Posted on 08/24/2006 4:12:10 AM PDT by COBOL2Java
Agreed. OTOH, encryption slows down computers. There may have been reluctance from the speed freaks.
The most easily exploitable vulnerability in any organization is its people. Policies and procedures are great, but they don't work if people don't properly adhere to them.
Here are some simpler suggestions that would be more effective, just off the top of my head...
1. Stop putting social security numbers on every form. Soldiers put their SSN on leave forms, physical fitness score sheets, equipment receipts, and many other forms that are not necessary.
2. Stop giving access to this personal information to just any schmoe in the unit. The training room "NCO" in most units - at least maneuver units - is generally a computer savvy E-4 that a platoon sergeant wants to get rid of either due to physical or disciplinary problems. This is the guy that we entrust with Soldiers' SSN, address, next of kin, phone number, etc?
3. Stop using personal computer equipment at work. Soldiers routinely take home thumb drives that they use at work - be they drives purchased by the Army or purchased with personal money. Also, because the Army has such a hard time of keeping up with new technology, many Soldiers and leaders use personal laptops because the Army laptops so frequently lock up or crash.
4. Implement a 100% shred policy. Every office has a shredder and guidance to shred classified or sensitive paperwork. Seriously, who is sifting through the trash to check on this, other than theives/enemies? Soldiers and leaders don't care about paper shredding - they care about training, maintenance, and physical fitness. Simply the process by shredding all paper. Then if you see paper in the trash, you immediately know that something is wrong, rather than having to dig through and check each sheet, which won't happen.
But what do I know?
What does this accomplish? My impression from the early days of encryption was that bulk encryption is weak because the encrypted files contain too much known plaintext that can be matched up to ciphertext for brute force attacks. Has this problem been solved?
Gee, what a concept.
The best one I saw was a street vendor in Osan Soouth Korea selling his food wrapped in paper he got from the base. The "paper" was payroll records and he had thousands of pages.
"What does this accomplish? My impression from the early days of encryption was that bulk encryption is weak because the encrypted files contain too much known plaintext that can be matched up to ciphertext for brute force attacks. Has this problem been solved?"
Depends what tool they are using to secure the drives. Modern tools are pretty good. That said most any thing can be hacked if enough time and processing power is used.
No, I don't believe that's been resolved. As with any encryption strategy, there is no perfect solution. All you can ever hope for is to slow the attacker down to the point where he decides it's not worth the effort, and looks for an easier target. Ideally, you might get a stupid thief, who powers up the laptop and thinks that because the screen shows gobbledygook, it's broken.
Of course, it's a double-edged sword: a hacker discovering an encrypted laptop will be doubly-intrigued; but I guess in the long run, it's better than an unencrypted one.
This effort will be soundly defeated by well placed Post-It notes.
LOL! Thanks, that's a good one. Rush always says that the best humor is based on reality!
Good, we need to lock this stuff down, instead of open it all up and give it away for free like some prefer.
Is this still the way the Army works? In '66 a parade competition between the dozens of platoons completing basic was scheduled. Each platoon had to have 1 person man the phone and miss the parade. The guy who could not march was chosen to man the phone. Inability to march was the only criteria to become a personnel clerk.
I don't know anyone who is advocating we give away all our data.
While this does seem obviously elementary to most of us, keep in mind there are some liberals out there who want everything in DoD "open".
http://www.freerepublic.com/focus/news/1688103/posts?page=27
that would be the JAG and the PUblic Affairs section lots of lefties there.
hope it works better than this CAC stuff.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.