Sun

Sep 10
2006

Tim O'Reilly

Tim O'Reilly

More on Laptops at War

An anonymous commenter left a thought-provoking comment on Marc's recent blog entry about Doonesbury's coverage of how the ability to keep in contact with folks at home changes the face of soldiering. I thought it was interesting enough to promote to the top level:

Of course you miss the flip side, every article I have seen about this always does. The problem with soldiers having all of this technology is that they don't give a damn about security of the Gov't network or those that use the network.

It's not that they don't know about security, we teach them the basics, a large number just don't care. They ignore the regulations, rules and often do their best to bypass the security measures.

I'm not talking about operational security (OPSEC), but computer security. People will put crap on their home computers, then transfer it to the Gov't systems. They will bridge multiple networks at the same time (usually unclassified and MWR), install programs or watch media from questionable sources that are often infected with malware. You wouldn't believe the number of times we have a Sony Rootkit show up on one of our networks, or the number of machines with active wireless cards that anyone can connect to.

The usual reponse we get is something along the lines of "We're fighting a war here, we don't have time for this."

But they have to learn how to make time:

http://www.gcn.com/print/25_25/41716-1.html

...I'm glad I was over here, but I will really glad to get away from this nonsense for good.


tags:   | comments: 4   | Sphere It
submit:

 
Previous  |  Next

Subscribe to Comments on this Entry:

0 TrackBacks

TrackBack URL for this entry: http://blogs.oreilly.com/cgi-bin/mt/mt-t.cgi/4901

Comments: 4

  aardvark [09.10.06 10:52 AM]

I believe you are mistaken. People are generally ignorant about things that do not interests them. And, if you study people long enough you will discover that they will try to unlearn things that have been taught to them if they are not interested, but even more so if it requires work or change to desired behavior to adhere to the teachings. Anyhow, that is a whole different topic. We all know the weakest link in security is the human. Microsoft knows it, the linux community know it, and security professional programmers know it. If we all know this, what do you think the solution is? I say sue, sue, sue until manufacturers quit producing systems, products, software, and other devices which harm and cost consumers money. I suppose if you click "OK" on the license agreement, having read 45 pages of small print with at least one escape clause that says something like, "We're not responsible for damages or expenses caused by our software" then it must be ok to have insecurity or other costly oversites in the software or whatever.

  aardvark [09.10.06 10:54 AM]

I don't think my sarcasm or joke conveyed very well in the previous post. I do NOT condone suing. The only people that truly gain from lawsuits are the lawyers. Still we need to address the root problems where we have the most control. We cannot control humans nearly as effectively as we can the systems or devices they interact with.

  Anonymous [09.11.06 01:30 AM]

As the person who wrote the original comment, I just wanted to say many of the people causing a problem know better. Often they are the ones who are supposed to prevent the problem. It is not uncommon to find that they are the ones breaking rules for friends or because they feel it is "their network."

For the units that deploy, they know what is allowed back in the States. Why would they think the rules in a combat zone should be more lax? They try things here that would never be allowed back in the States. Some people try to explain this away by saying it "improves the soldier's morale."

Some organizations purchase equipment off of the economy because they did not want to wait for shipping. Sometimes this is in a place where the locals fire mortars at night and take your money during the day. According to them nobody checks the firmware or code running on the gear to verify that it has not been altered.

People unplug network monitoring systems so that they can access web sites or use applications that are supposed to be blocked. They turn of span ports on switches so the IDS will not see all of the network traffic; then it cannot report them. Sometimes they just unplug the IDS or Websense.

Part of this problem is the turnover ratio. So many systems and people are entering and leaving that it is a lot of work keeping up. Mainly because the networks were not designed right in the first place.

When the networks were first created "temporary" measures were taken. We all know how long "temporary" measures last. After a while many people just give up and don't really try, they look at it as "things are better than they were x years/months ago."

A topic that would take far too long to discuss is the politics of different units, branches and commands. Some work great together, others seem to go out of their way to cause problems. Especially between different contractor companies that are concerned with someone else getting "their contract".

In short people will do what they can, because there is almost no accountability over here. Break the rules and you *might* get told not to do it again.

  Steve Loughran [09.11.06 06:30 AM]

It's hard to blame the individuals for their laptops when you consider that GSM phone handsets are probably more of a security risk.

I know someone who worked in telco management tools who said that you could track nato troop movements through former yugoslavian regions through the GSM handset registrations -and even identify the country. 50 italian numbers roaming in one cell, 20 UK numbers in another, etc, etc. In kosovo the cellphone service was provided by the serbians...

Post A Comment:

 (please be patient, comments may take awhile to post)






Type the characters you see in the picture above.