Strangling OSINT, Weakening Defense, Censoring Criticism: The Pentagon

April 29th, 2009 by zen

What is disturbing to me is that Lind indicates that the previous policy, which left IT restrictions up to commanders, seems to be coalescing behind one of systemic, tight, restrictions on access for all uniformed personnel to all kinds of blogs or websites that do not jeopardize information security. Or may even be useful to the conduct of their mission. The previous excuse by DoD bureaucrats was “conserving bandwidth” but it’s hard to see how esoteric sites like the Center for Defense Information or some university PDF on Islamist madrassas in Pakistan clog up a combatant command’s skinny pipes.

Intel and cyber experts in the readership are cordially invited to weigh in here.

ADDENDUM:

Professor Sam Liles offered up this manifesto on cyberthreats and cybersecurity.

ADDENDUM II:

Fabius Maximus, Ubi war and Wings Over Iraq took a similar view ( Wings though, added “Curse you Zenpundit!”).

ADDENDUM III THE COUNTERPOINT:

Galrahn says Bill Lind does not understand the legitimate cybersecurity aspect that causes blogs and websites to be blocked and then offers some practical advice to the blocked bloggers (such as myself):

….but I’d bet at least 5 shots of Canadian Whiskey (I’m a Crown Royal fan until summer gets here) that the problem that triggered his rant doesn’t originate in the DoD or any government entity, rather the private sector.

But I will say this. There are several legitimate reasons why websites, blogs, and other forms of social media sites on the web are blocked. If your website or blog is blocked, please understand you can do something about it besides whine.

Use Feedburner, or some other form of syndication software to distribute your content, including by email. Organizations including the military may block Blogger but typically they do not block syndication service sites because from an IT perspective, syndication services like Feedburner is a better way to manage bandwidth for larger enterprises. If an organization is blocking syndication sites too, then your organization has a very strict IT policy, BUT if your favorite websites are distributing content by email, problem solved

I used Feedburner previously with my old blogger site when Feedburner was in beta but when it was purchased or absorbed by Google, that account went dormant. I think I will ressurect it and then look into Galrahn’s other suggestions.

Page 2 of 2 | Previous page

Posted in defense, dni, government, hierarchy, intelligence, IO, military, military intelligence, military reform, national security, organizations, OSINT, politics, reform, tech, war, warriors, web 2.0 | 10 comments

Previous post: Early Announcement: Xenophon’s Anabasis Roundtable
Next post: The First 100 Days and Threats in the Age of Obama

10 comments on this post.

Lexington Green:

April 29th, 2009 at 4:16 pm

In the minds of some senior persons it is 1909, not 2009, it seems.
.
The bureaucracy "does its thing", as always.
OODA Man? Not the Pentagon « ubiwar . conflict in n dimensions:

April 29th, 2009 at 9:41 pm

[…] information access to one’s own militaries has a healthy and regrettable recent pedigree too. Zen and Fabius Maximus have already picked up on this but William Lind has a new piece on the […]
Eddie:

April 30th, 2009 at 3:26 am

I left a comment over at Galrahn’s. He needs to get on a ship out to sea and experience some of that underway internet:——I cry foul on this because when I was out to sea on the Kitty Hawk and the Abe Lincoln between 04-07, we could get all the ESPN, CNN, Flickr, etc. we wanted, but if I were to check out any number of blogs (Zenpundit, Coming Anarchy, Daily Dish, Milblogs, etc), I was more often than not denied. There was an absolute no blog and no Google apps (Reader, Docs, etc.) rule on the Hawk in my last year there which drove me batty and made zero IT sense when guys could still hit up Adultfriendfinder and nearly every sports site known to man. —— I never noticed bandwidth being the rationale. It was a very anti-blog, anti Web 2.0 attitude from them when I would go down to carp about it. —–
Eddie:

April 30th, 2009 at 3:31 am

Not to mention we all knew for a fact IT guys were DLing large files for various games b/c the more unscrupulous ones would be pirating files to sell on the mess decks and on the Lincoln’s Post-Its Sell Board. How else is an IT puke going to be hawking pirated files of the new Madden 07 on Sony’s PSP when we haven’t hit a port for weeks and mail call is 4-5 days late?
Matt:

April 30th, 2009 at 3:45 am

Wow, this is something I was not aware of. I have been using feedburner for awhile, but I did not realize that this was it’s potential upside. So thanks for the info and I will pass this on to my military readers.
Galrahn:

April 30th, 2009 at 6:16 am

<i>There was an absolute no blog and no Google apps (Reader, Docs, etc.) rule on the Hawk in my last year there which drove me batty and made zero IT sense</i>

Eddie I feel your pain man. That is a software limitation. Keep in mind the social software rule on most of these applications effects a lot more than just text blogs. For a long time versions of web filter software did not separate categories of social media, although more configuration options are now being sold as new features in new releases.

However, from experience I can tell you at least two of the software venders still requires IT staff to manually change the rules after an upgrade to take advantage of these new features and enable different types of social software.

Every complaint I have see on this issue, including Lind’s, is often rooted in the limited capabilities of the software used for filtering websites (a technology problem, not a human problem). Remember, the web filtering software on most bases is the same variations of COTS software used in public and private industries nationwide, and the contracting decision that determined what base/ship/etc. uses what software is based on a security, support contract, and other factors like lowest bid.

If Lind had asked a basic question, like what web filtering software do the specific places he is blocked from use, he would learn something. He would probably also find a consistent pattern, specifically, why he is being blocked and if it is a specific software vender. When results are random, as they are for CDI.ORG, it is usually because one vender has a site flagged in the wrong category. For the record, it should also be stated that venders no longer have humans flagging sites, sites are flagged by smart software crawling the web, and those crawlers are not perfect.

There is no single standard for web filtering software across the DoD. Often, one command is using a different filtering software than another command in the same city, or even the same facility, if each command has two different pipes out. For example, I have seen scenarios where on the same base depending upon where you were (which pipe you were using to the internet), half the base could get to sites the other half could not, and it was different because both pipes used different software to filter web traffic, each with different inherent configurations (vender determined) based on a standard set of rules applied. Said another way: the category that blocked "Social Software" meant something different to each application.
Recommendation to read - “Blinders”, a new essay by William Lind « Fabius Maximus:

April 30th, 2009 at 1:12 pm

[…] “Strangling OSINT, Weakening Defense, Censoring Criticism: The Pentagon“, Zenpundit, 29 April 2009 […]
Eddie:

May 1st, 2009 at 1:34 am

Galrahn, I appreciate your overview of the convoluted software situation. However I was expressly told that blogs were a no-no. I ran into this situation when my Senior Chief from a prior division I worked in who was on an e-mail distribution list I used to send to people in my Sunday night boredom asked me to compile resources and info for two of his people who were going IA to Iraq. Upon trying to access Small Wars Journal, Global Guerillas, Aqoul and a few other blogs and sites, I ran afoul of the new ITC @ ADP. He wrote in an e-mail I forwarded to this senior chief and others that blogs were a no-no. Three weeks later, I noticed I could access CDR Salamander b/c it was a popular blog for a few squadron khakis. I pestered the ITC about that and was told to focus on my job, not network policy. ***2****Yet again, I can access ESPN and other bandwidth hogging sites that had no business being authorized for viewing out to sea, which anybody with an eye towards conserving bandwidth would have had added to the application to block (which I do at work in my civilian job now on a weekly basis using Barracuda software based on the input of our CFO).
Ann:

August 2nd, 2009 at 10:16 pm

But the fact that websites of American organizations whose views differ from DOD’s are also blocked points elsewhere. It suggests political involvement. Why, for example, is access to the website of the Center for Defense Information blocked? CDI is located in Washington, not the Hindu Kush. Its work includes the new book on military reform America’s Defense Meltdown, which has garnered quite a bit of attention at Quantico.

It’s gotten worse. Now the private company TrendMicro is censoring CDI through its TrendMicro Client/Server Security Agent software. (This is required to be on my computer by my company, though I have discovered a workaround.) They have rated the http://www.cdi.org site and its subpages as "Dangerous"… dangerous indeed!
Larry Dunbar:

August 3rd, 2009 at 5:27 pm

"It’s gotten worse. Now the private company TrendMicro is censoring CDI through its TrendMicro Client/Server Security Agent software."

The enemy is not in front of the leader, but behind; love your enemy. This is probably why empowering employees is given mostly lip-service by those in leadership roles. It works, but they don’t like it and don’t even implicitly believe in it.