Talk:SIPRNET: Difference between revisions

	Main Article	Discussion	Related Articles  [?]	Bibliography  [?]	External Links  [?]	Citable Version  [?]
	To learn how to update the categories for this article, see here. To update categories, edit the metadata template.  Definition:  The shared United States Department of Defense network that carries the bulk of classified information, limited to a security classification of SECRET. [d] [e] Checklist and Archives  Workgroup categories:  Military and Computers [Categories OK]  Subgroup categories:  Military information and communications and Security  Talk Archive:  none  English language variant:  American English Unused subpages  Unused subpages:  - Bibliography - External Links - Works - Discography - Filmography - Catalogs - Timelines - Gallery - Audio - Video - Code - Tutorials - Student Level - Signed Articles - Function - Addendum - Debate Guide - Advanced - Recipes - Citable Version

I know I'm being a stick in the mud

...but are all these images freely available? Really? That's amazing... you'd think some of these details would be classified... (mostly the crypto stuff is what throws up a flag in my mind, I guess maybe because I was in the Army, COMSEC, OPSEC, all that jazz. KV-7/KV-19, TACLANEs, etc) Eric M Gearhart 13:07, 16 July 2009 (UTC)

Ever been to the National Cryptologic Museum at Fort Meade, just outside the NSA fence? http://www.nsa.gov/about/cryptologic_heritage/museum/virtual_tour/index.shtml has a visual tour that doesn't work for me, but the text version does. I can also point you to some NSA declassification policies that are fairly liberal on "the fact of" but not operational details.

There's also been a huge trend, in national security crypto, to go to open source of the algorithms, as in Advanced Encryption System. That decidedly doesn't go to key generation, but external review has been recognized as a way to find vulnerabilities. NSA published CLIPPER, but within a week or so, private sector researchers pointed out a vulnerability in the LEAP field.

Going back to WWI, the assumption among serious COMSEC people is that you have to assume the enemy is in physical possession of your encryption device, but without keymaterial. The sensitive part is key generation and management.

OPSEC is a very nebulous concept, but the PURPLE DRAGON study that formally defined it during Vietnam recognized the leaks were not largely coming from talking about equipment, but about procedures. For example, the VC knew about inbound B-52 strikes from three main sources: a Soviet trawler off Guam that simply said something was coming, sometimes spies, but, most often, our clear-language tactical deconfliction radio broadcasts: "Very heavy artillery warning (coordinates) from the Bien Hoa TACAN." All artillery strikes just said "artillery"; "very heavy" referred exclusively to B-52 ARC LIGHT missions.

I look at things not from the standpoint of a tactical commander assuming that anything is valuable to the enemy, but from three other standpoints. First, as an intelligence analyst, what does this information add to my understanding, if anything? Second, as a operations planner, can I do anything with the information (remember during Desert Storm, leaflets were being dropped "B-52s will strike here tomorrow). Third, from a government standpoint, is money being spent wisely and are the right things being funded? You might find it interesting to look at the Future Combat Systems#Soldier as a System note, follow it to the intra-squad radios, and see the surprise about how an almost-cancelled project seems to be more useful than the things that were funded. Howard C. Berkowitz 14:39, 16 July 2009 (UTC)

I appreciate the thought you put into your response Howard... maybe it's just my security-minded/Army brain or something Eric M Gearhart 19:34, 23 July 2009 (UTC)