OK, Can't Treat Adults Like Adults

In my last post I endorsed the intelligence community's approach to thumb drives - don't ban them but issue warnings about the risks, and then assume end users will take an adult approach to the judicious use of computer technology.

Well, in a matter of hoots, I've swung the other way around. Though the Navy has a long standing policy against the use of peer-to-peer clients by both its personnel and contractors, some dummy at a defense contractor exposed sensitive information on the VH60N presidential helicopter on a P2P network, with that information sucked into a computer in Iran, as I reported today.

The files now hanging around in Iran include information on the VH60N missile warning and missile countermeasure systems, all exposed because someone wanted to listen to so-called "free" music. (With peer-to-peer, you can download a copy of a song off my computer hard drive, if you and I are on the same P2P network, for free. But the artist doesn't get paid.)

Based on this incident, I guess the approach to computer security has to be draconian and with no wiggle room whatsoever for those engaged in security best practices. It's the same approach practiced by my Marine drill instructor. When one guy screws up, EVRYONE has to do push ups. Crude? Yes. But it got the point across.

A side note: I don't have to worry about exposing the contents of my hard drive on a P2P network, because if I want to listen to a piece of music, I buy the CD.

Am I the only person in America who still realizes musicians should be paid for their creativity and intellectual property?