U.S. Army Block Access To The Guardian's Website Over NSA Leaks

New submitter crashcy writes "According to a spokesman for the U.S. Army, the military organization is 'blocking all access to The Guardian newspaper's reports about the National Security Agency's sweeping collection of data about Americans' email and phone communications.' The spokesman goes on to state that it is routine to block access where classified materials may be distributed. The term used was 'network hygiene.' 'Campos wrote if an employee accidentally downloaded classified information, it would result in "labor intensive" work, such as the wipe or destruction of the computer's hard drive. He wrote that an employee who downloads classified information could face disciplinary action if found to have knowingly downloaded the material on an unclassified computer.'"

Re:network ignorance

This isn't about preventing employees from knowing. It's about keeping classified information off of unclassified networks.

Re:network ignorance

[CanHasDIY]

This isn't about preventing employees from knowing. It's about keeping classified information off of unclassified networks.

By blocking a publicly accessible journalism website?

Oh, right this is the Army, where Process A Requires Solution B, So Do C Instead is command's modus operandi.

A real distinction, which they're bungling

[Beryllium+Sphere(tm)]

I worked for a military contractor once and was told that there was a good reason not to talk about classified material even after it appeared in the press. Our enemies couldn't be sure that the press reports were right, not without confirmation from classified sources.

The military has now done what I was told not to, confirming the authenticity of the Guardian report.

Re:network ignorance

[crashcy]

Why target the Guardian then, except spite that they broke the story and had (or have) direct contact with Snowden? The information has already spread all over the internet, they can't block access to it all.
I don't know what the process is for officially declassifying the information, but I don't see how you can really call something that's public knowledge classified anymore.

Re:network ignorance

[philip.paradis]

What they're referring to is blocking of site access on NIPRNet, which is the "unclass" side of US military network operations, but is still subject to additional scrutiny and a strict requirement that no information that has been classified be stored on connected systems. This is standard protocol bordering on the boring for office communications in the military, and is absolute non-news.

Nobody is actively working (well, okay, not openly working) to restrict communications viewed by active duty DoD personnel on their personal computers while utilizing Internet connections not-uplinked-in-the-barracks-or-other-stupid-places-where-you-know-your-traffic-is-being-logged-shipmate. Military personnel are keenly aware that they face serious legal penalties for improperly accessing and or disseminating classified materials. This is not difficult to understand.

It's worth noting that in this particular case, I firmly believe Snowden acted as a patriot and is absolutely not the traitor he's being painted as by the administration and various members of Congress. I say this as a former service member myself (Navy) who also held a TS/SCI clearance. This young man exposed wholesale disregard for our Constitution on a massive scale, and it's been happening at an increasing pace for about twenty years. I ardently hope he finds asylum somewhere safe.

Re:They lied, even to their own people

Which is why I chose to not re-enlist. Granted, my re-enlistment window was over a year ago (before this all came out), but what I saw our elected officials doing made me realize they were a greater threat to our freedom and constitution than any terrorist would ever be... I couldn't in good conscience swear an oath to defend the constitution from both enemies both foreign and DOMESTIC, and sleep well at night knowing I was breaking that oath every day I marched in step to the idiots that are leading our country into the "dustbin of history." I know Ronald Reagan isn't the most popular president here on Slashdot, but here is a very cogent remark he made:

“Someone once said that every form of government has one characteristic peculiar to it and if that characteristic is lost, the government will fall. In a monarchy, it is affection and respect for the royal family. If that is lost the monarch is lost. In a dictatorship, it is fear. If the people stop fearing the dictator he'll lose power. In a representative government such as ours, it is virtue. If virtue goes, the government fails. Are we choosing paths that are politically expedient and morally questionable? Are we in truth losing our virtue? . . . If so, we may be nearer the dustbin of history than we realize.”

Re:I hear a Sousa march in the background -

[fnj]

How about slashdot?

Re:network ignorance

By blocking a publicly accessible journalism website?

Oh, right this is the Army, where Process A Requires Solution B, So Do C Instead is command's modus operandi.

No, it actually makes sense.

Suppose your objective is to prevent malware from appearing on your PC. (or secure a server.) This isn't a Windows-vs-Unix thing, the answer is the same for what happens when a server gets rooted.

What's the best thing to do when your PC has malware on it? When a server is rooted? You wipe the disk and reinstall the OS from a known good image. It's the only way to be sure that not a single byte of malware/rootkit remains on the disk.

That's the objective. Not one byte of bad stuff on the disk. A single NOP in the wrong place could open a back door.

You could spend a few hours editing registry keys, burning a CD of the contents of /bin from a known good workstation and copying the files over, doing a byte-by-byte comparison of /bin/cp and /bin/ls, and so on, but you'd never be completely sure the system wasn't compromised. If you got rid of the malware and any back doors left by whoever rooted the system, you're fine.

That's what the .mil folks are trying to do with their networks, except that instead of "malware", it's "classified information on computers used for unclassified work."

And it's not as silly as it sounds. You want to know that if malware exists on your system, there's something wrong. In PC terms, there's no harm done by users downloading dancing-bunnies.exe as long as they never actually run it. (Maybe it's a false positive -- the user was merely going to spend a lunch break disassembling it to understand how the exploit was written... Maybe they're downloading a Linux rootkit for analysis on a PC, or vice versa. But how can you tell the difference between that and someone downloading a Linux rootkit with the intention of maliciously installing it on a Linux server that can only be accessed through the compromised PC...)

If you only have one user, you could ask them, but if you have 100,000 users, you can't. You just don't have enough sysadmins to nicely ask everyone on the network if their copy of the rootkit was downloaded deliberately with no intent of using it to harm the network, or if there's something seriously wrong. So you say "Sorry, no dancing-bunnies.exe on this part of the LAN. If you want to do virus research, do it at home, or, if we think you're smart enough, we'll give you a PC on the portion of the network that we've separated from the company LAN, and you can do research there without any risk of the dancing bunnies spreading to other users..."

And then you wipe the disk and reinstall the OS from a known good image.

The only reason classified information should appear on an unclassified machine is if there's a security breach. If every innocent download of dancing-bunnies.exe results in a nuke-and-reinstall on sight, your security researchers will stop doing it on the company LAN, eliminating the false positives.

Re:network ignorance

[gerardrj]

If it is available from a public web site then the information is no longer "classified", but public knowledge. You can not put the genie back in the bottle.
The internet has no delete button and the Army has no neuralizers.

The thinking and the process here is flawed. Once information is leaked it should be "de-classified", since that's what it is. To continue trying to operate as though the leaked information is still somehow magically top-secret is insanity.

Re:network ignorance

[Bengie]

By common sense, what is public knowledge cannot not be classified. Otherwise the government could classify the color of the sky and tell workers to not look up.

It is nothing more than a state of denial.

Classified leaks...

[Firethorn]

The problem is that government rules aren't really set up to handle major leaks like this. The whole sanitization process assumes that the information is still on government controlled computers handled by people with some level of clearance, even though they don't have 'need to know'. So you tell them to shut up about it, and it normally works because a random piece of classified material isn't normally worth all that much.

There are supposed to be processes in place to, when possible, 'neither confirm nor deny; then ignore', but the problem here is that the source is credible and the NSA failed to discredit him(rightly or wrongly). So now it's confirmed. One of the rules for classifying information is that it can't be public; available on free news sites counts as 'public', but the way the rules are written, only the classification authority(or people over it) can declare the information no longer classified due to compromise. In this case the CA would be the NSA; which is currently running around like a chicken without a head trying to get Snowden without really dealing with the actual leak.