NETWARCOM Whistleblower

Article 138 Complaint of Wrongs

NETWARCOM.net
Basic SCI Systems User Course (ONI-SSONAVY)
U.S. DOD Computer Network Hackers
Congress Reports / Intelligence Summit
Identity Theft
Spies and Traitors
7 write-ups STOP Re-Enlistment
Article 138 Complaint
3 Hour Argument
Board for the Correction of Navy Records
LINKS - GOVT, DOD, Navy, and NIOCs

Click Document
Article_138_Release1.jpg

Article 138 signed and submitted on March 16, 2007.










 

Click Document
Article_138_Release2.jpg

     No Command Instructions in Regards to Computer Systems or Removable Writable Media (Floppy, DVD, CD, ..ETC...)
I have been talking about this since SEPT. 2005, continuously and did NOT start E-mailing about this and reporting specific examples until OCT. 2006..., more then a year later.  I mention this because I did NOT want to get people in trouble but after a year of talking about this I had NO choice.
     I could get in trouble for condoning it and so could YOU.

Hackers attack Naval War College





 

Click Document
Article_138_Release3.jpg

     Sir, Ames, Walker, and Hanson, some of the biggest spies in U.S. history would love NAVIOCOM, San Diego, a NETWARCOM - NNWC command relaxed security especially in regards to removable writable, readable media when I checked into the command.

     Sir, when I checked into NAVIOCOM, San Diego, a NETWARCOM - NNWC command, removable writable media was being used with no regard to security.

     Sir, CNO (CND, CNE, CNA) all have a powerful affect on OPSEC, MILDEC, and PSYOP.  I have been obstructed every step of the way in regards to this.






Click Document
Article_138_Release4.jpg

Required Vuport Course OIAC2271  "Ignorance is NOT considered a valid excuse in court."  "Remember it is YOUR responsibility to be aware of legal issues and know applicable policies".

Required Vuport Course OIAC1170  "The Most common type of threat faced by ---/--- information systems comes from authorized users."  "Man-made, inside, friendly / accidental  threats made up the largest group of threats to ---/--- systems."  "These are usually caused by Errors in Judgement or Procedure."






Click Document
Article_138_Release5.jpg

Vuport Course: Malicious Code Threat [OIAC1171]

What should you do to keep your system free of Malicious Code

     * LOG-OFF your system nightly to allow Virus Scan to update
     * Check the latest Scan Information on your computer

FACT:
[People were just locking their workstations and not logging out of any of their computers classified or unclassified computers at the end of the work day.]



Click Document
Article_138_Release6.jpg

The Operations Leading Chief [OPS-LCPO] CTTCS has harassed me about doing a course on Vuport.  CTTCS says that what I'm doing does NOT look like IO [Information Operations] stuff.  Keeping OPSEC information secure is impossible without talking about computer network security.

[The OPS-LCPO CTTCS has continuously harrassed me about doing something that goes to the core of what our job is.  That is highlighting Information Operations VULNERABILITIES.] 





Click Document
Article_138_Release7.jpg

FY GMT 1.3 Operations Security

The technology exists to INTERCEPT or even record EMAIL content without your knowledge.  We cannot assume that emails can't or won't be compromised.  

[I am being written up and yelled at by mentioning Real World Threats to U.S. Government Computer Systems.]





Click Document
Article_138_Release8.jpg

I am alone in the EW shop and the building is practically empty during the holiday stand down in the afternoon. 

[If someone is working alone while everyone else is on liberty; the last thing I would do is harass them about how lazy they allegedly are.]











Click Document
Article_138_Release9.jpg

Do NOT install Unauthorized software or files from media (floppy, CD, DVD, etc.) :
     Sources of Malicious Code.
           * Images    * Open Source Documents     *Audio Files     * Games     * Screen savors     * Developer's tools

[ The above items were being downloaded from the Internet and put on classified networks practically everyday without any command instruction.  I do NOT care if this happens, but I do CARE that this is happening without a command instruction, departmental instruction or divisional instruction.  Nobody wanted to put this in writing. ]


Click Document
Article_138_Release10.jpg

     Sir, I do NOT understand how low-to-high domain transfers became an issue when it should be COMMON KNOWLEDGE since everyone was required to do the NKO Course: Basic SCI Systems User Course (ONI-SSONAVY)

     Sir, the practice of Low-to-High domain transfer through removable media from the internet is forbidden as a basic SCI user and in any case domain transfers require a Command Instruction as required by Department of Defense.











Click Document
Article_138_Release11.jpg

[C.O. NIOC San Diego] Per our nearly three hour discussion ......
     Your security concerns are indeed a serious matter and MAY BE considered valid.
     ....further investigation is needed to identify all existing guidance and to determine if contradictory policy may exist in those instructions

[Appears to me like the C.O. wants to PICK and CHOOSE what DOD instructions he will or will NOT follow.]  [I said and continue to say that you have to follow the strictest instructions.  If a DOD instruction is stricter then a Navy instruction then you have to follow the stricter DOD instructions or vise versa while being in strict compliance with both instructions.]

[For example a NIOC San Diego, a NETWARCOM - NNWC instruction could FORBID the use of any and all types of Removable Writable Media (Floppy, DVD, CD, etc.).  Since the NIOC San Diego instruction is stricter then a DOD or Navy Instruction then it is the one you follow.

Click Document
Article_138_Release12.jpg

Click Document
Article_138_Release13.jpg

     There is an Active Security Breech in Intel. Div.   I need the ISSM or the SSO to tell the Intel people to stop using removable writable media without a command instruction.  The C.O. should be notified immediately.










Click Document
Article_138_Release14.jpg

Basic SCI Systems User Course (ONI-SSONAVY)

Protecting Unattended Computer
     * Activate screen lock during temporary absences
     * Never leave workstation unlocked and unattended
     * Log out at end of work day
     * Log out for extended absences
     * IC rules are more stringent than DOD rules


If the above rules are wrong than make a command instruction to protect your people in the case someone tries to say someone is doing something wrong.  People were NOT Logging out at the end of the work day or Logging out for extended absences.

Click Document
Article_138_Release15.jpg













 

Click Document
Article_138_Release16.jpg

     The NMCI helpdesk specifically said the message authorizing people to shutdown their computers at night does NOT address ANTI-VIRUS scans [or anti-virus software].  The Radia Media software [Vulnerability] patches were never the issue, it was the anti-virus scans.

NMCI Hacked

[The NMCI helpdesk specifically told me that Anti-Virus scans or anti-virus software have nothing to do with them [NMCI].  Still NO command instructions on any of the computer systems whether they be NMCI or Classified computer systems at the time I checked out with the C.O. in May 2007.  At this time he was asking me to drop the Article 138.]





Click Document
Article_138_Release17.jpg

Message Requiring NMCI computers to be powered on "In order to conduct scans to ensure workstation have the correct security software, users are directed to log out of their workstation at the end of each night.












Click Document
Article_138_Release18.jpg

[Our own IT Division is saying all the classified computers stay on 24 hours a day.]

Vuport Course: Malicious Code Threat [OIAC1171]

What should you do to keep your system free of Malicious Code

     * LOG-OFF your system nightly to allow Virus Scan to update

     * Check the latest Scan Information on your computer

It is important that you Log-Off your system nightly.  This is when your Virus Protection Software is Updated.

Vuport Course: Malicious Code Threat [OIAC1171]

Click Document
Article_138_Release19.jpg

All it takes is ONE computer to bring down an ENTIRE network.











Click Document
Article_138_Release20.jpg













Click Document
Article_138_Release21.jpg

I was ordered to anger management classes.


No command, departmental, or divisional instructions in regards to computer systems or removable media (Floppy, DVD, CD, etc.) at the time I checked out with the C.O. in May 2007











Click Document
Article_138_Release22.jpg













Click Document
Article_138_Release23.jpg













Click Document
Article_138_Release24.jpg













Click Document
Article_138_Release25.jpg













Click Document
Article_138_Release26.jpg













Click Document
Article_138_Release27.jpg













Questions or Comments E-mail ig@netwarcom.net

NETWARCOM Whistleblower
Naval Network Warfare Command
NETWARCOM Whistleblower

Naval Network Warfare Command Whistleblower