Government 2.0 Club is an informal organization focused on convening the tribe of technologists and thinkers focused on applying social technologies to the governments worldwide.
DOD and Web 2.0
July 31, 2009 at 12:24 pm #76861
This from the same organization who decided thumb drives, because they could be a security risk, “banned” them
From Next Gov:
The Defense Department has started to analyze the vulnerabilities of social networking sites and Web 2.0 technologies such as Facebook and Twitter, Pentagon spokesman Air Force Lt. Col. Eric Butterbaugh said in a statement.
Butterbaugh said Defense plans to develop a new policy governing Web 2.0 technologies, but did not say when it would go into place. He said that senior Pentagon leadership – which presumably includes Facebook and Tweeter user Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, has not made any decision to block access across the board to all social networking sites.
Butterbaugh added, “As with any Internet-based capabilities, in addition to the merits and benefits, there are . . . challenges and operational risks that must be understood and mitigated.”
July 31, 2009 at 3:15 pm #76886
MUCH MORE DETAIL and sorta fits with my “commentary” in the original posting
Military May Ban Twitter, Facebook as Security ‘Headaches’
* By Noah Shachtman
* July 30, 2009
The U.S. military is strongly considering a near-total ban on Twitter, Facebook, and all other social networking sites throughout the Department of Defense, multiple sources within the armed forces tell Danger Room.
It’s the latest twist in the Defense Department’s tangled relationship with so-called “Web 2.0? sites. But while earlier social media blockades have been thrown up over bandwidth and secrecy concerns, this fresh ban stems from fears that Facebook and the like make it far too easy for hackers and cybercrooks to gain access to the military’s networks.
Last week, U.S. Strategic Command issued a “warning order” to the rest of the military, asking for feedback on a social media ban on the NIPRNet, the Defense’s Department’s unclassified network. (Naturally, access is already denied on the secret and top secret nets.)
“The mechanisms for social networking were never designed for security and filtering. They make it way too easy for people with bad intentions to push malicious code to unsuspecting users. It’s just a fact of life,” says a source at Stratcom, which is responsible for securing the military’s “global information grid.”
Last month, for instance, well-known venture capitalist Guy Kawasaki’s Twitter account was hijacked, and used to spread a sex video come-on to his 139,000 followers. Those following the link were asked to install a software update. The application was, in fact, a Trojan, which allowed hackers to take over a user’s machine.
Similarly, one variant of the nasty Koobface worm searches a PC to find a Facebook cookie. Then the malware program uses that information to gain access to the user’s Facebook account. Once it’s in, Koobface spreads messages to online friends, enticing them to download viruses and Trojans.
“People are much more trusting of a message from a friend or colleague on a social network than they are of an e-mail, because they’re used to e-mails being forged,” says Graham Cluley, a senior consultant with the network security firm Sophos. That’s ironic, he adds, because “social networks aren’t really doing enough to stop these things. With GMail or Hotmail or a military e-mail account, messages are scanned for spam and viruses. Social networks aren’t doing that scanning. They aren’t checking if a link posted to a wall is malicious or spammy. They’re just letting it through.”
Officially, “the concept of allowing access to social networking sites (SNS) on the Department of Defense .mil networks is currently under review at this time,” a Stratcom spokesperson e-mails Danger Room. “It would be premature to comment on the outcome of the review.”
But unofficially, the ban is all-but-certain, military officers and civilian employees say. Many are upset, because after years keeping the social networks at arms’ length, the armed services appeared to be finally embracing the Web 2.0 sites. The Army recently ordered all U.S. bases to provide access to Facebook. The Chairman of the Joint Chiefs of Staff has 4,000 followers on Twitter. The Department of Defense is getting ready to unveil a new home page, packed with social media tools.
“We fought so hard for this,” says one Army source. “This is a huge step backwards.”
Under Stratcom’s plan, units that have to regularly communicate with the civilian world, like media relations and recruiting, may be given “dirty computers” — machines that are connecting only to the public internet, and not to the military’s private networks. The rest of the Defense Department would be cut off from the social media sites, despite protests from inside the Pentagon.
People started working with these social networks “before we got a handle on how to use them in the context of the Department of Defense,” a Stratcom source says. “Now, they’re just too big of a headache.”
July 31, 2009 at 5:06 pm #76884
Web 2.0 applications in the government has come a long way since the launch of the U.S. intelligence agencies’ internal wiki Intellipedia in 2005. In contrast to public Web 2.0 applications under the control of private companies like Facebook, Twitter, these Web 2.0 applications are hosted by DoD, thus ensuring desired security specifications. DoDTechipedia, DISA Forge.mil, Army Knowledge Online milWiki, etc. are examples of this trend. As another example, the Battle Command Knowledge System at the U.S. Army Combined Arms Center have launched a test allowing soldiers to make real time updates to the Army’s Tactics, Techniques and Procedures via a wiki environment.
I don’t think DoD’s approach to using 3rd party tools like Facebook, Twitter, etc. is no different than the use of these tools by the enterprise without disclosing corporate proprietary information. For instance, why would a high tech company trust Twitter direct messages for corporate intellectual property related conversations? Here is a good primer for the use of social software in national security applications.
July 31, 2009 at 6:35 pm #76882
Would offer that the better way to insure security on various 3rd party tools would be Training and proper configuration. Training
wouldshould include the penalties for violations.
Generally speaking, I am of the mindset regarding these tools that the NRA has toward firearms, “guns don’t kill people people kill each other with guns”
END OF MY OPINION
July 31, 2009 at 7:12 pm #76880
I don’t have an opinion on the philosophical implications of guns vs. people:-) My point is that we need to differentiate between adopting a 3rd party Web 2.0 service like Facebook and Twitter vs. adopting 3rd party tools to deploy Web 2.0 services open to a selected community. For instance, Google’s Pubsubhubbub makes it possible to build a distributed Twitter-like system with components that are not made by a single company, and with servers not run by a single company. There is nothing sacrosanct about Facebook just like history has proved that there was nothing sacrosanct about AOL.
July 31, 2009 at 7:59 pm #76878
Although IMHO there probably is going to be a major gap between the development of DOD specific Web 2.0 services within DOD internally and the availability of those Web 2.0 services to the people who could POSSIBLY use them.
August 3, 2009 at 8:57 pm #76876
Pentagon Social Media Czar Pushes Web 2.0, Despite Ban Threat
* By David Axe Email
Last week, Danger Room broke the news that the Defense Department is considering banning access to Facebook, Twitter and all other Web 2.0 social networking sites from military computers, on the advice of the I.T. gurus at U.S. Strategic Command. “They make it way too easy for people with bad intentions to push malicious code to unsuspecting users,” a Stratcom source said of the sites.
But Price Floyd, the military’s new social-networking czar, said no final decision has been made yet regarding a Web 2.0 block. “An analysis… is being conducted,” Floyd, told Danger Room.
Pentagon spokesman Bryan Whitman earlier stressed that the “answer is somewhere between” total access and an all-out ban. An Air Force commentator wrote that this middle ground should be defined by military users’ “common sense.” “When in doubt, backspace it out,” Maj. Gen. Hank Morrow wrote. This middle approach is at odds with Stratcom’s “ban ‘em all” attitude.
Floyd, the new Principal Deputy Assistant Secretary of Defense for Public Affairs, is in a particularly delicate position. He says Secretary of Defense Robert Gates hired him in June for the sole purpose of “using the technology — both the websites and software out there now — that enable [Gates] to engage and hear from people in a way and manner that wasn’t possible before.” A blanket Web 2.0 prohibition would obviously complicate Floyd’s mission.
Possible ban or no, Floyd is pushing ahead with a wide array of Web 2.0 initiatives. His first act was to sign up the Pentagon for a Twitter account, under his name. He got blogs included in the military’s influential “Early Bird” clipping service. (Headline #11 today: “Army Farmers Work to Regrow Afghanistan.”) Next up: a new Department of Defense [DoD] web site, launching in August. It “will have links to Facebook and Twitter. And at the right [of the site], people can vote on questions they’d like answered by the Secretary — and they can do same thing [voting] on policy.”
The new site will welcome debate on even the most controversial topics, Floyd says. “The idea is that the software out there … it’s not that I pick questions and people vote on them, it [the site] can aggregate … If people are saying [in comments] that we should pull out of Iraq sooner, the top five questions will come out [reflecting] whatever they are saying. We’ll have things there that are not DoD policy. The Secretary’s answer to is, that he can’t image why that would be problem. He really gets it.”
“[Internet] security is important,” Floyd said. “Opsec [operational security] is paramount. We will have procedures in place to deal with that. The DoD is, in that sense, no different than any big company in America. What we can’t do is let security concerns trump doing business. We have to do business… We need to be everywhere men and women in uniform are and the public is. If that’s MySpace and YouTube, that’s where we need to be, too.”
He added, “I don’t want to minimize security [concerns]. But this is not a DoD-only issue. It’s not a question of total security or total access to everything. There is a place we need to find [in the middle] where we’re able to go where we need to go and people can come in and see us, and yet we’re also protecting the network.”
August 4, 2009 at 8:56 pm #76874
Looks like more and more the left hand (operational management) is NOT communicating with right hand (Security)
The U.S. Marine Corps has banned Twitter, Facebook, MySpace and other social media sites from its networks, effective immediately.
“These internet sites in general are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user generated content and targeting by adversaries,” reads a Marine Corps order, issued Monday. “The very nature of SNS [social network sites] creates a larger attack and exploitation window, exposes unnecessary information to adversaries and provides an easy conduit for information leakage that puts OPSEC [operational security], COMSEC [communications security], [and] personnel… at an elevated risk of compromise.”
The Marines’ ban will last a year. It was drawn up in response to a late July warning from U.S. Strategic Command, which told the rest of the military it was considering a Defense Department-wide ban on the Web 2.0 sites, due to network security concerns. Scams, worms, and Trojans often spread unchecked throughout social media sites, passed along from one online friend to the next. “The mechanisms for social networking were never designed for security and filtering. They make it way too easy for people with bad intentions to push malicious code to unsuspecting users,” a Stratcom source told Danger Room.
Yet many within the Pentagon’s highest ranks find value in the Web 2.0 tools. The Chairman of the Joint Chiefs of Staff has 4,000 followers on Twitter. The Department of Defense is getting ready to unveil a new home page, packed with social media tools. The Army recently ordered all U.S. bases to provide access to Facebook. Top generals now blog from the battlefield.
“OPSEC is paramount. We will have procedures in place to deal with that,” Price Floyd, the Pentagon’s newly-appointed social media czar, told Danger Room. “What we can’t do is let security concerns trump doing business. We have to do business… We need to be everywhere men and women in uniform are and the public is. If that’s MySpace and YouTube, that’s where we need to be, too.”
The Marines say they will issue waivers to the Web 2.0 blockade, if a “mission critical need” can be proven. And they will continue to allow access to the military’s internal “SNS-like services.” But for most members of the Corps, access to the real, public social networks is now shut off for the next year.
And Because of this being picked up by CNN
Suspect it shall get rather interesting
August 5, 2009 at 10:40 am #76872
And the Air Force take on the issue: The only thing that I would IMPROVE on would be to “slap the offenders silly in a rather public way thereby increasing the “awareness” of the issue
From Next Gov
A Social Network Happy Medium
By Bob Brewin 08/04/09 02:12 pm ET
Maj. Gen. Hank Morrow, commander of Air Force North, which is responsible for defending U.S. airspace, thinks a common sense approach to using social network sites such as Twitter, Facebook, MySpace and YouTube can assure security that will allow service members to continue relying on the communications tools.
Morrow wrote last week that airmen need to understand that when they post messages to a social networking site the information is available not only to family and friends – who are typically the intended audience – but a potential enemy.
“The bad guys are out there watching us, too, reading all the information you post to your personal site, and what’s posted to your buddy’s site, and to the Air Force Chief of Staff’s site, and so on,” he said. “They put all the bits of information together like a puzzle. It’s known as data mining and our enemies are constantly monitoring what we post to the Web.”
Airmen need to exercise prudence in what they post, keeping operational security in mind when, for example, they write from a deployed location, Morrow said. He suggested that troops apply the acronym SAPP, which stands for security, accuracy, policy and privacy, before posting to a social network site.
“The SAPP principle is an easy one to remember when you’re about to blog about an upcoming deployment or a recent court martial in your unit or the rumor you heard in the squadron break room,” Morrow wrote. “Is the information accurate? Can you back it up with facts? Are you compromising operational security by releasing this information? Are you violating someone’s privacy by blogging about him or her?” Those are all good reminders before hitting the send button.
Finally, before posting a photo or comment on a social networking site, he reminded his personnel, “Anything you post to the Internet — including photos — will be there forever. Do you really want to post a picture of yourself that could place you, your family, or your unit in harm’s way?” Morrow asked.
“Think before you post,” he concluded, “and if you are ever in doubt about what you are about to let the world see or read about — delete it. Go with your instincts. Refer back to my rule number one — use your common sense.”
August 6, 2009 at 10:39 am #76870
MY PERSONAL OPINION
I would GUESS that perhaps there might be a bit of fur flying in the highest corners of the Pentagon. It would appear to me that just maybe the head of IT security for the marine corps MIGHT have not fully vented his plan to disable social networking and there PROBABLY will be some significant back pedaling”
End of OPINION
Head of Joint Chiefs bucks social media ban in a Tweet
By Bob Brewin 08/05/2009
While the Marine Corps banned the use of social networking sites on Tuesday, the chairman of the Joint Chiefs of Staff, a budding Tweeter, strongly backed the use of the social networking site in a message he posted on Twitter.
“Obviously we need to find right balance between security and transparency,” Adm. Mike Mullen Tweeted after the Marine Corps said it would ban social networking sites. “We are working on that. But am I still going to tweet? You bet.”
Last month the Defense Department kicked off a study to determine the vulnerabilities of social networking sites and Web 2.0 technologies such as Facebook and Twitter.
Navy Capt. John Kirby, Mullen’s spokesman, said, “The chairman is committed to find a way to use social media while ensuring operational security.”
Mullen, who also has a Facebook page, believes that social network sites help Defense engage in a dialogue with audiences at home and abroad. Mullen believes “we cannot afford to ignore this way [social network sites] of communicating with people,” Kirby said.
Kirby said he expected Defense’s study on use of social networking tools and technologies to be completed within a month.
Twitter.com Mullen’s message was posted Wednesday.
Other top commanders who have posted a personal Facebook page include Army Maj. Gen. Ray Odierno, commander of the multinational forces in Iraq, and Lt. Gen. Rick Lynch, commanding general of the III Corps at Fort Hood, Texas, said Lindy Kyzer, an Army spokeswoman who works in the online and social media division.
In a blog item posted on Tuesday, Kyzer summarized the conflicts between security and open access. “The popularity of social networking sites and sheer volume of information posted and traded can send shudders down the spines of any signal company soldier or network security expert,” she wrote. “But many of those security experts realize that a collaborative Web is the new reality. Soon you’ll be hard-pressed to find any site on the World Wide Web that isn’t implementing Web 2.0 tools and technology.
“Soldiers in Iraq and Afghanistan have already been battling the issue of access to their work computers for years. . . . Our soldiers have been working around the access issues — and will continue to do so — regardless of whether or not we don’t have access at our work computers. So, again, I want open access. But, I also want a lively debate that takes into consideration the security concerns, but balances them with the need to do our jobs to tell the Army’s story in every platform and via every tool available.”
Adm. Thad Allen, commandant of the Coast Guard, also has posted a Facebook page and opened a Twitter account. The Coast Guard allows its personnel to post to social networking sites from their computers, said Lt. Connie Braesch, the service’s social media action officer.
Like the Marine Corps, the Coast Guard expects service members to not compromise security or classified information when they post messages on social network sites, she said.
Asked if Defense can stuff the social network genie back into the bottle, Kirby said, “I have a news flash for you: The Internet is here to stay.”
August 9, 2009 at 11:47 am #76867
PERHAPS MAYBE they still haven’t got it right…
If All this “NOISE” is about is provide a better recruiting environment MAYBE PERHAPS there could be found other ways to address that issue…
END OF COMMENTARY
In contrast to a ban on US Marines from using Twitter and Facebook on the military network, Britain’s Ministry of Defence has told troops they’re free to use social media tools and should apply “common sense” when deciding what to share online.
What’s more, the MOD has said it will sponsor soldiers who want to use blogs and Twitter to share stories of military life with the outside world.
The unclassified memo is available here and reads, in part:
1. Service and MOD civilian personnel are encouraged to talk about what they do, but within certain limits to protect security, reputation and privacy. An increasingly important channel for this engagement, and to keep in touch with family and friends is social media (such as social networking sites, blogs and other internet self-publishing). Personnel may make full use of these but must:
Follow the same high standards of conduct and behaviour online as would be expected elsewhere;
Always maintain personal, information and operational security and be careful about the information they share online;
Get authorisation from their chain of command when appropriate (see para 2 below);
2. Service and MOD civilian personnel do not need to seek clearance when talking online about factual, unclassified, uncontroversial non-operational matters, but should seek authorisation from their chain of command before publishing any wider information relating to their work which:
Relates to operations or deployments;
Offers opinions on wider Defence and Armed Forces activity, or on third parties without their permission; or
Attempts to speak, or could be interpreted as speaking, on behalf of your Service or the MOD; or,
Relates to controversial, sensitive or political matters.
Online Presences “Encouraged”
Perhaps the most surprising section, however, is the MOD’s support of social media tools in communicating with the world. The section reads: “Service and MOD civilian personnel are encouraged to operate sponsored online presences to help communicate their work, including as part of their official duties, as long as these are authorised in advance”.
In fact, the wording of the document is wildly opposite to the US Marines’ order issued this week, which essentially ruled out the use of all social media tools on the DOD network. The MOD memo instead focuses on the need to “harness new and emerging technologies, new unofficial online channels, and new unofficial online content in order to communicate and disseminate defence and Service messages and build defence and Service reputation”.
It’s a policy that’s likely to earn praise from bloggers, and could foster a positive brand image for the British military. What’s more, starting online conversations about military life might also help with recruitment to the armed forces.
August 10, 2009 at 1:51 pm #76865
DIRECTLY from AF.mil and AFTER the original “story” broke…
Now I know that DOD is a rather large agency and the original story was from a NON-DOD agency (wired.com) but this perhaps points out a much larger problem with communication(s) within the federal government
Air Force Office of Scientific Research officials launch social media outreach
Air Force Office of Scientific Research officials here announced Aug. 7 the launch of two new pages on Facebook and Twitter.
To follow AFOSR on each site, type “AFOSR” in the search box on each page.
The new AFOSR Facebook and Twitter pages will provide real-time information on AFOSR stories, accomplishments, scientific breakthroughs and events. In addition, postings will include announcements and deadlines for funding opportunities and awards programs worth millions of dollars.
“AFOSR sponsors innovative and cutting edge technologies that revolutionize and shape the future of the Air Force. It seems only fitting that we approach our communications and new media the same way we approach science,” said Dr. Brendan Godfrey, the AFOSR director.
To learn more about AFOSR, visit http://www.afosr.af.mil or on their new Facebook and Twitter pages.
August 10, 2009 at 2:09 pm #76863
FINALLY this discussion probably can be put to rest! One could/would wonder why DOD didn’t jump into the “web discussion” much sooner but tis a story for another day!
Marines and Social Nets: We Goofed
By Bob Brewin 08/07/09 05:27 pm ET
Despite more than 1,000 news reports to the contrary, the Marine Corps did NOT ban access to social network sites this week.
In fact, in a statement, the Marine Corps said, “Marines are encouraged to tell their stories on social networking sites, using personal accounts, remembering the importance of operational security and that they are Marines at all times.”
So, how did news sites around the world, including Nextgov, erroneously report the Marines had banned access to sites such as such as Twitter, YouTube and MySpace?
The simple answer is that the collective “we” — myself and all the other digit stained wretches who reported on the supposed ban — were guilty of herd mentality, following and believing the Associated Press story linked above.
I erred by believing the story and not picking up the phone to call the Marine Corps public affairs office, which quickly provided me with the facts.
This reinforced two things I know, but momentarily forgot this week: Never believe anything I read unless I check it out and that even in the digital media age, a plain old phone call is still the best way to gather information.
As Marine spokesman Lt. Craig Thomas explained to me, the AP misconstrued the meaning of the Marine administrative instruction issued on Aug 3, which reinforced a longstanding directive released by the Defense Information Systems Agency in 2007 banning access to social Web sites on Defense networks to conserve bandwidth for operational requirements.
The instruction issued on Monday, he said, actually made it easier for Marines whose jobs require access to social nets to get waivers to use Defense nets to connect with Twitter, YouTube etc. Folks who need to use Defense networks to access social Web sites in performance of their duties include public affairs officers, recruiters and criminal investigators, Thomas said.
All other Marines can “absolutely” express themselves on social media, as long as they don’t do so over a Defense network, he added.
So, once again, “we” in the media goofed big time on this story, and the next time I won’t wait three days before making the fact check phone call
You must be logged in to reply to this topic.