Intercepts

Calling Mr. Stenbit; Quarantine That Kiosk; On the Offensive

Calling Mr. Stenbit

John Stenbit, a man known not to mince words in the first place, had a few harsh comments for people carrying around all those wireless devices: Don't do it, not around him, anyway.

His comments were even more specific: Don't use them in classified areas.

Stenbit, chief information officer for the Defense Department, plans to issue a new security policy for wireless devices. And that will reinforce the existing restrictions on the use of wireless devices, including personal digital assistants and wireless phones.

"We're going to put some constraints on what kind of devices can be used, where they can be used," Stenbit said last week at a conference on wireless security sponsored by the Center for Strategic and International Studies.

DOD also hopes that industry can come up with a way to detect the presence of wireless devices in secure areas and help define a security certification and accreditation process for wireless devices. (See story, Page 13.)

But just as important, he hopes that people will obey the sign on his door that forbids personnel from bringing wireless devices into his classified office.

Only you can prevent security breaches, he said.

Quarantine That Kiosk

What comes to mind when you think of "quarantine"? Perhaps the scene from "E.T. the Extra-Terrestrial," in which officials wear space suits to examine E.T.? Picture this, then add composer John Williams' Darth Vader theme from the "Star Wars" soundtrack. This is the mental association the Navy would like you to make.

Because the Navy Marine Corps Intranet office recently instituted a "subtle" name change, kiosked applications are now called quarantined applications.

As if "kiosks weren't bad enough," said an NMCI official.

Kiosked systems are stand-alone networks that continue to operate mission-critical legacy applications, parallel to the new EDS-owned-and- operated NMCI network. Legacy applications do not meet NMCI requirements, either because the applications cannot run in a Microsoft Corp. Windows 2000 environment or they do not meet DOD and Navy security requirements.

Regardless, if an application cannot meet the NMCI requirements, it is shunted to kiosked machines.

Officials originally referred to them as such because at some sites, users had to go to a separate terminal, often centrally located, that would run that application. At other sites, such as the Naval Air Facility Washington, located at Andrews Air Force Base, Md., the kiosked machines sit next to the new PCs from Dell Computer Corp. The NMCI machines are black; the kiosked machines are the more traditional beige.

But apparently, calling them kiosks doesn't evoke the Darth Vader music. Hence, the name change. Quarantined applications — you almost feel as if you need to shower after just using one of those systems, don't you?

On the Offensive

As the threat of cyberattacks from U.S. enemies continues to increase, DOD officials are rethinking the strategy in this arena. Right now, DOD is completely reactive — responding and repulsing attacks as they come in, but not initiating any.

Now, the Pentagon is developing a policy that would enable it to go on the offensive in a cyberwarfare situation.

U.S. Space Command, the Joint Task Force-Computer Network Operations and the Defense Information Systems Agency are all working on the policy. No updates were available last week, according to a DOD spokesperson.

Sometimes, DOD policies are outdated by the time they are formally established. Here's hoping this isn't one of those times.

Intercept something? Send it to antenna@fcw.com.