Posted by wizardforhire 5 hours ago
> He then got out a blank form and handed it to me, saying ``Here, fill it out again and don't mention that. If you do, I'll make sure that you never get a security clearance.''
It's important to "see like the government" when dealing with the government (pun on "seeing like a bank" by https://www.bitsaboutmoney.com/archive/seeing-like-a-bank/ if anyone didn't catch the reference).
Everything fits into bins and categories with checkmarks and such. As an entity it has no "bin" for "investigated as Japanese spy as a joke when was a child". So you have to pick the closest bin that matches. However, that doesn't mean the same government later won't turn around also punish you for not picking the right "bin". Not "realizing" that it's its own fault for not having enough categories i.e. bins for you to pick. And, some may argue, that's a feature not a bug...
So you've come almost full circle!
maybe the government has no bin for "investegated by the FBI for a silly and innocuous reason". but maybe they do, and lying about it slots you into the bin for "lied on their security clearance form".
I have some silly not nearly as interesting infractions and I wrote them out in detail explaining, without any issue in processing background checks. It usually is something that’s asked about in an in person interview at that point.
The military is unfortunately chock full of functional alcoholics. As long as they don't get caught drunk on the job, seen partying too much, DIU, or admit anything to their doctor, they keep getting renewed their clearance.
Interestingly enough, if there's even the smallest suspicious that you smoke weed, they'll put you through the wringer. I've seen more people lose their clearance for pissing hot, than those with six figure debts or drinking 5 days a week.
It also seems like a fairly smart way to do graft. If you're bribing someone and they drink up or smoke all the evidence then they can't prove how much or how often you bribed them. Which would make alcoholics a good target especially if you can get your hands on fancy liquor.
It’s just “things aren’t right”, and not “here’s what we need to do…”
When? In the 90s? Biggest pothead I know has had a clearance since '05. For my own form, I straight up admitted I had done it and did not regret it.
If your family and wife know you sometimes sleep with men, that's not necessarily a problem. If nobody knows, that's a problem. Similarly if your wife and boss don't know you owe $50,000 to a bookie or your coke dealer, that's a liability.
Actually would be sort of interesting if your boss did know you owed a bookie $50k and they found a way to use that to make you into a triple agent...
I have to defer to you here since it sounds like my experience is more limited, but this is not my understanding at all. The agencies care a lot about financial indiscretions, as those applicants are most susceptible to compromise. And indeed, if you look at the lists of denials and appeals, you might think that money issues are the only reason anyone is ever denied.
Lying about having smoked weed is another story.
Well yeah. If it's not affecting your job then what's it matter? If your a closet alcoholic then sure that's something the Russians could hold over you.
There's millions of people with clearances; that's impossible to staff at below market wages and also above average moral(?) standards.
Alcohol lowers inhibitions and alters decision making. Drinking a lot of alcohol more so than casual drinking. Frequently drinking a lot of alcohol has a very high area under the curve of poor decision making.
Functional alcoholism can come with delusions of sobriety where the person believes they’re not too drunk despite being heavily impaired.
So they’ll do things like have a few (or ten) drinks before checking their email. It makes them a better target for everything like fishing attacks, as one example.
It’s not just about enemies holding it against you.
Phishing is not the problem here. Your laptop isn’t getting SIPR emails with links to fake login screens.
Still not as bad as being susceptible to blackmail or bribes
When converting from a traditional process to an electronic one, half my job is twisting people's arms and playing mind reader trying to determine what they ACTUALLY do day-to-day instead of the hypothetical offical, documented, process.
Some of the workarounds that people do instead of updating the process are damn right unhinged.
edit: Otoh, my boss is kinda giving up on automating another group's process, because he seems to be getting a lot of 'it depends' answers.
So what ultimately winds up happening is, you'll roll out the process according to the official way, and then it is drip-drip-drip of changes as you find out the real-world version.
If the system is broken, this is actually a good thing.
I have some experience doing automation work in small and large scale factories. When automating manufacturing work you almost always discover some flaws in the product or process that humans have been covering up as part of their job. These problems surface during the automation phase and get prioritized for fixes.
You might think you could accomplish the same thing by directly asking the people doing the work what could be improved, but in my experience they either don’t notice it any more because it’s part of their job or, in extreme cases, they like that the inefficiency exists because they think it provides extra job security.
And the system is always broken. Reality is messy, systems are rigid, there always has to be a permissive layer somewhere in the interface.
Sometimes when you reveal extensive noncompliance with dumb requirements, the requirements get less dumb. Other times, the organisation doubles down and starts punishing the noncompliance.
My employer's official security policies say everyone should kensington lock their laptop to their desk at all times, even though the office is behind two guards and three security doors. Nobody does. But if someone made a load of noise about it, there's no guarantee they'd remove the widely ignored rule; they might instead start enforcing it.
We need waste as much as we need investment. The trick is to find the value in between. I think the sweet spot will be augmenting work, not necessarily optimizing it.
[0]: "Computer Says No" https://www.youtube.com/watch?v=x0YGZPycMEU
In Navy boot camp the person reviewing my security clearance application (which was filled out weeks before) was very helpful in the way he asked the critical question. “It says here you tried marijuana once. Is that true?”
It's likely that answering yes to that question meant an instant rejection for the clearance AND summer job. The FBI was probably not inclined to spend money looking into such an obviously trivial matter just so some kid could get some work experience. "Sorry, try the McDonald's down the street."
That security officer did the author an incredibly big favor.
The coverup is always worse than the original sin.
But maybe if the thing you're revealing is "I myself was suspected to be a spy," that changes the calculus a bit.
There is nothing morally wrong in felonies like this, just don't get caught.
Highly debatable. If you believe in a categorical imperative that to intentionally deceive another person is wrong, then lying by omission is still an immoral act. A Christian might also interpret the words of Jesus “Render to Caesar what is Caesar’s” as an imperative to comply fully with the law of the land.
If Jesus (assuming he existed, even, regardless of any sort of divinity) tells us that following the law is always the moral thing to do, then he was wrong.
I don't think it's all that debatable to say that deceiving people is categorically wrong, nor is it to say that it's immoral not to follow the laws of the land -- both are obviously untrue as absolute statements.
For extreme examples, would it be immoral to lie to the Gestapo about harboring Jews? Were people illegally helping slaves escape the American South being immoral?
He had no obligation to put that on security clearance form whatsoever.
He made a cypher with a school friend, which cypher was handed by a stranger to the FBI and investigated. That one possible outcome of the investigation might be 'the subject is a Japanese spy' doesn't mean _he_ was suspected of that; not by the FBI at least.
If he said, "I made a cypher in school", then likely the form would have been considered fine? Presumably his record clearly showed the FBI incident, so I'm surprised that lying in the second form didn't cause concern sufficient to question him. But there you go; I've never had any associations with TLAs, what would I know.
You can guarantee the many people who work for intelligence agencies of US allies aren't admitting to that when they travel to the US.
It's all a bit of a game.
Maybe to deport you for espionage requires a jury trial, but to revoke status for misleading answers on an immigration form is administrative and so is deportation for lack of status.
I seem to recall some extraordinary cases where untruthful answers on immigration forms were used to justify denaturalization.
Quite.
People born in the 90s wouldn’t have a chance to be old enough to belong to any group other than a preschool before the collapse of the Soviet and Soviet aligned regimes.
For those who were adults before 1990, while they may have been party members for reasons unrelated to political ideology, it wasn’t as common: in the late 80s, only ~10% of adults in Warsaw pact countries were communist party members. Far from “everyone”.
And even if you check that in the DS-160 visa application form, you are allowed to add an explanation. Consular visa officers are very well familiar with the political situation at the countries they are stationed in, and can grant visa even if the box is checked.
About a year later I learned that one of my users hacked an airport. At the time a few of my users would set their computers to dial random numbers and find modems answering. One of the numbers was a very strange system with no password. The story I heard was that they didn't know what the system was, because it had no identifying information. https://www.cnet.com/tech/services-and-software/doj-charges-...
> The attack on the branch of an unidentified major pharmacy chain occurred on four separate occasions from January through March of last year. The hacker acquired the names, contact information, and prescriptions for the pharmacy's customers
I think the story you heard was a watered down version of what they were doing. You can’t do things like exfiltrate data from a pharmacy database and not know what the system you’re attacking is for.
From an OG computer scientist [0], about antics at age 12 which might strike some of us as familiar :)
Also the server header is "lactoserv"
The real flex would be for AI.com to have nothing to do with AI whatsoever.
Really fascinating and quirky guy as you can probably infer from the site.
You've got to actually use a trademark-adjacent domain in good faith though, otherwise you might get the rug pulled from under you.
https://www.roadandtrack.com/news/a69634055/75-million-dolla...
Apple Intelligence?
Talk about missing the low hanging fruit!
;)
https://www.npr.org/2025/09/03/nx-s1-5526903/domain-name-val...
I was doing my mandatory update coincidental with the roll-out and when I got to the question, "mother a US citizen" I had to check the "no" box and the immediate pop-up was "date of first contact?" which actually got me thinking along existential lines for a moment.