A community for discussing events around the World
Rule 1: posts have the following requirements:
Rule 2: Do not copy the entire article into your post. The key points in 1-2 paragraphs is allowed (even encouraged!), but large segments of articles posted in the body will result in the post being removed. If you have to stop and think "Is this fair use?", it probably isn't. Archive links, especially the ones created on link submission, are absolutely allowed but those that avoid paywalls are not.
Rule 3: Opinions articles, or Articles based on misinformation/propaganda may be removed. Sources that have a Low or Very Low factual reporting rating or MBFC Credibility Rating may be removed.
Rule 4: Posts or comments that are homophobic, transphobic, racist, sexist, anti-religious, or ableist will be removed. “Ironic” prejudice is just prejudiced.
Posts and comments must abide by the lemmy.world terms of service UPDATED AS OF 10/19
Rule 5: Keep it civil. It's OK to say the subject of an article is behaving like a (pejorative, pejorative). It's NOT OK to say another USER is (pejorative). Strong language is fine, just not directed at other members. Engage in good-faith and with respect! This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban.
Rule 6: Memes, spam, other low effort posting, reposts, misinformation, advocating violence, off-topic, trolling, offensive, regarding the moderators or meta in content may be removed at any time.
Rule 7: We didn't USED to need a rule about how many posts one could make in a day, then someone posted NINETEEN articles in a single day. Not comments, FULL ARTICLES. If you're posting more than say, 10 or so, consider going outside and touching grass. We reserve the right to limit over-posting so a single user does not dominate the front page.
We ask that the users report any comment or post that violate the rules, to use critical thinking when reading, posting or commenting. Users that post off-topic spam, advocate violence, have multiple comments or posts removed, weaponize reports or violate the code of conduct will be banned.
All posts and comments will be reviewed on a case-by-case basis. This means that some content that violates the rules may be allowed, while other content that does not violate the rules may be removed. The moderators retain the right to remove any content and ban users.
News [email protected]
Politics [email protected]
World Politics [email protected]
For Firefox users, there is media bias / propaganda / fact check plugin.
https://addons.mozilla.org/en-US/firefox/addon/media-bias-fact-check/
The mistake has resulted in highly sensitive information being exposed, including diplomatic documents, passwords, travel details of top officers, and tax returns, according to the report from the Financial Times.
Why the fuck is the US Military emailing passwords to anyone at all?
Why are they not encrypting the email?
Why are they using email???
As opposed to what? I get what you are saying but there's nothing more practical and with E2E encryption it should be in.
But I do agree if you are transferring S/TS/SCI you should be using a closed system over a VPN.
for YEARS
Don’t assume malice when incompetence is equally likely.
Accidentally? Or someone was paid off
I think that is not publicly known.
To be fair, the only difference between .mil and .ml is a single typo.
According to a new report, the United States military has been sending millions of emails to a West African country in what is being called a “typo leak.”
The mistake has resulted in highly sensitive information being exposed, including diplomatic documents, passwords, travel details of top officers, and tax returns, according to the report from the Financial Times.
The typo in question has to do with the suffix for all US military email addresses, .MIL. While military personnel may be intending to send an email to another member of the armed forces, they mistakenly continue to send their messages to the .ML domain, the country identifier for Mali.
Other information that was potentially leaked includes highly-sensitive data about serving US military personnel, like medical information, crew lists for ships, photos of bases, naval inspection reports, maps of installations, and contracts.
While the information being leaked is serious, it’s compounded by the fact that the US military has been aware of the typo leak for almost a decade, the Times reported.
The first person to identify the issue was Dutch internet entrepreneur Johannes Zuurbier, who has a contract to manage the Mali domain. Zuurbier has made efforts to notify the US of the problem, but after not seeing any action taken to stop the leak, he started to collect the misdirected emails.
According to the Times, Zuurbier has been collecting emails for six months in an attempt to show the US the issue was serious. Over that time period, he has collected nearly 117,000 emails.
Zuurbier wrote a letter to the US earlier this month, bringing attention to the issue once again, the Times reported.
“This risk is real and could be exploited by adversaries of the US,” he wrote.
Now, retired military officials, like the former admiral of the National Security Agency and the US Army’s Cyber Command, Mike Rogers, are pointing to the risk of letting the information leak.
“If you have this kind of sustained access, you can generate intelligence even just from unclassified information,” Rogers told the Times. “This is not uncommon. It’s not out of the norm that people make mistakes, but the question is the scale, the duration, and the sensitivity of the information.”
Rogers says that Zuurbier having the information in his possession is one thing, but a foreign government is another issue.
The concern is also growing as the internet entrepreneur is coming to the end of his 10-year management contract with Mali’s government, which is closely allied with Russia.
Once his contract is expired, Malian authorities will be able to gather the misdirected emails and do with them what they please.
Pentagon spokesman Lt. Cmdr Tim Gorman said the Defence Department is “aware of this issue and takes all unauthorized disclosures of controlled national security information or controlled unclassified information seriously.”
He also said that emails sent directly to a .MIL domain to Malian addresses are “blocked before they leave the .mil domain, and the sender is notified that they must validate the email addresses of the intended recipients.”
He also said that emails sent directly to a .MIL domain to Malian addresses are “blocked before they leave the .mil domain
Seems this guy is proven wrong 117000 times, at least :-)
I'm from Europe so I can't see the actual posted link. But I assume it's military grade email. It works, and made by the cheapest vendor?
I posted the text in a top level comment. I hate geo-fencing.
According to another article it says the contractor identified the problem almost 10 years ago, maybe that was a typo as well?
But yikes, that’s just bad work all around.