Always linking to OpenCongress.org when mentioning Congresspeople’s names — a great idea! I’ll share that at dKos, and credit you, Micah, saying I read you at FDL. Thanks!

Sharing FDL’s info-analysis models — YES PLEASE, with good instructions and open-source free software that can be used by people with old computers (like XP on dialup)

I got the same ‘Soviet bad/US good’ indoctrination from (mainly) Reader’s Digest. Another point was ‘Under Soviet rule, people can be persecuted for speaking their minds or reading unauthorized materials, and all the news they get has been pre-authorized by the central government.’

THANK YOU for awesome Brandeis quote!

MadDog, I’m new here so hope I haven’t missed a relevant part of ongoing discussion. But you say that USB access would have been prevented by software. Do you have a source for that? Not a snarky question ,an honest one, because I just posted a link (and quote) from a Dec 2010 article saying that DOD had never installed the McAfee component that would have prevented USB access/downloads. Would genuinely appreciate it if you could point em to a link (or several) demonstrating adequate software/hardware protections against downloads on SIPRnet.

I’m no technogeek. But I keep running across trade-magazine type articles that lead me to think that DOD has failed to secure it’s cyber-information. I wrote a little about the problem of classified items (such as the entire Pentagon IT backbone, including passwords) through peer-to-peer (P2P) network sharing in the only diary I’ve mananged to write on FDL so far.

In regard to the SIPRNet, I’ve also found several articles that lead me to think that DOD’s failure to establish controls and safeguards could mean that they have no way to tell what may or may not have been accessed or downloaded through any computer. (I feel I’m premature in even writing this comment, but maybe by posting this some other folks will begin looking.)

Here’s one example, from http://www.c4isrjournal.com/story.php?F=5209879 –

The Pentagon started upgrading thousands of computers with data loss-prevention software in 2008 but chose not to turn on the software, which would be able to sound alarms in cases like the WikiLeaks incident, an industry official said.

[..]

The loss-prevention and thumb-drive tools are elements of the Host Based Security System (HBSS), which is now installed on 60 percent of SIPRNet computers, according to the Defense Department. The HBSS software, produced by BAE Systems with McAfee as a subcontractor, links network security officials to classified desktop computers. HBSS has the “capability of monitoring unusual data access and usage,” the department said in statement released on the day WikiLeaks began publishing thousands of State Department diplomatic cables.
DISA decided to upgrade HBSS in 2008 after a computer virus was introduced into a Central Command network via a flash drive. The HBSS software now includes a Device Control Management tool that allows security officials to remotely disable USB drives. The Host Data Loss Prevention software was included in the same package, but the Defense Department did not license the loss prevention part of the suite.

To keep this comment from getting huge, I’ll just post a few of the links I’ve found dealing with SIPRnet’s absence of controls.

I don’t know if this will help Bradley or not, but in terms of the Espionage Act there’s been a distinction made between info that is (just) marked ‘classified (at whatever level) and whether or not, classified material is ‘closely held’ (I’ve also seen ‘closely held’ phrased as ‘under custody and control’ or ‘under the control’ of the responsible Govt dept. (many govt regs, also US v Heine 1945 & US v Morison 1988)

So this lead me to wonder — if DOD’s classified info is NOT ‘closely held’ (and I’ve read enough of their regulations to know that their standards are not met), and if the entire world can access classified infor through P2P, and SIPRnet had no controls — no passwords, no way to tell if someone was downloading, etc — Well, does DOD’s failure to control obviate Espionage Act (and similar military regs) because the documents were (or could have been) available to unauthorized people both before and after the alleged Manning leaks?

Sorry to ramble. Wanted to get the question & thoughts out there.

A few more links re SIPRnet openness–

http://cybersecurityreport.nextgov.com/2011/01/keeping_gatekeepers_of_sensitive_data_in_check_how.php

http://www.wired.com/dangerroom/2010/12/military-bans-disks-threatens-courts-martials-to-stop-new-leaks/

http://www.washingtonpost.com/wp-dyn/content/article/2010/12/30/AR2010123004962.html