Letter To U.S.A. Navy Headquarters
Mark Hammel
December 11, 2000


a couple notes on security related issues for your consideration, as we enter an era of cyber-tangos of all manner and type:

please reconsider the use of java / java script, as this is not the most secure mechanism to deploy on a gov or mil web site. you may even find that some gov and mil domains have explicitly prohibited the use of this code type in their web sites, as this practice, in part, has led to past gov and mil site breaches.

we'd also like to suggest that you spread the word among your compatriates - both upstream and down - that the use of "freemail" accounts, and microsquat word documents for communication of any even modestly sensitive information, is extraordinarily insecure and vulnerable to malicious intrusion. both these highly insecure practices are rampant in all branches of the military, notably in the use of ms word and powerpoint, and java / javascript.

opsec personnel include those who, among other things, design and install airborne C4I e-platforms, own regional ISPs, manage high end .edu computer systems, and otherwise are uniquely qualified to offer these observations - no strings.

please at least investigate these recommendations.

doc hammel

Back To The Study