Thu, 20 Jul 2000 00:20:31 EDT
[log in to unmask] quoted and then wrote:
>From: [log in to unmask] (Beard, Frank)
>Sender: [log in to unmask] (Team Ada: Ada Advocacy Issues (83 & 95))
>Reply-to: [log in to unmask] (Beard, Frank)
>To: [log in to unmask]
>Currently the two are not connected. They are two separate
>networks. E-mail can't be sent directly to the ship from the
>shore from non-encrypted E-mail systems. The message
>would have to be copied (currently done by hand with pen
>and paper) from the unsecure E-mail system and
>re-transmitted over the encrypted ship network.
>Even if they were to connect over the "commercial" internet,
>they would still have NES encryption (for example) between
>the systems. So the only way it could be received is from
>another authorized node with NES encryption.
>Now if someone were to write the E-mail to a disk and then
>re-enter it onto the encrypted system, then it might be
>possible. The Navy would probably re-institute keel-hauling
>for the naval operator responsible.
>Some of the Navy systems were hit by the "I Love You"
>virus, but they were not the ship networks. They were
>the land based internet E-mail systems.
Some US military (not necessarily Navy) classified systems
_were_ hit by recent Billybox "viruses" (actually worms).
When I asked I was told that the security policy only
prohibited "outgoing" transmission of data. I know
that for previous protocol sets it was possible to use
a trusted "one-way gateway" for mail. Thus the problem
becomes one familiar to those accustomed to designing
Ada-class software systems -- ensuring the specification
matches the real requirements.