It's worth noting that this (reduction in the efficiency of internal communications) is <i>exactly</i> what Assange wanted:<p><i>The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive “secrecy tax”) and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaption.</i><p><a href="http://zunguzungu.wordpress.com/2010/11/29/julian-assange-and-the-computer-conspiracy-%E2%80%9Cto-destroy-this-invisible-government%E2%80%9D/" rel="nofollow">http://zunguzungu.wordpress.com/2010/11/29/julian-assange-an...</a>
> But the U.S. military is telling its troops to stop using CDs, DVDs, thumb drives and every other form of removable media — or risk a court martial.<p>I'm pretty sure anyone stealing the data is already risking a court martial.<p>If the secret files are really so wide open that they're just counting on people not being able to take them, then there's some much larger problems that they better start addressing.<p>Also, I have a really hard time believing this one Private in the army could download hundreds of thousands of State department secret communications, then smuggle them out on CDs. Something is <i>very</i> broken if that's true. Either Manning is just a scapegoat, or there's massive security problems with secret information, or both.
Quite a few members of HN work at companies where the only way to get access to source code, and other secure files, are through thin clients. Sometimes virtualized. At least one of those companies _really_ doubled down on security Last December/January of this year as a result of a serious intrusion.
This article fails to draw enough attention to a key item -- these are enhanced restrictions only for the classified systems. The headline reads like a ham-handed overreaction that's going to make it impossible for people to type up their quarterly reviews and leave requests.<p>I didn't deal with anything classified, but my understanding five years ago was that:<p>1. Any device that's gets plugged in to a secure system needs to have the red "this contains classified info" sticker on it.
2. Once a device becomes classified, it can never be plugged in to an unclassified system.<p>It sounds like the actual story is "military reviews, reiterates security policy in the wake of wikileaks scandal."
This just reminds me of SnowCrash. Y.T.'s mom routinely going through lie detectors and what-not just due to being a government employee:<p><a href="http://books.google.com/books?id=RMd3GpIFxcUC&pg=PA290&dq=snowcrash+Y.T.+interrogation&hl=en&ei=YsIBTb-8GYXksQOay6CqCw&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCoQ6AEwAA" rel="nofollow">http://books.google.com/books?id=RMd3GpIFxcUC&pg=PA290&#...</a>
Bravo to Wired for correctly pluralizing court-martial. In hyphenated terms you add -s to the dominant or defining noun, e.g. gins-and-tonic, Egg McMuffins.<p>Ahem, back to politics ...
When I was overseas, we had a difficult time trying to transfer secret data between DoS and DoD terminals...I can imagine this is going to make it much more difficult.<p>Flash drives have always been disallowed because of malware and virus issues, but CD's and DVD's were what we used to move data between non connected systems. This could be a real pain in the ass.<p>I'd think that all of these problems could be solved by simply logging disks that are removed from secure facilities.
If they needed to use a sneakernet because of a low bandwidth link, it seems like they could eventually migrate to a system with the ability to transfer encrypted copies to removable media. Any other trusted computer on the network could download a key to decode the data, while making the keys unavailable to the end user (at least to the greatest degree possible).
The military could issue USB storage devices and identity tokens that keep their information internally encrypted and which only work on sirpnet-trusted computers.<p>Scenario:
Anything copied to the USB device is internally encrypted, offline, with one of the military's public keys. This process requires no network-side authentication, but would require the soldier's "identity key" to also be plugged in and "sign" the contents.<p>Putting the storage device in a non-trusted computer means the contents are not retrievable.<p>To decrypt the contents of the device, you have to first authenticate to sirpnet from a trusted computer. It's then and only then that the computer is allowed to unlock the information on the removable drive.<p>This method is not safe to hardware reverse-engineering, but should be safe enough for operational use.
Well, this is the real way to shut down Wikileaks. Don't leak. Wikileaks is poorly named - they are neither a wiki nor do they leak. Wikileaks is to governments as <i>The Sun</i> is to the British Royal Family. If you are doing something unsavoury, you'd better make sure they don't find out.
I notice that did not stop plenty of information about this order to end up in the media within an extremely short time.<p>Presumably wired citing 'sources' means that some people are still willing to talk to the media about the information they received. Of course, 'hard' proof (actual copies) of stuff tends to be much more damning but you'll never be able to lock up that information carrier called the brain and it will hold plenty of bits of information.<p>What bugs me is that no government seems to have clued in to the most obvious and totally secure method of cleaning up their act and making sure that nothing worth leaking is done.
Of course they could just tag all authorised USB drives with RFID chips with unique ID codes matching the owners they are assigned to and their clearance levels, and equip their machines and the installations with RFID scanners designed to both detect the RFID and also to verify that the chip matches the drive being used.<p>If the USB doesn't have the RFID, or it doesn't match the carrier or it has the wrong clearance code or the drive doesn't match the RFID ...alarms, guns, trouble.
They need to just use their eyes and ears, the old fashioned way. Eternal vigilance is the price for crushing freedom, erm, something.<p>Better yet, if they want to prevent leaks, just stop doing objectionable things. Especially to their citizens.
On blog talk radio, I heard James Fallows talk about how the State Department is furious at the military for their shoddy security here. According to his sources, State Department systems have much more of the basic protections in place.