• Thanks for stopping by. Logging in to a registered account will remove all generic ads. Please reach out with any questions or concerns.

Foreign Interest in Army.ca

AirDet

AirDet

Full Member
Subscriber
Reaction score
29
Points
330
Have any of you noticed that roughly half of the "guests" on this site are offshore? For instance this morning I noticed 196 users from Baidu, a Chinese access provider. I think we can understand that not all of those are just curious kids. If someone wanted to keep abreast of the potential of an army, tracking a site like this would be a great way to do that.

I've noticed the moderators have done a great job of making sure anything that compromises the CF and Canada is removed quickly. The problem is that once it's posted; it's in the public domain.

I encourage everyone (including myself) to ask a simple question before hitting the POST button. "Does anything in this post violate the site's rules or DND's security?"

We all play a part in information security.
 
AirDet said:
Have any of you noticed that roughly half of the "guests" on this site are offshore? For instance this morning I noticed 196 users from Baidu, a Chinese access provider. I think we can understand that not all of those are just curious kids. If someone wanted to keep abreast of the potential of an army, tracking a site like this would be a great way to do that.

I've noticed the moderators have done a great job of making sure anything that compromises the CF and Canada is removed quickly. The problem is that once it's posted; it's in the public domain.

I encourage everyone (including myself) to ask a simple question before hitting the POST button. "Does anything in this post violate the site's rules or DND's security?"

We all play a part in information security.
Click to expand...
A while back on another thread, I came across a few guys talking about security clearance requirements for specific trades/MOCs, etc. I chimed-in and offered my opinion that they probably shouldn't be talking about this stuff in an open internet forum. Of course they took offense and proceeded to scold me as the idiot I obviously was because nothing they were saying was technically "classified". I tried to explain that just because individual pieces of information weren't technically classified didn't mean that it was appropriate to discuss them in an open forum. You can paint a very accurate picture through the analysis and amalgamation of multiple individual pieces of otherwise unclassified, but sensitive, information.

There are foreign entities monitoring these and other forums like it. It's a given today and everyone should be aware of this fact.
 
Transporter said:
Bingo. It is my firm belief that everyone in the CF should have to complete annual online training in this area.
Click to expand...

F*** that.  Well I agree infosec, persec, and opsec are important, I loathe to see another useless DLN online mandatory course suck up more time.  Those mandatory courses are useless except for  putting a stat on someone's Powerpoint.
 
MJP said:
F*** that.  Well I agree infosec, persec, and opsec are important, I loathe to see another useless DLN online mandatory course suck up more time.  Those mandatory courses are useless except for  putting a stat on someone's Powerpoint.
Click to expand...
:goodpost:
 
MJP said:
F*** that.  Well I agree infosec, persec, and opsec are important, I loathe to see another useless DLN online mandatory course suck up more time.  Those mandatory courses are useless except for  putting a stat on someone's Powerpoint.
Click to expand...
Whilst I agree that some of the online training courses we do today may be superfluous, few (if any) would be more important than this one, particularly in todays info age. If done properly, they are not useless (unless, of course, you simply don't give a f*** anyway).
 
Transporter said:
Whilst I agree that some of the online training courses we do today may be superfluous, few (if any) would be more important than this one, particularly in todays info age. If done properly, they are not useless (unless, of course, you simply don't give a f*** anyway).
Click to expand...

Yup important, you will get no argument from me.  I say people( and by people I mean leaders) just get a bit of intestinal fortitude and be leaders and lead when they see transgressions, rather than subletting that responsibility to an online crse.  I am using strong language not to attack you but the idea that more online crses will some how fix certain issues.
 
MJP said:
Yup important, you will get no argument from me.  I say people( and by people I mean leaders) just get a bit of intestinal fortitude and be leaders and lead when they see transgressions, rather than subletting that responsibility to an online crse.  I am using strong language not to attack you but the idea that more online crses will some how fix certain issues.
Click to expand...
This is one of those issues that IMHO we cannot beat people over the head with often enough. It can't be left to leaders to correct indiscretions when they see them because with the way technology is so omnipresent in our daily lives today, it's literally a 24/7/365 thing. It doesn't have to be an online course - pick your poison - but it has to be ingrained and reinforced. I don't like it either, but it is the reality of daily life nowadays.
 
MJP said:
F*** that.  Well I agree infosec, persec, and opsec are important, I loathe to see another useless DLN online mandatory course suck up more time.  Those mandatory courses are useless except for  putting a stat on someone's Powerpoint.
Click to expand...

There are two reasons by you are required to do the DLN online mandatory courses, (1)  to enable you to carry out your duties and act in a somewhat reasonable and responsible manner, and just as important  (2)  so that when you do cross the line and step on your lower appendage, someone can say "Charge em or commence Admin Measures!  They had the mandatory training and therefore, should have known better!"

Transporter said:
This is one of those issues that IMHO we cannot beat people over the head with often enough. It can't be left to leaders to correct indiscretions when they see them because with the way technology is so omnipresent in our daily lives today, it's literally a 24/7/365 thing. It doesn't have to be an online course - pick your poison - but it has to be ingrained and reinforced. I don't like it either, but it is the reality of daily life nowadays.
Click to expand...

Too much training in any area outside of your "primary duties" on a repetitive basis, has the tendency to result in complacency.  The first time around should be sufficient and then reinforced every 3-5 years but when done annually, it just loses it's intended effect.  Besides, we can't babysit people 24 hrs a day.
 
DAA said:
There are two reasons by you are required to do the DLN online mandatory courses, (1)  to enable you to carry out your duties and act in a somewhat reasonable and responsible manner, and just as important  (2)  so that when you do cross the line and step on your lower appendage, someone can say "Charge em or commence Admin Measures!  They had the mandatory training and therefore, should have known better!"

Too much training in any area outside of your "primary duties" on a repetitive basis, has the tendency to result in complacency.  The first time around should be sufficient and then reinforced every 3-5 years but when done annually, it just loses it's intended effect.  Besides, we can't babysit people 24 hrs a day.
Click to expand...
Once annually can hardly be considered repetitive and every 3-5 years on this topic is insufficient. And I would argue that infosec is one of your primary duties; it is one of the underpinnings for everything else you do, regardless of trade or MOC.
 
One has to admit, the majority of CAF members are just as complacent now of Security as the General Public. 
 
DAA said:
There are two reasons by you are required to do the DLN online mandatory courses, (1)  to enable you to carry out your duties and act in a somewhat reasonable and responsible manner, and just as important  (2)  so that when you do cross the line and step on your lower appendage, someone can say "Charge em or commence Admin Measures!  They had the mandatory training and therefore, should have known better!"
Click to expand...

I'd agree with you if the training actually trained you to do your duties and was relevant.  It is not.  I learned nothing applicable to my responsibilities as an aircraft captain by doing Contracting with Direct trade. 

There are many other ways to do such training without being a broad brush type training where everyone is considered the same.  Having 1 or 2 lessons during your specific training with refreshers yearly would have a far better effect than it has right now.

Doing those courses is as relevant to my duties as it would be for you to do my tactical training with a yearly written exam Taceval.
 
Transporter said:
Once annually can hardly be considered repetitive and every 3-5 years on this topic is insufficient. And I would argue that infosec is one of your primary duties; it is one of the underpinnings for everything else you do, regardless of trade or MOC.
Click to expand...

I don't disagree with your point about infosec being important, I am merely explaining what I have seen first hand when it comes to "annual" types of training, similar to this, which are delivered online.

Login, commence the training, go about your regular job while returning to your computer to tap on the spacebar every 1-2 minutes to advance to the next slide/scenario, print certificate, log out.  The alternate option is delivering the training in a classroom environment, in which case it is usually "good luck getting people to attend", mandatory training or not.
 
DAA said:
I don't disagree with your point about infosec being important, I am merely explaining what I have seen first hand when it comes to "annual" types of training, similar to this, which are delivered online.

Login, commence the training, go about your regular job while returning to your computer to tap on the spacebar every 1-2 minutes to advance to the next slide/scenario, print certificate, log out.  The alternate option is delivering the training in a classroom environment, in which case it is usually "good luck getting people to attend", mandatory training or not.
Click to expand...
I have completed mandated online training courses on a range of topics and many of them have been very good.  As with most things, quality of the package and method of delivery will dictate effectiveness. Sure, if you want to post a powerpoint slide deck and have folks flip through it at their leisure and then consider them trained once they've finished, of course that's a waste of time. But it doesn't have to be (nor should it be) like that. I've completed online training courses that have been interactive, with video and audio, that required confirmatory testing in specific areas before being allowed to continue to the next topic, etc. They have been far more involved, and effective, than viewing a powerpoint slide deck. And there was no way possible to hit the spacebar to advance through the material to print your certificate of completion. 
 
George Wallace said:
One has to admit, the majority of CAF members are just as complacent now of Security as the General Public.
Click to expand...
I think I would tend to agree with that.
 
I think regardless of the actual or desired level of IT security awareness training, it's important to know that foreign parties are in fact trolling Army.ca and other public resources for information.

It's important we stick to public, non-sensitive information when posting here. As noted above, sometimes even "innocuous" information can help paint a broader picture or connect more sensitive dots for the bad guys.

The example I use is folks who post their workouts on Facebook. Anyone who has posted their run time, distance and calories burned has allowed their weight to be "reversed engineered". Most don't realize the implications and it's a good 'personal' example that resonates about how public data can easily be pieced together to obtain private info.
 
MJP said:
F*** that.  Well I agree infosec, persec, and opsec are important, I loathe to see another useless DLN online mandatory course suck up more time.  Those mandatory courses are useless except for  putting a stat on someone's Powerpoint.
Click to expand...

Amen to that! I actually found myself doing that to others last year and had to give my own head a shake.

I just thought if we remind people to pay attention to these sorts of threats most people will comply. Those that don't get to deal with the moderators or their own C of C.
 
George Wallace said:
One has to admit, the majority of CAF members are just as complacent now of Security as the General Public.
Click to expand...

Amen.
 
Transporter said:
Once annually can hardly be considered repetitive and every 3-5 years on this topic is insufficient. And I would argue that infosec is one of your primary duties; it is one of the underpinnings for everything else you do, regardless of trade or MOC.
Click to expand...

Really, all it will do is take an hour out of everyone's life but it won't change minds or practices.  As it is now my people need to do the online Defence Ethics course every year and its turned into a joke with everyone vying for the title of who got through it quickest. 
 
You must log in or register to reply here.

Similar threads

Mike Bobbitt
    • Love it!
  • Sticky
Site Administration Welcome to the new Army.ca!
6 7 8
Replies
157
Views
136K
Kirkhill
Kirkhill
daftandbarmy
The Harsh Realm of “Gentle Parenting”
Replies
19
Views
10K
Fishbone Jones
Fishbone Jones
daftandbarmy
    • Like
The Management Myth
Replies
11
Views
14K
Brad Sallows
Brad Sallows
Mike Bobbitt
Army.ca Christmas Message 2017
Replies
7
Views
10K
Scott
Scott
Mike Bobbitt
  • Sticky
How to engage in political discourse on Army.ca
2
Replies
32
Views
49K
mariomike
mariomike
Back
Top