15 April 2010
Thomas Drake personal and career information.
The accused newspaper reporter may be with the New York Times. The three most associated with NSA reporting during the alleged period are James Risen, Eric Lichtblau and Scott Shane. James Risen may be prime suspect. Risen and Lichtblau won a Pulitzer for NSA revelations. A long shot is Siobhan Gorman with the Baltimore Sun who covers NSA regularly.
Former NSA Senior Executive Charged with Illegally Retaining Classified Information, Obstructing Justice and Making False Statements
Thu, 15 Apr 2010 09:33:19 -0500
A federal grand jury in the District of Maryland has returned a 10-count indictment charging former National Security Agency (NSA) senior executive Thomas A. Drake with the willful retention of classified information, obstruction of justice and making false statements.
According to the indictment, Drake, 52, was a high-ranking NSA employee from 2001 through 2008, where he had access to highly classified documents and information. The indictment alleges that between approximately February 2006 and November 2007, a newspaper reporter published a series of articles about the NSA. The indictment alleges that Drake served as a source for many of those articles, including articles that contained classified information. The indictment also alleges that Drake took a series of steps to facilitate the provision of this information to the reporter, including:
* exchanging hundreds of e-mails with and meeting with the reporter;
* researching stories for the reporter to write in the future by e-mailing unwitting NSA employees and accessing classified and unclassified documents on classified NSA networks;
* copying and pasting classified and unclassified information from NSA documents into untitled word processing documents which, when printed, had the classification markings removed;
* printing both classified and unclassified documents, bringing them to his home, and retaining them there without authority;
* scanning and emailing electronic copies of classified and unclassified documents to the reporter from his home computer; and
* reviewing, commenting on, and editing drafts of the reporters articles.
"As alleged, this defendant used a secret, non-government e-mail account to transmit classified and unclassified information that he was not authorized to possess or disclose. As if those allegations are not serious enough, he also allegedly later shredded documents and lied about his conduct to federal agents in order to obstruct their investigation," said Assistant Attorney General Lanny A. Breuer. "Our national security demands that the sort of conduct alleged here violating the governments trust by illegally retaining and disclosing classified information be prosecuted and prosecuted vigorously."
"The FBI takes very seriously allegations involving government employees who willfully retain or disclose classified information they are not authorized to possess. Working with prosecutors, we will continue to investigate and pursue charges against these individuals whose actions cannot be justified or tolerated," said Arthur M. Cummings II, FBI Executive Assistant Director, National Security Branch.
The indictment alleges that Drake received training regarding the protection of classified information, including the instruction not to remove classified information from the NSA. The indictment also alleges that Drake signed acknowledgments affirming that any documents or information he intended for public disclosure were required to be submitted to the NSA for pre-publication review. At no time, according to the indictment, did the NSA authorize Drake to de-classify information or to disclose classified information to unauthorized persons, nor did the NSA authorize Drake to copy and print classified information in a manner that removed its classification markings or to possess classified documents or information at his home.
The indictment alleges that in approximately November 2005, a former congressional staffer asked Drake to speak with a reporter. Between November 2005 and February 2006, according to the indictment, Drake signed up for a free account and then paid for a premium account with an e-mail service that enabled its users to exchange secure e-mails without disclosing the sender or recipients identity. Using an alias, Drake allegedly then contacted the reporter and volunteered to disclose information about the NSA. The indictment alleges that Drake directed the reporter to create the reporters own secure e-mail account. After the reporter created such an account, Drake also allegedly required the reporter to agree to certain conditions, including never revealing Drakes identity; attributing information gathered from Drake to a "senior intelligence official"; never using Drake as a single source for information; never telling Drake who the reporters other sources were; and not commenting on what people, to whom Drake recommended the reporter speak, said to the reporter.
Drake allegedly attempted to conceal his relationship with the reporter and prevent the discovery of evidence linking Drake to his retention of classified documents after the FBI began a criminal investigation into the disclosure of classified information. Specifically, Drake allegedly shredded classified and unclassified documents, including his handwritten notes that he had removed from the NSA; deleted classified and unclassified information on his home computer; and made false statements to FBI agents.
The indictment charges Drake with five counts of willfully retaining documents that relate to the national defense. These include four classified e-mails and an additional classified document. In addition, the indictment charges Drake with obstruction of justice for allegedly destroying and deleting documents with the intent to impede and obstruct the federal investigation into alleged disclosures of classified information. The indictment also charges Drake with four counts of making false statements to FBI agents.
Willful retention of classified documents carries a maximum penalty of 10 years in prison. Obstruction of justice carries a maximum penalty of 20 years in prison. The charge of making a false statement carries a maximum penalty of five years in prison. Each of the charged counts carries a maximum fine of $250,000.
The case is being prosecuted by Senior Litigation Counsel William M. Welch II of the Criminal Division and Trial Attorney John P. Pearson of the Criminal Divisions Public Integrity Section. This case is being investigated by the FBI and the NSA Office of Security & Counterintelligence. The National Security Division also provided assistance in this matter.
An indictment is merely an allegation. Defendants are presumed innocent unless proven guilty in a court of law.
Thomas Drake, "Measuring Software Quality: A Case Study," Computer, vol. 29, no. 11, pp. 78-87, November, 1996.
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/2.544241
Over the years, the National Security Agency has become extremely dependent on the software that makes up its information technology infrastructure. NSA has come to view software as a critical resource upon which much of the world's security, prosperity, and economic competitiveness increasingly rest. If anything, dependence on software and its corresponding effect on national security makes it imperative for NSA to accept and maintain only the highest quality software. Cost overruns or software systems that are defective or of low quality can impose a significant burden on national security and NSA's mission. NSA is no more immune than the rest of the software industry to the problems of low-quality software. Software development is intensely manual in nature, and it inevitably falls victim to rushed schedules, constantly changing requirements, poor process, and failure to adhere to software engineering practices. So what is NSA doing about software quality? The NSA's Software Engineering Applied Technology Center has done metrics analysis on some 25 million lines of code. The result is a highly correlated set of measures that we have developed into a streamlined set of code-level release criteria that we apply to code written at NSA organizations. The author describes these critical measures and has drawn up a case study to illustrate the benefits of applied quality assurance and code-level measurement activities.
Thomas Drake on ZoomInfo:
Thomas Drake article:
Mr. Thomas A. Drake (Coastal Research & Technology, Inc.) [USA]
Is Quality Really "Good Enough" for the Millennium? (2Q)
Mr. Drake is a software quality specialist and management and information technology consultant for Coastal Research & Technology, Inc. in the United States. He currently leads and manages a U.S. government agency-level Software Engineering Knowledge Based Center's software quality engineering initiative. As part of an industry and government outreach/partnership program, he holds frequent seminars and tutorials covering code analysis, software metrics, OO analysis for C++ and Java, coding practice, testing, best current practices in software development, the business case for software engineering, software quality engineering, project management, organizational dynamics and change management, and the people side of information technology.
Mr. Drake has personally measured and analyzed over 80,000,000 lines of Java, C++, C, Ada, Fortran, PL/I, and Assembly code plus others. Over the past several years, some very interesting patterns have emerged. The result of all the analysis is a highly correlated set of measures that have been developed into a streamlined set of code-level release criteria. This data is then combined with defect density information derived from dynamic testing data from each "phase" or milestone of the development life cycle as a feedback loop for making informed business decisions to improve the quality of the software over time via the process by which the development project is delivered.
Mr. Drake has spoken at several international conferences and frequently conducts interactive and facilitated educational and general interest seminars on the people, process and technology sides of software development and enterprise-level information management systems.
He considers himself a quality advocate and a digital archaeologist.
He supports the "weak-link" theory of software development and the use of software entropy principles as a risk identifier for generating higher quality software-based information technology systems.
He is also involved in Y2K contingency planning and related business enterprise and mission continuity support.
He is currently focused on the development and use of product-level and reflected process-level OO metrics for C++ and Java.
He is the principal author of a chapter on "Metrics Used for Object-Oriented Software Quality" for a CRC Press Object Technology Handbook published in December of 1998.
In addition, Mr. Drake is the author of a theme article entitled: "Measuring Software Quality: A Case Study" published in the November 1996 issue of IEEE Computer.
Mr. Drake is listed with the International Who's Who for Information Technology for 1999.
Mr. Drake is a member of IEEE and an affiliate member of the IEEE Computer Society.
Mr. Thomas Drake, CRTI, USA
Mr. Drake is a software and systems quality specialist and management and information technology consultant for Coastal Research & Technology, Inc. in the United States. He currently leads and manages a U.S. government agency-level Software Engineering Knowledge Based Center's software quality engineering initiative. As part of an industry and government outreach/partnership program, he holds frequent seminars and tutorials covering code analysis, software metrics, OO analysis for C++ and Java, coding practice, testing, best current practices in software development, the business case for software engineering, software quality engineering, project management, organizational dynamics and change management, and the people side of information technology.
Mr. Drake has personally measured and analyzed over 125,000,000 lines of Java, C++, C, Ada, Fortran, Pascal, and Assembler code plus others. He supports the "weak-link" theory of software development and the use of software entropy principles as a risk identifier for generating higher quality software-based information technology systems.
He is the principal author of a chapter on "Metrics Used for Object-Oriented Software Quality" for a CRC Press Object Technology Handbook published in December of 1998. In addition, Mr. Drake is the author of a theme article entitled: "Measuring Software Quality: A Case Study" published in the November 1996 issue of IEEE Computer.
Mr. Drake is listed with the International Who's Who for Information Technology for 1999, is a member of IEEE and an affiliate member of the IEEE Computer Society. He is also a Certified Software Test Engineer (CSTE) from the Quality Assurance Institute (QAI). He considers himself a quality advocate and a software archaeologist.