US Military -v- Internal blogging & Access to WWW

[SWJED]

Wired's Danger Zone blog - Strategic Minds Debate Milblog Crackdown.

There are a whole bunch of interesting discussions about the Army's crackdown on blogs. But the strategic minds at the Small Wars Council have the deepest discussion of the lot...

[Tom Odom]

Oh man I got blocked from seeing it as it is a "blog"

That says it all

Tom

[wm]

Let's look at this as a great opportunity for liberals and conservatives to find some common ground from which to work.

To paraphrase the opponents of gun control:

"When blogs are made criminal, only criminals will have blogs."

[Merv Benson]

Reading this discussion today reminded me that my cousin who works in an administrative capacity for the National Guard in another state is not allowed to access any blog from his computer at work. That has been the case for much longer than this new reg.

[dusty]

Oh man I got blocked from seeing it as it is a "blog"

That says it all

Tom

Hmm. I'm on a Army dot mil network and haven't received any blocks on viewing any of the sites listed so far.

[Jimbo]

Well,

It all depends how much enthusiam your DOIM folks have for their job. I actually read this as more of a getting people off of the internet during the duty day. I remember when I was a battalion S-3 air some of the guys spent the enitre duty day daytrading online. Who knows.

[sullygoarmy]

E-mailed a buddy of mine in Iraq and as of now, this hasn't had any impact on computer usage or personal e-mails. We'll have to wait and see.

In Germany, there were a ton of websites restricted during the duty day, everything from sports, to personal e-mail to the usual blocked sites. You could access these semi-blocked sites after the duty day or during lunch, but not during duty hours. Of course in Iraq/Afghanistan, its always a duty day so I'm not sure how that approach would work there.

[Tom Odom]

Hmm. I'm on a Army dot mil network and haven't received any blocks on viewing any of the sites listed so far.

So am I

Depends on where

[marct]

Jimbo, Sully,

I actually read this as more of a getting people off of the internet during the duty day.

In Germany, there were a ton of websites restricted during the duty day, everything from sports, to personal e-mail to the usual blocked sites. You could access these semi-blocked sites after the duty day or during lunch, but not during duty hours. Of course in Iraq/Afghanistan, its always a duty day so I'm not sure how that approach would work there.

Surely there are better means of achieving the goal of people not going to non-duty related web sites? Wouldn't it be better to just treat people like adults, rather than naughty children, and just hold them responsible for what they do rather than telling them what they may do and having everything else cleared by others? This theme of infantalization of military personnel has come up before, and I suspect it is applicable here as well.

Marc

[sullygoarmy]

Ahhh Marc, you hit the nail on the head. Treating people like adults. The problem is, often you have those few who act like morons, hit the porn sites or e-mail home information they shouldn't. The typical military reaction is to overreact, ban all internet and have a formation! If only we could act like adults and treat our soldiers like adults. I guess my advice would to remember that the only difference between the Army and the Boy Scouts is we have automatic weapons.

[marct]

Ahhh Marc, you hit the nail on the head. Treating people like adults. The problem is, often you have those few who act like morons, hit the porn sites or e-mail home information they shouldn't. The typical military reaction is to overreact, ban all internet and have a formation! If only we could act like adults and treat our soldiers like adults. I guess my advice would to remember that the only difference between the Army and the Boy Scouts is we have automatic weapons.

Not the spiffy uniforms ?????

Honestly, it just makes a lot more sense to me to come down like a ton of bricks on some twit accessing porn than it does on the 99.99999% of folks who don't misuse the 'net. Even what constitutes "misuse" changes by functional area and individual situation (ask 120mm about that one!).

The biggest danger with Industrial Age organizations is that they historically set themselves up as the font of all knowledge and wisdom. Basically, they operate on a social contract of "be loyal to the organization and you will get security", and part of that loyalty involves giving large amounts of control over your life to the organization. What started the perception shift towards a more Information Age mindset was the failure of that social contract back in the late '60's early '70's. Nowadays, the "social" contract is more along the lines of "be loyal to your personal network and don't trust any organization - they are all liars even when hey try not to be".

Marc

[carl]

But not from the standpoint of someone who wants to win the war.

It makes perfect sense from the standpoint of a mid to upper mid-level bureaucrat in the State or Defense Dept., somebody who is going to survive the upcoming change in administrations. This somebody has made the judgement that the change in administration will result in a precipitate bug out of Iraq that will not reflect honorably (to put it mildly) upon the US.

By shutting down the soldier bloggers, they prevent the most credible and direct observers of the disaster to come from reporting what they see as they see it. This reduces embarrassment to the bureaucrats and the politicos they serve.

There won't be enough mainstream media on the spot to make any difference and nobody in the US pays attention to Al-Jazeera. So figure the whole thing as an exercise in damage control before the fact.

I firmly believe this is true and it greatly saddens me.

[selil]

Information operations whether the task be military or civilian hinges on the willingness of the participants and the acquisition of intelligence. In the process of recruiting willing participants an adversary in years gone by would actively seek the physical resting spot of soldiers and marines to listen to table talk. Finding family members suddenly on a picnic or tearfully saying good bye on the ship wharf was a sure sign of imminent deployment. In the past a spy could watch deployment patterns and discern the likelihood of a ship or MEU showing up onsite within a few days. This type of spying for first world countries became less important as satellites became more easily available, but the pattern of world conflict switched from first and second world countries to third world countries and regional based conflicts. Enter the necessity of the spy and information gathering arm for countries without sophisticated satellites and the blind eyes of information containment teams to that threat.

There is a direct and substantial relationship between cyber-warfare and information operations. In a world of instantaneous digital transmission the information operations arm moves from classifying data and providing analysis to acquisition and recruitment of human operational resources. The information operations arm of the military becomes metaphorically the long range reconnaissance and patrol arm of cyber-conflict and integral to the entirety of security. This role is not completely understood as the on the one hand those involved in information operations are busy in an acquisition mode they are also charged with guarding the garrison. This is a conflict in roles and strategy. The tools of the patrol do not meet the needed tools of the garrison.

Conflict is sure to erupt as those using normal tools of the technology culture to accomplish enculturated communication expectations are stopped. One the one hand you have a culture who is technologically sophisticated and has used technology as a primary weapon of restricted warfare. On the other hand you have a highly adaptable adversary who is willing to use the infrastructure of their enemy against them and loath to build that infrastructure. A sincere and well-trained guerrilla force with information operations skill and technical sophistication in non-state warfare has no need of building a vast array of technical tools they will literally use their enemy’s resources. Into this battle space the technology society wades with email, blogs, web-pages, satellite phones, digital cable channels, and iPods.

The fact a society knows how to use technology does not mean they are sophisticated in the building blocks of that technology. Few people could create a watch based simply on their use of that technology. Similarly in information operations few if any people will truly understand the capacity and realistic risks of information operations based on their use of email and the Internet. Principles such as meta-data are lost on the normal user of technology. For example something as simple as a picture carries with it a substantial amount of meta data besides the content of the picture. Embedded within the picture can be the camera make, model, type, software revision of the operating system, the user name, the type of computer used to connect to the camera, the date of the picture, the date of any manipulations of the picture, and even in some geographic coordinates. From one simple picture a lot of deeper information elements can be found.


In the past the commander within a battle space could count on soldiers letters home providing time displacement from when operation would occur. Should a censor not find a risky piece of information the commander could count on mail embargo's to keep possible data out of unfriendly hands for some period of time. Within the cyber-society that time displacement can and likely does vanish. How many soldiers sitting in computer tents (imagine that concept during world war 2!) have cut a conversation short because they had to go to briefing or out on patrol? What phrases did the participants use to end the conversation? Into this tiny void of feeling of loss and home front a wedge of information leakage erupts. While nobody is the wiser and none are of evil intent the simple acts can create issues. More on this in a moment.

A commander in the field could also count on geographic displacement as a method of insuring that his soldiers could not leak information willingly or even without malice. A hundred miles of desolate lifeless land is a good deterrent to soldiers carousing with locals. The technology society community no longer reflects borders or geographic displacement. A simple post to a blog or webpage stating a simple item is in fact information leakage by the soldier. Simplistic adjustments in tone, opinion, word choice, and time of posting are in fact information leakage. The search function allows for statistical analysis of the habits and opinions of a battle field asset. An active blogger intending to abide by stringent controls on content will leak through their posting habits their current state of mind, feelings about home (and associate operational tempo), opinions on operations, success and failure, and morale. To a world wide audience.
Human capital in this case is simply a matter of understanding the medium and analyzing the resultant information flows.

Operational security and planning jeopardizes the freedom of soldiers and the associated family relations. Soldiers have abided by email embargo and telephone embargo in the past as an understood response to operational security. In an environment where the tempo of conflict increases and wanes in a cycle counted over years and resolution is not likely possible in any near time the soldier will endeavor to maintain those associated ties to family and home with the tools they understand. The boon to enemy operational and information strategists is the rapid availability of information on operational strategy posted not by the soldiers but by the loved ones of those soldiers.

As I’ve been alluding to and as promised lets talk about information leakage. The principles of information leakage are not fully understood outside of a very small circle of information operations specialists. The principles of analysis and k-anonymity are fairly straightforward. With k-anonymity we can look at data that has been scrubbed to protect individuals rights to privacy and then use secondary and tertiary sources of data that have also been scrubbed of identifying information to build the identity of an individual. This same analysis technique can be used within information operations to build dossier data on military members and their familial relationships. Since there is also leakage of data on marriages, children, previous employers, and more a fundamental picture of each military member can be built. Specific unit members can be targeted based on their location and simple analysis used to find more information. In many cases members have posted full résumé’s when looking for jobs that are easily found using free or inexpensive account data. They do this because they are looking for jobs when they return of were looking for jobs when they were activated from the reserves. Normal behavior causes substantial leakage of personal information. In the commercial world we have seen similar disclosures like the Choice Point exposure done for criminal purposes using fully legal means.

An active blogger or poster may not realize just how much information they leak simply by visiting a website. The location of the connection, the operating system of the machine, the browser, the IP, the visited pages history, and so much more is available. Back track attacks are when the URL is stored in the history and poorly designed websites cache the authentication mechanism in the URL address. A dedicated adversary can look for that and use it as a method to access associated pages a user has been visiting or even the account of the user on other web pages.

The furor of military bloggers has me of two minds. I like to know what I can do to help the current members of the military and ease the hardships of service. At the same time I understand the risks and attempt to balance the fear, uncertainty and doubt with a skepticism. The mental gymnastics of ethnocentrism required to pander mental pudding portraying adversaries as cognitive midgets with luddite tendencies is a common failing. The adversaries are well trained likely in United States universities and higher-level technology curriculum's with all of the associated understanding of the technology and the politics. To ignore the aspects of guerrilla warfare where the enemy uses your own technology and resources against you in a war where information is the only force multiplier is to fail.

[Rob Thornton]

Sam,
Thanks for managing to provide some education on the risks in a manner that was both sufficiently informative yet staying in the realm of common tongue.
I think this is the kind of education we should be providing - although where (in terms of a service members timeline is a tough call) - maybe, through a portal - you want ISP access while deployed, you take the class - yes there are Information Assurance and OPSEC classes, but they focus on do's and dont's vs why's and how's. It might not even be a bad idea to offer up some further classes on how the enemy is using IO and how we can too - It is often useful to visit the enemy's sites - it provided me allot of insight into how they operate, how they see themselves etc - think of it as a recon.

It is a balancing act, but it is not going to get better solely by establishing barriers and penalties - there has to be some recognition of where the WWW /Info-spere fits.

[Ender]

http://www.politico.com/multimedia/?...o_Video-516617

This could probably fit in other threads as well but this one seems to be hot and this is relevant. I was particularly intrigued by the "dead drops" and am confounded as to how one would combat something like that...

The point at the end about the criminality of us being beat at this game is salient as well.

[Uboat509]

This reminds me very much of gun legislation. It will do very little to stop the jack-assery but it will impact law abiding people. Furthermore, I can't help but suspect that there will be some fairly significant I/O blowback from this along the lines of "You see, the Army is trying to hide its misdeeds." There is at least one person on this very site who seems to be convinced that there is some kind of huge conspiracy to conceal untold amounts of military wrong doing. There have been a few publicized incidents of wrong doing by military members ergo there must many many more that have been concealed. This will be taken as additional evidence to "prove" that.

[selil]

Dead drops or hidden channel communications can only be detected through traffic analysis.

If you watch the habits of a group of people and you see eroneous traffic (visit the baker but don't buy any bread, etc..) then you can pick it out and examine it.

Eroneous traffic might be an on-line email website (e.g. hotmail) that has somebody log in from Montanna and a few minutes later somebody log in from Dubai. That would by an interesting bit of traffic. The analysis could also be automated with heuristics for a low false positive rate. Two people in the same building though are going to require differnent tools and techniques.

[Cori]

or walk-back, but either way, it looks as if there's been a change here (although Captain Ed, who's a blogger with an excellent track record, doesn't seem to have a link for the clarification, unless I'm misreading this):

http://www.captainsquartersblog.com/...ves/009872.php

[marct]

Great post, Sam!

Similar traffic analysis techniques have been used to bust child porn trading rings, and there is actually quite a bit of information on the techniques involved. There are also a whole host of technique that Sam, quite rightly, doesn't mention - so neither will I .

I think that the important "lesson" to take from this is one that humans have had to learn time and time again - the world can be a dangerous place. Trite, I know, but something that everyone wants to disbelieve. I remember he press talking about how 9/11 changed the world - no, it didn't, it just changed how some people viewed the world; their basic metaphysical stance as it were.

The same thing is happening, to a lessor degree, to the perception of the Internet. But, while "discretion may be the better part of valour", going out into "the dark" to protect those you love is also valorous; sticking your head in the sand isn't.

Marc

[Cori]

Let me go back to where I started: doctrinally IO is responsible for electronic OPSEC as well as for the types of concerns we have generally lumped together under "information operations" (writ large), which is to say, the ability to influence audiences, hostile neutral and friendly. Now, I understand all the concern with OPSEC, we all understand the concern with OPSEC, we get it.

The problem is that in today's war (writ large) actions taken with only OPSEC concerns in mind are no longer cost free. In fact the cost might well be quite large -- which is why it is well worth while to look for ways to accomplish the same goal at lower cost. If those other means don't do the job as well, but the cost is less, well, then you have a judgment to make. The reason we've all been discussing this policy, at least as Wired initially represented it, is that it seemed not to consider the costs, or to try and find a way to seek a balance. That's why I asked earlier whether anyone knew if there were stories out there about serious security violations associated with blogs (again -- abu Ghraib, not a blog, and, again -- I'm guessing the people engaged in what those guys were doing wouldn't have been too worried about checking the regs on emailing,) because you have to know exactly how serious an OPSEC problem you've got before you can know how large a cost you should be willing to swallow.

I guess given the discussions on security (and, again, I understand the importance of that) I thought it worthwhile to put a certain frame on things.