zenpundit.com

Which would be a cool title if there ever was one.

Except it is not a title but a metaphor being used by Jeff Carr of Intelfusion in a thought provoking post at O’Reilly Radar:

Loki’s Net – The National Security Risks of Gov 2.0 and the Social Web

…Here’s an updated version of an old Trickster tale that I think is particularly relevant to the topic of this post–the national security risks associated with a more open Government in general and social software in particular.

 Loki, the Norse God of mischief and mayhem, had taken to the mountains for refuge after angering the other Gods with his latest antics. The first thing he did was build a house with four doors; one on every side so that he could see in all directions. With his Intrusion Detection System in place, Loki spent the rest of his time playing in the water as a salmon, leaping waterfalls and negotiating mountain streams.

One morning, Loki sat by a fire and considered how the gods might capture him. Since he spent much of his time as a fish, Loki grabbed some linen string and fashioned a fishing net of a size and weight sufficient to snare him. Unfortunately, just as he finished, the other Gods rushed in. Loki threw the net into the fire, transformed into a salmon, and swam away. Acting quickly, the Gods extracted the ashes of the net from the fire and, from the remnants, rebuilt Loki’s net, eventually ensnaring him in it.

Like Loki, we construct through our Twitter posts, Facebook Wall entries and LinkedIn profiles our own unique “net” that sets us up for a social engineering exploit, a financial crime, or an act of espionage.

The Trickster archetype aptly frames this discussion about the risks and benefits of bringing Government into a Web 2.0 world because the classic Trickster is neither good nor bad, but encompasses elements of both. Too often, the debate surrounding Gov 2.0 becomes polarizing. Critics are frequently grouped together as Gov 1.0 thinkers struggling against a 2.0 world, while advocates sometimes embrace Gov 2.0 as a holy quest, refusing to acknowledge any significant risks whatsoever.

I cannot emphasize enough that the surest way to slow our progress toward a more technologically open Government is to try to craft this debate in dualistic terms. Indigenous Trickster tales teach us that a more valuable approach is to substitute utility for morality. Loki and  Coyote (a famous Trickster in Native American lore) both understand how to trap a fish because they have swum as fish. Hyde writes in his book Trickster Makes This World that “nothing counters cunning like more cunning. Coyote’s wits are sharp precisely because he has met other wits.”

Read the rest here.

Just had some bizarre tech issues with WordPress. Seems to be back to normal but still checking.

Some of you – ok, a whole lot of you – have made Friendfeed subscription requests of me in the last few weeks to which I have not responded (Friendfeed is an app that manages your social networking conversations). This is intentional but not personal toward anyone.

I tried Friendfeed as a result of being on Twitter back when Robert Scoble was tweeting and blogging about Friendfeed nonstop, which piqued my curiousity. I found the format then to be annoying ( the interface may have changed in the interim) and no one I knew was using the service at the time so, after a few days, I let the account go dormant. No offense, Friendfeed may be the new 2.0 sliced bread, but I don’t have the time right now to go straighten out my account and use yet another social media platform. Maybe during the summer when I have some downtime I’ll give Friendfeed a second chance – at the moment it isn’t even on the radar.

William Lind has a new post up at Defense and The National Interest that addresses the issue of the IT restrictions on the use of the internet by military personnel. This topic has been touched on previous by others such as at the SWC, SWJ Blog, Haft of the Spear, Hidden Unities and many milbloggers, intel and cyberwonks but previously, IT policy varied across services and from command to command. That appears to be changing – for the worse.

On War #302: Blinders

At the height of the Cold War, a U.S. army corps commander in Europe asked for information on his Soviet opposite, the commander of the corps facing him across the inter-German border. All the U.S. intelligence agencies, working with classified material, came up with very little. He then took his question to Chris Donnelly, who had a small Soviet military research institute at Sandhurst. That institute worked solely from open source, i.e. unclassified material. It sent the American general a stack of reports six inches high, with articles by his Soviet counterpart, articles about him, descriptions of exercises he had played in, etc.

What was true during the Cold War is even more true now, in the face of Fourth Generation war. As we have witnessed in the hunt for Osama, our satellite-photo-addicted intel shops can’t tell us much. But there is a vast amount of 4GW material available open-source: websites by and about our opponents, works by civilian academics, material from think-tanks, reports from businessmen who travel in areas we are interested in – the pile is almost bottomless. Every American soldier with access to a computer can find almost anything he needs. Much of it is both more accurate and more useful than what filters down through the military intelligence chain.

Or at least he could. In recent months, more and more American officers have told me that when they attempt to access the websites they need, they find access is blocked on DOD computers. Is al Qaeda doing this in a dastardly attempt to blind American combat units?
Sadly, no. DOD is doing it. Someone in DOD is putting blinders on American troops.

I do not know who is behind this particular bit of idiocy. It may be the security trolls. They always like to restrict access to information, because doing so increases their bureaucratic power. One argument points to them, namely an assertion that the other side may obtain useful information by seeing what we are looking for. That is like arguing that our troops should be given no ammunition lest muzzle flashes give away their positions in a fire-fight.

But the fact that websites of American organizations whose views differ from DOD’s are also blocked points elsewhere. It suggests political involvement. Why, for example, is access to the website of the Center for Defense Information blocked? CDI is located in Washington, not the Hindu Kush. Its work includes the new book on military reform America’s Defense Meltdown, which has garnered quite a bit of attention at Quantico.

The goal of the website blockers, it seems, is to cut American military men off from any views except those of DOD itself. In other words, the blockaders want to create a closed system. John Boyd had quite a bit to say about closed systems, and it wasn’t favorable.

Read the rest here. 

What is disturbing to me is that Lind indicates that the previous policy, which left IT restrictions up to commanders, seems to be coalescing behind one of systemic, tight, restrictions on access for all uniformed personnel to all kinds of blogs or websites that do not jeopardize information security. Or may even be useful to the conduct of their mission. The previous excuse by DoD bureaucrats was “conserving bandwidth” but it’s hard to see how esoteric sites like the Center for Defense Information or some university PDF on Islamist madrassas in Pakistan clog up a combatant command’s skinny pipes.

Intel and cyber experts in the readership are cordially invited to weigh in here.

ADDENDUM:

Professor Sam Liles offered up this manifesto on cyberthreats and cybersecurity.

ADDENDUM II:

Fabius Maximus, Ubi war and Wings Over Iraq took a similar view ( Wings though, added “Curse you Zenpundit!”).

ADDENDUM III THE COUNTERPOINT:

Galrahn says Bill Lind does not understand the legitimate cybersecurity aspect that causes blogs and websites to be blocked and then offers some practical advice to the blocked bloggers (such as myself):

….but I’d bet at least 5 shots of Canadian Whiskey (I’m a Crown Royal fan until summer gets here) that the problem that triggered his rant doesn’t originate in the DoD or any government entity, rather the private sector.

But I will say this. There are several legitimate reasons why websites, blogs, and other forms of social media sites on the web are blocked. If your website or blog is blocked, please understand you can do something about it besides whine.

Use Feedburner, or some other form of syndication software to distribute your content, including by email. Organizations including the military may block Blogger but typically they do not block syndication service sites because from an IT perspective, syndication services like Feedburner is a better way to manage bandwidth for larger enterprises. If an organization is blocking syndication sites too, then your organization has a very strict IT policy, BUT if your favorite websites are distributing content by email, problem solved

I used Feedburner previously with my old blogger site when Feedburner was in beta but when it was purchased or absorbed by Google, that account went dormant. I think I will ressurect it and then look into Galrahn’s other suggestions.

Dr. Mark Drapeau and Dr. Linton Wells II in a National Defense University paper:

Social Software and National Security: An Initial Net Assessment (PDF)

….We have approached this research paper as an initial net assessment of how social software interacts with government and security in the broadest sense.1 The analysis looks at both sides of what once might have been called a “blue-red” balance to investigate how social software is being used (or could be used) by not only the United States and its allies, but also by adversaries and other counterparties. We have considered how incorporation of social software into U.S. Government (USG) missions is likely to be affected by different agencies, layers of bureaucracy within agencies, and various laws, policies, rules, and regulations. Finally, we take a preliminary look at questions like: How should the Department of Defense (DOD) use social software in all aspects of day-to-day operations? How will the evolution of using social software by nations and other entities within the global political, social, cultural, and ideological ecosystem influence the use of it by DOD? How might DOD be affected if it does not adopt social software into operations?

Saw this a day or two ago. Just finished reading the intro. Read the rest here.