[HN Gopher] How many people have Q Clearance?
___________________________________________________________________
How many people have Q Clearance?
Author : Amorymeltzer
Score : 80 points
Date : 2021-11-12 20:15 UTC (2 hours ago)
(HTM) web link (blog.nuclearsecrecy.com)
(TXT) w3m dump (blog.nuclearsecrecy.com)
| supernova87a wrote:
| Isn't "Q" only a general top clearance and not really revealing
| how many people are privy to important secret information? I
| understood that Q indicates someone could be given access to
| certain information from a risk point of view, and only with some
| further project-specific reason would they actually have access
| to actual secrets.
| ocschwar wrote:
| A Q clearance could mean you are privy to absolutely nothing.
| The janitors cleaning the buildings in the secure part of LANL
| all have Q clearances because they might, might, be exposed to
| classified information. Needless to say, just because they
| might poke their nose in the wrong office, doesn't mean they
| will. The less you know, the less the Lab wants to track your
| whereabouts after hours.
| Finnucane wrote:
| No, as the article tries to make clear, it is for handling of
| nuclear weapons-related information only. And yeah, people get
| it because they need to work in a lab or otherwise be proximate
| to the work, but aren't working directly on it themselves.
| acquacow wrote:
| It is definitely not for handling nuclear weapons-related
| information only. It's as generic as a normal TS in that
| agency and is even given temporarily to people coming in from
| outside agencies with a TS/Poly for meetings.
| soneil wrote:
| The easiest way to understand is to picture if clearances
| didn't exist. If you had a requirement for certain material,
| someone would have to decide if you were safe, perhaps do
| background checks, get someone to vouch for you, etc.
|
| Clearances just standardize that, so you can trust that it's
| been performed within X years. You still don't share material
| without a requirement, you've just outsourced the other half.
| itronitron wrote:
| Yes, a person with Q or TS would also need SCI and/or sigma
| clearances in order to access anything (without an escort).
| [deleted]
| entropie wrote:
| Its dead jim
| uncomputation wrote:
| Slashdotted.
| aimor wrote:
| "so I filed a Freedom of Information Act request"
|
| Exactly the thing I was thinking after reading just the title.
| Glad to see he got a response and published it here!
|
| Site is down now, but: April 2018 - 87,113
| April 2019 - 90,454 April 2020 - 98,103 April
| 2021 - 92,177
| ashtonkem wrote:
| So, a lot of people. This backs up another poster's assertion
| that Q clearance is required for certain jobs, even if you
| don't handle any information that requires it. ~100,000 people
| with some secrets is probably too many people to actually keep
| said secrets secret.
| aerostable_slug wrote:
| Note that Sigmas further control various types of
| information. The number of people with something like Sigma
| 20 (very sensitive data regarding certain improvised nuclear
| explosives) is a small subset of those with a Q clearance.
|
| And of course, our friend Need To Know is always in play.
| xxpor wrote:
| I'm kind of shocked that the numbers aren't themselves
| classified.
| TheCoelacanth wrote:
| I would imagine that how many people have actual access to
| nuclear information is more closely guarded.
|
| Most of these people wouldn't have any actual access, they
| just have the clearance that would allow them to have access
| if they are in a role that requires access.
| madars wrote:
| Site is down but someone archived it: https://archive.md/mYnjF
| dredmorbius wrote:
| Internet Archive also:
| https://web.archive.org/web/20211112214234/blog.nuclearsecre...
| c0balt wrote:
| You don't get a role by having clearence. You get clearence and
| access to 'classified' materials by having a role.
|
| I think clearence has been overused as a dramaturgical element a
| lot but it sure as hell sounds cool.
| colonelxc wrote:
| A lot of people at the national labs have Q clearances, even if
| they never do nuclear stuff. As the article somewhat mentions,
| it's roughly 'Q=TS+nukes'. So if you need to do any TS stuff at a
| national lab, you're going to get a Q clearance.
| RyJones wrote:
| That was my first thought - PNNL spits out a ton of people with
| Q clearance
| chrisseaton wrote:
| > So if you need to do any TS stuff at a national lab, you're
| going to get a Q clearance.
|
| Well you're going to apply for it but you're not necessarily
| going to get it.
| ganoushoreilly wrote:
| It's very rare that if you meet TS requirements you're not
| getting the Q (if you're placed in a position where it's
| needed as more than likely you are already SCI cleared). In
| fact if you are denied for Q it likely means you're losing
| your TS too. There are exceptions but I would argue they're
| not the norm.
|
| Either way, we have propensity to over classify things in the
| government and that's a whole other argument.
| samstave wrote:
| I recall the two biggest stories about foreign spies in these
| labs:
|
| 1. Chinese blamed for stealing Los Alamos secret by stashing
| hard drives behind a copy machine and grabbing them later.
|
| 2. Chinese engineer at JPL worked there for decades and was
| thought to be a nice family in Pasadina - but lived in a really
| super spartan house and the wife was the engineer's handler and
| their kids were the mules to haul data back to ccp
|
| 3. China's trickle hack on lockheed by phishing employees who
| had attended defense conferences
|
| 4. China hacking Lockheed providers in Taiwan with an air gap
| and sneakernet to gain access to lockheed laptops via USB
| explots (this was one of the factors, IIRC why epoxy in USB
| ports was common) -- ((But if you ever had any SGI O2 machines
| -- there was an additional port (serial I think - I don't think
| they were USB) but this 'option' was several thousand more $ --
| but it was on every machine and all you had to do was punch out
| the plastic cover from the case)
|
| 5. Israel + USA hacking Iran via STUXNET in the same method
| with airgaps etc.
|
| The guy who worked at oak ridge, took on a Russian Mail Order
| Bride and got her a job in oak ridge (accounting I thinkg, I
| can't recall) -- and it turned out she was a russian handler,
| but they denied it -- but everyone knew that every single
| person from the USG who went to russia was assigned a female
| handler, and these handlers were highly trained, and they had
| several levels of handlers above them to ensure non-defection
| chain-of-custody-of-intel.
|
| 6. I had a few more specific to nukes - but I got distracted -
| Ill update if I recall the others.
|
| Some of the above have REALLY good documentaries on them. Some
| of them are known by fewer people - but they are not secret
| breaches... they got memory-holed.
| irrational wrote:
| My father in law was a radio engineer (retired) that had a job
| installing equipment in a nuclear power plant. He had to go all
| over the facility for weeks. Based on the article, I would think
| his clearance would have been S, but the author seems to think S
| has been discontinued. I'll have to ask him to see if he
| remembers when they come over for Thanksgiving.
| aerostable_slug wrote:
| It's possible his access authorization was granted by NRC, not
| DOE.
|
| I've gone through DOE/NNSA processes and what I needed for
| plant access (pentesting for a utility) was through NRC and a
| bit different.
| ThaDood wrote:
| I'd be more curious about Top Secret - Full Scope.
| imwillofficial wrote:
| TS FS isn't a clearance level. Perhaps you're referring to Top
| Secret/Secure Compartmented Information clearance with a Full
| Scope Polygraph?
|
| That number is classified.
| woodruffw wrote:
| AFAIK, the _number_ of people with TS //SCI is not actually
| classified. It's just hard to get a complete headcount
| because of how broad the designation is.
|
| As of 2017, approximately 2.8 million people held TS[1]. A
| sizable percentage of those people are also probably TS//SCI.
|
| Edit: Uncited, from Wikipedia:
|
| > In general, military personnel and civilian employees
| (government and contractor) do not publish the individual
| compartments for which they are cleared. While this
| information is not classified, specific compartment listings
| may reveal sensitive information when correlated with an
| individual's resume. Therefore, it is sufficient to declare
| that a candidate possesses a TS/SCI clearance with a
| polygraph.
|
| [1]: https://about.clearancejobs.com/hubfs/Clearancejobs_Imag
| es_N...
| tytso wrote:
| Full Scope refers to a type of polygraph examination which
| someone might be asked to undergo as part of the investigation
| process before getting a security clearance. At one point, you
| could either get a counter-intelligence polygraph examination,
| where you were asked questions basically to determine if you
| were a foreign agent, or approached to work on behalf of a
| foreign agent, and that would take half a day, or you could be
| given a "full scope" polygraph examine, which might take a full
| day, and would ask a much larger invasive set of questions
| about your lifestyle. For example, a decade or two ago, you
| might be asked questions about your sexual practices and/or
| identity lest that be used as blackmail leverage by a foreign
| agent. (For example, if you say, were into golden showers, and
| were trying to keep that a secret, might Russia be able to use
| the threat of making a video tape of that practice to get you
| to betray your country?)
|
| Access to some security comparments ("Sensitive Compartmented
| Information") might require both a need to know, and either a
| Counter-Intelligence or Full Scope polygraph examination. If
| you have a current (non-expired) TS/CI Poly or TS/FS Poly
| investigation, could be quite valuable to a defense contractor,
| because it can take a while (potentially months or years) and
| cost $$$ for you to get that investigation, which combined with
| the need to know, would be necessary to get you access to
| certain classified compartments which might be necessary for
| you to work on a particular project. Otherwise, you might have
| the necessary computer skills, but without having the requisite
| security clearance investigation having been done on you, the
| defense contractor might have to hire you and have you work on
| non-classified aspect of the projects for months and months (or
| if you are a new college grad, maybe even twiddling your
| fingers) until the security clearance investigation had been
| completed.
| formerly_proven wrote:
| Correct me if I'm wrong - but haven't polygraphs been
| thoroughly discredited?
| jdavis703 wrote:
| Yes, they've been discredited as a binary, true or false,
| lie detector. However a skilled investigator can still use
| polygraphs as one tool in a toolbox to hone in on
| particular areas. They can then either have the subject
| contradict themselves or find areas to further investigate
| (e.g. asking the neighbors what sorts of people the subject
| has over.)
| orangepurple wrote:
| Polygraphs are used for bullying adults into confessing
| things they normally wouldn't.
| phkahler wrote:
| I think the notion of "lie detector" has been discredited.
| Someone who wants to learn to pass a polygraph can probably
| do so. Screening applicants for vulnerability doesn't have
| to be a perfect process as it's part of a larger security
| system.
| woodruffw wrote:
| Yes. They're part of the clearance process for
| psychological reasons.
| version_five wrote:
| Ironically, a layperson probably would give away their
| secrets easily because of the anxiety of the situation,
| while someone who might actually be an offensive threat
| is more likely to be able to beat a polygraph.
|
| Realistically, they are probably very effective at
| verifying whether normal people have secrets that could
| be used for blackmail, as you say, because of the
| psychology, even if the machine isn't actually doing
| anything.
|
| Anecdotally, I've heard of security interviews (for
| government intelligence, I can't give context) where the
| interviewer just says "i'll know if you lie". For the
| average person this is enough to make them flustered if
| asked an awkward question.
| woodruffw wrote:
| I think that's the goal: the polygraph isn't supposed to
| catch a pathological liar or mole. It's supposed to
| fluster you into telling the truth, even the embarrassing
| truth, to ensure that you can't be blackmailed or
| extorted. I've heard my fair share of funny(?) stories
| about polygraph admissions that basically ended in the
| interviewer shrugging and saying "well, at least you
| didn't hide it."
| xxpor wrote:
| I've heard stories about the polygraphs that basically
| boil down to: we don't care if you smoke weed. we DO care
| that you tell us and don't lie about it.
| starwind wrote:
| I heard about one guy who couldn't pass the poly no
| matter how many times he took it. He chalked it up to
| Catholic guilt. He ended up going to work for a different
| company doing rocket stuff (I think the ULA) cause he
| could use his clearance but they didn't require polys. He
| might even still have access to JWICS in his new job
| appletrotter wrote:
| not quite. they do provide meaningful information, just not
| good evidence to a court.
| starwind wrote:
| They still ask about sexual preferences, but really it's more
| about anything not publicly known that could be embarrassing.
| No one cared that I'm bi and not out to my mom but they
| wanted to know that I would go to my FSO and let that get out
| before I passed any sensitive intel to a foreign adversary
| who might try to blackmail me.
|
| And basically everyone with the SCI designation could get a
| call to get a poly anytime, but I've never had one and know
| people who've had their clearances for years without getting
| that call (and I know a couple people who had them before the
| government finished that person's background investigation,
| so go figure). Some agencies care quite a bit, others not at
| all.
| cbtacy wrote:
| I got the poly call 48 hours after getting notification of
| my clearance.
|
| My boss told me, "just assume they know the answer to any
| question they ask and tell the truth, regardless of what it
| is."
| kevin_thibedeau wrote:
| Just ask China. The US government conveniently handed them all
| cleared personnel records.
| Rebelgecko wrote:
| AFAIK they (or whoever) only have records for people whose
| clearances went through OPM
| jdavis703 wrote:
| I think it's fair to say that there are offensive cyber
| intelligence operations that are never detected or made
| public. It's more than likely there are other foreign
| intelligence agencies that have breached similar databases
| at other agencies. It's also likely that allied agencies
| share intelligence between themselves, and also suffer
| hacks. I would reason that any nation vying for superpower
| status has a good amount of data on the majority of folks
| who touch national security in every country.
| imwillofficial wrote:
| "Handed them" would be inaccurate.
| snerbles wrote:
| "Handed them" may be an understatement, given the scope of
| the OPM breach.
|
| https://krebsonsecurity.com/2016/09/congressional-report-
| sla...
|
| https://en.wikipedia.org/wiki/Office_of_Personnel_Managemen
| t...
| bhopro wrote:
| Former national lab engineer here. For access to any of the
| classified buildings, you must have a Q clearance or be escorted
| by someone with a Q clearance. This means all of facility staff
| are required to be cleared as well (janitorial, maintenance,
| etc). Just because one has a Q clearance does not mean you are
| provided any classified information.
| chihuahua wrote:
| That could explain "Q Anon" - maybe his day job is polishing
| linoleum floors.
| bb88 wrote:
| Remember that the best lies also have a kernel of truth in
| them. You don't need to have a Q clearance to say you have
| one on 4chan, 8chan, 8kun (etc). How would anyone validate
| your Q clearance? Instead you just post something plausible,
| but just out of the reach of validation.
| Hamuko wrote:
| Or more plausibly, his day job is trolling imageboards.
| mike_d wrote:
| We will never know for sure, but well researched and
| supported theories about who is behind the Q persona indicate
| that none of the people involved have ever seen the inside of
| a secure facility.
| ocschwar wrote:
| The mere fact that they hint at a Q clearance shows they
| have no idea how little weight that actually carries.
| xxpor wrote:
| I thought I had read that "Q" explicitly said that's where
| the name comes from
| atkailash wrote:
| That's what most people who have never been granted or
| interviewed for clearances don't quite get. You could
| technically have the same level, but not the same access. It's
| compartmentalized and for the exact reason as to prevent a
| single person from being able to leak the grand picture.
|
| Though someone has to organize it so I guess it gets blurrier
| at much higher levels but that's not the level we talk about
| with most dumb conspiracy theories/Qanon specifically
| t0mas88 wrote:
| I think the common misconception is that a security clearance
| gives you access to things. The reality is that a specific role
| / need to know gives you access to things if you have the
| clearance, not the other way around.
|
| If you clear millions of people, that sounds unsafe to the
| general public, but it isn't really because the clearance is
| only a confirmation that nothing is wrong in your background.
| It doesn't give you any access.
| ganoushoreilly wrote:
| Exactly, most programs require specific compartmented
| information and additional read in. I've only ever seen
| people with _vanilla_ clearances working operational
| positions to manage facilities, etc.
| the_snooze wrote:
| It's also a common misconception that classified information
| is super-special-whiz-bang-James-Bond information. A lot of
| it is really dense technical stuff that wouldn't be of
| interest to outsiders unless they were foreign agents looking
| to steal, say, tolerances for parts that go into a piece of
| military equipment.
| [deleted]
| starwind wrote:
| LOL from reading the New York Times reporting on the DoD's
| internal UAP (UFO) reports last summer me and a guy I worked
| with guessed which compartment it fell under. We went to our
| FSO and asked for access to that compartment and he was like
| "why do you need that?"
|
| Us: "UFOs!"
|
| Him: "Oh, you mean FUOU? That goes by CUI these days."
|
| Us: "No, UFOs like Aliens!"
|
| Him: "GET THE HELL OUT OF MY OFFICE!"
|
| So yeah, even with TS/SCI I couldn't couldn't get access to
| aliens :|
| todd8 wrote:
| This was true for me.
|
| I was in a internal software tools department at a large
| company that did some classified work. Because I might need to
| interact with departments doing classified work I had to apply
| for Top Secret classification. This was required just in case I
| might have to get into those areas of the company to teach them
| how to use our in-house compiler.
|
| (I didn't finish the process of obtaining the classification
| because of my desire to return to grad school in a different
| city. I never touched or even saw a classified document despite
| having Secret clearance already.)
| toss1 wrote:
| >> Just because one has a Q clearance does not mean you are
| provided any classified information.
|
| Exactly.
|
| "Need to know basis." is the key phrase here.
|
| The clearance is just the tag that gets you in the door. If you
| do not have a specific need to access the information to do
| your specific job, you do not have any right to access it.
|
| AFAIK, deliberately taking steps to access info beyond your
| need to know -- even if it is within your clearance level -- is
| grounds for disciplinary action or prosecution.
|
| So the TS/Q-cleared janitor, parts contractor, or engineer from
| the other project who gets found browsing in TS/Q file cabinet
| is waaay out of line,and likely in big trouble.
| tbihl wrote:
| From reading a DOE website, it looks like the sigma clearance is
| the one that relates to weapons, whereas Q maybe is less specific
| and can include energy production.
| nabla9 wrote:
| Q is clearance for persons, sigma is classification of data.
| eddof13 wrote:
| You need Q for certain facilities as well, SWIM had one and it
| was just to work in the building, and there wasn't anything
| going on there of particular interest
| jdavis703 wrote:
| Just because you had no legitimate access to anything
| interesting doesn't mean there was nothing interesting you
| could have accidentally or nefariously accessed.
|
| I had a clearance doing tech support, but never even saw
| actual classified materials. But because as IT support we
| also had to support SCIF facilities, high-ranking officials
| with potentially sloppy OpSec, etc we obviously still needed
| clearances.
| noir_lord wrote:
| Which makes sense, all the security policies in the world
| enforced by IT fall apart when you assume the rogue (or
| even just accidental) actor _is_ IT.
| klyrs wrote:
| Sounds like Q is pretty broad. It can also include
| cryptography.
| starwind wrote:
| cryptography would fall under TS/SCI through an intelligence
| agency or the DoD. Q is actually pretty narrow
| Threeve303 wrote:
| Technically anyone that can gain enough access could be
| considered as having "Q clearance"
___________________________________________________________________
(page generated 2021-11-12 23:01 UTC)