Marines ban social network sites

Source: Financial Times

Published: August 4 2009 20:48 | Last updated: August 4 2009 20:48

The US Marine Corps has banned social networking sites from its network, the first move in a broad reassessment of the way the Pentagon and troops are engaging with an increasingly open web.

The ban on popular sites including Facebook and Twitter is effective immediately and will last for at least a year. The corps said the reason for the ban was not to limit personal communications but rather to protect military networks from malicious code.

“These internet sites in general are a proven haven for malicious actors and content and are particularly high-risk due to information exposure, user generated content and targeting by adversaries,” the Marine Corps said in a statement.

<snip>

Reports surfaced last week that the Pentagon was considering banning social networking sites from the military’s networks. The crackdown was prompted by a warning from the US Strategic Command, which in July said it was considering banning social networking sites throughout the defence department.

Read more: http://www.ft.com/cms/s/0/6bc60434-812f-11de-92e7-00144feabdc0.html

What a convenient excuse to shut down info dissemination.


Do you not have anti virus,anti malware on your border routers and computers yet? You got windows update turned on?


Maybe you need a new isp?? I can keep my systems safe just fine.

Many recent attacks use 0-day vulnerabilities -- ones previously unknown until suddenly used in an attack. Your suggestion to change ISPs proves your are totally clueless about any of this.

Check my journal and many posts here about security to get a tiny hint of how dangerous the net really is. Or visit sites like securityfocus.com and take a look at vulnerabilities that are known.

Look up NMCI if you want to better understand the current network

...and as the results are coming down, up pops THIS:


:wow:

I probably just need to download and install the right certificates, but...

Wow! Just... wow!

AV software looks for signatures of known viruses, which are caught in the wild and then added to the software database to block future infections of that same virus. If, however, I were to write a piece of malware to specifically attack your network, the odds that your anti-virus program will catch the malware are essentially ZERO. That virus didn't exist before I wrote it, so its signatures aren't in any malware database, so it will be free of detection as long as I avoid certain "virusy" behaviors. As for firewalls, NOBODY has yet designed one that can keep out a skilled and focused attacker. Not one. They're great for keeping out the script kiddies, the bots, and the worms, but a real black hat only needs one or two open ports to do their damage. I've seen some incredibly malicious hacks where the ONLY port open on the firewall was 80.

You and I don't have to worry about this sort of thing because black hats have better things to do than hack your personal desktop or root your computers, but the US military is one of the highest profile targets on the planet. At any given moment, there are probably hundreds of hackers worldwide trying to figure out how to get in.

And that's not even counting the foreign governments who would want to penetrate our military networks to carry out more formal espionage.

My dark humor is not always funny. Please forgive.


These guys are already running rampant on our Gov networks. They are even in the NSA systems.

Just watch this..it will blow your mind..he got in using blank passwords and noticed that he was not alone:


Computer Hacker Gary Mckinnon On The Richard And Judy show

http://www.youtube.com/watch?v=HQhF6lApr8E&feature=related

They are not banning all soldiers from ever using the sites even when off-duty.

This is no different than pretty much every company that bans these kinds of sites from the company network.

see right through this? It's an attempt to quiet dissent - to keep them ignorant. Sickening, obvious, and intolerable. There is no need for this in regard to security purposes.

They are blocking it on NMCI (Navy marine corp internet), their own network. Not preventing anyone form using the sites on personal cpu's.

Several different issues here. Information will still get out, so that is a false issue. Disinformation efforts are valid concerns, but still not the big issue.

The real problem is that places like Facebook are security nightmares, used along with blogs, SMS, et al for rapid spread of Net malware. Lots of cross-site vulnerabilities everywhere.

I had a house guest who spent up to 16 hours per day on Facebook and a couple of other sites. She couldn't be bothered to sweep the floor or pull a few weeds in my real garden that produces real food because she was too busy tending her Facebook fantasy garden.

The good news is she didn't drive my utility bills up much, because she seldom bathed.

inadverdently.

that twitter, and more recently facebook, do not require you to access their actual site to participate in the experience anymore.

You can simply send a text message these days to update your status, and anytime anyone interacts with you, a text message can be sent telling you what happened.

Facebook started allowing third party sites to integrate and pull and place information on facebook recently. This was a response to twitter who already had been allowing this and i believe services that automagically manage your tweeting are very popular and have no need for the user to actually visit twitter. Facebook is now doing the same thing. Facebook Platform is a system that any website can use to integrate the facebook experience and connect their users to their facebook accounts.

The question is: Are the marines going to now block all other sites that connect to and integrate facebook information???

Edit: Clarity

It means you need not take any action to become infected/compromised!

Other recent vulnerabilities include taking over smart phones (including iPhone, BB, and most of the others) by sending a malware text message. Once hijacked, these could then be used to attack the cell towers themselves.

You're painting a real nightmarish picture here, unc. Not that I disagree with you at all, but man, I had no idea it had gotten that bad. Good thing I avoid these sites.

So, I suppose it's safe to say that creating a limited guest account on my Windows box doesn't really mean anything anymore, even if my router is properly configured (and I hate hate hate this DLink DI-604 router, it has a limited number of slots in its hardware for rule exceptions, and I find it hard to configure in the first place)?

Do we all need to be getting a separate machine for internet browsing, then? One that we just don't care about? And I suppose it shouldn't be visible to the LAN, too, right?

Just how drastic do changes to our computing habits need to be before attacks such as you have described here can be brought under control- or is that even possible?

From a security standpoint, how do you feel about 'cloud computing' or a 'cloud network'?

Security is just an illusion. Freedom is also an illusion. While we often think we are weighing Freedom vs Security, we really are just dealing with the illusions thereof.

In the past two weeks alone, there have been major vulnerabilities disclosed (and mostly with patches available) concerning most of the routers/firewalls in wide use, dozens of MS Windows, IE, Office, SWF, PDF, Net 2.0, Firefox, Linux kernel, iPhone, other phones, SMS, and more -- I have personally had to install over 150 different patches on multiple machines at work and home!

I am currently using a relatively "safe" environment to access the Web and to post this message. I am behind a firewall, a proxy, and a bit more. I am using a text-only browser (no images, no scripts, no style sheets, no Flash, no dynamic anything) -- w3m at the moment, lynx sometimes. I am composing this post using the "vi" text editor as a helper application on a Linux system. I use a text-only email reader (usually "pine") behind a lot of filtering. This is a relatively safe environment, but we still see things trying to break in (e.g. spoofing the spam filtering software in attempt to exploit LAN-side vulnerabilities in firewalls).

I mostly ignore sites that require anything more complicated. I do not use Facebook and such; will use search engines with great care and no scripting. When I absolutely must use a site built with insecure features, I use "throw-away" systems outside this environment. I generally assume that nothing is secure, nothing private, nothing really safe. Fewer surprises that way.




"There are some who say that life is an illusion , and reality is but a figment of the imagination. If this is so, then Brad and Janet are quite safe. HOWEVER, ..."
-RHPS

As a senior-level IT professional, I concur with this move by the Corps. It should be implemented across, not only the DoD, but the entire government. Sites like mySpace, FaceBook, and Twitter are secure nightmares.

Obama is president :sarcasm:

PLUS the fact that using these sites, even on the most protected networks, can suck up quite a bit of bandwidth which can and should be used for official purposes.

And when your trying to send out NAR in order to prevent a certain lot no. of ordnance from destroying an aircraft, the last thing you want is some asshat tweeting for the fifth time in a row on a computer in the same network.

Let it be heard by all who dare to listen to it.