WASHINGTON (AP) - The chairman of the Joint Chiefs of Staff
looked on as Pentagon cyber-warriors clicked away at their laptops and
showed how would-be terrorists could find his son's home address.
Army Gen. Henry Shelton then got a demonstration of how a skilled
adversary might combine publicly available biographies and contractor
information on military Web sites with a few well-placed phone calls to
pin down the dates of highly classified nuclear exercises.
The classified briefing, held in Shelton's Pentagon office, was then given
to other generals and admirals as well as senior civilians, generating a
momentum that has led the military to order a massive scrub of its vast
network of Internet sites.
Deputy Defense Secretary John Hamre said military Web sites offered
adversaries ``a potent instrument to obtain, correlate and evaluate an
unprecedented volume of aggregated information'' that could, when
combined with other sources of information, ``endanger Department of
Defense personnel and their families.''
Instituted Dec. 7, the policy change has touched off a debate as some
critics argue the Pentagon went too far in restricting the information it
makes public on the Internet.
In response, defense and national security officials have become more
willing to discuss, on condition of not being identified by name, the nature
of the risk their detailed review of military Web sites revealed.
``There was information that was potentially tactically useful to an
adversary, the kind of thing where if someone really wanted to do harm
to your personnel, it could facilitate them in undertaking an attack,'' said
one senior defense official working on Internet security issues. Another
national security official called the briefings ``eye-openers'' that startled
commanders.
The briefings stemmed from work done in 1997 and 1998 by Pentagon
``red teams,'' a term associated with a notional enemy force in war
games. Team members tried to learn how much mischief they could do
by skillfully scanning military Web sites, without any sophisticated
hacking. They showed Shelton, himself a former special operations
specialist, how his own biography posted on a military Web site
combined with non-military databases could quickly lead a terrorist to the
home address of one of his sons living in Florida.
The red teams found detailed maps and aerial photographs of military
installations that would help anyone planning a strike or a terrorist action.
These were the kinds of pictures, one senior official noted ruefully, that
the United States spent billions to get during the Cold War through its spy
satellite network. Now the United States was giving such imagery away
for free on the Internet.
Senior officers were particularly concerned when one of the red teams
was able to combine a variety of data and make highly accurate estimates
about the timing of nuclear weapons drills, exercises and readiness
checks, according to two senior national security officials familiar with the
briefings.
Biographies of individual commanders of units likely to be involved in
such operations combined with phone calls to those commanders' bases
yielded information about temporary duty assignments in Nevada at
installations involved in nuclear weapons handling. Military Web sites
containing contractor information, particularly formal requests for bids to
supply particular security equipment, helped further hone this detective
work, according to the officials.
Cleaning the military Web sites of potentially dangerous information has
proved a monumental task. Bill Leonard, a top Pentagon information
security official, said the military was unsure initially how many Web sites
it had, and even today can only provide an estimate. For a time, the
Army completely closed off access to its 1,000 Web sites. Now back on
line, the Army's Web sites have been substantially trimmed, as have those
of the other services. Entire Internet addresses have been put off limits,
with the terse message on the computer screen that information
previously available has been removed for security reasons.
Some think the scrub of military Web sites has gone too far.
``This is a wartime information policy,'' said John Pike of the Federation
of American Scientists, a Washington-based research group that follows
military and intelligence matters. ``All kinds of program information is
being withdrawn. Almost anything that discloses what an agency actually
does, beyond a brief mission statement, is going away.''
The Federation is pursuing release of some of the deleted information
under the Freedom of Information Act. In its filing with the Pentagon's
security review office, the Federation said anything released as a result of
the complaint should come in electronic form so the Federation can post
the information on its Web site.
To date, the Pentagon cannot point to a specific incident where
information posted on a military Web site resulted in harm to U.S.
national security.
``The menacing scenarios have remained just that - only scenarios,''
according to George Smith, editor of The Crypt Newsletter, an online
publication dealing with computer security.
But the Pentagon says it has solid electronic evidence that foreign
countries, including some adversaries, are regular visitors to U.S. military
Web sites.
Copyright 1999 Associated Press. All rights reserved. This material may
not be published, broadcast, rewritten, or redistributed.
-- Deborah (tired@bed.time), February 16, 1999
Answers
"Team members tried to learn how much mischief they could do by
skillfully
scanning military Web sites, without any sophisticated hacking."
Last summer while doing research on the DoD's Y2K status, I was amazed
at the kind of info available on their websites I searched. Detailed
info on personel, with addresses and phone numbers. It struck me as
rather irresponsible from them.
-- Chris (catsy@pond.com), February 16, 1999.
Hey all,
I posted the preceeding Pentagon snippet because on an earlier thread
there was discussion about military issues based upon bits and pieces
of information gathered from different sources and subsequently pieced
together....
"Senior officers were particularly concerned when one of the red teams
was able to combine a
variety of data and make highly accurate estimates about the timing of
nuclear weapons drills,
exercises and readiness checks, according to two senior national
security officials familiar with the
briefings."
Snip
I thought this was interesting as well:
"`This is a wartime information policy,'' said John Pike of the
Federation of American Scientists, a
Washington-based research group that follows military and intelligence
matters. ``All kinds of
program information is being withdrawn. Almost anything that discloses
what an agency actually
does, beyond a brief mission statement, is going away.''
Snip
Well, I can understand personal safety issues.
Although, I think taking pesonal information off, is a little
different than 'anything disclosing what an agency does'.
I must go drink some coffee.
-- Deborah (need@coffee.com), February 16, 1999.
My comment to the DoD ... remember ... BALANCE, in all things, guys.
Someone has to watch you from the outside to see when you go �over the
top.� The Texas stuff does it for me! -- Diane
Key article comments: ... �a recent exercise focusing on the problem
of data aggregation revealed that even nonintelligence professionals
could easily glean sensitive information from the large volume of data
available on DOD's Web sites. "It was scary how successful [the
exercise] was ...�
FEBRUARY 11, 1999 . . . 16:47 EST
DOD, intell community study Web access
http://www.fcw.com/pubs/fcw/1999/0208/web-dod-2-11-99.html
BY DANIEL VERTON (dan_verton@fcw.com)
The Defense Department is planning a new round of World Wide Web site
security reviews in light of continuing concerns that the large volume
of information available to the public on the Internet poses a
significant risk to DOD operations, a senior DOD official said today.
According to Maj. Gen. John Campbell, vice director of the Defense
Information Systems Agency and commander of the newly established
Joint Task Force for Computer Network Defense, a recent exercise
focusing on the problem of data aggregation revealed that even
nonintelligence professionals could easily glean sensitive information
from the large volume of data available on DOD's Web sites. "It was
scary how successful [the exercise] was," Campbell said.
Speaking at a luncheon sponsored by the Armed Forces Communications
and Electronics Association, Campbell said additional surveys of DOD
Web sites are in the works, and he said recommendations for changes to
Web sites will be made available to DOD organizations soon.
Capt. Catherine Burton, staff director for the DOD-wide Information
Assurance Program, which provides oversight, coordination and budget
guidance for all of DOD's information assurance initiatives, said DOD
is working with the intelligence community to formulate
recommendations on Web access and security. "We're very seriously
looking at the data aggregation problem," Burton said. However, "you
still have to balance access with control," she said.
Campbell said DOD's Joint Task Force for Computer Network Defense,
which was designed to be DOD's front-line protection against
unauthorized network access and cyberattacks, will reach full
operational capability in June and then will be transferred to one of
the five commanders in chief. In addition, Campbell said the task
force this year will stand up a 24-hour-per-day network monitoring
watch and will begin work on contingency plans for cyberattacks.
-- Diane J. Squire (sacredspaces@yahoo.com), February 16, 1999.
Deborah,
Quick comment. When you post a story, please also include the URL
(http://www. code) where you found it, so we can check the source
document.
Thanks,
Diane
-- Diane J. Squire (sacredspaces@yahoo.com), February 16, 1999.
"Well, I can understand personal safety issues. Although, I think
taking pesonal
information off, is a little different than 'anything disclosing
what an agency does'."
I think they mean by that top secret classified documents or documents
that should not be easily available outside the USA.
At this time, you can still access unclassified documentation
easily.
Defenselink An official
DoD webpage and good source of info.
See also the page which gives many links
to other DoD agencies.
Remember that before mainstream access to the internet, we had nowhere
near the easy access to such information, and top secret documents
were still unavailable to us. If anything changed in the past 10
years regarding access to info, it's for the better IMO.
-- Chris (catsy@pond.com), February 16, 1999.
I hate when I mess up tags like this.
"My comment to the DoD ... remember ... BALANCE, in all things, guys.
Someone has to watch you from the
outside to see when you go �over the top.� "--Diane
Indeed Diane, and remember also that they have your IP address when
you enter their site (any server does, not just DoD), and that if you
don't have your automatic cookie granting permission feature disabled
you're not aware when cookies are set. Cookies give back info from
your computer (a guru could explain that better.)
From civilian servers, when they have your IP address, you're
protected by your ISP who won't give your name and address to anyone,
but they might to the gov.
-- Chris (catsy@pond.com), February 16, 1999.
Diane,
Sorry about that, I posted at like 2 a.m., I was REALLY tired. I
linked to the AP from the Drudge Report and it was there. Today World
Net Daily is also running it.
"My comment to the DoD ... remember ... BALANCE, in all things, guys.
Someone
has to watch you from the outside to see when you go �over the
top.� The Texas stuff
does it for me! -- Diane"
Balance, I agree Diane. That is what I was referring to. They go
from carelessly leaving home addresses lying around, to nothing but a
vague mission statement. Is there not a middle ground?
Chris,
Thanks for the links. The key phrase would be 'at this time' ;-)
-- Deborah (tired2@day.com), February 16, 1999.
Chris,
I do have the automatic cookie thing turned off.
I also, as a matter of course just assume they track everything I do,
e-mail or post, so it doesn't much bother me. Ever see that movie,
humm, I think it was something like "Someone To Watch Over Me?"
We all have guardian angels too. I know some by name. But that's
another topic.
I stick to the "light" side of the web, and if inadvertently find a
"dark" sided one, I leave. They can keep those secrets. The public
domain is enough of a goldmine, if you learn how to navigate it.
Diane, Information Navigator
-- Diane J. Squire (sacredspaces@yahoo.com), February 16, 1999.
Diane........
I think there's like this unwritten rule that the extreme fundies
leave you alone no matter what you write.....
Go to any other newsgroup with a high level of fundies and your
phrase "guardian angels" would be pounced upon immediately. In fundie
circles that I used to inhabit many moons ago, guardian angels were
simply evil demons in disguise.
Cat got your tongues Arlin, Nabi & others. Or does Diane have
impunity because she's a woman?
-- Craig (craig@ccinet.ab.ca), February 16, 1999.
"Or does Diane have impunity because she's a woman?"
Good to know that there is a good side to being a woman, with the
fundies ;-)
-- Chris (catsy@pond.com), February 16, 1999.
One of the few Chris.
Being "in" to metaphysics 'n all, may have more to do with it Craig.
Plus, they know by now, I DO my homework.
Diane
-- Diane J. Squire (sacredspaces@yahoo.com), February 16, 1999.
I guess I qualify in the "& Others" category. In the spirit of Big
Dog's proposal, just trying to behave myself. Everyone knows where
Diane is coming from. I may disagree with her (as she does with me),
but she's a nice lady and is at least consistent in her beliefs.
Besides, I'm usually more interested in debunking folks who say
that they are Christians (oh, excuse me, "fundies"), but who's words
reveal they are not.
So everyone who holds an orthodox view of scripture (i.e. those who
disagree with you) are all "fundies" Craig? I'm certain that my
Catholic, Episcopal, Lutheran, etc. brothers and sisters will be
delighted with that label.
-- David (David@BankPacman.com), February 16, 1999.
Diane.....I know you do your homework......I also know that the
doctrine of fundamentalists, although acknowledging the possiblity of
angels being amongst us, generally classifies those that talk about
such things as being 'of the devil' etc.
The whole arena of metaphysics is classified as 'new age' and it's
adherents referred to as being deceived by Satan, and heading to a
very hot destination. Basically, anything they don't understand is
evil in their eyes.
'Knowing your stuff' generally doesn't keep fundamentalists or
evangelicals at bay. IMHO, they are only leaving you alone because
it's not convenient to pounce on you right now. However, understand
that in their belief system, you are only part of the great Satanic
deception that is an abomination in their eyes.
If you want an eye opener into what they really think about your
beliefs, go into Pastor Chris' forum.......they might even be nice to
you for a while as long as they consider you
'convertable'.....however don't turn your back on them!
-- Craig (craig@ccinet.ab.ca), February 16, 1999.
David......define "Orthodox"......the problem with the world is that
most of todays churches are not orthodox by the original standard of
the early church. The Bible has been corrupted by men for 2 millennia
now.
No, don't read it wrong. I certainly do not classify all Christians
as 'fundies'. It is a relatively small percentage of the total
population actually. As a matter of fact, outside of the USA and
Canada, they are extremely rare. I have a good friend who is a
Pastor, originally from Scotland, and he informs me that the
'fundamentalist' mindset is predominantly an American thing. In that
mindset, God is basically a tall white-skinned right-wing military-
loving all-American who thinks all liberals are evil and America is
God's nation. Everything on a national level is good and anything
global is evil etc.
BTW, when Jesus first walked the earth, he was by no means
Orthodox.......
Funny isn't it.......the protestants were by no means Orthodox when
they broke away from Rome.....the fundamentalists were by no means
Orthodox when they separated from historical protestantism.....but
the moment someone disagrees with some of their teachings and breaks
away, they start to rant about Orthodoxy.......Go figure!
-- Craig (craig@ccinet.ab.ca), February 16, 1999.
Craig, it may surprise you that we spend little to no time discussing
metaphysics or any other non-Christian beliefs. On the
contrary, we mostly discuss Y2K from the perspective of our shared
Christian beliefs. Sorry if we don't live up to your sinister
characterization. Most of us visit both this forum and that one every
day. They both serve a purpose.
-- David (David@BankPacman.com), February 16, 1999.
Craig. Are you a bigot? The existence of angels is a doctrine of the Roman Catholic church. There are a billion of us. We just won't go away, will we?
-- Spidey (in@jam.com), February 16, 1999.
David......
So then are you saying that you would not classify the miracles of
Jesus as being metaphysical?
-- Craig (craig@ccinet.ab.ca), February 16, 1999.
Craig, obviously you want to pursue these questions further, or
more probably you're just in the mood for a debate. As time permits,
I'll gladly engage, but not here. It's way off topic and I'm
trying to behave myself over here. Why don't you post your
topics/questions over on Pastor Chris's? I'm sure you know the way.
-- David (David@BankPacman.com), February 16, 1999.
Spidey......
I don't know how you manage to twist what I say so badly.....
I personally believe in angels........I was not criticizing anyone
for believing in angels, rather making a point that talking to angels
was generally considered a very bad thing in fundamentalist circles.
My point was this: Although most 'fundamentalists' say they believe
in angels, from a practical point of view, when anyone says that they
have spoken with angels or heard from angels, they generally assume
that these are 'Satanic apparitions' and are in fact inherently evil.
Come on Spidey......even when I'm on you side you want to take a dig
at me....Sheesh!
-- Craig (craig@ccinet.ab.ca), February 16, 1999.
WOW! That was SOME "Satanic apparition" that spoke to Mary, huh?
Craig, you seem to be contradicting yourself.
-- Gayla Dunbar (privacy@please.com), February 16, 1999.
Gayla....
Are you deliberately twisting what I say or actually trying to be a
jerk?
Mary saw an Angel sent by God.
For the very last time.....for those who just don't get it......my
point is:
If you were to tell the average fundamentalist that you had been
speaking with your guardian angel, the average fundamentalist would
tell you that you had been deceived, and were actually in contact
with a demonic being posing as an angel of God.
Tell me Gayla, do you think that channelling spirit beings is of God?
Do you believe that talking with your guardian angel is a good thing?
Other fundamentalists, please feel free to answer.
-- Craig (craig@ccinet.ab.ca), February 16, 1999.
This is a topic worth pursuing, but in a different forum. Craig,
could you please repost this in Pastor Chris' forum and we can
convene there?
-- Franklin Journier (ready4y2k@yahoo.com), February 16, 1999.
Fascinating how we can move from the Pentagon to dark angels, in a New
Yourdon minute, isn't it?
Diane *Sigh*
-- Diane J. Squire (sacredspaces@yahoo.com), February 16, 1999.
Actually, Diane, you were the one who brought up guardian angels out
of the clear blue sky. I don't mean to be critical, because I think
your statement was pretty harmless (albeit completely out of left
field). I know it was probably totally innocent but it highlights
the need for sensitivity to others' religious beliefs from all
sides (i.e., it's not just Christians who need to tread lightly if we
want to avoid thread drift like this).
-- Franklin Journier (ready4y2k@yahoo.com), February 16, 1999.
I'm trying to be a good boy, just like David, and not discuss
religion too much on this forum. But religion is fair game on Pastor
Chris' forum, so if anyone wants to get into a good long discussion of
angels over there, count me in:-)...
-- Nabi Davidson (nabi7@yahoo.com), February 16, 1999.
The angel of the Lord encamps around those who fear Him, and rescues
them.
Psalm 34:7
-- Fundie (knockin@heaven.door), February 16, 1999.
Craig, I'm disappointed that you are unwilling to discuss this off of
Yourdon's forum. I think great restraint has been shown by a lot of
Christians here. Big Dog made an honest, heart felt request, and most
are abiding by it.
The point that I was trying to make to you, is that you can't lump
every Christian and every belief into one. Most of the people on this
forum INCLUDING a lot of the Christians are VERY frustrated when Y2K
is lumped together with the second coming of Christ. A lot of people
now see Y2K as some type of "Right-wing wacko religious idea" thanks
to certain members of the media.
Yes, I believe in angels- (spirits) clean and unclean- or Godly and
ungodly, if you will. And according to the Bible it's very easy to
tell which is which. All you have to do is ask the spirit who Jesus
Christ is. In I John 4:2 & 3, you can "read all about it."
"And every spirit that confesseth not that Jesus Christ is come in
the flesh is not of God."
-- Gayla Dunbar (privacy@please.com), February 16, 1999.
Craig,
Pastor Chris' Y2K Forum:
http://www.greenspun.com/bboard/q-and-a.tcl?topic=
Y2K%20Forum
-- Diane J. Squire (sacredspaces@yahoo.com), February 16, 1999.
Moderation questions? read the FAQ