Lying and RIP

[Ross Anderson]

Nick Bohm:

> You can revoke your key, which does not disclose what you are forbidden 
> to disclose; but if asked why, you must say "I cannot tell you". 

Exactly - the UK and US practice on classified information has long
differed in that if someone tries to access data for which he doesn't
have a clearance, US systems will tell a lie while UK systems will say
`access denied' or words to that effect.

The UK system is much more robust. Consider for example a ship taking
missiles to Iran on a voyage classified `secret'. In the UK, an
uncleared user simply gets told `none of your business' when he asks
where it's going; in the USA the system will say something like `we're
taking spare jet engines to Cyprus'. This causes all sorts of
screw-ups as the uncleared person might now try to add another cargo
for Cyprus. This is called `polyinstantiation'. (Well, with a third
of the US population describing themselves as born-again Christians,
they can't very well call it lying, can they?)

So there'd be significant operational precedent for following Nick's
advice and if that leaks the information the government sought to
protect, well it's obviously their tough luck for designing the system
so badly

Ross