Secure network question

[Gatordev]

I know there's a few here who work on or have worked on/with secure networks, so I thought I'd pose the question here. I'm keeping it vague, initially, on purpose. I'm not even sure what I would be Googling for, so... here goes.

Say I'm in a room that has SIPR (or other secure network) drops, but no actual computers. Let's say the the drops are hot. It's my understanding that the drops (the actual dual plug jacks) are optical.

Now let's say I have a cell phone (WiFi is not turned on). Is there any way that the radio signal from my data network could "interface" with the ODN on the drop?

Same question if WiFi is turned on.

Yes, there's a reason I'm asking.

 

[Alpha_Echo_606]

If the jacks are optical you'd need a face to face connection, in other words you'd have to physically plug in. The connection is requiring light to transmit and receive.

With it being a secure network it should always take a hard connection to reach the SIPR net. Wifi should not even be involved.

Hope this helps.

 

[phrogpilot73]

With it being a secure network it should always take a hard connection to reach the SIPR net. Wifi should not even be involved.

Not so. There is a certified SIPR Wireless System. I've seen it in use firsthand.

 

[Gatordev]

That pretty much is what I was thinking. I'm trying to get something that says this technically, or something that says "why" you can't have a cell phone/radio phone next to a hot drop. I have feeling someone is extending the "no 'non-secure' phones in secret spaces" to some made up technical reason.

 

[Gatordev]

Not so. There is a certified SIPR Wireless System. I've seen it in use firsthand.

True, but not in my scenario. I'm trying to keep the scenario simple in order to lead me down the path to finding an actual reference to this supposed magical MODEM that happens.

 

[pilot_man]

Is your question why we can't have phones in secure spaces, and the reasoning behind that policy?

 

[Harrier Dude]

You want the security people to justify their made up rules with source documents?

What next? Cause/effect based rules? Personal responsibility? Decentralized control?

Clearly, you care nothing about security.

Why do you hate America?

 

[yak52driver]

If this is not a wireless secure network and hard lines only, WiFi on your phone would not play a part in your scenario. Secure networks can be designed differently, but generally require a at least a login/password to gain access once a connection has been established. Depending, it may also have other security methods enabled like encrypted traffic once you are able to login, but network design/requirements will dictate that.

If I read your second comment correctly, MODEMs don't play a part in connections much any more (at least in the business world), there are network interface cards that the wire plugs into and establishes the connection/protocols. Hope I'm not way off base in answering the question I think you asked.

 

[Brett327]

Is your question why we can't have phones in secure spaces, and the reasoning behind that policy?

I've never experienced a prohibition against phones in a secure space, unless you're talking SCIF type secure. Is that what we're talking about, hypothetically?

 

[squorch2]

Weapons school has (or had) you check your cellphones in at the entrance, despite the lack of super secret squirrel stuff inside.

 

[RadicalDude]

I always assumed it was cause of cellphones with cameras.

 

[phrogpilot73]

If you're trying to get a security dude/N6 type guy to agree to what you want, you'll find it's problematic at best. We had a contractor come into a space that was certified for open storage, and set up an AV system. The AV system included a totally sweet touchscreen remote that was wireless. Wherever the instructor was, he could control the AV system (switch inputs to the projector, raise/lower the screen, etc). Problem was - it used a wireless router. The ONLY thing the wireless router was involved in was receiving commands from the remote (aka - switch to input X, raise/lower screen). NOTHING was plugged into the router other than the AV switchers and the remote. There was NO WAY that a secret presentation (that we do in the classroom on occasion) would be transmitted over that router. We still got shut down. Why? It all has to do with interpretation of the instructions.

The system that was set up by the contractor was the same system they had used with DEVGRU, in a SCIF. They followed the letter of the law. It was interpreted differently for us. I've still got the email back-and-forth between me, the N6 and the guys at now Cyber Command... If you want me to forward it (because I don't remember the references and all that jazz), shoot me a pm and I'll send you my .mil address so I can send it to you.

The actual instruction pretty much says no WiFi, no Bluetooth, and no IR (aka TV remote controls) in a space that is authorized to store classified material.

I always assumed it was cause of cellphones with cameras.

Any continuation about this discussion would have to go on SIPR or JWICS....

 

[Gatordev]

Is your question why we can't have phones in secure spaces, and the reasoning behind that policy?

No, I'm asking a technical question.

If this is not a wireless secure network and hard lines only, WiFi on your phone would not play a part in your scenario. Secure networks can be designed differently, but generally require a at least a login/password to gain access once a connection has been established. Depending, it may also have other security methods enabled like encrypted traffic once you are able to login, but network design/requirements will dictate that.

If I read your second comment correctly, MODEMs don't play a part in connections much any more (at least in the business world), there are network interface cards that the wire plugs into and establishes the connection/protocols. Hope I'm not way off base in answering the question I think you asked.

You're not taking the term MODEM literally enough. I'm not talking about a modem that gets you on the local BBS. We have MODEMS in multiple airframes that just change RF to digital and back again. That's what I'm referring to.

I've never experienced a prohibition against phones in a secure space, unless you're talking SCIF type secure. Is that what we're talking about, hypothetically?

I always assumed it was cause of cellphones with cameras.

Not having cell phones in secure places is pretty normal in my experience. Logical? Maybe not, but the main reason phones tend not to be allowed is because they can be used to listen in to secure conversations. Technically speaking. The camera is just an additional thing people like to throw around, but it's no different than a photo copier or, <gasp>, a pen and paper.

Guys, you're reading too much into this. I'm specifically not going into details because I'm just trying to get a technical response...or someone who can actually cite an instruction that blows this "science" out of the water. The instruction part is on my "to do" list.

In reality, it doesn't affect me one way or another, day to day, in the space I'm in, I just hate people making policy based off their own made up musings.

 

[Brett327]

Weapons school has (or had) you check your cellphones in at the entrance, despite the lack of super secret squirrel stuff inside.

I'm talking about landline phones - cell phones are obviously not permitted. The justification I've always heard is that a cell phone could be hacked somehow to transmit/record what was going on in the secure space. I've never heard a suggestion that it could somehow "access" (via WiFi or other means) an ethernet hub/router/etc. The notion that it could "access" an ODN seems particularly unlikely.

 

[Gatordev]

I'm talking about landline phones - cell phones are obviously not permitted. The justification I've always heard is that a cell phone could be hacked somehow to transmit/record what was going on in the secure space. I've never heard a suggestion that it could somehow "access" (via WiFi or other means) an ethernet hub/router/etc. The notion that it could "access" an ODN seems particularly unlikely.

No argument from me. Hence my original post, but I know there's a few here that have more intimate knowledge of how "the system" works than I.