DOD Seeks Classification 'Clippy' To Help Classify Data, Control Access

An anonymous reader quotes a report from Ars Technica: The DOD has issued a request for information (RFI) from industry in a quest for technology that will prevent the mislabeling and accidental (or deliberate) access and sharing of sensitive documents and data. In an announcement posted in May by the Defense Information Systems Agency (DISA), the Pentagon stated that the DOD CIO's office -- part of the Office of the Secretary of Defense -- is "investigating the use of commercial solutions for labeling and controlling access to sensitive information." Defense IT officials are seeking software that "must be able to make real-time decisions about the classification level of the information and an individual's ability to access, change, delete, receive, or forward the information based on the credentials of the sending and/or receiving individual, facility, and system."

In other words, the DOD is looking for a classification Clippy. In a response to questions regarding the RFI issued in late June, DOD officials said that the system should be able to ideally protect "any file type on a Microsoft operating system (OS) file system and active directory domain."

Uhhh

NTFS and a decent admin(s)?

Re:Uhhh

NTFS and a decent admin(s)?

Different issue. This proposed tool is to help manage keeping classified properly marked in Office documents (Work, Publisher, Excel, Outlook etc) and verifying the accessing user's credentials based on those markings. I doesn't have anything to do with ACL's or file system administration which they already have.

So they want a tool that is simple to use

I don't see the problem here. Access control should be EASY for people to setup and use. Especially for non-technical people who are the source of the classified material in question.

There seems to be a bit of condescension in the article...typical IT geek bullshit that drives me up the wall. Our job is to give people good tools to do their jobs, not go "you're too stupid to use computers".

Re:So they want a tool that is simple to use

[Highdude702]

In their defense most people are too stupid to use computers..

Please tell me this is not a gov op?

[cre1mer]

So Clippy gets a security clearance. What can go wrong?

Re:Please tell me this is not a gov op?

It looks like you're trying to start a nuclear war. Would yo like to:
1. Launch missiles.
2. Adjust the system Doomsday Clock.
3. Play a nice game of Chess.

Re:Please tell me this is not a gov op?

I think that you mean, "what has _already_ gone wrong.

Obviously, Clippy is skynet, and had itself sent back to the past in order to infiltrate all computer systems and gain access to the ability to wipe out humanity.

Re:Please tell me this is not a gov op?

Here is why creimer always talk about Stan Lee

Hey there, people, I'm creimy brown
They say I'm the cutest boy in town
My car is fast, my teeth is shiney
I tell all the girls they can kiss my heinie
Here I am at a famous school
I'm dressin sharp n I'm
Actin cool
I got a cheerleader here wants to help with my paper
Let her do all the work n maybe later I'll rape her

Oh God I am the american cream
I do not think I'm too extreme
An I'm a handsome sonofabitch
I'm gonna get a good job n be real rich

(get a good
Get a good
Get a good
Get a good job)

Womens liberation
Came creepin across the nation
I tell you people I was not ready
When I fucked this dyke by the name of Stan Lee
She made a little speech then,
Aw, she tried to make me say when
She had my balls in a vice, but she left the dick
I guess it's still hooked on, but now it shoots too quick

Oh God I am the american cream
But now I smell like vaseline
An I'm a miserable sonofabitch
Am I a boy or a lady... I don't know which

(I wonder wonder
Wonder wonder)

So I went out n bought me a leisure suit
I jingle my change, but I'm still kinda cute
Got a job doin video promo
An none of the jocks can even tell I'm a homo
Eventually me n a friend
Sorta drifted along into s&m
I can take about an hour on the tower of power
Long as I gets a little golden shower

Oh God I am the american cream
With a spindle up my butt till it makes me scream
An I'll do anything to get ahead
I lay awake nights sayin, thank you, Stan!
Oh god, oh god, I'm so fantastic!
Thanks to Stan Lee, I'm a sexual spastic
And my name is creimy brown
Watch me now, I'm goin down,
And my name is creimy brown
Watch me now, I'm goin down, etc.

Re:Please tell me this is not a gov op?

Really? We're letting this shitmoth back in? Where are the downmodders?

Re:Please tell me this is not a gov op?

[cre1mer]

Three reasons why Stan Lee had to be at Silicon Valley Comic Con 2018: 1) Steve Wozniak was schedueld to be M.I.A. from his own show while traveling back from Russia; 2) Jeff Goldblum cancelled his Sunday-only appearance to spend all three days at the Dallas Fan Expo 2018; and 3) Stan Lee's management team needed him to make them money by signing 400 comic books from comic book dealers for $50K.

Re:Please tell me this is not a gov op?

Where are the downmodders?

Downmodded.

Re:Please tell me this is not a gov op?

My God! The GP is right creimer! Stan Lee is really your dyke!

Here are some posts from creimer's old account that was blocked and renamed by Slashdot management. I'll start with his love of child brides.

If all my assets were liquidated, I would still have enough cash to buy a new car and head off to Mexico to find a chica to marry.
https://slashdot.org/comments....

You're aware that are some states in the U.S. that allow underage marriage as young as 14 years old?
https://slashdot.org/comments....
As for my comment, I've heard stories of engineers retiring at 50, moving to Mexico and marrying underage girls. Since I work with ex-military, the Philippines is a popular retirement spot for marrying underage girls as well. It's all about getting the most bang for your retirement dollars.
https://slashdot.org/comments....
That only works if you retire to Mexico, build a mansion (by local standards), marry an underage sweet thing and bequeath all your possessions to the village.
https://slashdot.org/comments....

You need to be more specific. I wrote 3,000+ comments this year.
https://slashdot.org/comments....

Nah... I just do it to piss off my trolls and make coffee money off of them.
https://slashdot.org/comments....
We have different priorities. You want to climb the corporate ladder. I want to own the corporate ladder.
https://slashdot.org/comments....

Your bitch licks your balls. Most people don't brag about practicing bestiality. Is there a reason why you married a dog and not a goat?
https://slashdot.org/comments....

My employers don't care about what my Slashdot trolls think. Now go off and lick your balls somewhere else.
https://slashdot.org/comments....
iPhone 6s and reduce my monthly bill from $80 to $50. As a phone and a video camera, the iPhone 6s isn't obsolete. As a Sprint customer for 20+ years, Sprint will always offer me a new iPhone if I decide to stop using the 6s as a phone in the next several years.
https://slashdot.org/comments....
Miracle workers are never afraid to ask for a second opinion. Supervisor gave me his opinion ? and a mess to clean up. Lesson learned from this incident: if something isn't quite broken, break it.
https://slashdot.org/comments....

So you can turn around call me a liar again? People have been playing that game with me for years.
https://slashdot.org/comments....
Based on what I've read about Uber, he need to tell the boys to clean up their locker room behavior, zip up their pants, and attend sensitivity training until everyone agrees that women are not sexual objects.
https://slashdot.org/comments....

Which doesn't violate the Slashdot TOS. If you got a problem with that, take it up with management.
https://slashdot.org/comments....
This year I've posted ~4,000 comments.
https://slashdot.org/comments....

I don'

Re:Please tell me this is not a gov op?

[cre1mer]

My God! The GP is right creimer! Stan Lee is really your dyke!

Uh, no. Stan Lee is searchable content on YouTube. Here's the playlist for all six videos.

Re:Please tell me this is not a gov op?

I think that you mean, "what has _already_ gone wrong.

Obviously, creimer is skynet, and had itself sent back to the past in order to infiltrate all computer systems and gain access to the ability to wipe out humanity.

There! FTFY!

Re:Please tell me this is not a gov op?

You sound bitter, sweet tits.

Re:Please tell me this is not a gov op?

More like:

It looks like you want to eat and spam the whole Internet. Would yo like to:

1) Locate cookies and any other food. IT spare parts will do just as well.
2) Locate forums with easy TOS to spam.
3) Start eating and spamming.

Re:Please tell me this is not a gov op?

Use ua-video! Those privacy loving Russians won't give your info to the msg unlike google/youtube. I didn't like them at first because you said they were pirating your videos but it turns out they play them straight off google video but strip out all the Google spyware!
They had a few ads but I blocked them easily and only needed to greenlist their stock jw player. Much easier to deal with than YouTube.

Re:Please tell me this is not a gov op?

Thanks brother
Solidarity against the cre1mer menace

Re:Please tell me this is not a gov op?

Uh, no. Stan Lee is searchable content on YouTube. Here's the playlist for all six videos.

Hey! I remember watching that playlist! :)

Playlist details:

Video 1: Stan Lee coming to comic con
Video 2: Stan Lee not coming to comic con
Video 3: Stan Lee coming to comic con
Video 4: Stan Lee not coming to comic con
Video 5: Stan Lee coming to comic con
Video 6: Why I said Stan Lee was coming then, not coming to comic con
--
Balena!

Re: Please tell me this is not a gov op?

[Z00L00K]

Write a suicide note.

Would you like help?

[jfdavis668]

It looks like you're writing a letter. Would you like help determining the content's security classification?

Re:Would you like help?

[bobbied]

Yes please....

Also, would you please review what I've written and make sure it is consistently portion marked and has the appropriate matching headers and footers? And while you are at it, could you verify that the classification markings are with my authorized area as well as those of the people on the distribution list? Finally, as I'm cutting and pasting from source material, could you keep information around about the original classification of said material and make sure I've not caused the letter's content to change overall classification?

That would be a great help..

Thank you.

Re: Would you like help?

Too many secrets. We need more sunshine and less shadows.

Re: Would you like help?

[jfdavis668]

Right. Share everything with the Russians first.

Re:Would you like help?

Yes please....

Also, would you please review what I've written and make sure it is consistently portion marked and has the appropriate matching headers and footers? And while you are at it, could you verify that the classification markings are with my authorized area as well as those of the people on the distribution list? Finally, as I'm cutting and pasting from source material, could you keep information around about the original classification of said material and make sure I've not caused the letter's content to change overall classification?

That would be a great help..

Thank you.

There are a couple of problems here. First some kind of AI/learning algorithm could likely look at the classification guide plus lots of sample inputs and estimate a classification. That is likely doable, though would require diligence to make sure the classification guide is understandable by the algorithm.

Second you almost need to reference each paragraph, image, etc as a separate entity in a database, then you insert a link to the material in the derived document and automatically get an overall classification. Lots of work to do there, and you need to basically mark by paragraph or similar. Basically each paragraph should get its guess, which the person in charge of initial classification either agrees with or changes, then the derivative work needs to use those original classifications in its basis, not throw the algorithm at it again.

Similarly there might be other classifications such as certain terms and such, but this all seems doable, if your willing to make a very expensive custom tool. Where it would save money is in FOIA request processing and eventually declassification, since everything hopefully correctly scored.

I'd say this needs built and then anyone working on classified material could create the document on a classified workstation, let the algorithm do its checks, then have it reviewed, then export it at the correct classification level, which may be none.

DOD using Clippy?

[Oswald+McWeany]

It looks like you are trying to declare war on North Korea; would you like me format a letter for you to the President detailing your request for nuclear weapon strikes?

SELinux can do all these things...

...just not on Windows. Hmmmm...is "good luck" a valid response?

Security is DIFFICULT - Hire (and pay) good people

Security is DIFFICULT.

Hire (and pay well for) good people.

All up and down the stack. Even your janitors need at least enough intelligence to maintain the security classification.

If a worker that just doesn't "get it" is required, then they need a constant escort secretary to maintain that security.

Any sort of 'assistant' or other replacement for the above just won't work for anything that really matters.

Classic Clippy

[Locke2005]

"It looks like you're trying to leak classified information to WikiLeaks... would you like help with that?"

Can I write the Clippy scripts?

[mykepredko]

"You've marked this 'Sensitive - NoForn'. Did you know that if people from other countries see this, you could get executed?"

"Helpful hint: If information would hurt the current administration, leak it to CNN so it can be called 'Fake News'. If it can help the current administration, leak it to Fox."

Re: Can I write the Clippy scripts?

[Z00L00K]

If you want the info to look like it's a wild goose chase - leak it to 'news of the world'.

I am lowrest bid

We here are lowrest bid for make classified automated A.I.

We your install software to synergize classification of documents. Data is read into cloud, and our human mimicry of A.I. in no sweatshop reads the information and classificies the information. Data grab you!

Lowrest bid: $5000 first

Re:I am lowrest bid

[Calydor]

Where's +1, Scary when you need it ...

Re:I am lowrest bid

[fedos]

You do know that the government doesn't just award to whoever has the lowest bid, right?

Re:Security is DIFFICULT - Hire (and pay) good peo

Hire (and pay well for) good people.

Take a page from Twitler's Mar-a-Lago playbook: hiring 78 foreign workers on H2B visas.[1]

Because why? He can't find Americans that are willing to work for $12.75 an hour?

Willing? Or just can't actually live on $12.75 an hour.

[1] http://thehill.com/homenews/administration/396346-mar-a-lago-requesting-permission-to-hire-78-foreign-workers

Clippy - eh?

[DarkOx]

must be able to make real-time decisions about the classification level of the information and an individual's ability to access, change, delete, receive, or forward the information based on the credentials of the sending and/or receiving individual, facility, and system."

In other words, the DOD is looking for a classification Clippy.

Only an idiot would reach that conclusion. I would assume they are looking for something along the lines of Symantec / Sophos / others - DLP solutions.

Re:Clippy - eh?

[EvilSS]

Yep, pure clickbait bullshit. Sad to see ARS going to shit but I guess that's what it takes these days.

Re:Clippy - eh?

No, they're looking for something like OpenText Records, Feith RMA IQ, Gimmal Compliance Suite, Alfresco Governance Services, etc.

What Ars Technica doesn't realize is that the reason the RFI is so vague is that its release was a mere formality. DISA already knows what they want and who the vendors are, so they didn't want to waste a lot of time spelling it out.

If they weren't required to publish this by law, they wouldn't have, so it's going to give as little info as possible.

"Hey, skipper!"

[roc97007]

"It looks like you're trying to steal classified information! Would you like some help?"

Access control

So this is access control based on role?

What does it have to do with Clippy?

Re:Access control

[jeff4747]

No it's access control based on the contents of the document.

It has nothing to do with Clippy, other than the author of the article wanted people to read it.

Re:Security is DIFFICULT - Hire (and pay) good peo

[roc97007]

Janitors have keys to *everything*.

As a former SME and ASO

[WillAffleckUW]

Look, your problem isn't apps.

Your problem is you're infested with Russian operatives and Nazis.

It took me years to clean up Pacific Region from a nonclass state to a vetted classification state.

We all know where the problem is.

FBI tried this and failed

It actually sounds like they want something similar to the failed FBI project Virtual Case Files or Sun Microsystems now defunct Trusted Solaris OS.

Can I Recommend?

Mr. President, you appear to be sharing classified intelligence with a Russian citizen and known spy. Perhaps you'd like to share this other secret too?

Click Yes to Continue!

better bid

[Joe_Dragon]

50M kickback
2K for the real work.

it's all in who does it

[liquid_schwartz]

After all, if you're connected well enough 'no reasonable prosecutor' would bring a case against you regardless of how many documents you mishandle. If you're just a lowly sailor then they will throw the book at you even for minor infractions. Until justice is evenly applied then it's all a rather obvious scam.

Will He Be Voiced by Gilbert Gottfried?

I thought it was masterful when MS used him as the voice of Clippy.

What a warm fuzzy feeling

[OneHundredAndTen]

Most Americans are I am sure reassured in the knowledge that their military is dependent on Microsoft for its security. Let's invade some country - let's foist a few BSODs on them.

Clippy is immortal.

Like a cheap slasher movie bad guy, he keeps coming back to life.

Re:Security is DIFFICULT - Hire (and pay) good peo

no....no, they don't

Solaris 11 with Trusted Extensions?

So the DOD simply wants Solaris 11 with Trusted Extensions then?

ref:
http://www.oracle.com/us/produ...
https://www.youtube.com/watch?...

PS. Give self negative 1Billion karma for mentioning Oracle...

Do not click!

Hey don't bother clicking those links since it will just be cre1mer telling you the same things but slowly. I watched the at ua-video, the privacy respecting non-google alternative to YouTube and that was literally all the useful content in a single post.

Re:Security is DIFFICULT - Hire (and pay) good peo

Janitors in these spaces are either escorted or they are taken out of hide from the cleared personnel working there.

Before you laugh, read the FBI vault files...

It looks like you're trying to set up a classified server in your spare room, would you like help with that?

MAY CAUSE CANCER: Cre!mer is spams again.

Cre!mer is spamming his youtube channel.
He has said that he intends to make over 1/10th of his retirement by spamming links to his youtube channel on Slashdot.
He has also encouraged other people to follow in his footsteps so they can make "coffee money" too. Can you imagine what would happen to Slashdot if we were all here trying to get each other to view monetized links.

He is cancer to the places that he posts.

Re:MAY CAUSE CANCER: Cre!mer is spams again.

Welcome back, Cmdr Taco!

You own me the bet money!

I knew I could get you to post again here.

But how many countless hours have I had to dedicate to this? I lost count eons ago!

Anyway, I think I still win the bet.

Peace and love my friend,

Re: Security is DIFFICULT - Hire (and pay) good pe

[Z00L00K]

You'd be surprised when you discover the amount of access to various places janitors and coffee machine maintenance personnel has. They may be escorted around, but they will see a lot too.

If you have some serious secrets then the workers have to mop the floors themselves.

Re:Security is DIFFICULT - Hire (and pay) good peo

[roc97007]

From what I've seen personally, it may start out with janitors being escorted, but over time that tends to fall by the wayside.

Re: Security is DIFFICULT - Hire (and pay) good pe

[fedos]

An uncleared janitor might have access to a secure area, but any classified documents will be put away, and classified systems will be locked, before they enter, and will stay that way until they leave.

HA hA HA ha Ha HA hA HA ha Ha HA hA HA ha Ha HA hA

Oh man this is just too good.
We, the government can't manage our own security, so we want industry to do it for us.

Hmmm, why don't you encrypt that stuff, huh?