It seems as if the Department of Defense is focused on blogs as the biggest threat to OPSEC in the new media realm. It may be, however, that they overlooking another possibility — wikis.
From the Washington Post:
Wikileaks is developing an uncensorable Wikipedia for untraceable mass document leaking and analysis. Our primary interests are oppressive regimes in Asia, the former Soviet bloc, Sub-Saharan Africa and the Middle East, but we also expect to be of assistance to those in the west who wish to reveal unethical behavior in their own governments and corporations. We aim for maximum political impact; this means our interface is identical to Wikipedia and usable by non-technical people. We have received over 1.2 million documents so far from dissident communities and anonymous sources…
Wikileaks opens leaked documents up to a much more exacting scrutiny than any media organization or intelligence agency could provide. Wikileaks will provide a forum for the entire global community to examine any document for credibility, plausibility, veracity and falsifiability. They will be able to interpret documents and explain their relevance to the public. If a document comes from the Chinese government, the entire Chinese dissident community can freely scrutinize and discuss it; if a document arrives from Iran, the entire Farsi community can analyze it and put it in context.
For those not familiar, wikis, such as the popular wikipedia, are information sharing sites that are completely maintained and updated by visitors — the community controls the wiki’s content.
Granted, wikileaks.org is designed to ferret out unethical behavior in government, but this exposes another problem — how difficult would it be to set up a wiki to lead information about DoD operations? Or other government secrets for that matter?
Something to keep an eye on…
(h/t e.politics)
How do they establish the authenticity of said documents? Think of the wide variety of people with an interest for forging such documents.
Good question. I honestly have no clue. I think they are operating under the premise that erroneous claims will exposed by further investigation.
But I could be wrong.
Intersting.
This guy says we need DoD Wikis:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9009052&source=NLT_AM&nlid=1
RTO —
This is great. Thanks for the link.
I think the comments to this story are especially interesting. They range from “this is great” to “what are they thinking” to “the military is already doing this.”
Thanks again.
The military is already doing a lot of this, but here’s the problem as I see it.
We’re all over the map. We have a thousand little efforts at doing this,a nd no vision. No unifying plan.
Even at Army Knowldegde Online–searching for any particular information is more a function of luck than anything. There are dozens of copies of the same document all over the Mil-E-Space, and you may never be able to find it.
Then there’s the whole set of documents that should be shared, but no one ever puts it out there.
At another level, there are no standards, and I mean, none, for anything from e-mail/server/computer/domain naming conventions to wire labeling to what is appropriately shared and where. In short, the military has not bothered to develop or adopt any “best practices” for it’s cyber conduct.
What is the solution, then?
If you add up the number of people who are in each service, civilians and defense contractors, we are probably talking around three million people.
How do you get three million people to march to the same set of electronic sharing instructions (especially when a lot of those documents are only available on a need-to-know basis)?
Someone, somewhere (and I think that after this deployment, I and two other SGTs will be sitting down to try to start someting) needs to write out a set of standards.
This gets shared. This does not. These are the appropriate places for these things. Naming conventions work this way. Wiring is done like this. Labeling like this. Permissions are handled by these rules. Static or DHCP? NIPR or SIPR? Commercial or Tactical?
Of course, the next hurdle is figuring out to whom such a seed document should be submitted.
Additionally, the Safe Drinking Water Hotline is available to answer your questions. ,
it look aswome
Fantastic beat ! I would like to apprentice even as you amend your web site, how could i subscribe for a blog site? The account helped me a applicable deal. I have been tiny bit familiar of this your broadcast offered shiny clear concept