Category Archives: Spying

From the Arkin Archives: Why You Can’t Keep Secrets

I found a speech I gave twenty years ago to military and industry officers and officials at the annual U.S. Air Force National Security Leadership Course, Maxwell AFB, Alabama, delivered on 14 August 1996

William M. Arkin

I started thinking about this talk by polling friends in Washington to see if there were any good new jokes about secrecy.  In other parts of the world, political jokes are often the purest expression of zeitgeist, so I thought a current favorite — you know, some knee slapper about the new Executive Order on classification, or one about the latest string of Bill Gertz’ leaks —  would provide astute insight.

No dice though; people inside the beltway have never been renown for their humor.

In May, however, I was in Beirut, and the number of jokes about the Syrians were impressive.

Here’s my favorite.

Hafez Assad is with Bill Clinton and Jacques Chirac on the Mississippi River to negotiate Syria’s withdrawal from Lebanon.  Assad drops his watch into the river and when he bend over the deck railing to look for it, snapping alligators thrust up from the deep.  Clinton tells one of the Marine guards to retrieve President Assad’s watch.  The Marine goes to the edge, looks over at the alligators and says to the President  Mr. President, you know we live in the greatest country on earth, and therefore I can decline an unlawful order.  If I jump in to retrieve Mr. Assad’s watch I would die, and besides I have a family…

So Chirac, thinking he can tweak the American nose says to a French soldier, jump in the water and retrieve Assad’s watch.  The legionnaire snaps to attention and runs to dive in, but he then looks over and sees the snapping alligators, and turns to Chirac and says Monsieur President, you know our democracy is even older than America, and besides, I have a family…

So Assad whispers something in the ear of a Syrian soldier, who runs to the railing and without hesitation, jumps in the water, swims through the alligators, retrieves the watch, and returns safely to the boat.  The Marine and the Legionnaire, both amazed, crowd around the Syrian to ask what Assad said.

Well, the soldier explains, I too have a family…


So what does this have to do with secrecy?

To me, it is a real world reminder that to level any kind of indictment about the evils of U.S. government secrecy is to be trivial.  One only has to visit places like the Middle East to appreciate how free our system is.

What is more, the very reason I assume I was invited to address you this evening is that I’ve made a living by revealing government secrets.  Throughout that career, I’ve always felt shielded by my rights as a citizen, and always felt confident that if there was public benefit resulting from my revelations, even those in government would grudgingly concede and respect my rights.

I am often asked if there is some secret I wouldn’t reveal, and the answer, frankly, is yes.  In short, it is information that has no public policy relevance.  Now granted there is lots of room for debate here as to what that means, and some right wingers have tried in the past to tar me as “the Philip Agee of nuclear weapons.”

Yet I have faced on a day-to-day basis the challenge of defining what information can do damage to U.S. national security, and what information can not.  That is because secrets have a quality like trees, and if one falls in the public and nobody hears it, I would concede that the public benefit is dubious.

Yet the process of revealing a secret, however, also provides a check and balance if you will.  Since the news media is most often enlisted to circulate secrets, in doing so, reporters and editors and publishers have to themselves make decisions regarding government harm and public benefit.  The point I’m making is that those discussions do take place, and national security concerns are taken into consideration.

In 1996, however, classic government secrecy is hardly the civil liberties and first amendment conflict that it has been in the not too distant past.  Yet it does remain in the news.  Particularly recently with the explosion of the Internet, and the new mania about information security that has emerged, extending from the counter-communication and encryption debates to firewalls to information warfare.

I’m suspicious though, because again there are Cold Warlike warnings of the dire consequences of letting information circulate too freely.  And there has also been a reemergence of 1950’slike images of hidden enemies plotting to destroy our way of life.  To me, this is a significant over-exaggeration of both the threats and consequences.

The new technologies of information might indeed involve some truly revolutionary challenges in terms of the way huge amounts of data can be gathered and transmitted, and the threat mongers of computer security and information warfare have already put us on the slippery slope by attempting to control information or access to what are now worldwide networks.  To these government threat mongers, I say operations security and systems integrity and counterintelligence, all of the things the government has been doing for decades, and is supposed to be doing anyhow, regardless of the information medium.  Let’s not create new constraints, ones that mean a reduction in civil liberties in this country and a reduction of human rights in others.

I suspect that, either consciously or subconsciously, the focus on hackers and terrorists as the Clancyesque information enemy also has as much to do with separating the public from its tax dollars, and in framing an interesting defense problem for beltway bandits and think tanks to work on and make money from, as it has to do with true threats.  Particularly when more than ninety percent of computer intrusions and security problems as plain old fashioned insider criminal activity, stealing if you will with a high tech twist.


As William O. Douglas said in the Pentagon Papers case, if everything is secret, then nothing is secret.  Because of the end of the Cold War and the lack of any overarching grand strategy or national security organizing principle, we seem stuck for now in a world where near everything and anything can compete for the mantle of being “strategic.”  But if everything is strategic, then nothing is strategic.

In such a free-for-all world, the consequence is that what is really important  that is, what should be secret and protected  remains poorly defined, and thus vulnerable.

Thus perhaps one answer to the question why you can’t keep secrets is that you can’t even determine and articulate what is truly important.  The public is buffeted by endless enemies du jour, never able to give their true consent regarding what they believe should be U.S. national interests  implosion in Russia, Islam, proliferation, terrorism, warlords, ethnic hatred, population explosions, resource wars, Ebola viruses, drugs, international organized crime, Asian dynamism, the Internet, militias, Freemen, “instability.”  The menu is so full, how can one possibly determine what should be secret?


In the wake of the FBI files flap at the White House early this year, The New York Times reported that the federal government spent $5.6 billion in 1995 to keep secret documents secret.  Beltway habitues will point out that such numbers are apocryphal, but the public message is far more simple:

First, there is the common and probably majority view that there are still lots of legitimate secrets for the government to protect; and that there are, of course, loads of threats, old and new, that we need to protect ourselves and our secrets from.

But, there coexists another deeply ingrained belief that $5.6 billion is merely another example of the government wasting huge sums of money to administer its programs; that the secrets are really just bureaucracies covering up their law breaking, incompetence, sloth, or self-interests.

And then there is a third and simultaneous corollary of these two views.  And that is that all those secrets are really dastardly and incredibly complex and competent coverups of,

A.  the existence of UFOs and aliens,
B.  the CIA’s responsibility for the assassination of John F. Kennedy,
C.  the government’s surveillance and mind control program,
D.  POWs and MIAs still languishing in Southeast Asia, and/or
E.  the latest, the truth that Saddam used poison gas, which the government also is covering up.

One doesn’t have to scratch the surface of American society too deeply to find the UFO-POW/MIA-Gulf War Syndrome-militia constituency.  These are views that absolutely cross the political spectrum and more often than not break out into the mainstream (say when 20 percent of the population votes for Ross Perot, erstwhile surveillance subject himself).

But take for a moment Oliver Stone’s movie “JFK.”  After the movie came out, it ended up that some huge percent of the public believed that the CIA might have actually killed President Kennedy.  That in itself says a lot and should be disturbing to anyone working in the national security field.  But what I would like to point out is that the movie and the brouhaha was enough to move the Congress to undertake the most rigorous and extensive declassification effort ever.

Had the CIA released those records earlier, and had the government made some attempt to answer the conspiracy crowd in the preceding decades, then maybe, just maybe, some percent of the population would have been educated and convinced.  And maybe just in general the credibility of the government and the national security community would have improved, thus making it more implausible for other grand conspiracies to emerge.

I say maybe because I don’t want to be too naive.  There’s no getting away from one immutable fact about our society: That no matter what the government says, people will continue to believe what they believe.

This is seen most starkly this summer with “Independence Day” and UFOs on the covers of Time and Newsweek and the popularity of shows like “The X Files” and the irrepressible Roswell story.  The bottom line is that some significant percent of the population is just demented.

But as with Oliver Stone’s JFK, if you can confuse and manipulate enough people so that they think that a UFO really crashed in Roswell, New Mexico, you can actually move the government.  Like the CIA, the Air Force declassified all of its files on the subject of UFOs, and wrote a Manhattan-phone book-sized White Paper on the subject, item by item refuting every last scrap of coincidence and inconsistency in the 50 year record.

Yet all to no avail.

For when life on Mars is reported in the news media, as it was last week, the kooks seem as prominent as the astronomers in offering sound bites.  The fact is that subcultures continue to believe despite reports and White Papers and Congressional investigations and commissions and blue ribbon panels.  Somehow, I lay this public confusion about reality partly at the government’s doorstop.


Let me switch gears for a moment to say that I’m not so sure you can’t keep secrets  particularly when a revelation like Tacit Blue, the flying bathtub, is made.  Despite all the speculation from Area 51, despite the foolish with their binoculars and discussion groups and Web sites, despite lawsuits and even a mighty Sixty Minutes expose, despite all this attention no one outside of the government had any clear notion of what was, or is, going on at Groom Lake.

I won’t even get into the question as to whether the technologies involved in Tacit Blue were worthy of the fights and the lawsuits.  Nor whether such secrecy is needed.  My cynical mind tells me that bureaucratic interests were probably served in making the existence public.

Tacit Blue reminds me of the revelation of another “black” program  Senior Surprise, the conventional air-launched cruise missile used by the Air Force in the Gulf War.  The missile’s existence was unveiled with fanfare on the first anniversary of Desert Storm  I think it was around budget time, but I’m sure that was pure coincidence.  Anyway, the industry newsletter Navy News reported that the Air Force press release came only after Time magazine crowned the Navy’s Tomahawk “missile of the year.”

So, you can keep secrets, but at the same time, you may have so squandered your credibility by playing these sorts of games that cynicism is rampant and conspiracies flourish and pseudoscience coexists with real science.  But most important, with so many secrets in the stockpile, and with so little true ranking done as to what is or should be secret, real traitors and threats, insiders like the Walkers and Ames, can gain access so much more easily and do far more complex and inscrutable damage.

So many secrets.  A couple of years ago, the CIA announced they were going to release their files on operations in the 1950’s and 60’s.  But it warned that there were just seven employees to wade through a stack of secret files taller than  I’m not making this up  50 Washington monuments.  I calculate that as 7.13 Washington monuments worth of files per employee (the WM seems always to be the government’s preferred unit of measurement).

Anyone knows that in order to preserve real secrets, they need to be identified.  If the government practices indiscriminate secrecy on this scale, sweeping up with the real secrets those things that aren’t really secrets or don’t need to be, then the end result is neither protection nor respect.  Maybe the government is a lot smarter than I think it is, and by keeping silly things like the intelligence community budget secret they intentionally divert investigative attention from real secrets.  I doubt it.  But I would submit that making routine organizational and budget information, and the policy-making process, secret only breeds trivial leaks and public suspicion.

And most important, it just makes the American public stupid.  Government shows a contempt for the public and public opinion when it acts as if details about its activities aren’t needed for oversight and consent.  This I think is at the root of the decline in government credibility.

Take the Gulf War syndrome as an example.  After arrogantly maintaining that the complaining GI’s were either suffering from post traumatic stress disorder or were malingerers and extortionists, the Pentagon has admitted that some combination of toxic substances and administered vaccines might have worked together to create an auto-immunological reaction and thus a true medical affliction.  This raises some important new questions about the toxicity of the battlefield and of other potential dangers in industrial and occupational health.  But instead of conciliation, treatment and future prevention, the media focus has been on meaningless “revelations,” such as the most recent, that the Pentagon “really knew” of the existence of an Iraqi chemical weapons dump in the far northern corner of the Kuwaiti theater.

This is a fact that is unconnected to most of the veterans problems and to the syndrome itself.  But it suggests that the government is hiding more information.  The end result is a “hard copy” free-for-all where any claim, any news story, any conspiracy, begins to seem plausible.


Let me speak for a moment about the emergence of the Internet and the relationship with secrecy.  I note that there have already been some secrecy flaps.  When one of Scott O’Grady’s fellow officers wrote up his exploits on Email, the Defense Department put out a warning about the use of Email.  Last year, it turned out that an intelligence document placed online in the Gulf War declassification registry contained information about “sources and methods.”  The document said something to the effect that human agents reported X, an ordinary counterintelligence blunder.

Around mid-March of this year, a San Francisco reporter wrote a story that the Department of Energy was secretly preparing new nuclear warheads.  The headline says it all: “DOE designing new bombs, Web site shows.”  The Department explained that the document cited in the article was old.  But one of the things about the Internet is that often its impossible to tell the date of a document or its origin and status.

What happened in these two cases?  The GulfLINK site was sanitized so that the declassification effort became more perfunctory than historically valuable.  The DOE shut down its Defense Programs Web site completely for a few weeks and sanitized it as well.  Now there’s nothing worthwhile on it, not even documents that if you are in Washington, you can get as a matter of routine if you know who to ask.

People acting out of their best intentions were trying to make a ton of stuff available on the Internet, and there were teething problems.  But it was the novelty of the new medium that magnified the significance of any leak.  And no one actually claimed that damage was done to national security.

The lingering message is that the Internet is a threat.   Here Internet enthusiasts and government gumshoes form a devil’s alliance, which is always dangerous.  Internet boosters  you know, the type of people who like Wired magazine  claim with wide-eyed enthusiasm that the Internet is the biggest threat to traditional secrecy that could exist.  That it portends a re-conception of national security based not on secrecy but on transparency.  That there won’t be any more secrets.  That the potential, with the Internet and high resolution imagery, will be for everyone to know everything instantly.

The same cyber utopia seems to be the operating threat scenario for gumshoes and information warfare gurus.  This is what a breathless Navy special agent assigned to the computer security said recently: “Right now, it’s bigger than all of us put together.  It’s bigger than counterintelligence, it’s bigger than fraud, it’s bigger than criminal investigations.  If Federal Agencies don’t stick with this, it’s going to eat us up.”
Internet junkies assert that the technologies for openness are growing faster than the technologies for keeping secrets and that the power balance is shifting towards individuals.  Their Pentagon analogues  information warriors  struggle meanwhile to develop new weapons, to define the military dimensions, focusing on network and essential infrastructure protection and attack.

The pace with which a new information warfare bureaucracy has taken hold in the Pentagon is astounding.  Now everything that used to be labeled electronic combat or psychological operations poses with new terminology such as battlespace and information dominance.  And old nuclear warfare scenarios and models  like the Day After game you are playing here  are retread.

Secrecy has also proliferated.  I’m sorry, but I just see beyond the bureaucratic and institutional self-interest of another new rage within the national security community, one that might have noble purpose and important justification, but ultimately just serves to frighten and thus control the public.  Not being an enthusiast though, I also admit that perhaps I just don’t understand the cult.  And cult it is, for the believers have adopted the very definition of “cult status:” It’s so good, so smart, so hip that it’s over the head of the idiot masses.

Being one of those idiots, there’s nothing like a new national security fad  with beltway bandits and defense industry swarming around the government trough  to get my juices going to find out the truth and to challenge the bureaucracies’ misguided assumption that it is in charge.

Phase Zero: Last Week in Review 4.27.15

The following posts appeared on Phase Zero last week:

Will The Death of Two Hostages Finally Force Us to Face Drone Killing?

U.S. Inadvertently Kills Adam Gadahn, Saves $1,000,000

An Intelligence Vet Explains ISIS, Yemen, and “the Dick Cheney of Iraq” : An Interview with Malcolm Nance

The Blackwater Murders Aren’t Blackwater’s Fault. They’re Ours.

Is Germany Really The Heart Of America’s Drone War?

April 19 Has Become Everyone-Is-a-Threat Day

The Creepy New Security Credit Score for Spotting “Insider Threats”

“Almost two years after Edward Snowden climbed the world stage, the intelligence community is just now putting the finishing touches on a computer-driven system for catching insider threats– one that promises not just to detect future Snowdens and Mannings in the act, but also to predict who the next leakers will be.

The new method, meant to identify leakers of classified information but also homegrown terrorists, drug financiers, school ground shooters, and even sexual predators, builds the security equivalent of a “credit score.” It would secretly attach to every individual, while automatically generating and changing scores as behaviors and associations trigger indicators of anomalous activity.”

Read more on Phase Zero.

Edward Snowden[Photo: AP Images]


Phase Zero: Spying on the U.S. Submarine That Spies For the NSA and CIA

As many of you now know, last week saw the launch of my national security site, Phase Zero, with Gawker Media. We’ll be posting some great material on that platform, and I encourage all of you to create a Kinja account in order to comment, share and above all, discuss the stories I’m hoping to bring to the public attention. My goal remains the same as it has always been: to engage, expose and explain the shadow world of spying and killing.  

Today’s story, a piece written by myself and Adam Weinstein, is timely and unique.  We’ve discovered that the submarine USS Annapolis, one of the crown jewels of the US Navy, conducts missions on behalf of the NSA and the CIA, and that it’s voyage last year included spying on Israel, Yemen, and Iran, just to name a few countries.  The story is important because of more than just exposing the capabilities of this submarine to collect on (and hack into) wireless routers and cell phones.   It’s also important because it is so rare for anyone to report, in real time, on submarine activity- that is, what they actually “do” out there, other than make port calls and participate in exercises.  These “hunter killer” submarines, as they are often called, may or may not play an important role in counter-terrorism or cyber war; they play some role.  But to appreciate their value, and thus the value of submarines in today’s world, a lot more transparency and reporting would be required.  Take a look at the story to learn more about why the Silent Service is such an integral piece of the cybersecurity realm, and why there should be more reporting tracking their stealth movements.

You can contact me at, and follow us at @gawkerphasezero. If you are into the theater of being underground, you can anonymously deliver tips through the Gawker Media SecureDrop. I’ve got a book on drones coming out in July called Unmanned: Drones, Data and the Illusion of Perfect Warfare. I’m open to your input and your questions, tough questions.

The Destruction of Gilgamesh at the Mosul Museum and Why It’s about so Much More than Artifacts

The sad part of this story is that neither ISIS nor anyone in the West really understands the importance of Gilgamesh. I ruminate about this extensively in my upcoming book, Unmanned: Drones, Data, and the Illusion of Perfect Warfare. As I say in conclusion:

“The Epic of Gilgamesh is about what it means to be human. In the original Sumerian version, laid down before Babylonian times, the king finds Utanapishti and receives not just the story of the flood but also long-lost information on practices and rituals that had fallen out of use after the deluge. Gilgamesh returns to Uruk to restore the old ways and be more civilized, which means, amongst other things, ruling wisely and caring for a human community. A hero who at the beginning of the Epic is clearly closer to the gods than to ordinary mortals, a bumbling superpower labeled a “wild bull on the rampage,” grows and learns that he is not all-powerful or all-knowing, that he will not live forever. He is a man, after all, even if he is divine. Beginning and ending with stanzas that emphasize the magnificence of the walls of Uruk, the whole narrative exudes the message that what man leaves behind is his only hope for immortality.”

Gilgamesh is also a crucial black box on American drones. One of those magic devices that has convinced us that what we are doing in the war on terrorism is logical and precise. We are all-seeing; they are all-seeing. No wonder we are in an era of perpetual warfare.

Click here to pre-order your copy.

Germany: : Das unterwanderte Land (The Infiltrated Country)

I’ve been working for a couple of months on an investigation of the totality of U.S. intelligence in Germany, out today in Stern magazine.  English translation coming soon.

Stern 31 October 2013

NSA Tailored Access Operations

Found a little more about Tailored Access Operations (TAO), the Computer Network Exploitation/Computer Network Attack (CNE/CNA) operation of NSA, long known, but mentioned in the Washington Post article last week revealing the National Intelligence Budget.  The Post describes TAO as “surreptitiously installing spyware and tracking devices on targeted computers and mobile-phone networks.”  I think that description is too broad.

Tailored Access Operations, or sometimes called Defense Tailored Access Operations, is part of the S3 Data Aquisition, or the Signal Intelligence Directorate.  It is made up of six subordinate elements (branches):

  • S321:  Remote Operations Center (ROC)
  • S323: Data Network Technologies (DNT)
  • S324: Telecommunication Network Technologies (TNT)
  • S325: Mission Infrastructure Technologies (MIT)
  • S327: Requirements & Targeting (R&T)
  • S328: Access Technologies Operations (ATO)

The Remote Operations Center is the primary CNE operation of the U.S. government to gain access and intelligence from computer networks in direct support to cyber security & network warfare missions.  It is made up of the following divisions:

  • NOC: Network Ops Center
  • ORD: Operational Readiness Division (Training)
  • IOD: Interactive Ops Division
  • POD: Production Ops Division
  • AOD: Access Operations Division

The Network Warfare Team (NWT) provides liaison between the military and TAO.

Two tool development organizations are also subordinate to TAO:

  • TNT- Telecommunications Network Technologies
  • DNT- Data Network Technologies.