Military Banning Physical Media To Reduce Leaks

Status
Not open for further replies.

house70

Distinguished
Apr 21, 2010
1,465
0
19,310
Info will be transmitted via phones, like in WW2. Of course, wireless phones will be banned, as they can be intercepted easily. We're talking about good 'ol corded phones, preferably with a crankshaft to generate their own power.
Also, don't forget pigeons; they can be used for data transmission, as it has been proven before.


Typical hunker-down self-crippling move that will only serve the "enemy".
 

pug_s

Distinguished
Mar 26, 2003
60
0
18,580
Boy, you have to ban alot of stuff and it does not work. People can put data on an mp3 player or smartphone. PFC Bradley Manning managed to do put data on multisession CD's.
 

fjjb

Distinguished
Jan 29, 2010
81
0
18,580
if they really want to secure their information they better start making a big intelligent AI that could analize the given information and transfer information by closed LAN networks and that the information can only be decoded by another special made AI in that region.
 
G

Guest

Guest
Wow USB's have been disabled for awhile now on Army networks... Adding this crap (if it also hits the Army) will indeed be a pain.

I would kind of think adding an encryption to removable media that can then only be unencrypted via a network stored key or at least unencrypted from the S6 installing a temporary key on stand alone machines.
 

iNiNe5

Distinguished
Aug 3, 2006
31
0
18,580
uhhhh... if the concern is people bringing home USB thumb drives, why not just require you to return the USB before you leave? they do that at libraries. you can't carry out Volume 3 of the encyclopedia. the detector goes off and the librarian asks you to surrender the book. it;s been done for years now, since my kindergarten days.
 

djsting

Distinguished
Dec 16, 2009
47
0
18,580
[citation][nom]house70[/nom]Info will be transmitted via phones, like in WW2. Of course, wireless phones will be banned, as they can be intercepted easily. We're talking about good 'ol corded phones, preferably with a crankshaft to generate their own power.Also, don't forget pigeons; they can be used for data transmission, as it has been proven before.Typical hunker-down self-crippling move that will only serve the "enemy".[/citation]

Lots of private companies that deal with very sensitive data (i.e. customer credit cards and such) have a simliar policy in place. One of my former employers required you to have special permission to bring in any external media, be it a flash drive, or cd/dvd. This never hindered anything because data was available via network or sent through email. Is this step 100% fool proof? no. But it certainly makes it harder to get data outside the company and do it in a way that you don't get caught.

[citation][nom]iNiNe5[/nom]uhhhh... if the concern is people bringing home USB thumb drives, why not just require you to return the USB before you leave? they do that at libraries. you can't carry out Volume 3 of the encyclopedia. the detector goes off and the librarian asks you to surrender the book. it;s been done for years now, since my kindergarten days. [/citation]

The problem with that is you need to put RFID tags on the flash drives. RFID alarms can be beaten...easily. Or you take the simple approach. go to walmart, buy your own flash drive and sneak it onsite. They don't have a magic "detect flash media" machine to my knowledge. Plus, flash media is can be made so small, that they are hard to find. You have to have rules in place that prevent people from brining these types of things near sensitive data and SERIOUS consquences for anybody that fails to abide by those rules. You'll never stop all data leaks, but you can certainly make the risk higher than the gain.
 

d-rocksizzle

Distinguished
Aug 7, 2009
1
0
18,510
DON Civilian here. The reason USB drives have been banned for a while now in the military (DOD,DON, NSA, etc. also), and other media has not, is because it was discovered that multiple manufacturers from unfriendly countries (read: China) had built in code to the sticks that was secretly sending information from DOD computers back to sites in China. Until I knew that, I thought it was a dumb rule since we'd be burning a lot of cds.

I'm interested to see how long this ban lasts...
 

applegetsmelaid

Distinguished
Apr 22, 2010
234
0
18,830
Seems pointless to do so. Isn't a computer or device that holds data a form of (or contains) physical media? Software has to be stored on something physical, it doesn't just float in the air. Again, the paradox of military intelligence.
 

orionantares

Distinguished
Jan 30, 2010
119
0
18,630
I'd expect the disc ban to be permanent but the flash ban will probably last until they implement enforced encryption for any interfaced device based on a sourced access key. The only thing I'm surprised about is that it took them this long.
 

djsting

Distinguished
Dec 16, 2009
47
0
18,580
[citation][nom]applegetsmelaid[/nom]Seems pointless to do so. Isn't a computer or device that holds data a form of (or contains) physical media? Software has to be stored on something physical, it doesn't just float in the air. Again, the paradox of military intelligence.[/citation]

Uh yeah....their servers. I would imagine if you tried to physically access a military server under serious lock and key, not to mention an M16 or two, chances are you come away with little more than a few bullet holes... :/
 

djsting

Distinguished
Dec 16, 2009
47
0
18,580
Let me add one more point. The stand alone machines also have no business storing such classified info, especially in an unencrypted form. I know how easily hard drives with such data manage to grow legs and walk off.
 

jsc

Distinguished
Moderator
Jul 14, 2004
498
0
18,960
Sure, look at DoE and the Lee case.

This is always the problem with security - balancing security against ease of use.
 

dealcorn

Distinguished
Jun 12, 2008
10
0
18,560
[citation][nom]orionantares[/nom]I'd expect the disc ban to be permanent but the flash ban will probably last until they implement enforced encryption for any interfaced device based on a sourced access key. The only thing I'm surprised about is that it took them this long.[/citation]

I believe encryption is effective, but how do they ensure that the sourced access key is not portable?
 

COLGeek

Cybernaut
Moderator
Controls are in place now to limit this sort of behavior. The young knucklehead that broke the law and provided the info to Wikileaks wasn't being monitored properly. While this article sounds draconian, it will have little impact to how information is supposed to be handled on SIPRNET. Sounds bad, not as big a deal as folks think.
 

dealcorn

Distinguished
Jun 12, 2008
10
0
18,560
[citation][nom]firemachine69[/nom]Limit the number of people who have access to the key.[/citation]

I think you are saying that people who have the key can, for example, use it anywhere in the world even if they are not physically present (aka steal and resell it). Absent additional insight, I suspect the techniques to ensure proper, secure key use are not nearly as good as encryption techniques particularly when large numbers of keys are required as would be the case when the U.S. government is involved. However, any sort of encryption likely would have stopped the Wiki Leaks stuff. Most appealing would be a system in which no person has the key. While a severely limited number of monitored persons must understand how the it works, they should not be able to decrypt the the keys that result from the process.
 

zak_mckraken

Distinguished
Jan 16, 2004
868
0
18,930
Well, good luck with that. USB drives are in everything these days, even in jewelry. Of course, they can just disable USB drive support from their machines, but I wonder if they even have a clue about this...
 

eddieroolz

Distinguished
Moderator
Sep 6, 2008
3,485
0
20,730
They need to disconnect all classified networks from the internet, and not give all-clearing passes to some random private.

They need to start treating the access passes to be of vital importance. Run a thorough background check and observe candidates for months before giving them out.
 
Status
Not open for further replies.