to investigate. Schumer decried the surveillance as the most “brazen invasions of privacy in recent memory.” Sen. Al Franken (D-Minnesota) and Sen. Chris Coons (D-Delaware) also said OnStar’s surveillance was a “privacy breach.”

To the outrage of subscribers, OnStar last week began e-mailing customers about an update to its privacy policy. Among other things, it said OnStar would turn off the two-way communication between a former customer and the service upon request — though OnStar would continue to track former customers who simply cancel their account.

The new privacy policy, which is to take force in December, also grants OnStar the right to sell GPS-derived and other data in an anonymized format. That data might include a vehicle’s location, speed, odometer reading and seatbelt usage.

“OnStar recently sent e-mails to customers telling them that effective Dec. 1, their service would change so that data from a customer vehicle would continue to be transmitted to OnStar after service was canceled unless the customer asked for it to be shut off,” Linda Marshall, OnStar’s president, said in a statement. “We realize that our proposed amendments did not satisfy our subscribers.”

OnStar, with six million customers, said it does not sell the data, but reserves that right.

The General Motors subsidiary said the connection with a car that terminated service was to continue to make it “easier to re-enroll” in the program, which charges from $19 to $29 monthly for help with navigation and emergencies. Other stated reasons included maintaining the capability to alert vehicle occupants about severe weather conditions and “updated warranty data or recall issues.”

What’s On the Spammers’ Menu This Holiday Season?

The holiday season is about to commence and spammers have resurfaced with new offers well in advance. We have already observed spam for Christmas and New Year in the month of September, not to mention spam for Halloween, which is fast approaching!

So, what’s on the spammers’ holiday menu?  Well, there are virus e-cards, bogus meds, some interesting Internet gift offers with crazy discounts, and loans to help you celebrate a spammy whammy Christmas and to welcome the New Year! And don’t despair, because for Halloween you have the much coveted replica products! The list is definitely going to extend as the season comes closer. Discussed in detail below is the spammers’ vacation bonanza.

Here are some of the various spam subject lines being used for the upcoming holiday season:

Subject: Re: Happy new year!!!!
Subject: You have received a Christmas Greeting Card!
Subject: Rolex For You Now -85%
Subject: With our drugs you will never criticize yourself.
Subject: Cash for the New Year
Subject: Xmas Loan offer
Subject: <removed> special starting at $299 - Schedule your free evaluation today


In the above sample, the attachment named Christmas carries a worm that replicates over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down. Below are two samples promoting fake online pharmacies and other health-related products at discounted rates. These spam messages can steal users’ personal details including email addresses, bank details, etc. when the link provided in the message is clicked.


As the holiday season draws near, we advise users to take the utmost care while making online transactions. Make sure you are cautious when doing your Christmas shopping online. Beware of emails with malicious attachments, especially from unknown people who may want to compromise your security—don’t fall victim to the spammers’ ploys.