Secret Airforce One flight data sent to Suffolk tourist web site
George will be round for tea and buns on Tuesday
SINCE 2001, the US air force has been sending highly confidential emails including the flight plan for the presidential jet, Air Force One, to an English factory worker who runs a Suffolk tourism website.
In the late 1990s, Gary Sinnott, of Mildenhall in Suffolk, near Cambridge, set up the website www.mildenhall.com, to promote his hometown. He soon became inundated with emails meant for airmen at the US airbase at RAF Mildenhall, where personnel email addresses end in mildenhall.af.mil.
It was all harmless enough when the emails were mundane messages to friends and silly videos, but soon Sinnott discovered that he was also getting battlefield strategies and military passwords sent straight to his inbox.
One email purportedly received by Sinnott had the notice "'Destroy by any means to prevent capture" emblazoned on the top, another had the title " military procedures and tactics".
Mr. Sinnott told EDP 24 News that when he reported the sensitive emails to base officials, "their attitude was, 'we are not worried, we are American, our security is great'". But they started to pay attention when Sinnott received information about upcoming and top secret presidential flight plans.
He says that when he reported it, the official on the other end of the line "went mental".
In what can only have been an exemplary example of their great security, military officials also told Sinnott to block unrecognisable addresses from his domain and have an auto-reply sent reminding people of the official Mildenhall domain. But the messages kept coming.
In a statement, the USAF said there had been no "verified security breach" and that it had advised airmen and other staff to use the correct e-mail address.
But for Sinnott it was too little, too late. He had already decided to shut down the website to put a stop to the deluge of classified emails.
So presumably the Mildenhall.com domain is up for grabs. Hmmm… Could come in handy for any Al Qaeda operatives reading this. µ
Comments
delete the article
I think the article should be deleted, why was it published in the first place? Why risk bringing this to the attention of unsavoury individuals?The last comment is just so unprofessional.
Regards
K
Karl, you're banned. Ed.
Jim Hacker
That's why that torpedo landed on Sandwich golf course!Americans should never know more than they need to know. Then they can't tell anyone.
Like secret agents, they could be captured and tortured by the BBC to Noah Vale.
Don't change habits now and she's nun the wiser! Get it? Sin-not-t?
Be sure to send our Mr. Sinnott's new email address to W, signed simply Mildenhall -- yes that's a nice touch!
In the message text make this simple for George, as follows:
The fact that you needed to know was not known at the time that the now known need to know was known, therefore those that needed to advise and inform perhaps felt the information needed as to whether to inform the highest authority of the known information was not yet known, and therefore there was no authority for the authority to be informed, because the need to know was not, at that time, known or needed. BRB
CC: U.S. Department of Homeland Security
Something strange afoot
For him to lose control of the domain at this stage, sounds rather strange, I am sure that someone who had a domain getting such mail, is not going to let their domain subs lapse, in case it got into the wrong hands. So something does not sound right there.It is no problem receiving unwanted mail, you just direct to a sub folder, hardly stressful, so I wonder what the deal is?
confidential data over smtp?
Ok, sending stuff like military passwords, presidential flight plans and battlefield strategies into addresses that were wrong even after being notified is one thing, but what really baffles me is...They are (were?) sending stuff like that over smtp e-mail? WITHOUT ANY ENCRYPTION AT ALL?!
(ok, it is not clear if all message bodies were in plaintext, but still...)
SMTP is by definition a very insecure protocol, where anyone having an access to a mail router between sender and receiver could get a copy of the message without either end of communication even noticing it! Or are they saying that they control every mail router between Washington DC and Suffolk where the message is able to be moved through?
"[...] our security is great" my a**!
Muppets
Hilarious that they'd send such info in plaintext emails anyway.Still there
While there is no active website in the domain, a quick WhoIs search show's that Mr. Sinnot is still the registered owner of the domain.Sorry. I HAD to check.
Classified Means Nothing in U.S.
As Visitor to few Milatary Bases, I found out that term:CLASSIFIED means that documents are filed in Library of Congress, Nothing More.Remember U.S. Government Supplies its' Enemies with Critical Information all time, it tradition?
drashek
Old news
this was being reported on our local news staion over a year ago if i remember right.so i guess the cats out of the bag.
their was i article in the local rag the other day which statedb the us military have demanded to take down the site.
they should have just poisoned his local water course.opps sorry can do that its allready been done.
I can verify this
I know Gary Sinnott personally and it was probably my husband that registered the domain for him way back when. I assure you that none of this ridiculous stuff was made up. You couldn't make it up, could you? And yes, it is old news. It's been happening for a long time but has been given very little media attention until now. The real doozy was definitely the flight plan. And even that happened quite some time ago.I think it's very odd that the USAF didn't demand a transfer of the name rather than just telling him to give it up. Certainly they would have wanted it right where they could see it rather than release it back into the wild.
As for not encrypting any of the content, I'm as flabbergasted as any of you.