Whatever this thing is, it cannot be any worse than the Navy / Marine Corp Intranet, aka NMCI. The NMCI is a humongous, costly, self-inflicted Denial of Service attack. It demonstrates that even in DoD we learned nothing from the failures of Soviet style centralization.
By the way: the productive use of removable media in the unclassified environment will always far outweigh the risks coming from these devices. The command to ban removable devices is an unnecessary spasm illustrating DoD ineptness in building a reliable network infrastructure, particularly on NMCI. The ChiComs, or whomever, managed to introduce a bug in our systems. Our own flag officers and SESers multiplied this annoyance many fold with the ban on removable devices. Our enemies say thank you very much.
I’ve been trying to read up on the particulars of the apparent threat, so as to assess what risk we might have here at FR.
I suspect a fair number of FReepers have dayjobs associated with the government, some as contractors and / or military who fairly frequently use flash drives and cards or external USB devices.
So if the gov’t systems are threatened by such devices, what keeps other network links from being similarly at risk? Hence, wouldn’t FR also be at risk? Or minimally, what keeps those in the military who own PCs from having their PCs now infected from such a threat?
IMHO, the issue manifests command and control tendencies of the military. The US used to have an outstanding system of centralized command, decentralized control. Socialism tends to migrate in the opposite direction of decentralized command, with centralized control.
Users in a decentralized fashion are able to identify the situation as it arises, then take action with resources they control. Socialism tends to require the situation be communicated back to a centralized decision maker prior to releasing resources to solve a problem.
In the USB removal policy, we effectively remove resources from the local level and constrain all local action to using only resources from centralized strict control.
All an enemy now has to to then do is focus on communication to inhibit the defense machine from operating.
The internet was intended to provide an exponentially expandable network of alternate paths, thereby reducing the risk of lines of communication being interrupted in an attack.