Come now... deep down inside you know this isn't a ploy to get rid of IPv4/IPv6... Microsoft has been brought in at the behest of High Command to develop a simplified (read "so simple, even a Lieutenant can do it!" ) replacement for the sneaker-net bridge between SIPR and NIPR. And in true ROT13 fashion, I'll bet NetBIOS is lurking in there somewhere... as the next "secure protocol with 'true' enterprise scalability".

You are correct, there are problems with the military communications system. However, the problem does not lie with the parts that think in ones and zeros. These pieces may have their faults, but are effective when used properly. The key with any military communications is the person sitting at the keyboard.

Basic COMSEC principles teach that you do not release *any* information unless the recipient has a valid need to know. The first question that should come to mind is: "Does this person (or this forum) need to know the information that is being requested" (or in the case of a forum like this, freely released). This includes unclassified information, and if taken to heart, personal information.

OPSEC principles teach that it's generally not the one "Golden Goose" piece of information that kills. It's many small pieces that, when put together, tank the plan.

If you can't positively identify the requester, how can you validate the need to know? That's what the chain of command is for... ask the next in the chain (again, an elementary military principle). In the civilian world, ask your boss, ask your bank, ask your card issuer.

Yes, troops are taught to obey the orders of those appointed over them. And that's the key here...
If "Col Who???" is the first thought, then the person is obviously not appointed over you (everyone knows their chain of command right?? and how to use it?).

I'm not sure how they teach resource (and information is a resource) protection at West Point, but I can still vividly remember many a late late night screaming session at the barracks door because the right answer was "With all due respect sir, I do not know who you are, and your name is not on my authorized list"

The test had nothing to do with encryption schemes, nor with the type of system that processes the phish... It had *everything* to do with releasing information to an unknown entity, that could be detrimental to him/herself or the mission. (For the Air Force, reference paragraphs 3.6 and 8.4 of AFI 33-119... and I'd bet that all other military services have similar directives) (and yes, the document is publicly released)