[ISN] Secrecy News -- 05/15/08

From: InfoSec News (alerts@private)
Date: Mon May 19 2008 - 00:07:43 PDT


---------- Forwarded message ----------
Date: Thu, 15 May 2008 11:02:58 -0400
From: Steven Aftergood <saftergood (at) fas.org>
Subject: Secrecy News -- 05/15/08


SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2008, Issue No. 46
May 15, 2008

Secrecy News Blog:  http://www.fas.org/blog/secrecy/

Support Secrecy News
http://www.fas.org/sgp/donate.html


**	CYBER SECURITY INITIATIVE IS TOO SECRET, SASC SAYS
**	DOD RELEASES DIRECTIVE ON INFORMATION OPERATIONS


CYBER SECURITY INITIATIVE IS TOO SECRET, SASC SAYS

The new National Cyber Security Initiative that is intended to reduce
the vulnerability of government information networks and to devise an
information warfare doctrine is so highly classified that it is
undermining the deterrent value of the project, the Senate Armed
Services Committee (SASC) said in a new report.

"It is difficult to conceive how the United States could promulgate a
meaningful [information warfare] deterrence doctrine if every aspect of
our capabilities and operational concepts is classified," the Senate
report said.

During the cold war, "deterrence was not possible without letting
friends and adversaries alike know what capabilities we possessed and
the price that adversaries would pay in a real conflict. Some analogous
level of disclosure is necessary in the cyber domain."

(Or, as Dr. Strangelove put it 40 years ago, "The whole point of a
Doomsday Machine is lost if you keep it a secret!")

As things stand, the Senate report said, "virtually everything about
the [cyber security] initiative is highly classified, and most of the
information that is not classified is categorized as 'For Official Use
Only'."

"These restrictions preclude public education, awareness, and debate
about the policy and legal issues, real or imagined, that the
initiative poses in the areas of privacy and civil liberties."

"The committee strongly urges the administration to reconsider the
necessity and wisdom of the blanket, indiscriminate classification
levels established for the initiative."

The committee's remarks on the National Cyber Security Initiative were
published in its report on the 2009 defense authorization act,
excerpted here:

     http://www.fas.org/sgp/congress/2008/sasc-cyber.html


[...]


DOD RELEASES DIRECTIVE ON INFORMATION OPERATIONS

A 2006 Department of Defense directive on Information Operations, which
had previously been withheld as "For Official Use Only," was released
last week in response to a Freedom of Information Act request from the
Federation of American Scientists.

The directive, issued by the Under Secretary of Defense (Intelligence),
assigns baseline responsibilities for the conduct of information
operations, an umbrella term that includes electronic warfare, computer
network operations, psychological operations, military deception, and
operations security.

Among related capabilities, the directive cites "public affairs," the
purpose of which is "to communicate military objectives, counter
misinformation and disinformation, deter adversary actions, and
maintain the trust and confidence of the U.S. population, as well as
our friends and allies.  Effective military operations shall be based
on credibility and shall not focus on directing or manipulating U.S.
public actions or opinion."

The New York Times reported on April 20 that the Pentagon had mobilized
numerous former military officials, some with unacknowledged financial
interests in Department programs, to help generate favorable news
coverage of the Bush Administration's war policies.  It is not clear
(to me, at least) how this practice comports with the declared Pentagon
policy on public affairs, i.e. whether it violates the policy, or
implements it.

See "Information Operations," Department of Defense Directive O-3600.1,
August 14, 2006:

     http://www.fas.org/irp/doddir/dod/info_ops.pdf


[...]


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood@private

Secrecy News is archived at:
http://www.fas.org/sgp/news/secrecy/index.html


_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood (at) fas.org
voice:  (202) 454-4691


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Mon May 19 2008 - 00:18:59 PDT