Last month the Pentagon lifted a blanket ban on thumb drives and other “removable flash media” on military networks. Well, sorta. In a little-noticed news item, Air Force officials made it clear they considered the ban to still be in place.
"This will not be a return to 'business as usual,'" said Maj. Gen. Michael Basla, the vice commander of Air Force Space Command. "There will be strict limitations on using flash media devices when the Air Force returns to limited access and use. These limitations will be vital to our cyber security."
In other words, forget about using USB drives, CDs and other takeaway storage tools to share information, even when bandwidth is scarce or networks are unreliable. But as Noah reported earlier, such sweeping bans often create a Catch-22, especially when military personnel are asked to accomplish tasks that force them to circumvent IT security practices.
It's part of a larger problem: The military's sometimes heavy-handed approach to network security, even when it comes to public, nonclassified systems. Danger Room pal Starbuck, an Army aviator who writes the insightful (and often hilarious) Wings Over Iraq blog, posted an amusing rant this week about the Army's public e-mail service, Army Knowledge Online.
The post, titled "Why I'm Switching to Gmail for All My Work Needs," documents all the hoops a servicemember has to go through to access an account with a measly 100MB inbox, including putting their Common Access Card (a Department of Defense smart ID) in the computer, entering a pin number, and answering from a series of ridiculous, preprogrammed security questions.
This approach promises to make life difficult for BlackBerry users as well. A military IT specialist tells Danger Room that a push for public key infrastructure and more data encryption on two-way wireless devices may also present problems, especially if the military opts for clunkier solutions like Bluetooth smart card readers.
[PHOTO: U.S. Department of Defense]
