According to someone from NETCOM, it's because the leaks are still classified. Therefore, unclassified networks within the army must block the leaks in order to maintain their operational goals of no classified information on those wires. They have separate classified networks, which surely allow it.
There's an old saying... There's the right way to do something, and then there's the Army way.
The Department of Defense routinely takes preventative “network hygiene” measures to mitigate unauthorized disclosures of classified information onto DoD unclassified networks.
We make every effort to balance the need to preserve information access with operational security, however there are strict policies and directives in place regarding protecting and handling classified information. Until declassified by appropriate officials, classified information—including information released through an unauthorized disclosure—must be treated accordingly by DoD personnel.
If secret information winds up on a computer you have to file a bunch of paperwork and have the computer either scrubbed or converted to only accessing secrets. So despite the leaked information being in the public record they still treat it as secret information. Yes it's stupid but those are the rules. By not allowing access to the newspaper site containing the "secrets" they can avoid these issues.
Why a secret leaked to the public and available to all is still treated as a secret is confusing.
> Why a secret leaked to the public and available to all is still treated as a secret is confusing.
This is standard OpSec. You neither confirm nor deny the leak because it's entirely possible that the information itself is a plant designed to draw out responses that leak more information.
Right. So you instead confirm that leak by blocking the website so that it doesn't cause a lot of paperwork/hassle. If the leak were fake, then there would be no reason to care about it ending up on their machines.
This OpSec doesn't really make sense (to me):
- The documents are already in the public. Just saying, "they are now de-classified," doesn't give more information, other than an explicit confirmation that they were real. But this doesn't matter because:
- Politicians coming out and having a public debate about the classified programs talked about in the leak is further confirmation that the leak is real.
- Chasing after Snowden and charging him with espionage for releasing the documents is a confirmation that the documents are actually real.
There are so many things implicitly confirming that the documents are real that it doesn't make sense to deny them officially anymore. It's like trying to hide the subject of the Mona Lisa by creating an empty space in the shape of her silhouette, and then expecting people to not notice that something is missing.
> So you instead confirm that leak by blocking the website
No, you confirm that you have a standing policy of blocking any content that purports to be classified, regardless of actual content.
> - The documents are already in the public. Just saying, "they are now de-classified," doesn't give more information, other than an explicit confirmation that they were real. But this doesn't matter because:
Stating they are declassified still leaves them with the burden of cross checking any document found on their unclassified networks to figure out whether or not it is allowed to be there. It substantially eases the job of containing the genuinely classified information to keep the amount of "possibly classified, needs investigation" content down.
> There are so many things implicitly confirming that the documents are real that it doesn't make sense to deny them officially anymore.
The point is not to deny that they are real (how would the Army know?), but to prevent "contaminating" an unclassified network in a way that makes discerning real security problems harder.
Because all secrets are assigned codes and, I believe, names and registered through a central secrets database coordinated through all services. Someone has to close the ticket, first, and there may be outstanding issues.
I think you mean code-word clearance. This is for strictly limited-access programs, where the number of people knowing a secret is controlled. Normally, you would have a security clearance plus need-to-know. These programs put the weight much more heavily on the need-to-know side.
i.e. You may have a top-secret clearance and know that the Derkderkistani military is buying new tanks, but you don't need to know that the source of that info was from an agent in their Ministry of Finance.
The government telling people in its employ that they can't read the publication is a different matter from the government telling people they're not allowed to publish.
The statement isn't so much that employees can't read the news source, but that government computers/network/etc must only interact with classified information via proper mechanisms. I work at a DOE lab and they requested that we not view any such material while at the lab or on lab machines because the operator could receive large fines for mismanagement of classified information, but we're free to read whatever we want when off-site on our own hardware.
> but we're free to read whatever we want when off-site on our own hardware.
I would be willing to bet that the agreement you signed to get your security clearance didn't have a 9-to-5 provision. You may not be charged for it, but that doesn't mean you aren't violating that agreement by accessing classified information for which you don't have "need to know".
Almost nobody in my division has clearance. As it turns out, assembling non-classified information from various openly published sources can create something that is classified, so we are expected to get review before starting research on something that is nearby to a classified topic. Occasional review of this sort is the closest we typically come to classified work.
Anyway, all employees received an official statement earlier in June warning against viewing those documents using lab computers (including lab computers used off-site), but with no warning against viewing them off-site on personal computers.
The government employs millions of people (I haven't checked the figure). What if they told all those people they couldn't read the NYTimes or a whole range of publications?
Those employees are voters too and have a right (and possibly a democratic duty) to be informed. No employment contract should ever restrict your ability to remain properly informed.
Isn't With the same argument chinese internet firewalls are "not censorship".
OR With the same argument access to social media or telephone "not censorship".
Nope. It's no different than your employer having an Internet filter at work to prevent you from engaging in activities that are unproductive or expose them to liability. You can still do whatever you want on your own computer and your own time.
That's not true. If you only have a secret clearance then you're not supposed to read top secret material anywhere (unless you're "need to know") - home nor at work nor on the moon.
You missed the context. The point is that people are still free to go to the Guardian on their home computers and exercise their own judgment in what they read. However, the Army is taking proactive steps to avoid a mess of work cleaning up their own systems.
Right. As long as they use that judgement to avoid reading classified information. ;-)
> Army is taking proactive steps
As far as I understand (and please note that I'm not an expert) they have always blocked certain kinds of sites. That Guardian is added is not really surprising, but the indirect refusal to own up to it is whacky.
It's not even like the soldiers aren't allowed to read it, say, in an internet cafe, right?
It might be a bit petty and bureaucratic, but hey, considering the Streisand effect I say go for it... it's bound to make a few people check it out that weren't interested before, and I doubt it will keep anyone from reading what they were interested in already.
It's not petty. Given the laws surrounding classification they're just trying to save themselves a giant mess of pointless work and a tremendous amount of money on reprovisioning systems.
So according to these rules if any secret information passes onto a computer system it is somehow tainted? So all the evil terrorists now have to do to shut down the DoD is spam every military email address with secret documents or links thereto? How convenient.
If the rules truly preclude contact with any secret info (even if it has already leaked) without wiping the machines and the machines have internet access, they need to revise the rules as they are absurd. What they should be concerned about is stopping leaks of more information (quite possible), not controlling information that has already leaked (impossible).
The most absurd part of this whole catch 22 'can't look at or talk about past secrets' situation however is that the administration leaks classified information all the time in service of their own aims - for example the Osama Bin Laden raid and Defense Secretary Leon Panetta. Those leaks are considered good leaks, and the information leaked is just fine (in spite of not being officially declassified) sitting on government computers, in Hollywood propaganda films, and being disseminated widely and quoted unattributed by news anchors and in American media - those websites are not blocked, because those are somehow rightous leaks, but it makes a mockery of any pretension of secrecy hygiene on military computers, plenty of which access plenty of this classified information that the government chose to disseminate without declassifying.
Given the free use of sanctioned leaks, these rules are more about instilling a fear of the taint of suspicion in government employees, and consequently of whistleblowers, than about data security IMHO.
But consider this: You find documents marked "secret" on a laptop. What do you do? The documents happens to be possible to find online. Do you just shrug and move on? How do you know that this laptop was not used in the leak? What if you find thousands of different documents across your network. How do you verify whether or not they have leaked previously?
At the very least you end up spending more resources verifying that this was not caused by a security problem.
And the idea of spamming the military with classified documents would be hilarious to see in practice... I wonder what they'd do...
Saving themselves work, okay. Saving the taxpayer money. nah.. it's not like it's actually their money.
That material isn't just available at that URL, so the only way to be sure is to inspect traffic for the data. So what is this other than a pointless token gesture, or incompetence?
And there are other things other than that material at the Guardian. It's, like, a full blown newspaper. That's what makes it seem petty.
Just keep in mind that, regardless of any external factor, what makes you feel depressed and unmotivated are the chemical reactions happening in your brain. And you can train your brain to handle them in better.
