Slashdot Mirror
Military Bans Removable Media After WikiLeaks Disclosures
cgriffin21 writes "The Pentagon is taking matters into its own hands to prevent the occurrence of another WikiLeaks breach with removable media ban, preventing soldiers from using USB sticks, CDs or DVDs on any systems or servers. The directive prohibiting removable media followed the recent publication of more than 250,000 diplomatic cables, which were leaked to whistleblower Web site WikiLeaks at the end of last month by a military insider."
barn
Equine Mammals Are Considerably Smaller
Thank god they didn't ban floppy disks.
I knew these bad boys would come in handy one day!
liqbase
This applies to SIPRNET machines, and specifically personal CDs, DVD, etc. The thing is, this has always been the rule. At least everywhere I've worked with SIPRNET access (Air Force).
If you want news from today, you have to come back tomorrow.
This only applies to SIPRNET machines and has always been policy. No news here
09-f9-11-02-9* (G^GCA_++{>. RV>>>>+++ NO CARRIER
It is really hard to ban removable media given that you can attach a phone and it becomes a USB drive.
Using Windows Terminal Server, or Aqua Connect on the Mac
you can prevent anyone from using a USB device, as the data will be on a server, presumably locked away from users.
Fight Spammers!
And these are the people that we set loose with big guns, exploding doohickeys, and nukes.
Of course the logical progression is to ban the use of cameras, photocopiers, cel phones, paper, pencils, and people with photographic memories.
Three Squirrels
It's used to be the case that some companies would squirt epoxy into the USB ports on devices - Doesn't really work any more as many devices no longer have PS2 mouse and keyboard ports.
The simple act of having a cell phone on you in most federal facilities that have these security policies is a security violation. A few of those and you can lose your job (yes, government employees can actually be fired in a "stop, don't pass go, you're on the street" way over this). If someone sees you plugging it into a SIPRNet node, you're fucked. Do that **now** while the government is making up for lost time and you've basically shredded your own clearance.
No mention of dropbox?
A) Go back to using PS/2 for keyboard and mouse, I never stopped using them for servers because the KVM's are just more reliable with it than USB. Now you can disable USB without an issue.
B) Yes having the guys with guns tell you that you may not have that on base is generally a good enough deterrent.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
That's an incredibly easy thing to solve, all you do is put the CPU into some sort of protective case that prevents a person from inserting or removing things from any of the ports without the proper key.
You then keep the key in one of those industrial key minders that comes complete with logging.
I've worked in classified areas in aerospace, and USBs have been disabled since the first USB equipped PCs showed up. In then early days I think they actually removed the USB interface chip. Now it's disabled in software.
If secrecy and security are important then they should damn well act like it. A USB interface is about as secure as a mesh condom.
So the leakers will now have to rely on plain old memorization, or print shit out. The only real way to prevent leaks is by monitoring access and severely punishing people for leaking. This leak only happened because the leaker all but knew he was impossible to catch. In fact, he was only caught because he bragged about it and someone turned him in.
Here's a little story from back when I was the "IT security guy" (they didn't want to shell out the wage for a CISO, I guess) of a large, very security conscious company.
Of course, no machine had USB ports or CD drives (not that CD drives could have allowed any software to leave the machine, but hey), nothing you could plug on parallel ports or serial ones, no floppy drives, no nothing. No way to plug anything into those machines that could remotely be used to transfer any data out of them.
But of course, some people are more important than others, and some people have privileges. Needed or not. One department head needed to be able to use USB drives. It was actually a fairly level headed person and he was quite security conscious, was aware of the risks and able to handle it, and given enough pressure on the CEO he was finally allowed to use USB drives. This was actually still a fairly acceptable move. It was necessary for him and did increase his ability to work well and efficiently, and he could handle the additional responsibility and the risk was manageable and low enough to be acceptable.
But then the invariable laws of the office privilege and status bullshittery set in. Because it is impossible that Department Head A gets something and Dufus B doesn't. I guess it's not hard to guess what happened next. Of course, all managers on this level had to be allowed to use USB drives, need them or not. And this was NOT acceptable anymore. Some of them were too dumb to actually plug an USB drive into their machine without causing a repair incident. But they had to get it, need it or not, but it's simply impossible that one of them gets a privilege and the others don't.
So do not fear, people. Sooner or later this rule will be softened up and erode away because some people will have to have "privileges". Without being able to handle them.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Bit of an honest question really.
If I log onto my online email, its an ssh site. So what's there to stop me shoving the stuff in an encrypted and compressed file - and then sending it as an email. If they're sniffing the packets they'll only get garbage. If I create an email address just for this - its pretty hard to trace I would expect.
Hell, doesn't even need to be email (although its the simplest way to cover tracks) - what's to stop me sending it over any sort of encrypted network?
The port may be universal; but the drivers aren't. Nor is automatically mounting a volume as r/w on insertion. Physical disabling is crude and only for the most absolutely paranoid of situations; but software based disabling of all but the really clever covert channel stuff should be relatively simple...
Has there ever been an explanation of what all the diplomatic traffic was doing going through the pentagon? Wouldn't separate channels, and perhaps distinct cryptology, whose individual security is checked and tested by the NSA be more secure in any-case?
The Pentagon had to ban USB sticks, et al, internally after the biggest single security breach caused by a virus passed around and brought onto the secure SIPRNET within the Pentagon itself. It's unclear to me if the problem was the virus relaying secret information off the secure network, or what, but apparently it was labelled the single biggest security breach by the Pentagon and they're unlikely to be overplaying security holes.
Mind you, NASA has just released secret information into the public domain by selling hard drives known in advance to contain secret information. These are drives that FAILED in-house auditing for such stuff. And prior to that, disk drives containing blueprints for the current generation of super stealth fighters were sold by Lockheed-Martin to Iran. (And people think Wikileaks did bad stuff?!?!?!?! How the hell does a bunch of personal opinions compare with giving a terrorist-funding nation plans for the top US fighters? Internal to Iran, there's the possibility they will find a weakness. Think Death Star plans. Think the Stealth Fighter shot down in Serbia. Yes, the Serbians blew up one of America's best planes, and with a cruddy cheap missile at that. On an international level, the Russians will doubtless use the plans to improve on their own airfoils and may be able to exploit the design to improve on whatever shape-based stealth they've developed so far.)
Add to that that NASA servers have been hacked in the past to turn them into file-sharing sites. Which means that whatever classified files were in those exposed directories have been shared as well. Quite plausibly these files were protected by DES only, not triple DES or AES, as "commercially sensitive" data is classified below secret and certainly only used basic DES up until a couple of years before that breech was discovered.
Then, back in the 90s, there was a breech at the Pentagon due to computers containing classified information being on the public Internet and having .hosts files. (NASA used .hosts files and rsh well into the current millenium and may well still do so.)
That's four Bloody Obvious horses, with gold bridles and gem-encrusted saddles, that have walked out and were only noticed after they kicked the door down at the stablemaster's house. There may be others.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
The security they had was poor because of incompetence, the same incompetence will "secure" it again. Will it work? ;-)
This isn't even really secure information and its extremely likely spies have always had this level of access. What I'd love to know is how secure the actually secure or extremely secure information is... and how easily accessed that is by foreign governments (and future internet leaks as the US government falls deeper into the authoritarian black hole.)
Democracy Now! - uncensored, anti-establishment news
As someone who really was once an Intelligence officer, I'd like to point out that Bradley Manning was ranked Specialist 4, which is neither an NCO or commissioned rank. Until he made at least Sergeant, his need to know on anything besides possibly technical equipment specs was probably somewhere between nothing and Sgt. Schultz's "Nuuthink! Nuuthink!".
Who is John Cabal?
USB watches are available. http://www.thinkgeek.com/gadgets/watches/9771/
Fight Spammers!
Something about this whole affair is bugging the crap out of me.
The messages prior to 1997 are all uppercase, and in the proper JANAP-128 format. They all pass the "sniff test" to me, but what don't pass the sniff test Manning. He could've had acces to the copter video, that'd be out and about. But where the heck is he supposed to be getting cables from the 60's and 70's??? That stuff don't normally get put up on the SIPRnet, it's kept on microfiche in archives.
This smells like someone old. Somene who's been on the inside for a very long time, collecting skeletons, putting everything in electronic format waiting for the right moment to open the door from a safe distance and let it all out. Waiting for the right medium (wikileaks), the right person to make an opening (Manning) and then take all the heat (Assange).
This feels like someone's very old archive. It don't feel like the work of one stupid kid.
Ah, the old "if you have physical access to a device, you can do anything" adage
....we haven't been allowed to use thumbdrives and such, like, forever......
Sic gorgiamus allos subjectatos nunc
It's great that they finally figured out that letting employees write secret data to a storage device is a security risk, but are they also auditing outbound communication? Will they notice if an employee emails the data to his Gmail account? Or deposits it on some hacked server somewhere? Will they notice it if he uses steganography to hide it in other data?
Or maybe he'll use a program that converts the data to visible data that can be recorded by a camera (sure sure, cameras are against regulations, but stealing data is against regulations too...if he's a determined data thief, cameras can be hidden in all sorts of objects and body cavities). For example, a QR code can hold 4KB of alphanumeric data. If someone writes a program that displays 15 frames/second of QR encoded data and records it with a camera, that's 200MB of data every hour.
If he's patient, he can record it as a 2400 baud data stream and record it on his MP3 player - he can steal around 10MB/hour using this method.
Or maybe he can record it as a bit patter on a laser printer - if he can write at 100dpi reliably, thats around 100KB per piece of paper. If that can be stretched to 500dpi he'll get around 2MB per piece of paper, and will look like a grey piece of paper to the naked eye so security won't pay any attention "Oh that, it's scrap paper I'm taking home to my kids".
How will he get such a data theft program onto the computer? Simple -- if he can't download it off the internet (perhaps a "gif" that just needs the first 128 bytes stripped off to make it an executable), he can plug in a USB keyboard dongle that acts as a keyboard and then let it type in the program for him.
How secure *is* our secret data? Hopefully banning USB drives is just one layer and they are taking greater steps to securing who has access to such data.
I've worked at several different banks that had software in place to disable the USB ports to prevent this exact sort of thing from happening. In one case they built the software in house so that certain USB devices that were issued by the firm could be unlocked, but nothing else. CD writers, if available on the host, were also locked down by the software and could only be used with prior approval. From what I know of the banking industry, this is pretty standard practice.
But computers holding sensitive government data don't even have that level of security?
Some people have photographic memories. Will you ban them from looking at the screen?
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
But then the invariable laws of the office privilege and status bullshittery set in. Because it is impossible that Department Head A gets something and Dufus B doesn't.
The whole concept of, "If I make an exception to the rules for you, I will have to do it for everyone" is such bullshit - both as an excuse not to make an exception and as a justification to do it for everyone else. Management like that might as well be replaced by a robot for all the value they add.
When information is power, privacy is freedom.
Am I missing something?
Now I realize there are probably many different configurations for workstations and such, but why is THIS not the point at which leaks are stopped?
Order and implement workstations/terminals/laptops that simply do not have CD/DVD drives OR USB DRIVE PORTS installed. You know, no ports or drives to plug anything into? Short of photographing the image on a monitor, doesn't this pretty much rule out digital transfer of data?
I've seen pictures online (some random image pack on Cryptome, me thinks) of things like a field tent set up with tables in a row and laptop after laptop all networked(you could see the cables), each with a soldier happily going about what appears to be personal activities (a PS2 gaming controller isn't milspec, is it?). If these same machines are being used for OFFICIAL use, no fucking wonder they have problems.
The other possibility is that the whole institution will become increasingly paralyzed and unable to accomplish anything. Unlike a company, the armed forces can't actually go bankrupt. The USB ban and similar issues are already a problem for the Air Force.
The military slaughtered innocent people and covered it up. That was the reason for the leak, to shine a light on wrong doing. To prevent a future leak the military should also own up to it's mistakes and not cover up innocent accidental deaths in future. That would do more to prevent future leaks than any amount of security.
But then the invariable laws of the office privilege and status bullshittery set in. Because it is impossible that Department Head A gets something and Dufus B doesn't.
The whole concept of, "If I make an exception to the rules for you, I will have to do it for everyone" is such bullshit - both as an excuse not to make an exception and as a justification to do it for everyone else. Management like that might as well be replaced by a robot for all the value they add.
You have clearly never been a manager.
XML is a known as a key material required to create SMD: Software of Mass Destruction
What about punch cards? :P
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
This action by the US Government is a clear win for Wikileaks. It is EXACTLY what Wikileaks intends for its targets to do. Wikileaks's clear publicly-stated goal is for secretive corporate and government "conspiracies" to react to leaking by restricting internal communications. http://zunguzungu.wordpress.com/2010/11/29/julian-assange-and-the-computer-conspiracy-%E2%80%9Cto-destroy-this-invisible-government%E2%80%9D/
Just under 1300 cables have been published; all 250,000 have most definitely NOT been published. They're being released in dribs and drabs. Source: http://213.251.145.96/cablegate.html
I worked in a defense contractor in 1989. Even back then we were forbidden to:
- bring a camera to work.
- have floppy drives working on any computer
- have printers connected to any PC - printouts had to be sent to a special room.
- use any kind of portable media (parallel port tape drives, etc).
Of course, all our systems were on a private network - no internet access at all. Part of my job was to introduce software and tools into the network when formally requested - lots of paperwork. That's how compilers and 3rd party libraries were brought inside.
IBM made desktops with locked sliders to prevent access to the floppy drives. I'd be shocked if those weren't still manufactured.
Anyway - this has been solved, just forgotten.
BTW, have you ever wondered why at least 1 Blackberry didn't have a camera? DoD users.
Indeed, and for it to really work, you'd also have to be really certain that the person can be trusted. This is just a way of making it even more inconvenient to try and smuggle information out. Sometimes the right solution isn't particularly high tech. It's amazing how much more secure you can make a system with a bit of epoxy applied to the right spots.
Never will stop leaks and this crap just makes working in a secure environment very hard. But that's just my opinion.
1. Your monitor is at 60 hz, so flash your text or encoded bits on the screen at 30fps, and record it with your iphone HD recorder. High quality mode, or use someother small HD camera that uses little compression.
2. Encode your documents into an audio streamed 6bit/sample with ECC. Hit play and record using your analgoue or no compression digital recorder via the Audio Out jack. This will require some small code in VB you can type in either by memory or from paper/iphone.
If you have a monitor or audio out jack, theres your output jacks.
Liberty freedom are no1, not dicks in suits.
They rejected my security clearance and fired me.
They may have rejected your security clearance, but I really don't think for the reason you suggest. Sorry, no...
If you want news from today, you have to come back tomorrow.
But yeah, banning removable media is also good...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
You'd think geeks would get the details right: 250,000 cables have NOT been published. Barely over a thousand have been. Yet this dweeb and the entire American MSM spouts about a quarter million cables published. Has idiocy become so enshrined that slashdot editors now bow to it, too? Are there any adults in charge anymore?
Development is programmable; Discovery is not programmable. (Fuller)
This supposedly secure system shouldn't be letting you suck 250,000 files out of it without some kind of flags being triggered or a higher access required. Really, why would you need to access all of the files? And if you were doing some kind of automated analysis you should need clearance for that and permission and be monitored to make sure you don't abuse the access.
Long live uuencode!
If you don't get this you'd better off browsing barbie.com.
I hadn't the slightest objection to his spending his time planning massacres for the bourgeoisie... (P.G. Wodehouse)
He's in jail because the first rule of spy club is you don't talk about spy club. If he'd kept his mouth shut about what he'd done, he'd probably never have been caught. Possibly, but probably not.
The port may be universal; but the drivers aren't
As somebody else pointed out, then just make your "device" mimic a keyboard. At start, it inputs a program to send the data, and that program then sends the data by twiddling the keyboard leds (caps lock, scroll lock, num lock). Should even work over PS/2.
Physical disabling is crude and only for the most absolutely paranoid of situations
At some point a minimum of physical security is needed. Such a cover protecting the connectors, so that you can't unplug the keybord, and plug something else into the port.
...and then you watch your boxen die one after one from overheating ?
I work in a fairly small and relaxed business, and even there only the people that are trusted to burn client data to disc have DVD burners. There's always the USB device angle but less relaxed businesses (eg. a legal firm a friend works for) put epoxy in the USB ports of most machines.
We're seeing a failure at many levels - why did Manning have access to so much stuff anyway let alone be able to get it onto a device and get it out of the building? Apparently any of three million people could potentially have done the same thing. We can be pretty certain that even small countries with very little effort put into intelligence gathering already have all of this stuff. Somebody sympathetic to the Saudis probably got it all out years ago then somebody sympathetic to Bin Laden may have passed it on long before Manning got hold of it.
No, it's a matter of changing the rules for good reason. Some managers just don't grow up and are jealous of extra "privilege" and do not understand that even the janitor has keys to get into more areas than they do simply because of different responsibilities.
It's like the creeping desire of office workers in fixed locations to have laptops because they see high status management that travel a lot with them and entirely miss the "travel a lot" point.
So what the Hell was he doing in possession of that information in the first place? Kind of suggests he either had help or the military's systems aren't as secure as they'd like them to be.
How does anyone know they're authentic? Why isn't the US government simply stating that none of them are real?
There are simply too many of them to be easily faked in a convincing way. Even the ones that have been made public. And of course the US government cannot reasonably claim at the same time that they are fake and that they are endangering US interests. (Not that governments are always reasonable in matters like this.)
Lastly, why does the government not simply send a lot of bogus traffic around, as sort of a reverse "I am Spartacus!" maneuver, in which there are whole messages which are essentially nulls, burying the real messages in a sea of BS?
I'm not entirely sure what you propose, but I don't see how this could work. The leaked set of messages is fixed, so adding nonsense to the set won't work. The Pakistani secret service has planted negative stories about India in Pakistani newspapers supposedly based on leaked cables. That was quickly debunked, though, again because the supposed quotes were not found in the real leaked messages. I don't see how anyone else could be more effective with such a tactic.
No, it's a matter of changing the rules for good reason.
We seem to be in agreement. My point is that managers who refuse to manage the exceptions in favor of rigidly conforming to simplistic policies aren't managing at all.
When information is power, privacy is freedom.
As i understand it, "leaking information to third parties" was already banned, so anyone looking to do that is already breaking the rules wether they use removable media, steal the internal hard drive, transfer data out over the network, take photographs of the screen or even just print it out...
Banning the use of removable media just makes life harder for those people who do want to play by the rules and do their job efficiently. People who want to steal data will just find a different way to do it.
And this assumes they enforce the banning of removable media effectively, most deployments i saw just had a program running designed to disallow you access to removable media devices, but if you can make this program crash then everything opens up.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
It's not a "concept", as much as it's human nature. Don't ask me, I never understood humans, but it seems that they get irate if someone has something they don't have, no matter whether they need it or not. It's that odd mix of greed and envy.
The most ludicrous things happen should a "subordinate" need something "bigger, better, faster, more" to do his job than his superior. Like, say, I need a faster computer to program, compile and draw charts than my boss, who does, at best, read emails with his machine. If you have a smart boss (like I had at that time), you can actually turn those office floor alpha male bull around in your favor.
My boss ordered a new machine for me, which was required and the beancounters approved because it was simply necessary. But in turn, his machine would have been inferior, so it was simply unacceptable (at least according to the management droids) to just drop a "good" machine (read: a tenth of what I'd need but twice of what the beancounters would spit out without throwing a tantrum) on me and have my boss suffer from using a machine not superior to mine. I was wondering at that time why my boss was chiming in and ranting how it is inexcusable, usually he was a pretty level headed guy and not playing the office floor alpha male game. And he didn't really need his machine for anything but emails and managing appointments.
When our new boxes got delivered, he took "mine" and gave me "his", mentioning something along the lines of this being the only way to get me a sensible machine.
No, he didn't know much about computers or what our department actually did (i.e. produce software), but boy, he was great at playing the office games! I miss him.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Try, just try, to show a mid level manager why that dorky computer geek needs higher privileges on "his" (the manager's) machine than the manager himself gets. And now convince him that ISO 2700x demands that.
From a sensible point of view, the last thing I want is higher privs on a work machine than I absolutely have to have. For more than one reason. First, it takes away the convenient "can't do that, don't have the privs" excuse whenever I don't want to do something. Lame excuse, granted, but it gives you a good reason to take a trip to the water cooler and let the computer geek do the installation (and be responsible for it when (not if, WHEN) it fucks something up). If you have the privs to install stuff on your machine, you may rest assured that you will be forced to learn how to maintain it because you will be expected to install patches and new software because "you can do it, so you can do it".
Dear managers, do you REALLY want that? Hmm?
And second, the even more important reason why you do NOT want more privileges than absolutely necessary: Responsibility. When (not if, WHEN) something blows up, you can just toss you hands up and say "I didn't do it! See, I COULDN'T do it, don't have the privs, don't look at me, can't help you solve it either 'cause I don't have the privs, guess you don't mind if I leave early today 'cause I can't do jack anyway. Have a nice one, see ya tomorrow!"
And now explain again WHY you want more privileges than absolutely necessary!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The problem is that most managers, especially in mid-level positions, are not really deserving the title "manager". They're not managing. They're executing.
Managing entails some sort of decision making. Defining something, acquiring the resources necessary (material and personnel) to achieve this something and distributing them, solving logistics problems... in short "managing their resources" to achieve a goal.
That's usually not what mid-level management does. In most companies, they don't decide jack. They get their resources (material and personnel) dumped on them, they get a target to achieve and they often even get the full detailed plan how to get there. In short, they're supervisors, and often not even that, given that often they don't even know what the people they're supposedly supervising are actually doing.
Such "managers" cannot even make exceptions to make things run more smoothly, they don't have the freedom to do that.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
We've got a lot of that going on in my company. It is going to such an extend that I am leaving the company because of it.
Currently I'm locked in a Software Engineering position (by my own consent, I like designing / help create software). Although I have been part of international standardization, I've been to many sites of companies that create products for us, and have been a driving force in getting common criteria certification, I'm still seen as "just a developer". This goes to such an extend that I cannot perform my work in any satisfactory way.
People are different, and they have different needs. I'm not against anybody getting additional hardware or other privileges as long as they are required for him to do his job right, even if they hold the "same position" that I'm in. And the reason to put "same position" between quotation marks is obvious: they are *NOT* in the same position, even if they have the same job title.
I'll try and go to a company that sees what people for what they are and try to get the best out of them instead of putting them down. And don't say these companies are not to be found - they are out there (Google comes to mind, this seems to me the main reason that they are so looked for for job positions).
...only outlaws will have flash drives. After all, if you're going to leak sensitive information, and you get caught, you're going to get much worse than a court-martial. I think the directive will end up doing more harm than good.
The summary mentions the "recent publication of more than 250,000 diplomatic cables". This is a falsehood that keeps circulating. As of this moment, Wikileaks has published only 1295 of these cables, and I believe nearly all of these are published in the redacted form that has already been made public by cooperating news organizations such as NYT, Guardian, Der Speigel, etc. Glenn Greenwald at Salon seems to be the best source of reasonable reporting about this whole WikLeaks witch hunt: http://www.salon.com/news/opinion/glenn_greenwald/index.html It would be great if the /. editors would correct this misstatement in the story summary.
NSA publications expressly prohibit the capability to transfer files to insecure formats.
Citation needed.
In my experience, the NSA, DoD, and friends rely much more on physical and personnel controls. A system assumes the highest classification of any information on it. A writable medium mounted on a classified system assumes the classification of the system. If you've got a security clearance, you're expected to protect such media as any other classified information. The regulations very rarely dictate anything about file formats or access control, beyond protecting the authentication and audit subsystems of the system itself.
Now, whether they *should* worry about that kind of thing is another story. Certainly, for selected programs, much stricter requirements tend to be imposed on things like removable media, and that's a good thing for data security. But those are technically imposed at the local level, not from official regulations.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
floppy disk drive be removed. And off the network.
I think you'll find that was a requirement for any system to be C2-certified - it was part of the spec.
Not really.
You can't certify an operating system by itself. Only a whole system -- hardware, software, configuration, *and* your plan and procedures for keeping it secure. So Microsoft never "got Windows NT" certified, because that simply isn't possible.
I suspect what Microsoft did was publish a set of guidelines to help one configure an NT box to help you meet NSA Orange Book guidelines. (MSFT publishes similar guidelines today, for newer regulations.) Microsoft advised to disconnect the floppy drive because if you can boot from floppy you can bypass the OS. Disabling things in the BIOS would also work, but back in 1995 many computers (especially IBM's) didn't have that option.
I don't know why MSFT didn't cover network security. Possibly it was just beyond the project's approved scope, possibly no one was asking (in 1995, classified PC networks were much more rare), maybe they couldn't do it, who knows?
It is true the Orange Book (which defined the divisions and classes, like C1) doesn't address networks at all. But it doesn't disallow them, per se. Again, the entire configuration has to be certified as a whole. If you want a network, then all computers on the network, and the network itself, have to be considered part of the system, and certified together. The NSA Red Book got into network security, but really didn't make things much different.
I'm given to understand that the Common Criteria (which replaced the NSA Rainbow Books) allow for more flexibility, which is how the SIPRNET exists at all. In the spaces I've played, though, they still use the "certify the network as a whole" approach. It's certainly easier to secure that way. An air gap is the best firewall.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
You're not supposed to have phones in classified facilities. That, along with all removable media shall not leave the facility, is a policy.
There's no government-wide rule that says you cannot have a mobile phone in a classified facility. Such rules are often enacted, but that's at the local security plan level, not official regulation.
The rules for Sensitive Compartmented Information or Special Access Programs are stricter. In a SCI or SAP Facility, phones and personal electronic devices are prohibited by the governing regulations. Additionally, strong controls on media use, both procedural and computer-enforced, are often enacted at the local level. But SIPRNET and SCI/SAP are basically antithetical to each other, so it's kind of moot for this WikiLeaks scenario.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
Thank god they didn't ban floppy disks.
You laugh, but floppy diskettes still see a lot of use in classified environments precisely because they're still allowed. HHOS.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
When will they stop treating the symptoms and finally outlaw that PHqing Toy OS on ANY machine ?
I would rather hope that on any network calling itself "military secure" areas writable by users and areas from which the system will execute code would be disjoint sets...
I would also hope that they would have the absolute bare minimum of tools that might be useful to somebody attempting to turn a series of keystrokes into a program. Keyboard lights are a fun side channel; but they, again, rely on having something running system side. Subtler than USB MSC; but still something that a quality security setup should block simply as a matter of course.
Back in the 1980s, a popular toy was the Furby. The fun part was that you could "teach" it to talk. It listened and then parroted back what it heard. A dad, who worked in a classified area, was given one as a present by one of his children. He put it on his desk at work. As time went by, the stupid thing "learned" from discussions and phone calls and repeated what it had learned at an inopportune time -- when the boss was walking by. Shortly thereafter, a directive cam out banning Furbies from classified areas. At least that's how the story goes.
I take it they are going to disable USB and CD/DVD-ROMS at the hardware level, and also physically remove those interfaces from the motherboards/casesthemselves? Considering how many devices have internal memory, anything can be a thumb drive. Ipod, Iphone, watch, you name it. All you have to do is plug it in. USB is so ubik as well, that I don't think someone experienced in this sort of thing will have much trouble turning it back on if disabled. Reboot-bios-on. It will prevent the casual and retarded I suppose, which is likely the larger danger.
Now the military could design their own motherboards, custom bios and their own proprietary data transfer interface, making it incompatible with anything else, which would at least force someone to reverse engineer it first. Of course that would cost millions no doubt, and some jerk would likely break it in a week.
I mean come on, network admin 101 clearly says, if you want no leaks, then disable all your io ports from output, seems easy enough to follow, so if you want the military admin to be as smart as a regular admin, you have to clearly break into their system, and leave traces easy to find so that they can then deduce that this mentality actually applies to them as well.....???
and, God-forbid, not implementing stupid policies that are morally questionable. Assenge noted in an interview that the purpose of Wikileaks wasn't to start a revolution but to make it easier for (morally)good companies to do business and to make it harder for (morally) bad companies to do business. The same could be said for government. Hire a trustworthy+competent staff don't be a jackass and you'll be less of a target, or at least implement fewer inane 'security' measures.
"Those who have nothing aweful to hide, have nothing to fear"
Hey, Mr. Government, how does it feel to be on the receiving side of your number one argument in favour of privacy violations ?
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
The public knows they were getting smoke blown up their ass, and they wanted the truth. So, they found it. The military is creating a market for the truth by keeping it from us.
In this day and age, if you deprive people of information, they're only going to want it more.
in other words, you're turning the government's favourite pro-privacy-invasion mantra ("those who have nothing to hide have nothing to hide") against themeselves.
nice job !
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
There's nothing mandating TCB B3 for collateral SECRET in any DOD issuance I'm familiar with. B3 was pretty hard to get; it's most definitely more than EAL4. I can't say for sure the DOD has never issued anything mandating EAL4 for SECRET, but if they have they've never flowed the requirement to the regulations I work under.
Many of the standards you list specify do not address applicability or mandate implementation. They are a framework, a mechanism -- they are not policy. The fact that something is a Federal standard doesn't mean it is a *mandatory* standard. Thee are tons of things standardized for agencies who *elect* to employ something.
Further, the DOD is largely its own beast. FIPS is for civilian Federal agencies; it and other NIST issuances generally don't have jurisdiction over DOD. FISMA (the law that gives force to things like FIPS 200) explicitly exempts DOD, NSA, and other "national security" systems. The DOD adopts a lot of that stuff anyway, but it's their option.
If there isn't a DOD Directive, Instruction, Manual, etc., that says "All DoD commands shall do XYZ", there's little to no real force behind it, as far as DOD goes.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.