Article

2010-12-13 Home Front: Politix

Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.

Posted by gorb 2010-12-13 01:46|| || Front Page|| [2 views ] Top

#1 That's going to be pretty tough to do, CDs are routine for that sort of thing, and even a pre-burned CD is "removeable media".

I recall one ISSO even epoxy'd CD ROM players on the PCs shut (in addition to the USB ports they epoxy'd) - the security IT guys that did upgrades had to crack the case, install a working CD player, do the software updates, then remove the working CD player restoring the epoxy'd one. To this day I don't know why they simply didn't remove the damned drive other than they didn't have authorization to remove hardware.

Been through this horse puckey before back in the 1990's when you could never bring self-burned CDs into a SCIF, so you had to bring store bought ones in - and the fun part is they banned taking ANY CDs and CD players out! So if you wanted music there, you bought a no-radio, stand alone CD player that went into the SCIF permanently, and burned a copy of every CD, keeping the burned CDR at home, and the original goes into the SCIF never to be seen again.

That changed back in 2002 or 2003 I think, and the outflow of CD collections was big (too them a long time to scan them before releasing them to the unclass side of things).

I guess it now changes back to that as of the reg being handed down.

Posted by OldSpook 2010-12-13 02:58|| 2010-12-13 02:58|| Front Page Top

#2 Printers are next.

Posted by Besoeker 2010-12-13 06:04|| 2010-12-13 06:04|| Front Page Top

#3 reality check will be hilarius. trying to picture my last tour with these restrictions in place.

Expect a lot of classified info being handled on the NIPPER boxes with subsequent leaks.

Posted by nGuard 2010-12-13 08:59|| 2010-12-13 08:59|| Front Page Top

#4 In the long run, it's better to hammer unmercifully miscreants, no matter rank or intention or the execution of all other duties, than to erect unending procedures and regulations and make unworkable setups to cover these issues. However, no one wants to be the bad guy who sticks it to poor old Charlie who, you know, just screwed up and 'forgot'. It's amazing the irrational zero tolerance to benign things in elementary schools these days that get kids suspended or expelled, but the unwillingness of adults to hold other adults to basic standards around national security. Right, Mr. Stuff Socks Burger?

Posted by Procopius2k 2010-12-13 09:00|| 2010-12-13 09:00|| Front Page Top

#5 Like banning removable media is a tough call.

Posted by Fire and Ice 2010-12-13 11:42|| 2010-12-13 11:42|| Front Page Top

#6 So they consider CD-ROMs to be removable media?

This is CD-ROM as in Read Only Media.... by definition you can't write data to it.

(I think write-only-media would also be safe...)

Posted by CrazyFool 2010-12-13 11:56|| 2010-12-13 11:56|| Front Page Top

#7 GIGO
Written pages are "Removable Media"
So?
making all "Orders" Verbal? equals total fuckup.

Posted by Redneck Jim 2010-12-13 12:04|| 2010-12-13 12:04|| Front Page Top

#8 Written pages are "Removable Media"

That's what the Sock Stuffing (Sandy Berger) Mr. Burger point alluded to. It's not so much the system as the people.

Posted by Procopius2k 2010-12-13 12:33|| 2010-12-13 12:33|| Front Page Top

#9 CF: nope. You don't know the ISSO (Security Officer) mindset.

If it contains data and can be removed, then its removable media and therefore banned. I've been through this one before. The reasoning behind it is that someone could make a blank CDR that looked like a music CD, and could burn classified into it and could walk out with it, therefore NO home-made CDs of any type, nor any data CDs of any type, be they burned or commercial will ever be allowed into the facility except under strictly controlled procedures via the security office (this also prevents threat injection, ask the Iranians about STUXNET). Commercially made original music CDs may be brought in, but may not EVER leave the SCIF.

You can bet that's whats going on now - all those MP3 players and MP3 CD's will be destroyed since they cannot leave the SCIF and are not allowed to be in there (Data CD).

I feel sorry for the guys on mid watch over the holidays.

The real problem are the USB drives, since they can be as small as a thumbnail. ande hold 32GB in the microSD format (I have one in my Android phone at the moment).

I favor execution of those who deliberately leaked things like the Wikileaks stuff, as a deterrent and an appropriate measure for aiding and abetting treason as well as attempted multiple murders. Data misuse should be escalted - 1st offense a company grade Article 15 (for contractor or GS, a fine and a 1 week suspension of access), second a field grade article 15 (a larger fine and a 1 month suspension of access as well as a remedial course on security porocedures), and third a discharge under other than honorable (permanent revocation of clearance, firing and a federal felony prosecution that can be plea bargained to a misdemeanor but with a permanent record). Deliberate things liek Sandy Berger jump IMMEDIATELY to the third level at a minimum, and if they are sufficiently large and deliberate and resulted in a leak, than they go for life - and if its like Manning and Wikileaks (or the Walkers, or Boyce and Lee, etc) the death penalty should be automatic.

You do that, show people you are serious about it, and the instances will stop because there is a cost - a severe and sure cost.

Posted by OldSpook 2010-12-13 12:40|| 2010-12-13 12:40|| Front Page Top

#10 This is easy and it's criminal that it wasn't done a long, long time ago. There are such things as diskless workstations, or at least there could be if the government put out a request for bids on a contract to produce them. I've seen them at computer trades shows. The most notable ones that I saw were produced by Sun and they did NOT run Microsoft software which as far as I'm concerned is an extra added bonus. They will, however, run modern browsers, email, word processing, spreadsheet and other applications. The software for these applications resides on a central server and not on the workstation itself. If the OS on these types of workstations needs to be upgraded it can be done over the network from a central server. No disks. No USB ports. In fact, no I/O ports at all except for keyboard and mouse.

Posted by Ebbang Uluque6305 2010-12-13 13:26|| 2010-12-13 13:26|| Front Page Top

#11 Agree EU, it's a pre-80s topography of a server and smart client. It looks like Google is attempting to do just that. However, in the real world, the use of 'off the shelf' equipment means more players who can get their congresscritter to scream and howler about 'competition' and 'cost effectiveness' against hard learned lessons that somehow never get factored into the bottom line calculation because they're fuzzy, till it happens.

Posted by Procopius2k 2010-12-13 13:53|| 2010-12-13 13:53|| Front Page Top

#12 Just put in "dumb terminals" LOL!

Posted by Fire and Ice 2010-12-13 14:43|| 2010-12-13 14:43|| Front Page Top

#13 If it's just thumbdrives and external hard drives, this isn't a bad idea; that's the infection vector for a ridiculous number of viruses we get.

If it's more than flashdrives, though... Not gonna work so well.

Posted by HEU 2010-12-13 14:58|| 2010-12-13 14:58|| Front Page Top

#14 Aren't those called 'thin clients'? Used to be called X-terminals (in that they only run a X-Windows Server. they have some which also run Remote Desktop only. Most however have floppy drive and a USB Port or two.

Posted by CrazyFool 2010-12-13 15:03|| 2010-12-13 15:03|| Front Page Top

#15 Classic Knee-jerk reaction. How about we only allow access to personnel that have A NEED TO KNOW. How about we line up PFC Manning in front of a firing squad or under a noose. That would solve the problem and fast.

Posted by Cyber Sarge 2010-12-13 15:51|| 2010-12-13 15:51|| Front Page Top

#16 Just don't ask about the Furbys.

Posted by Eric Jablow 2010-12-13 20:16|| 2010-12-13 20:16|| Front Page Top

23:37 rammer
23:35 CrazyFool
23:31 JosephMendiola
23:18 abu do you love
23:06 mom
23:03 Pappy
22:48 tu3031
22:35 JAB
22:34 abu do you love
22:31 OldSpook
22:30 abu do you love
22:24 Frank G
22:22 Secret Master
21:37 AzCat
21:15 Frank G
21:15 746
20:40 Water Modem
20:16 Eric Jablow
20:05 Glenmore
19:59 Redneck Jim
19:41 tu3031
19:40 tu3031
19:36 tu3031
19:17 tipper