Military Bans Removable Media After WikiLeaks Disclosures 346
cgriffin21 writes "The Pentagon is taking matters into its own hands to prevent the occurrence of another WikiLeaks breach with removable media ban, preventing soldiers from using USB sticks, CDs or DVDs on any systems or servers. The directive prohibiting removable media followed the recent publication of more than 250,000 diplomatic cables, which were leaked to whistleblower Web site WikiLeaks at the end of last month by a military insider."
horse (Score:5, Insightful)
Re: (Score:2)
No kidding. They're *just now* getting around to this?
Re:horse (Score:5, Interesting)
I had a conversation with a high ranking officer a few years back who boldy calimed that their systems was 100% secure, nothing i could do.. When i explained my attack vector would be to phone in and pretend to be from support and ask him to stick in the usb-dongle (wich he had in his mail) and plug it into the secure line
Re:horse (Score:5, Informative)
Except that long ago there was a directive from the Pentagon not to allow removable media to be used for secure systems.
My guess is that they relaxed that for field units because some deployed systems have no networking attached and sneakernet is all they could use. And somehow that idea ended up meaning you could use removable media on network-attached systems, and eventually nobody even noticed when someone slipped a CD-RW into a machine with access to the entire database of classified information relating to the Iraqi and Afghani theaters of operation.
That someone is currently in jail, because, physical means or no, it was still illegal to take the information from the secure area without authorization, and to give it to uncleared people.
Re: (Score:2)
A lot of that comes back to the old rule, that the more secure somet
Re: (Score:3)
Re:horse (Score:5, Insightful)
He was a SP4 who was demoted to PFC because he assaulted an officer. The question isn't why a PFC had access to sensitive information. The question is why someone with demonstrated behavioral problems still had a secret clearance.
Re:horse (Score:5, Interesting)
The problem is that security tends to be more of a human problem than a technical problem. A person can easily hide a usb stick somewhere on their person, and in the event that fails, take screenshots with a camera or write notes down. The first step is not to take away the usb stick, but to give the individual in question the training and incentive not to leak information in the first place. The training might include don't open any wierd attachments, browse to unauthorized sites, or use io devices from an unverified source. The incentives might include monitoring of sensitive material, legal repercussions, and, God-forbid, not implementing stupid policies that are morally questionable. Assenge noted in an interview that the purpose of Wikileaks wasn't to start a revolution but to make it easier for (morally)good companies to do business and to make it harder for (morally) bad companies to do business. The same could be said for government. Hire a trustworthy+competent staff don't be a jackass and you'll be less of a target, or at least implement fewer inane 'security' measures.
Re:horse (Score:5, Insightful)
And the next step is to not say "We are firmly for position X" in public while saying "We agree, we are against position X" in private.
The bald faced lies tend to make honest humans want to rat them out periodically.
Re: (Score:2)
Re: (Score:3)
The question is not does it, but should it. You talk as if honesty should never be required of governments and we should just accept them being corrupt and secretive.
If a government habitually lies, honest people will feel a motivation to leak when the gap between private reality and public pretension becomes too large. They may be naive, they may be punished after the fact, and they may find it difficult to work around your measures, but it will never be
Re:horse (Score:5, Interesting)
Removable media, cameras, or phones with cameras are not and have not been allowed in SCIFs for as long as I remember. Old fashioned paper and pencil is difficult to detect, as are meat memory devices.
No, that does not work. You have to choose who you trust, which is why DSA performs investigations for all military personnel before granting clearances. Security managers interview personnel and ask questions, looking for warning signs. Someone could have a pristine history and list of contacts but still want to do harm: asking the right questions can tip off the people in charge of security. Also, as I saw on Dateline the other night with regards to corruption in the Iraqi police force, paying people a livable wage helps them not to betray you when given a carrot in the form of money, or the satisfaction of fucking with you (e.g. giving documents to Wikileaks).
Security is a tough business. The government needs tens of thousands of people in the intelligence community across all four branches of the military and civilians in various DOD organizations: people from all walks of life, all ages, ethnic groups, geographic locations, etc. No matter how careful they are, there will be leaks. Their goal is to detect internal threats early, and to minimize damage.
For example, when working in a classified environment, everyone is watching not only what they are doing, but keeping an eye on everyone else. Maybe someone left their SIPRNET terminal unlocked and left for the bathroom: probably just careless, but it is important to have coworkers keep an eye out for innocent errors and help correct them. Maybe someone really is trying to steal data: coworkers need to question that person why they are not following approved and document security procedures. Maybe there is a legitimate reason for putting data on removable media: couriers do exist even in the current era of high speed private networks such as SIPRNET.
Finally, by limiting the data each person has, a breach can be localized. For example, if an image analyst steals satellite imagery, odds are that person does not have access to lists of informants, even if it is classified at the same level. That lessens the impact of a leak.
The real failure with that kid that leaked to Wikileaks is the human factor: nobody paid attention, asking him why he was not following procedures. Someone gave him access to far more data than he needed to do his job. Forget the USB drive restrictions, the DOD needs to crack down on basic security training and protocol.
Re: (Score:3)
The problem is that security tends to be more of a human problem than a technical problem.
In the Pentagon's case, it's a problem of many humans. Too many people have secret clearances or better, and "need to know" isn't enforced vigorously enough in many units. The General Accounting Office says there are over 3 million people with a "secret" level clearance in the US. There's no excuse for that.
Re: (Score:3)
Why have secrets in the first place? Why not to train soldiers not to laugh and joke when they shoot at people from a helicopter? Maybe follow some sort of an engagement procedure?
Why not train diplomats not to call insulting names and make cynical remarks? But use instead the whole register of great English language to express a thought.
And USB memory sticks could be used then. Why not? A USB memory stick is a great tool nowadays for information and communication worker. It is like forbidding a carpenter t
Other methods to get data out.... (Score:3)
1. Your monitor is at 60 hz, so flash your text or encoded bits on the screen at 30fps, and record it with your iphone HD recorder. High quality mode, or use someother small HD camera that uses little compression.
2. Encode your documents into an audio streamed 6bit/sample with ECC. Hit play and record using your analgoue or no compression digital recorder via the Audio Out jack. This will require some small code in VB you can type in either by memory or from paper/iphone.
If you have a monitor or audio ou
Re: (Score:2)
Re:horse (Score:4, Insightful)
I think you meant to respond to The Snowman... But either way, he wasn't saying you got your definitions wrong, but that you got the direction wrong... NIPR -> SIPR has always been just fine (although the media, once connected to the SIPR side, is no longer allowed to be attached to the NIPR side) but SIPR -> NIPR has never been allowed...
Re: (Score:3)
Re:horse (Score:5, Interesting)
The problem is not the decision, so much as that allowing insecure mechanisms (in violation of NSA Security Information notices, Common Criteria instructions for the levels required for secret information and Federal Information Processing Standards, I should add) was not only bloody stupid to begin with, it was in violation of US law regarding the handling of classified information.
Instead of prosecuting Manning, who at worst is guilty of far less than the Lockheed-Martin officials who publicly sold the plans for the current stealth fighters, one should ask why his actions were even possible in the first place. FIPS standards for secure platforms and NSA publications expressly prohibit the capability to transfer files to insecure formats. It is illegal, under US law, to install or use non-compliant systems for Government purposes. This means that giving Manning the computer violated US law. Do you see anyone charged with violating such US laws? I don't.
Re: (Score:2)
Incompetence "securing" again (Score:2)
The security they had was poor because of incompetence, the same incompetence will "secure" it again. Will it work? ;-)
This isn't even really secure information and its extremely likely spies have always had this level of access. What I'd love to know is how secure the actually secure or extremely secure information is... and how easily accessed that is by foreign governments (and future internet leaks as the US government falls deeper into the authoritarian black hole.)
Re:horse (Score:5, Funny)
Oh, I don't know about that. The US military still has a lot of horses left.
Re: (Score:2, Funny)
Re: (Score:2)
Re: (Score:2)
For some reason, though, the horse's asses in the US military consistently outnumber the horses.
Re: (Score:2)
Which horse? (Score:5, Interesting)
The Pentagon had to ban USB sticks, et al, internally after the biggest single security breach caused by a virus passed around and brought onto the secure SIPRNET within the Pentagon itself. It's unclear to me if the problem was the virus relaying secret information off the secure network, or what, but apparently it was labelled the single biggest security breach by the Pentagon and they're unlikely to be overplaying security holes.
Mind you, NASA has just released secret information into the public domain by selling hard drives known in advance to contain secret information. These are drives that FAILED in-house auditing for such stuff. And prior to that, disk drives containing blueprints for the current generation of super stealth fighters were sold by Lockheed-Martin to Iran. (And people think Wikileaks did bad stuff?!?!?!?! How the hell does a bunch of personal opinions compare with giving a terrorist-funding nation plans for the top US fighters? Internal to Iran, there's the possibility they will find a weakness. Think Death Star plans. Think the Stealth Fighter shot down in Serbia. Yes, the Serbians blew up one of America's best planes, and with a cruddy cheap missile at that. On an international level, the Russians will doubtless use the plans to improve on their own airfoils and may be able to exploit the design to improve on whatever shape-based stealth they've developed so far.)
Add to that that NASA servers have been hacked in the past to turn them into file-sharing sites. Which means that whatever classified files were in those exposed directories have been shared as well. Quite plausibly these files were protected by DES only, not triple DES or AES, as "commercially sensitive" data is classified below secret and certainly only used basic DES up until a couple of years before that breech was discovered.
Then, back in the 90s, there was a breech at the Pentagon due to computers containing classified information being on the public Internet and having .hosts files. (NASA used .hosts files and rsh well into the current millenium and may well still do so.)
That's four Bloody Obvious horses, with gold bridles and gem-encrusted saddles, that have walked out and were only noticed after they kicked the door down at the stablemaster's house. There may be others.
Re:Which horse? (Score:5, Interesting)
If you outlaw USB drives, only outlaws will have USB drives.
Re:horse (Score:4, Insightful)
I'm sure the military had a ban on leaking information too.
Why would they think a ban on removable media works any better?
Re: (Score:2)
A barn is ... approximately the cross sectional area of a uranium nucleus.
And my paintball pals complain that I can't hit the broad side of a barn.
Re: (Score:3)
As someone who really was once an Intelligence officer, I'd like to point out that Bradley Manning was ranked Specialist 4, which is neither an NCO or commissioned rank. Until he made at least Sergeant, his need to know on anything besides possibly technical equipment specs was probably somewhere between nothing and Sgt. Schultz's "Nuuthink! Nuuthink!".
Revival of the floppy disk! (Score:5, Funny)
Thank god they didn't ban floppy disks.
I knew these bad boys would come in handy one day!
Re: (Score:2, Funny)
The problem is that they've read the evil overlord list and are padding all files to 1.45 MB in size...
Re: (Score:2)
Especially since the entirety of sensitive military documents takes up roughly 1.3 MB, according to movies!
What about others? (Score:2)
What about punch cards? :P
Nothing to see... (Score:5, Informative)
Re: (Score:2)
Hope that helps.
Re:Nothing to see... (Score:5, Informative)
Back in the day when Microsoft was advertising Windows NT 3.51 was C2-certified, we looked into the docs and one of the requirements on whatever PS/2 it was that was certified was that the floppy disk drive be removed. And off the network.
The thing here is Manning brought a RW cd inside his CD player, and only then snuck it into his PC. Then, he snuck it out in his CD player. I suppose if he was smart he burned track 1 with music so he could 'prove' it was a music CD.
The problem here is that a random private in Iraq had access to State Department cables from (e.g.) Honduras. Need-to-know-basis isn't a new idea, this was a major FU by the governing security body.
Re: (Score:2)
Re: (Score:3)
Is it possible nowadays to get a read-only CD/DVD drive? It would seem that would solve this problem pretty well.
However I don't think I have seen a read-only drive in a long time...
Re: (Score:3)
Re: (Score:3, Informative)
SIPRnet is US Federal Agency wide. It isn't limited to any one organization, and they each have their own policies on who gets to use it, how they use it, what systems are allowed access, and what software is allowed on those syst
Re:Nothing to see... (Score:5, Insightful)
...The problem here is that a random private in Iraq had access to State Department cables from (e.g.) Honduras. Need-to-know-basis isn't a new idea, this was a major FU by the governing security body.
Apparently the reason they did that was that the 9/11 commission said it was *too much* secrecy that left us unable to prevent 9/11. They said that if more people had seen all the little signs, it would have been more likely that someone spoke up. So then the military responded by allowing more people in the military access to that information.
The real problem is that we keep doing a bunch of secret shit in private, and then tell the public "don't worry, everything is fine, the war is going great, things are totally cool." The public knows they were getting smoke blown up their ass, and they wanted the truth. So, they found it. The military is creating a market for the truth by keeping it from us.
In this day and age, if you deprive people of information, they're only going to want it more. The whole method of "damage control" that the US govt has been doing in the middle east is just flat out ineffective. I really wish they would just tell us the fucking truth. Then there'd be nothing interesting in these cables, and a lot fewer people would get away with fucked up behavior.
-Taylor
Re: (Score:2)
I agree that a major part of the problem is a "need-to-know" issue. However, I don't think the army will publicize its steps on that issue. Just because they told us what the new regulations regarding removable storage are, doesn't mean they didn't set up new/refreshed procedures in other areas.
Re:Nothing to see... (Score:5, Informative)
This applies to SIPRNET machines, and specifically personal CDs, DVD, etc. The thing is, this has always been the rule. At least everywhere I've worked with SIPRNET access (Air Force).
Close. It applies to SIPRNET and ALL removable media. If you have a legitimate requirement to use removable media it now must be authorized by your commanding officer in writing and you must have a procedure in place that uses two-person integrity.
Re: (Score:2)
An example would be Tactics Laptops that flyers carry on missions - these replaced giant binders, the info of which comes off of SIPRNET and is now on CDs.
Re: (Score:2)
The two-person "trusted download" has also been in place for years.
Re: (Score:2)
Re: (Score:2)
Except, of course, my USB stick is masquerading as a wireless USB mouse receiver, complete with a fully testable mouse functionality, but not by default. Only if I press some of the mouse keys in a right combo and then it sprouts a 16GB flash storage device. Another combo click and its back to mere mousing...
And so on, etc and the like.
Unless they ban all USB devices, all BlueTooth devices, all WiFi devices and pretty much go to Fallout-style green-screen VT100 revival terminals...
Re: (Score:3)
Unless they ban all USB devices...
All USB devices were banned on both NIPRNET and SIPRNET earlier this year. WiFi and Blue-Tooth have certainly never been used with SIPRNET.
Re: (Score:2)
And so we will move onto one of these [newegg.com], a camera in my watch or Van Eck phreaking gizmo in my shoe (with all due respect to Mr. Smart) and so on ....
I assume they did not strip everyone naked and checked their cavities and recent surgery marks...
Re: (Score:2)
All they need to do is install software that will alert security personel if a USB mass storage device is registered. Physical appearance does not play into it.
Re: (Score:2)
See my reply to the dude above. There are so many other ways that it boggles the mind.
Re: (Score:2)
Re: (Score:2)
And so instead I will use one of the many other no-physical-hardware-contact methods available to me...
Unless you disconnect that computer from that SIPRNET thing entirely and make sure that it has no classified data on its HDD, you are pretty much screwed if it comes to stopping skilled people from getting stuff out of it.
Re: (Score:2)
None of which would of course stop a serious spy. I can think of at least two ways to download large amounts of data form a PC with this setup, and I am sure others could d
Re: (Score:3)
True but laws of probability work against you here. If Wikileaks ethos catches on (as it seems to amongst a lot of people) there will be always a few who combine the will and the skill set. So the only long term defense will be removal of more and more features from these systems combined with restricting access to smaller and smaller subsection of data for each user - which will of course cripple
Re:Nothing to see... (Score:5, Interesting)
Years ago we filled the USB ports of SIPRnet nodes at our site with crazy glue.
Re: (Score:3)
You'd also better prevent your users from plugging in devices onto the wired and wireless network.
And disable bluetooth.
The user could also open the case up and plug in a hard drive.
Well, you'll never plug all the holes.
Re: (Score:3)
It seems as if you have never worked in an accredited environment.
An AIS (computer) that hosts classified information cannot have wireless capability. No wireless NIC, No bluetooth. Yes they issue waivers for this all the time, which is stupid. In that case the wireless device is to be physically shorted out (which many people don't do they simply disable in the BIOS which is also stupid).
Yes you could crack the case and get at the hard drive (which is also marked classified), good luck doing that unnot
Re: (Score:3)
BS..... they require a simple app to generate the correct key for the hash given that an awful lot of service techs and/or support personnel have. Most have been reverse engineered and scripts written that are floating around on the net.
A lot of these can be beaten with a simple paperclip on the read lines of the small flash chip on the board which forces them to take a shit and let you reset the password with a utility. Most have beaten the paper clip attack now but it still worked on Dell D6x0-series m
A sure way to prevent it. (Score:5, Informative)
It is really hard to ban removable media given that you can attach a phone and it becomes a USB drive.
Using Windows Terminal Server, or Aqua Connect [aquaconnect.net] on the Mac
you can prevent anyone from using a USB device, as the data will be on a server, presumably locked away from users.
Re: (Score:2)
Neither are any other electronics.
Re: (Score:3)
Using them covertly is
Re: (Score:2)
Don't need Terminal Services.. you can disable USB via GPO or other remote means ( or even something simple like removing drivers and not giving anyone admin access to reinstall them ). Hell if you really want to be sure, just remove the USB chip by force and lock the case.
Re: (Score:2)
How is it hard to ban cell phones? No secure area that I am aware of has allowed cell phones, blackberries, or even two-way pagers, for years. Same with personally-owned devices of any kind, even to the point of pre-recorded CDs.
Re: (Score:2)
Just to be super extra Careful... (Score:2)
Of course the logical progression is to ban the use of cameras, photocopiers, cel phones, paper, pencils, and people with photographic memories.
Re: (Score:2)
And these are the people that we set loose with big guns, exploding doohickeys, and nukes.
Who? Slashdotters who read a headline and start posting as if they know all the details? Slashdot summary writers who type so fast they forget to read TFA themselves? Journalists who misquote and misread their own notes if they bother to take any if they bother to ask any questions?
The logical progression is to learn something before posting, because the people who can order use of the big guns, exploding doohickeys, and nukes actually had these policies in place, and the people at the other end responsible
epoxy (Score:3)
Re: (Score:2)
But really, as soon as you allow physical contact you've blown security, this stuff is about making it as inconvenient as possible for an authorized party to be up to no good with console access.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
so epoxy the mouse and keyboard connectors into the usb ports and just gum up the rest
Re: (Score:2)
It's used to be the case that some companies would squirt epoxy into the USB ports on devices - Doesn't really work any more as many devices no longer have PS2 mouse and keyboard ports.
Um, dude... That stuff may have been sticky, but it sure wasn't epoxy!
Huh (Score:3)
I've worked in classified areas in aerospace, and USBs have been disabled since the first USB equipped PCs showed up. In then early days I think they actually removed the USB interface chip. Now it's disabled in software.
So the leakers will now have to rely on (Score:2)
So the leakers will now have to rely on plain old memorization, or print shit out. The only real way to prevent leaks is by monitoring access and severely punishing people for leaking. This leak only happened because the leaker all but knew he was impossible to catch. In fact, he was only caught because he bragged about it and someone turned him in.
Don't worry, it's never the "small guy's" machine (Score:5, Informative)
Here's a little story from back when I was the "IT security guy" (they didn't want to shell out the wage for a CISO, I guess) of a large, very security conscious company.
Of course, no machine had USB ports or CD drives (not that CD drives could have allowed any software to leave the machine, but hey), nothing you could plug on parallel ports or serial ones, no floppy drives, no nothing. No way to plug anything into those machines that could remotely be used to transfer any data out of them.
But of course, some people are more important than others, and some people have privileges. Needed or not. One department head needed to be able to use USB drives. It was actually a fairly level headed person and he was quite security conscious, was aware of the risks and able to handle it, and given enough pressure on the CEO he was finally allowed to use USB drives. This was actually still a fairly acceptable move. It was necessary for him and did increase his ability to work well and efficiently, and he could handle the additional responsibility and the risk was manageable and low enough to be acceptable.
But then the invariable laws of the office privilege and status bullshittery set in. Because it is impossible that Department Head A gets something and Dufus B doesn't. I guess it's not hard to guess what happened next. Of course, all managers on this level had to be allowed to use USB drives, need them or not. And this was NOT acceptable anymore. Some of them were too dumb to actually plug an USB drive into their machine without causing a repair incident. But they had to get it, need it or not, but it's simply impossible that one of them gets a privilege and the others don't.
So do not fear, people. Sooner or later this rule will be softened up and erode away because some people will have to have "privileges". Without being able to handle them.
Re: (Score:2)
But then the invariable laws of the office privilege and status bullshittery set in. Because it is impossible that Department Head A gets something and Dufus B doesn't.
The whole concept of, "If I make an exception to the rules for you, I will have to do it for everyone" is such bullshit - both as an excuse not to make an exception and as a justification to do it for everyone else. Management like that might as well be replaced by a robot for all the value they add.
Re: (Score:2)
But then the invariable laws of the office privilege and status bullshittery set in. Because it is impossible that Department Head A gets something and Dufus B doesn't.
The whole concept of, "If I make an exception to the rules for you, I will have to do it for everyone" is such bullshit - both as an excuse not to make an exception and as a justification to do it for everyone else. Management like that might as well be replaced by a robot for all the value they add.
You have clearly never been a manager.
Re: (Score:3)
The other possibility is that the whole institution will become increasingly paralyzed and unable to accomplish anything. Unlike a company, the armed forces can't actually go bankrupt. The USB ban and similar issues are already a problem for the Air Force.
I always wondered... (Score:2)
If I log onto my online email, its an ssh site. So what's there to stop me shoving the stuff in an encrypted and compressed file - and then sending it as an email. If they're sniffing the packets they'll only get garbage. If I create an email address just for this - its pretty hard to trace I would expect.
Hell, doesn't even need to be email (although its the simplest way to cover tracks) - what's to stop me sending it over any sort of encrypted network?
Re: (Score:2)
If I log onto my online email, its an ssh site. So what's there to stop me shoving the stuff in an encrypted and compressed file - and then sending it as an email.
You can't log into your online email from a SIPRNET machine.
Re: (Score:2)
Because there are a number of companies which let you log onto your online email - and have the same "You can't use USB" blocks.
Re: (Score:2)
Those companies networks are still connected to the Internet. SIPRNET is NOT.
Re: (Score:2)
Separate secure channels? (Score:2)
Re: (Score:3)
Has there ever been an explanation of what all the diplomatic traffic was doing going through the pentagon? Wouldn't separate channels, and perhaps distinct cryptology, whose individual security is checked and tested by the NSA be more secure in any-case?
In the aftermath of 9/11, lack of information sharing was cited as a critical flaw that allowed the attacks to happen. So they responded with information oversharing...
Other ways to get data out (Score:3)
It's great that they finally figured out that letting employees write secret data to a storage device is a security risk, but are they also auditing outbound communication? Will they notice if an employee emails the data to his Gmail account? Or deposits it on some hacked server somewhere? Will they notice it if he uses steganography to hide it in other data?
Or maybe he'll use a program that converts the data to visible data that can be recorded by a camera (sure sure, cameras are against regulations, but stealing data is against regulations too...if he's a determined data thief, cameras can be hidden in all sorts of objects and body cavities). For example, a QR code can hold 4KB of alphanumeric data. If someone writes a program that displays 15 frames/second of QR encoded data and records it with a camera, that's 200MB of data every hour.
If he's patient, he can record it as a 2400 baud data stream and record it on his MP3 player - he can steal around 10MB/hour using this method.
Or maybe he can record it as a bit patter on a laser printer - if he can write at 100dpi reliably, thats around 100KB per piece of paper. If that can be stretched to 500dpi he'll get around 2MB per piece of paper, and will look like a grey piece of paper to the naked eye so security won't pay any attention "Oh that, it's scrap paper I'm taking home to my kids".
How will he get such a data theft program onto the computer? Simple -- if he can't download it off the internet (perhaps a "gif" that just needs the first 128 bytes stripped off to make it an executable), he can plug in a USB keyboard dongle that acts as a keyboard and then let it type in the program for him.
How secure *is* our secret data? Hopefully banning USB drives is just one layer and they are taking greater steps to securing who has access to such data.
Am I missing something? (Score:2)
Am I missing something?
Now I realize there are probably many different configurations for workstations and such, but why is THIS not the point at which leaks are stopped?
Order and implement workstations/terminals/laptops that simply do not have CD/DVD drives OR USB DRIVE PORTS installed. You know, no ports or drives to plug anything into? Short of photographing the image on a monitor, doesn't this pretty much rule out digital transfer of data?
I've seen pictures online (some random image pack on Cryptome, me
Why not ban covering up military mistakes? (Score:3, Insightful)
Win for Wikleaks (Score:3)
Only 1,295 cables have been published (Score:2)
1989 calling - already solved. (Score:4, Informative)
I worked in a defense contractor in 1989. Even back then we were forbidden to:
- bring a camera to work.
- have floppy drives working on any computer
- have printers connected to any PC - printouts had to be sent to a special room.
- use any kind of portable media (parallel port tape drives, etc).
Of course, all our systems were on a private network - no internet access at all. Part of my job was to introduce software and tools into the network when formally requested - lots of paperwork. That's how compilers and 3rd party libraries were brought inside.
IBM made desktops with locked sliders to prevent access to the floppy drives. I'd be shocked if those weren't still manufactured.
Anyway - this has been solved, just forgotten.
BTW, have you ever wondered why at least 1 Blackberry didn't have a camera? DoD users.
Hmph (Score:4, Interesting)
But yeah, banning removable media is also good...
Re:Old news and misleading title (Score:5, Funny)
So I still don't get it - somebody finds something on SIPRNET. The copy it to a USB drive and give it to somebody else off the secured network, then plug it back into the 'secured' network again next week when the newest bunch of porn shows up? Sounds most secure.
Maybe they just ought tweet everything. At least the 140 character limit should slow people down a bit.
Re: (Score:2)
B) Yes having the guys with guns tell you that you may not have that on base is generally a good enough deterrent.
Re: (Score:2)
You then keep the key in one of those industrial key minders that comes complete with logging.
Re: (Score:2)
Re: (Score:3)