George Wallace
Army.ca Dinosaur
- Reaction score
- 223
- Points
- 710
Do you really feel safe after you post on the Internet?
- Thread starter George Wallace
- Start date
NL_engineer
Army.ca Veteran
- Reaction score
- 0
- Points
- 410
George Wallace
Army.ca Dinosaur
- Reaction score
- 223
- Points
- 710
It is amazing what you can find. I wonder if Rxx was satisfied with the advice on text effects in Flash MX? One can follow him through sites for pilots, find out his age and many other things such as check his address and all that stuff that is in the demo. It just takes time and patience. As the WARNING says, you don't even have to post on the internet to have your info there through some other means/person/corporation/database. The phone company has posted your info. The Cable companies. Company nominal rolls are available in some cases. Homepages contain the names personnel in Corporate hierarchies. Schools post their alumni. Newspapers print names and places. Clubs, Volunteer Groups, and other Organizations publish fact sheets. Blog sites, Posts on the Globe and Mail, National Post, Enmasse, etc. all bring up little factoids. So a 30 year old pilot posting on various sites, is far from anonymous.
Posting style will also give a person away. Take for instance a foul mouth character, who claims to be a US Army Reserve Airborne 1LT who crusades for the M113 to be named the Gavin. Everyone immediately recognizes Sparky as soon as he goes on a rant on any site he has been on.
Posting style will also give a person away. Take for instance a foul mouth character, who claims to be a US Army Reserve Airborne 1LT who crusades for the M113 to be named the Gavin. Everyone immediately recognizes Sparky as soon as he goes on a rant on any site he has been on.
- Reaction score
- 15
- Points
- 530
George is making excellent points here and it's not only the bad guys you need to worry about but also your CofC/employer, your future employer(s), your friends, your family, your neighbour in the PMQs who has a grudge against you, the repo man, your future wife...the list goes on and on.
The key for 99% of us is managing the exposure of the information you control to what you feel comfortable with. As George has clearly illustrated, it is also important to realize that once it is on the Net, there is nothing you can do to completely erase all traces of it. It's like that tattoo you thought looked so cool when you were a 16 year old rebel without a clue which is no longer so cool on a 35 year old professional...you have to live with your past decisions.
We as individuals not only need to exercise discipline but we also need to instill that into our friends and family as well. It doesn't do you any good to be exercising good Internet Discipline only to have your Aunt Nellie posting emails and photos you send to her on her favorite "Support the Troops" site or your buddy Tim tagging you in a Facebook photo from a night on the town during your last TD.
And, you should really, really be considering moving to an encryption system for your email. Like anything else on the web it is liable to interception without too much difficulty and it also leaves electronic tracks on any server it passes through. There are very good, high quality products out there that you can use (some of which are free) to help safeguard your privacy. Check out Hushmail, Pretty Good Privacy or gnuPG/GPG4win. Hushmail has the added benefit that most other Webmail accounts lack of not sending your IP address in the header of the email.
For what it's worth though, the Net hasn't invented this problem, it has only made it much easier for people who want the info to get their hands on it. For instance, in Canada you could always purchase directories which cross-referenced phone numbers to street addresses to names and easily learn who their neighbours were and the neighbours contact information. If you had a library of those books you could easily reconstruct where a person had lived over a span of 10-20-30 years and you could find a neighbour from 20-30 years ago to talk to as well. You could always go down to the courthouse and request the records of any trial which had taken place and you could go to City Hall and get the registered owner of any address... The difference is, then it took some money and some work. Now all you need to do it is have 10 minutes to spare and a basic understanding of how search engines work.
As for Facebook or anyother social networking site, go ahead and use it. Just carefully manage what you put up there and don't be naive enough to believe that anything you put up there is private or won't be exploited (only by the site to make money if you're lucky), even if you have all of the privacy settings enabled.
The key for 99% of us is managing the exposure of the information you control to what you feel comfortable with. As George has clearly illustrated, it is also important to realize that once it is on the Net, there is nothing you can do to completely erase all traces of it. It's like that tattoo you thought looked so cool when you were a 16 year old rebel without a clue which is no longer so cool on a 35 year old professional...you have to live with your past decisions.
We as individuals not only need to exercise discipline but we also need to instill that into our friends and family as well. It doesn't do you any good to be exercising good Internet Discipline only to have your Aunt Nellie posting emails and photos you send to her on her favorite "Support the Troops" site or your buddy Tim tagging you in a Facebook photo from a night on the town during your last TD.
And, you should really, really be considering moving to an encryption system for your email. Like anything else on the web it is liable to interception without too much difficulty and it also leaves electronic tracks on any server it passes through. There are very good, high quality products out there that you can use (some of which are free) to help safeguard your privacy. Check out Hushmail, Pretty Good Privacy or gnuPG/GPG4win. Hushmail has the added benefit that most other Webmail accounts lack of not sending your IP address in the header of the email.
For what it's worth though, the Net hasn't invented this problem, it has only made it much easier for people who want the info to get their hands on it. For instance, in Canada you could always purchase directories which cross-referenced phone numbers to street addresses to names and easily learn who their neighbours were and the neighbours contact information. If you had a library of those books you could easily reconstruct where a person had lived over a span of 10-20-30 years and you could find a neighbour from 20-30 years ago to talk to as well. You could always go down to the courthouse and request the records of any trial which had taken place and you could go to City Hall and get the registered owner of any address... The difference is, then it took some money and some work. Now all you need to do it is have 10 minutes to spare and a basic understanding of how search engines work.
As for Facebook or anyother social networking site, go ahead and use it. Just carefully manage what you put up there and don't be naive enough to believe that anything you put up there is private or won't be exploited (only by the site to make money if you're lucky), even if you have all of the privacy settings enabled.
- Reaction score
- 15
- Points
- 530
George Wallace said:
Heh...just like they used to tell you in Voice Procedure classes...stick to the approved greyman script and don't add your own personal "flair" lest you make it easy for the other side to track you.
- Reaction score
- 15
- Points
- 430
garb811 said:
Great post garb, I would add one thing to this para:
Remain aware of what your friends are posting. It won't matter how careful you are with your own online security if your friends have no concerns for their own or yours at all.
George Wallace said:
Wayback is a neat site, I've played with it in the past. Anyways....it'll helpfully delete past caches, as well as allow you to (through the use of robot.txt) to keep from being archived in the future.
It's all a moot point. With storage and processing power costing what it does, any sufficiently motivated government could built and run a purpose-built web-crawling and archiving system. Being careful and being aware of how much what you post gives away information is of course the most important vector towards protecting yourself. This doesn't mean though a site like this will all its information baggage it carries couldn't maybe help out a bit with the privacy thing. The steps would be easy (please take this as a constructive suggestion and not as a corrosive demand):
1. Write google, say, hey buddies, how's bout you cut out the caching?
2. Give Wayback a ring, see if they'd remove the archives they have. If that's unpalatable, get them to only archive the front page. (actually, when I search wayback for army.ca, although it comes up, clicking on it makes it a bit grumpy...seems milnet doesn't like hot linking)
3. Allow users to either search and delete their posts, or allow them the option to remove "Show the last posts of this person." from their profiles (make their profile names unsearchable).
But hell, if y'all don't want to do any of that, well, whatever then....I'm just going to keep myself and not spout off any real identifying info. Oh....forgot to mention...I did think the original thread was excellent.
- Reaction score
- 15
- Points
- 530
hauger said:
There, fixed that for ya. ;D
The thing is, this is no longer confined to the realm of governments. With dirt cheap storage (a 1 Terabyte drive is $299 on tigerdirect.ca today), cheap bandwidth and free web crawling and data mining software, anyone can get into the business of data mining and archiving relatively cheaply. If all you are concerned about is text, it doesn’t take up that much space. A Terabyte of storage will hold about 1,000 copies of the Encyclopaedia Britannica and The National Archives of the UK, which covers 900 years of data, is only about 60TB in size so you really don't need a wallet the size of a G-8 Governement to get into the game anymore unless you want to start tackling encrypted traffic.
The problems with your suggestions for the site are although they look sensible and a good increase in privacy and security, they really don’t gain much. As long as Mike keeps all items archived and searchable on the site, asking Google and Wayback to stop archiving the pages is pointless. If they weren’t archived there, I suppose Mike could simply take the site down if the privacy and security concerns became that overwhelming but the bigger and more worrisome problem at that point is they would already be archived in the places we don’t know about which is where the damage can is really being done. The only way to stop that is to password protect the entire site and only allow access to trusted and authenticated users and send all data via SSL but that would totally defeat the purpose of army.ca. Even that wouldn't be enough though as I'd happily sell out Mike for $100 and use that money to finally pay for a subscription. >
Disabling the “Show last posts of this person” doesn’t make it impossible to search for a user’s posts; you can do it via the general search tool as well. We used to be able to edit and delete our posts at will but unfortunately what ended up happening was people would get upset and go back and edit or delete their comments not for privacy or security reasons but simply due to having a hissy fit after being “beaten” in a debate. This had the effect of making entire threads nonsensical and unreadable. Additionally, all it takes is for one person to quote your post and you have lost all ability to edit it….this is why some people here have developed the habit of quoting people they are debating; it is impossible for the other poster to alter their previous statements to make a rebuttal moot without it being obvious. If you're that worried about something you've put up from a *SEC perspective and the grace period has passed, contacting a friendly mod is sure to solve the problem...at least on army.ca.
I make it a point to try to re-read my posts immediately after posting and then again before the time limit for editing expires. The “sober second thought” not only lets me reduce the possibility of putting something out there which I don’t want but also lets me catch typos, grammar errors etc I missed the first time around.
- Reaction score
- 15
- Points
- 430
If you want to know what can be done with data aggregators and your personal data, check this site:
http://www.zoominfo.com/
http://www.zoominfo.com/
- Reaction score
- 20
- Points
- 430
- Reaction score
- 1
- Points
- 210
Which would explain the knee jerk reaction Ive seen from several co-workers when they caught wind of a new CANFORGEN comming out regarding facebook. and they removed everything military on it... well... everything that they have control over.....
Personally I am going to read the damned thing first, and go from there.... Im all for OPSEC and PERSEC and all that Jazz... but when the official sites still have Combat Camera, the Maple Leaf news paper etc... and the Army Website puts up most of the specs on the damned vehicles for all to see, then I'll wait, watch and shoot, and exercise a little common sense with it all...
until I need to start getting all super paranoid...... so far so good....
Personally I am going to read the damned thing first, and go from there.... Im all for OPSEC and PERSEC and all that Jazz... but when the official sites still have Combat Camera, the Maple Leaf news paper etc... and the Army Website puts up most of the specs on the damned vehicles for all to see, then I'll wait, watch and shoot, and exercise a little common sense with it all...
until I need to start getting all super paranoid...... so far so good....
- Reaction score
- 0
- Points
- 210
Michael O`Leary said:
Well, apparently nothing
- Reaction score
- 15
- Points
- 430
JesseWZ said:
Someone will probably post it here, likely in this very thread.
- Reaction score
- 0
- Points
- 210
Recieved via email:
CANFORGEN 038/08 SJS 007 122025Z FEB 08
OPERATIONAL SECURITY
UNCLASSIFIED
REF: A-SJ-100-001, NATIONAL DEFENCE SECURITY INSTRUCTIONS (NDSI) -
30 SEP 98
1.THERE IS A HIGH LEVEL OF RISK INHERENT IN SOME OF OUR ONGOING MILITARY OPERATIONS. THE NEED TO SAFEGUARD OUR PLANS VULNERABILITIES AND TO PROTECT OUR INTENT FROM AN ADVERSARY IS A FUNDAMENTAL PART OF HOW WE CONDUCT MILITARY OPERATIONS. TRADITIONAL SECURITY MEASURES SUCH AS: PROTECTING VITAL INTERESTS AGAINST THEFT, DIVERSION AND SABOTAGE, DENYING UNAUTHORIZED PERSONS ACCESS TO VITAL INFORMATION ABOUT OUR OWN CAPABILITIES AND INTENTIONS, AND ASSURING THE LOYALTY AND RELIABILITY OF THOSE PERSONS WHO ARE AUTHORIZED TO HAVE ACCESS TO CLASSIFIED OR OTHERWISE SENSITIVE ASSETS, CONTINUE TO BE AN IMPORTANT ELEMENT OF OUR DAILY ROUTINE ACTIVITIES. WHAT I WOULD LIKE TO STRESS, HOWEVER, IS THE INCREASED PERSONAL AND COLLECTIVE VIGILANCE WE MUST ADOPT AGAINST THE INADVERTENT RELEASE OF INFORMATION, WHICH COULD BE EXPLOITED BY AN ADVERSARY
2.CANADIAN OPERATIONS ARE TAKING PLACE IN A VARIETY OF ENVIRONMENTS IN WHICH INFORMATION CAN BE READILY COLLECTED AND SHARED WORLDWIDE, IN NEAR REAL TIME. THE POTENTIAL SOURCES OF INFORMATION FOR AN ADVERSARY INCLUDE THE FULL RANGE OF OPERATIONAL, LOGISTICAL, ADMINISTRATIVE, FORCE DEVELOPMENT, AND PROCUREMENT DOCUMENTS. THEY ALSO INCLUDE FORMAL OR INFORMAL BRIEFINGS, DND OR CF WEBSITES, AND OFFICIAL OR UNOFFICIAL EMAIL EXCHANGES, CONVERSATIONS, WEB-BLOGS AND PHOTOGRAPHS AS WELL AS MOST ANY OTHER METHOD OF CONVEYING INFORMATION FROM ONE PARTY TO ANOTHER. WE MUST ALL THEREFORE BE MINDFUL OF THE NEED TO PROTECT OPERATIONALLY SENSITIVE INFORMATION, EVEN THOUGH THE INFORMATION MAY APPEAR INSIGNIFICANT ON ITS OWN. THE CAPABILITY OF AN ADVERSARY TO QUICKLY COLLECT AND PIECE TOGETHER INFORMATION CANNOT BE DISMISSED
3.THE NATIONAL DEFENCE SECURITY INSTRUCTIONS (NDSI) AT REF, DEFINE OPERATIONS SECURITY OR OPSEC AS AN OPERATIONAL DISCIPLINE DESIGNED TO DENY ACCESS TO, AND PROTECT OPERATIONALLY SENSITIVE INFORMATION FROM AN ENEMY, ADVERSARY OR ANYONE WHO COULD EXPLOIT THE INFORMATION OR INTENTIONS, CAPABILITIES, LIMITATIONS AND ACTIVITIES OF AN ORGANIZATION. THE BASICS OF OPERATIONS SECURITY (OPSEC) ARE EASILY UNDERSTOOD AND CAN BE EFFECTIVE IN SUPPORTING MISSION SUCCESS WHILE KEEPING PERSONNEL SAFE. SIMPLY PUT, OPSEC IS A WAY OF THINKING THAT REQUIRES US TO BE ATTENTIVE TO INFORMATION THAT IS OPERATIONALLY SENSITIVE OR DESIRABLE TO AN ADVERSARY, AND THEN TO TAKE PROACTIVE STEPS TO SAFEGUARD IT
4.OPERATIONAL SECURITY IS BOTH A PERSONAL AND A COMMAND RESPONSIBILITY. COMMANDERS AT ALL LEVELS SHALL INSTITUTE APPROPRIATE MECHANISMS USING THE OPSEC PROCESS TO IDENTIFY OPERATIONALLY SENSITIVE INFORMATION, AND SHALL ESTABLISH COORDINATED PROACTIVE MEASURES TO SAFEGUARD INFORMATION UNTIL SUCH TIME THAT THE RELEASE OF ANY PARTICULAR INFORMATION WILL NOT GIVE ANY ADVANTAGE TO AN ADVERSARY
5.IN GENERAL, WHEN ASSESSING THE SENSITIVITY OF INFORMATION, ANY INFORMATION DEALING WITH PERSONNEL, EQUIPMENT, INSTALLATION OR OPERATIONS COULD VERY WELL BE SENSITIVE, IF NOT SECRET, AND IF SO MUST BE PROTECTED FROM INAPPROPRIATE, INADVERTENT OR UNAUTHORIZED RELEASE. THIS APPLIES TO BOTH INFORMATION RELATING TO NATIONAL ISSUES AND ACTIVITIES, AS WELL AS ALL INFORMATION PROVIDED TO CANADA IN CONFIDENCE BY OUR ALLIES. SPECIFIC CATEGORIES OF OPSEC ARE OUTLINED AS FOLLOWS:
5.A. PERSONNEL RESPONSIBLE FOR PREPARING INFORMATION FOR RELEASE TO THE PUBLIC MUST ENSURE THAT OPERATIONALLY SENSITIVE INFORMATION IS PROTECTED FROM INADVERTENT RELEASE. THOSE PERSONNEL RESPONSIBLE FOR RESPONDING TO REQUESTS UNDER THE ACCESS TO INFORMATION ACT MUST BE FAMILIAR WITH THE ACT, AS WELL AS WITH THE PROCEDURES THAT HAVE BEEN PUT IN PLACE TO REVIEW OPERATIONALLY SENSITIVE MATERIAL BY THE INFORMATION SUPPORT TEAM ESTABLISHED FOR THAT PURPOSE WITHIN THE STRATEGIC JOINT STAFF
5.B. THE USE OF THE INTERNET CAN BE AN INVALUABLE TOOL FOR MANY THINGS, NOT THE LEAST OF WHICH IS TO STAY IN CONTACT WITH THOSE AT HOME WHILE PERSONNEL ARE DEPLOYED. IT IS IMPORTANT TO BE AWARE THAT THE INTERNET IS NOT SECURE. ALL TRAFFIC CAN BE MONITORED, AND MUCH OF IT IS OPEN TO INADVERTENT EXPLOITATION. ONLY UNCLASSIFIED/NON-SENSITIVE INFORMATION IS TO BE SENT ON THE INTERNET/DWAN OR STORED ON UNCLASSIFIED COMPUTERS. SENSITIVE INFORMATION MUST NOT BE PASSED ON, OR STORED ON COMPUTERS CONNECTED TO, THE INTERNET
5.C. IF NOT PROPERLY MANAGED WEBSITES, FORMAL OR INFORMAL, AND UNIT, FORMATION, OR OTHER NEWSLETTERS AND SIMILAR PUBLICATIONS CAN BE A MAJOR SOURCE OF INFORMATION FOR THE ENEMY. DND AND CF WEB SITES AND NEWSLETTERS MUST NOT DISCLOSE SENSITIVE INFORMATION, SUCH AS THE SPECIFIC CAPABILITIES OF OUR WEAPON SYSTEMS, THE DETAILS OF OUR OPERATING PROCEDURES OR OUR ORDER OF BATTLE, AND VERY IMPORTANTLY INFORMATION THAT CAN LEAD TO THE ENEMY BEING ABLE TO IDENTIFY AND THEREFORE TARGET INDIVIDUALS OR ORGANIZATIONS COOPERATING WITH THE CANADIAN FORCES OR ITS ALLIES IN AN OPERATIONAL AREA
5.D. PHOTOGRAPHS AND VIDEOS (E.G. YOU TUBE, ETC.) POSTED TO THE WEB IN ANY CAPACITY, INCLUDING DND/CF WEBSITES, SOCIAL NETWORK SITES, PERSONAL BLOGS, OR E-MAIL OR OTHER WEB-BASED CORRESPONDENCE (SUCH AS CHAT) MUST BE CAREFULLY CONSIDERED BEFOREHAND TO ENSURE THAT THEY DO NOT CONTAIN ANY INFORMATION THAT CAN BE OF USE TO THE ENEMY
5.E. SENSITIVE INFORMATION, WHETHER CLASSIFIED OR UNCLASSIFIED, SUCH AS OUR TACTICS, TECHNIQUES, AND PROCEDURES, OR OUR OPERATIONAL, ADMINISTRATIVE, AND LOGISTIC PLANS (INCLUDING OUR MOVEMENT PLANS), SHOULD NEVER BE DISCLOSED IN ANY UNCLASSIFIED WEB-BASED FORUM, PASSED BY INSECURE E-MAIL OR TELEPHONE, NOR DISCUSSED IN ANY MANNER WITH PERSONS WHO DO NOT HAVE A NEED TO KNOW
5.F. DOCUMENTATION MUST BE PROTECTED. IF YOU DO NOT WORK IN A CLASSIFIED AREA, YOUR SPACE MUST BE SECURED IF YOU ARE GOING TO BE ABSENT FOR MORE THAN A SHORT PERIOD OF TIME. CO-WORKERS IN ADJOINING CUBICLES SHOULD BE MADE AWARE OF YOUR ABSENCE AND LOCATION IF YOU WILL BE AWAY FROM YOUR DESK FOR SHORT-PERIODS OF TIME
5.G. CLASSIFIED OR SENSITIVE MATERIAL IS TO BE DISPOSED OF BY APPROVED METHODS. BLUE RECYCLING WASTEBASKETS ARE TO BE REMOVED OR MADE DIFFICULT TO ACCESS WHEREVER THERE IS A CHANCE UNCLASSIFIED INFORMATION CAN BECOME CROSS-CONTAMINATED WITH SENSITIVE OR CLASSIFIED MATERIAL - PARTICULARLY AROUND PRINTERS OR COPYING MACHINES
5.H. INFORMATION THAT FALLS INTO THE ABOVE BROAD CATEGORIES MUST NOT BE DISCUSSED IN PUBLIC PLACES, AND ONLY WITH A PERSON WHO HAS THE NEED TO KNOW. EVEN WITHIN DND BUILDINGS, CLASSIFIED OR SENSITIVE CONVERSATIONS MUST TAKE PLACE ONLY IN APPROPRIATELY CLEARED LOCATIONS
6.FINALLY, WE MUST ALSO REMEMBER THAT WHEN WE RETURN FROM DEPLOYED OPERATIONS, THE MISSION MAY HAVE ENDED FOR US, BUT IS LIKELY ON-GOING FOR SOMEONE ELSE. THEREFORE, WE MUST NOT LET OUR GUARD DOWN, BUT CONTINUE TO MANAGE AND CONTROL CLASSIFIED, SENSITIVE OR VALUABLE INFORMATION AND ASSETS DILIGENTLY TO PROTECT BOTH THE INTEGRITY OF THE ON-GOING MISSION AND THE LIVES OF CANADIAN AND ALLIED SOLDIERS, SAILORS, AND AIR PERSONNEL INVOLVED
7.THE ABOVE LIST IS NOT EXHAUSTIVE, AND EACH MEMBER MUST MAKE IT HIS OR HER PERSONAL RESPONSIBILITY TO ENSURE SENSITIVE INFORMATION IS NOT COMPROMISED. IF IN DOUBT, TREAT IT AS CLASSIFIED. THE CANADIAN FORCES ARE ENGAGED IN COMBAT OPERATIONS AND THE SAFETY AND WELFARE OF OUR PEOPLE ARE AT STAKE THINK OPSEC. WE MUST ALL DO OUR PART
CANFORGEN 038/08 SJS 007 122025Z FEB 08
OPERATIONAL SECURITY
UNCLASSIFIED
REF: A-SJ-100-001, NATIONAL DEFENCE SECURITY INSTRUCTIONS (NDSI) -
30 SEP 98
1.THERE IS A HIGH LEVEL OF RISK INHERENT IN SOME OF OUR ONGOING MILITARY OPERATIONS. THE NEED TO SAFEGUARD OUR PLANS VULNERABILITIES AND TO PROTECT OUR INTENT FROM AN ADVERSARY IS A FUNDAMENTAL PART OF HOW WE CONDUCT MILITARY OPERATIONS. TRADITIONAL SECURITY MEASURES SUCH AS: PROTECTING VITAL INTERESTS AGAINST THEFT, DIVERSION AND SABOTAGE, DENYING UNAUTHORIZED PERSONS ACCESS TO VITAL INFORMATION ABOUT OUR OWN CAPABILITIES AND INTENTIONS, AND ASSURING THE LOYALTY AND RELIABILITY OF THOSE PERSONS WHO ARE AUTHORIZED TO HAVE ACCESS TO CLASSIFIED OR OTHERWISE SENSITIVE ASSETS, CONTINUE TO BE AN IMPORTANT ELEMENT OF OUR DAILY ROUTINE ACTIVITIES. WHAT I WOULD LIKE TO STRESS, HOWEVER, IS THE INCREASED PERSONAL AND COLLECTIVE VIGILANCE WE MUST ADOPT AGAINST THE INADVERTENT RELEASE OF INFORMATION, WHICH COULD BE EXPLOITED BY AN ADVERSARY
2.CANADIAN OPERATIONS ARE TAKING PLACE IN A VARIETY OF ENVIRONMENTS IN WHICH INFORMATION CAN BE READILY COLLECTED AND SHARED WORLDWIDE, IN NEAR REAL TIME. THE POTENTIAL SOURCES OF INFORMATION FOR AN ADVERSARY INCLUDE THE FULL RANGE OF OPERATIONAL, LOGISTICAL, ADMINISTRATIVE, FORCE DEVELOPMENT, AND PROCUREMENT DOCUMENTS. THEY ALSO INCLUDE FORMAL OR INFORMAL BRIEFINGS, DND OR CF WEBSITES, AND OFFICIAL OR UNOFFICIAL EMAIL EXCHANGES, CONVERSATIONS, WEB-BLOGS AND PHOTOGRAPHS AS WELL AS MOST ANY OTHER METHOD OF CONVEYING INFORMATION FROM ONE PARTY TO ANOTHER. WE MUST ALL THEREFORE BE MINDFUL OF THE NEED TO PROTECT OPERATIONALLY SENSITIVE INFORMATION, EVEN THOUGH THE INFORMATION MAY APPEAR INSIGNIFICANT ON ITS OWN. THE CAPABILITY OF AN ADVERSARY TO QUICKLY COLLECT AND PIECE TOGETHER INFORMATION CANNOT BE DISMISSED
3.THE NATIONAL DEFENCE SECURITY INSTRUCTIONS (NDSI) AT REF, DEFINE OPERATIONS SECURITY OR OPSEC AS AN OPERATIONAL DISCIPLINE DESIGNED TO DENY ACCESS TO, AND PROTECT OPERATIONALLY SENSITIVE INFORMATION FROM AN ENEMY, ADVERSARY OR ANYONE WHO COULD EXPLOIT THE INFORMATION OR INTENTIONS, CAPABILITIES, LIMITATIONS AND ACTIVITIES OF AN ORGANIZATION. THE BASICS OF OPERATIONS SECURITY (OPSEC) ARE EASILY UNDERSTOOD AND CAN BE EFFECTIVE IN SUPPORTING MISSION SUCCESS WHILE KEEPING PERSONNEL SAFE. SIMPLY PUT, OPSEC IS A WAY OF THINKING THAT REQUIRES US TO BE ATTENTIVE TO INFORMATION THAT IS OPERATIONALLY SENSITIVE OR DESIRABLE TO AN ADVERSARY, AND THEN TO TAKE PROACTIVE STEPS TO SAFEGUARD IT
4.OPERATIONAL SECURITY IS BOTH A PERSONAL AND A COMMAND RESPONSIBILITY. COMMANDERS AT ALL LEVELS SHALL INSTITUTE APPROPRIATE MECHANISMS USING THE OPSEC PROCESS TO IDENTIFY OPERATIONALLY SENSITIVE INFORMATION, AND SHALL ESTABLISH COORDINATED PROACTIVE MEASURES TO SAFEGUARD INFORMATION UNTIL SUCH TIME THAT THE RELEASE OF ANY PARTICULAR INFORMATION WILL NOT GIVE ANY ADVANTAGE TO AN ADVERSARY
5.IN GENERAL, WHEN ASSESSING THE SENSITIVITY OF INFORMATION, ANY INFORMATION DEALING WITH PERSONNEL, EQUIPMENT, INSTALLATION OR OPERATIONS COULD VERY WELL BE SENSITIVE, IF NOT SECRET, AND IF SO MUST BE PROTECTED FROM INAPPROPRIATE, INADVERTENT OR UNAUTHORIZED RELEASE. THIS APPLIES TO BOTH INFORMATION RELATING TO NATIONAL ISSUES AND ACTIVITIES, AS WELL AS ALL INFORMATION PROVIDED TO CANADA IN CONFIDENCE BY OUR ALLIES. SPECIFIC CATEGORIES OF OPSEC ARE OUTLINED AS FOLLOWS:
5.A. PERSONNEL RESPONSIBLE FOR PREPARING INFORMATION FOR RELEASE TO THE PUBLIC MUST ENSURE THAT OPERATIONALLY SENSITIVE INFORMATION IS PROTECTED FROM INADVERTENT RELEASE. THOSE PERSONNEL RESPONSIBLE FOR RESPONDING TO REQUESTS UNDER THE ACCESS TO INFORMATION ACT MUST BE FAMILIAR WITH THE ACT, AS WELL AS WITH THE PROCEDURES THAT HAVE BEEN PUT IN PLACE TO REVIEW OPERATIONALLY SENSITIVE MATERIAL BY THE INFORMATION SUPPORT TEAM ESTABLISHED FOR THAT PURPOSE WITHIN THE STRATEGIC JOINT STAFF
5.B. THE USE OF THE INTERNET CAN BE AN INVALUABLE TOOL FOR MANY THINGS, NOT THE LEAST OF WHICH IS TO STAY IN CONTACT WITH THOSE AT HOME WHILE PERSONNEL ARE DEPLOYED. IT IS IMPORTANT TO BE AWARE THAT THE INTERNET IS NOT SECURE. ALL TRAFFIC CAN BE MONITORED, AND MUCH OF IT IS OPEN TO INADVERTENT EXPLOITATION. ONLY UNCLASSIFIED/NON-SENSITIVE INFORMATION IS TO BE SENT ON THE INTERNET/DWAN OR STORED ON UNCLASSIFIED COMPUTERS. SENSITIVE INFORMATION MUST NOT BE PASSED ON, OR STORED ON COMPUTERS CONNECTED TO, THE INTERNET
5.C. IF NOT PROPERLY MANAGED WEBSITES, FORMAL OR INFORMAL, AND UNIT, FORMATION, OR OTHER NEWSLETTERS AND SIMILAR PUBLICATIONS CAN BE A MAJOR SOURCE OF INFORMATION FOR THE ENEMY. DND AND CF WEB SITES AND NEWSLETTERS MUST NOT DISCLOSE SENSITIVE INFORMATION, SUCH AS THE SPECIFIC CAPABILITIES OF OUR WEAPON SYSTEMS, THE DETAILS OF OUR OPERATING PROCEDURES OR OUR ORDER OF BATTLE, AND VERY IMPORTANTLY INFORMATION THAT CAN LEAD TO THE ENEMY BEING ABLE TO IDENTIFY AND THEREFORE TARGET INDIVIDUALS OR ORGANIZATIONS COOPERATING WITH THE CANADIAN FORCES OR ITS ALLIES IN AN OPERATIONAL AREA
5.D. PHOTOGRAPHS AND VIDEOS (E.G. YOU TUBE, ETC.) POSTED TO THE WEB IN ANY CAPACITY, INCLUDING DND/CF WEBSITES, SOCIAL NETWORK SITES, PERSONAL BLOGS, OR E-MAIL OR OTHER WEB-BASED CORRESPONDENCE (SUCH AS CHAT) MUST BE CAREFULLY CONSIDERED BEFOREHAND TO ENSURE THAT THEY DO NOT CONTAIN ANY INFORMATION THAT CAN BE OF USE TO THE ENEMY
5.E. SENSITIVE INFORMATION, WHETHER CLASSIFIED OR UNCLASSIFIED, SUCH AS OUR TACTICS, TECHNIQUES, AND PROCEDURES, OR OUR OPERATIONAL, ADMINISTRATIVE, AND LOGISTIC PLANS (INCLUDING OUR MOVEMENT PLANS), SHOULD NEVER BE DISCLOSED IN ANY UNCLASSIFIED WEB-BASED FORUM, PASSED BY INSECURE E-MAIL OR TELEPHONE, NOR DISCUSSED IN ANY MANNER WITH PERSONS WHO DO NOT HAVE A NEED TO KNOW
5.F. DOCUMENTATION MUST BE PROTECTED. IF YOU DO NOT WORK IN A CLASSIFIED AREA, YOUR SPACE MUST BE SECURED IF YOU ARE GOING TO BE ABSENT FOR MORE THAN A SHORT PERIOD OF TIME. CO-WORKERS IN ADJOINING CUBICLES SHOULD BE MADE AWARE OF YOUR ABSENCE AND LOCATION IF YOU WILL BE AWAY FROM YOUR DESK FOR SHORT-PERIODS OF TIME
5.G. CLASSIFIED OR SENSITIVE MATERIAL IS TO BE DISPOSED OF BY APPROVED METHODS. BLUE RECYCLING WASTEBASKETS ARE TO BE REMOVED OR MADE DIFFICULT TO ACCESS WHEREVER THERE IS A CHANCE UNCLASSIFIED INFORMATION CAN BECOME CROSS-CONTAMINATED WITH SENSITIVE OR CLASSIFIED MATERIAL - PARTICULARLY AROUND PRINTERS OR COPYING MACHINES
5.H. INFORMATION THAT FALLS INTO THE ABOVE BROAD CATEGORIES MUST NOT BE DISCUSSED IN PUBLIC PLACES, AND ONLY WITH A PERSON WHO HAS THE NEED TO KNOW. EVEN WITHIN DND BUILDINGS, CLASSIFIED OR SENSITIVE CONVERSATIONS MUST TAKE PLACE ONLY IN APPROPRIATELY CLEARED LOCATIONS
6.FINALLY, WE MUST ALSO REMEMBER THAT WHEN WE RETURN FROM DEPLOYED OPERATIONS, THE MISSION MAY HAVE ENDED FOR US, BUT IS LIKELY ON-GOING FOR SOMEONE ELSE. THEREFORE, WE MUST NOT LET OUR GUARD DOWN, BUT CONTINUE TO MANAGE AND CONTROL CLASSIFIED, SENSITIVE OR VALUABLE INFORMATION AND ASSETS DILIGENTLY TO PROTECT BOTH THE INTEGRITY OF THE ON-GOING MISSION AND THE LIVES OF CANADIAN AND ALLIED SOLDIERS, SAILORS, AND AIR PERSONNEL INVOLVED
7.THE ABOVE LIST IS NOT EXHAUSTIVE, AND EACH MEMBER MUST MAKE IT HIS OR HER PERSONAL RESPONSIBILITY TO ENSURE SENSITIVE INFORMATION IS NOT COMPROMISED. IF IN DOUBT, TREAT IT AS CLASSIFIED. THE CANADIAN FORCES ARE ENGAGED IN COMBAT OPERATIONS AND THE SAFETY AND WELFARE OF OUR PEOPLE ARE AT STAKE THINK OPSEC. WE MUST ALL DO OUR PART
- Reaction score
- 1
- Points
- 410
30 Sep 98 is when the reference came out.
Aside from the CANFORGEN noted above (which is hardly new information - similar warnings have come out from time to time), there is no "Facebook" message and nothing published that pertains to Facebook.
And before someone posts an e-mail that states the opposite, I have one coined word to offer: "DINspam".
Aside from the CANFORGEN noted above (which is hardly new information - similar warnings have come out from time to time), there is no "Facebook" message and nothing published that pertains to Facebook.
And before someone posts an e-mail that states the opposite, I have one coined word to offer: "DINspam".
- Reaction score
- 20
- Points
- 430
NL_engineer
Army.ca Veteran
- Reaction score
- 0
- Points
- 410
Looks like a self destruct device is in order, at least that way the the information can't fall into the wrong hands, and the would be hacker gets what he deserves ;D.
Even if it is powered off there are still ways for hackers to access data.
Even if it is powered off there are still ways for hackers to access data.
Similar threads
