From an NPR interview with Ms Swift:
Interviewer: Like I said, I am the mother of a 12-year-old girl, and she loves your music. Her friends love your music. You have a huge platform among a very vulnerable, impressionable set of the population. And I wonder if you think about turning your lens outward, turning it away from the diary page, and sending a broader message to girls who would be really receptive to hearing about big ideas and the big world that's outside.
Swift: Like what kind of messages?
Interviewer: Well, other characters. I don't mean to minimize the effect of a love song or a pop song. But do you ever think about writing about other experiences, things that might turn girls away from themselves in a different way?
Swift: There's nothing that's gonna turn girls away from themselves at age 12...I think the best thing I can do for them is continue to write songs that do make them think about themselves and analyze how they feel about something and then simplify how they feel. Because, at that age — really at any age, but mostly that age — what can be so overwhelming is that you're feeling so many things at the same time that it's hard to actually understand what those emotions are, so it can turn to anxiety very quickly.
I'm not a fan of Ms Swift's music (I'm not a 12-year-old girl) but I do have a healthy amount of respect for the way she conducts herself in public.
Why is the entire file necessary for the interview? A relevant excerpt, only what the applicant claims with respect to Joe, can be walked back across that air gap and sent to the regional office. The interview results then get walked past the air gap and merged/appended to the file. Naturally what really gets walked across is a large number of excerpts and data to merge/append.
Whether it's all of the file or part of the file is irrelevant, since the transmission time via USPS or UPS or FedEx is the same (per company obviously) whether you're sending a single page or a whole stack of pages. Your point about malware is well-taken though.
The other point with data-entry is that each renewal for a security clearance, either due to the clearance expiring or to a periodic random review, requires a new and updated SF-86.
Concerning data transmission, the network is also much cheaper than flying a single investigator all around the country to interview folks in a timely manner. As it is, getting a security clearance takes anywhere from 3-6 months, longer if the investigator finds an irregularity. I'd estimate an air-gap would add at least another month or two to the process accounting for snail-mail transmission times.
As someone who's information was compromised, I absolutely agree the information should have been better protected. I'm just not sure an air-gap is the appropriate measure to take in this case.
Again, I'm not a network security expert.
There are two issues with air-gapping the OPMI database. The first is just data-entry. An SF-86, which is the form to apply for a security clearance, is 122 pages, not including the instructions and the authorization for the government to access your medical records and to run a credit check on you. If you air-gap that system you have to hire someone to either run OCR scans or enter all that data by hand into the database.
The second is data transmission. Investigators have to verify all of the data on that SF86 and conduct in-person character interviews with whomever the applicant lists as character interviews. That's particularly a problem with military personnel as they tend to move from location to location a lot more often than other individuals. Let's say your character witness is Joe Schmuckatelly who lives in California and you live in Nebraska. It's easier and less expensive for the regional office in Nebraska to put the file on the network and request the regional office in California to interview Joe, than it is for the Nebraska office to mail it through USPS to the California office.
You may hate this stuff and think the companies that use them are pure unadulterated EVUL!!11! but there are second and third-order effects the FDA has to consider.
Since this stuff is pretty wide-spread, removing this from stores overnight would leave the shelves of a fair many grocery stores pretty bare. If you live in a food desert where most of your food supply is probably processed packaged food, this could lead to a food shortage until the stores can replace all of that existing stock.
Then there's the economic piece. Banning this stuff overnight is going to take an enormous cut out of a food company's bottom line (all their unsold stock they've already paid to manufacture is useless). That means lay-offs or pay-cuts (we both know most the CEOs and other high-level positions aren't going to take salary cuts to make up the shortfall) and a falling stock price. The same holds true for the grocery stores, since the food they've purchased from food companies is now product they can't sell.
I continue to be impressed with the crazy things these participants can think of, and simultaneously disturbed by the fact that they actually came up with this.
Something of a tangent. I work in security and this sentence pretty much sums up my feelings about my job every day. My colleagues think I'm nuts (probably not unwarranted) but I think there's a kind of noblise oblige when you across someone with a knack for subterfuge and deception. It takes a particular kind of mindset and I very much admire that capability, if not always their intentions.
*An actual war, not rhetorical wars such as "war or drugs"