U.S. Army Block Access To The Guardian's Website Over NSA Leaks 331
New submitter crashcy writes "According to a spokesman for the U.S. Army, the military organization is 'blocking all access to The Guardian newspaper's reports about the National Security Agency's sweeping collection of data about Americans' email and phone communications.' The spokesman goes on to state that it is routine to block access where classified materials may be distributed. The term used was 'network hygiene.' 'Campos wrote if an employee accidentally downloaded classified information, it would result in "labor intensive" work, such as the wipe or destruction of the computer's hard drive. He wrote that an employee who downloads classified information could face disciplinary action if found to have knowingly downloaded the material on an unclassified computer.'"
Re:I hear a Sousa march in the background - (Score:5, Interesting)
How about slashdot?
Re:network ignorance (Score:5, Interesting)
No, it actually makes sense.
Suppose your objective is to prevent malware from appearing on your PC. (or secure a server.) This isn't a Windows-vs-Unix thing, the answer is the same for what happens when a server gets rooted.
What's the best thing to do when your PC has malware on it? When a server is rooted? You wipe the disk and reinstall the OS from a known good image. It's the only way to be sure that not a single byte of malware/rootkit remains on the disk.
That's the objective. Not one byte of bad stuff on the disk. A single NOP in the wrong place could open a back door.
You could spend a few hours editing registry keys, burning a CD of the contents of /bin from a known good workstation and copying the files over, doing a byte-by-byte comparison of /bin/cp and /bin/ls, and so on, but you'd never be completely sure the system wasn't compromised. If you got rid of the malware and any back doors left by whoever rooted the system, you're fine.
That's what the .mil folks are trying to do with their networks, except that instead of "malware", it's "classified information on computers used for unclassified work."
And it's not as silly as it sounds. You want to know that if malware exists on your system, there's something wrong. In PC terms, there's no harm done by users downloading dancing-bunnies.exe as long as they never actually run it. (Maybe it's a false positive -- the user was merely going to spend a lunch break disassembling it to understand how the exploit was written... Maybe they're downloading a Linux rootkit for analysis on a PC, or vice versa. But how can you tell the difference between that and someone downloading a Linux rootkit with the intention of maliciously installing it on a Linux server that can only be accessed through the compromised PC...)
If you only have one user, you could ask them, but if you have 100,000 users, you can't. You just don't have enough sysadmins to nicely ask everyone on the network if their copy of the rootkit was downloaded deliberately with no intent of using it to harm the network, or if there's something seriously wrong. So you say "Sorry, no dancing-bunnies.exe on this part of the LAN. If you want to do virus research, do it at home, or, if we think you're smart enough, we'll give you a PC on the portion of the network that we've separated from the company LAN, and you can do research there without any risk of the dancing bunnies spreading to other users..."
And then you wipe the disk and reinstall the OS from a known good image.
The only reason classified information should appear on an unclassified machine is if there's a security breach. If every innocent download of dancing-bunnies.exe results in a nuke-and-reinstall on sight, your security researchers will stop doing it on the company LAN, eliminating the false positives.
Re:network ignorance (Score:5, Interesting)
It stops a keyword tracking feedback loops forming that drags in more casual at 'work' readers. Now if your home or at a rented house off base and start reading more and more about the subject
Thats the neat trick the USA has over the internet - they can watch people of interest ie with a real security clearance and see how they use the net/react over time.
If ~100 contractors and other base staff read the Guardian at home long term - something is different. Testing should have found people like that and never advanced them.
There was a low point in the GCHQ due to very low wages, useless military supervision and home sickness that allowed the Soviets to gain a few useful people just due to basic pay and conditions.
The US wants to find the same "people", making reading the documents 'wrong' could make traits to become clear.
If everyone is allowed to read the documents it gets hard - who is just following the news and who is of interest long term.
It is the same for
The other reason is the cross clearances of the leak hunters vs the staff just looking at work.
A person at work might be cleared for lets say project FARM but the surveillance staff and their admins might only be cleared for lower level work/side projects.
So more people have to be called in to talk to the surveillance staff and their interest in project FARM...
Best just to say no reading and let the tracking teams go to work.
Democracy in the United States has Died! (Score:4, Interesting)
Of all the things I have seen the US do to its own people,this is one of the most appalling! The United States cannot function without the oversight of its people. The people who did this should be arrested and charged with treason, but that is indeed the problem in the first place. Those few people who systematically worked to undermine the spirit of the US Constitution and The Bill of Rights, are now scared. They know that they must try to fight not to lose their power over us.They know that if they lose, they might go to prison, and I hope with every fiber of my being that the do lose their power, that they do go to prison. No citizen is safe, no freedom cannot exist in the climate they dare to make for us. Please stop them. Please help do something if it is only what each one of you can. Help in your own way, but please help.
Classified leaks... (Score:5, Interesting)
The problem is that government rules aren't really set up to handle major leaks like this. The whole sanitization process assumes that the information is still on government controlled computers handled by people with some level of clearance, even though they don't have 'need to know'. So you tell them to shut up about it, and it normally works because a random piece of classified material isn't normally worth all that much.
There are supposed to be processes in place to, when possible, 'neither confirm nor deny; then ignore', but the problem here is that the source is credible and the NSA failed to discredit him(rightly or wrongly). So now it's confirmed. One of the rules for classifying information is that it can't be public; available on free news sites counts as 'public', but the way the rules are written, only the classification authority(or people over it) can declare the information no longer classified due to compromise. In this case the CA would be the NSA; which is currently running around like a chicken without a head trying to get Snowden without really dealing with the actual leak.