Back in October in reviewing Craig Murray’s book I discussed the problem of the insecure communications he had:

Basically (as I understand it), he did not have a Confidential email system. He did have an Unclassified FCO email system (which in Tashkent’s circumstances could not have been regarded as secure) plus a separate more cumbersome system for sending Confidential and even higher rated Telegrams.

I have just noticed this interesting comment posted below this piece from Some Yank:

I recently read Mr Murray’s book, still in the process of taking it all in and evaluating it, which process has led me to this blog. But I’d like to point out one thing: there’s no excuse for insecure email communications in this day and age.

I understand that fully-certified systems to handle information marked as officially sensitive are complex and require a lot of money and specialized skill to build, install, error-check, and maintain. However, that really doesn’t justify having no security at all. There have been standard and freely-available software packages for ‘good-enough’ personal cryptography since 1997, and proprietary software systems have been available since 1991 (i.e. since before there was HM Embassy in Tashkent).

Even if it couldn’t have been made a central part of the embassy’s network, it would still be possible to run a machine completely isolated and transfer documents via 3.5" floppy disks, afterwards electronically shredding any residual copies on the old machine and throwing the disks into a magnetic eraser. For a few handfuls of hundreds and return airfare to Tashkent, I could probably set it up myself.

It really is that easy, and there’s no excuse for leaving communications, even non-confidential ones, open to snooping by very lazy spies anywhere, ever. If they haven’t solved the problem by now, the lot of them ought to resign and let someone else do it.

Well put. Let me add a gloss or two.

My original posting carefully did not say that the FCO Unclassified (but Sensitive) system was insecure in itself, but that in Tashkent’s circumstances it could not be regarded as secure – apologies if this sounded like the same thing.

The point is that any system is as secure as its weakest link. The problem in a small diplomatic post open to technical attack is less about the potential insecurity of the software and comms link, and much more about the kit itself.

So the excellent measures suggested above are likely to work well only if you are able to guarantee that no-one has tampered with or infiltrated the equipment and servers one way or the other, to adjust them to thwart all those precautions.

Given the crummy Embassy set-up as described by Craig in his book it would have been very difficult to stop this happening. In other words, keeping any machine completely isolated every second of every day of every day and week and month in an Embassy employing suspected former KGB people was going to be next to impossible.

Surely all this is unrealistic, you say. Surely kit can be protected properly these days?

I recall one Cold War story of a UK Diplomatic Bag being detached by some or other ruse from a Queen’s Messenger in Moscow airport for less than 20 minutes. In that time the KGB – in a brilliant manoeuvre they must have planned and rehearsed for months – unstitched the Bag, tampered with a comms machine inside, stitched the Bag back up perfectly and returned it to the hapless QM in the hope that no-one would notice anything amiss. Which, for a while, they did not.

Hot damn, these people aren’t lazy spies. They are good spies. And motivated.

Which is not to say that this tampering did happen – just that both Craig and London had to assume (and did assume) that it might have happened, and that therefore everything sent on those channels would not be guaranteed secure to the highest FCO standards. Which had some important implications for how the Embassy pursued British policies.

Clear(er)?