Encryption at the Pentagon

Vanity | August 10, 2002 | nygoose

[nygoose]

Why doesn't the Pentagon, and particularly General Franks, encrypt the "war plans" and other secret information? It could then be stored, not on a computer's hard drive, but on something like a Zip Drive and locked up in a safe place.

Is this too difficult for the Feds to figure out?

[nygoose]

Perhaps someone on this Forum with knowledge of encryption uses and methods could expand on this idea.

[Diogenesis]

tpvoet mjlf b hppe jefb up nf uifz tipvme vtf tufbuphsbqiz boe rvbouvn pqujdt upp

[upier]

The problem is not the electronic data, its been members of Congress who find out information in briefings and leak it to the press. Those people should be found, arrested and tossed in jail.

[nygoose]

Don't we keep hearing about all the "missing" computers? Doesn't that mean there is "missing" electronic data?

[Movemout]

It could be that those laptops were never expected to leave the vault or to be controlled when they did leave the vault. If they were stolen by support staff, as seems likely, then they could just a s easily steal the zip drives. Classified documents have always flowed into and out of such areas. Accounting for classified documents has been made problemmatic with the invention of facsimile copiers and is even more so now with the advent of portable computers. It is a security nightmare amd you are only as protected as the quality of your staff. Most people who work in a vaulted area are screened and scrubbed to an amazing extent. Even the most thorough special background investigation cannot predict the future, only uncover the past.

[The Duke]

The protection provided by a security measure is often quantified as the amount of money that someone would have to spend in order to overcome it. According to this yardstick good encryption is just about the best protection imaginable. The Pentagon would probably be better off encrypting their data and hiring Chinese media librarians than they would be using traditional lock-and-key protections.

So, basically, your suggestion is very good.

I did a "laptop encryption" product selection for a large corp just a month ago, and ended up recommending "PC Guardian" as the best overall product.

[nygoose]

Who says they keep the laptops in a vault?

[nygoose]

Encryption is fine for TRANSMITTING or storing data, but humans can only work with it in "the clear".

Don't they have to decrypt the files to read/change them and then save them as encrypted files when they finish?

[Movemout]

Let me 'splain. A vaulted area, or a vault, is kind of an office suite that has been built with stringent security measures in mind. There are anti-eavesdropping measures, motion detectors, infrared detectors, and elaborate alarm systems that are part of the set-up. Often people who work in the vault are randomly surveilled or checked into in between updates of their clearances. Some documents cannot move into or out of the vault without special wrapping and accountability steps being performed. Once again, security is only as good as the people working a secure environment. Unfortunately, humans are unpredictable.

[libertylover]

There are very strick rules for handling classified information. Documents are locked in an "approved container", which varies depending on the classification. Only a few people know the combination and a log is maintained for every opening and closing of the safe. Most of the safes I've worked with were simply located in someone's office, which meant the safe was locked at all times unless you open it to get something out or to put something in. The material itself was either in your possession or it was locked in the safe. Period. Security people come around 6-8 times a day to verify the safe is locked, and they have their own log and time-stamp. To take a classsified document from building to building it had to be wrapped in a certain way and you had to check in with ssecurity before leaving the building. They'd call ahead to the next building and let them know you're coming. Then you check in at the new building. Under the rules you can't lock in the top drawer of your desk and go to lunch - gotta put back in the safe - and you sure as *&^% don't take it home or to the Russian embassy, or the New York Times.

On a larger project an entire building or one section of the building might be considered a "vault" with special security to enter.

For computer data, the classified data must reside on a removable media. The entire disk, tape, or whatever is removed and locked in a safe. Also, there are then procedures to write and overwrite ALL of RAM many times with various patterns to prevent it from containing residual data. With laptops you can maybe just lock the whole thing in the safe and not worry about the RAM.

Bottom line, slopping handling is the only way for classified data to get out and someone is then in violation of U.S. Code ???? (you have to sign an agreement) and subject to a $$$$$$ fine and/or prison time.

[Cachelot]

Some documents cannot move into or out of the vault without special wrapping and accountability steps being performed.

Documents is one thing, but computers can be a bit more secure. Although there are hugely undesirable side effects of encrypting a disk, it's a fairly easy and standard security precaution. A couple other examples come to mind:

Many years ago, I was involved with a company that made a secure military workstation solution. The HD was removable amd when the machine was not in use, it HAD to be moved to a rack inside a vault and locked, or the system would scream. The other example is civilian - there's a software solution that is made for laptops. Basically, a stolen laptop, when first attached to a network, will try and find an external line and call the cops. The software is invisible, using stealth tricks like many viruses and backdoors.

[ASA Vet]

tpvoet mjlf b hppe jefb up nf uifz tipvme vtf tufbuphsbqiz
sounds like a good idea to me they should use steatography

boe rvbouvn pqujdt upp
and quantum optics too