17D_guy

Does this mean we get a cyber guy in charge of 24AF soon? And.. nope. CC's a space guy, Vice is a Pilot, and Chief's career Intel. Some day we'll get to play at the big kids table. Also, the 24AF page has a "Space" section. It's like they're not even trying.

I got a survey as well. It seemed very different from the one you guys are chatting about, so this seems right.

First - this is hilarious. For me, not you. Second - 3 days: normal. Sorry, welcome to the efficiency of operation in an enterprise system. I'm not proud saying that. When your senior leaders (both Cyber and Fliers) say they're leveraging automated systems to blah, blah, blah. This is what they're talking about. Third - Your CFP/CSL (pronounced Sizzle, we think of the cool names in Cyber) should be able to update your IA date, or put in a ticket (+3 more days!) to have it manually updated. I haven't heard of that process being a complete automated lock down.. and it wouldn't make sense if they did. So.. they probably did. Fourth - The ESD is gone, long live the vESD. Try putting in a ticket for something that isn't on their little app. You can't. You have to call your CFP for the ticket. Did you get notified ADLS was going down, then it wasn't, then it was again? i don't know your situation, so I'm not trying to accuse. Thankfully we don't seem to have many people at my location stuck in your boat, but I would be interested if your training/QA/C4I got the info out to you. I'm still surprised at the number of individuals in senior positions w/ Masters degree in business/management who can't figure out strategic communication. Ex - new ESS roadshows. Break break - I got moved out of my DO position to a career-building staff job. So my (cyber) front line info will start to lag and I'm lobotomized by being taught how to build staff meeting slides. Overall, I'm not sure how much good info I'm bringing, but if you've got particular questions I can still bro-network a solution.

Still not sure why the Enlisted get a SCOD for their rack/stack.. but we're stuck with the, "We strated a guy who left 4 months ago #1.. so..." How about we close out OPRs a few months before promotion broads, and work assignments around it. Sure, there's still some folks who would get screwed, but that's just how it is sometimes. The vast majority of folks would work out better.

Hrm.. Interesting. I don't think it was the local CS, as the process for restricting accounts is automated. Your profile gets kicked to a naughty boy/girl list and you're restricted from the glory of the web. I'm not sure on the technical specifics. Did you try a different workstation? I imagine the same result. If you contact your CFP they might be able to help, but no promises. I just wonder because they're always rolling out new software for security, both locally and in the ether, that will do strange things. So, at some point if your local workstation isn't patched, you could get the same error. Which would be good for us Cyber types in making sure vulnerabilities are mitigated. 4+ months after the vendors release the patches and they've finally percolated through DISA and AFCYBER. I wish I was kidding. Oh, then AFCYBER backdates the due date for the CS to the vendor release date. Then passes that list of overdues to the MAJCOM A6.

    What do you do for currency in that situation? Just go over and have some re-qual back at home station?

You're welcome, I'm waiting on the check.

Pretty much this. Though, I don't know too many cyber officers doing slide building.. our E's did a bit of that. Most of the stuff my units are pulling now are Flt CC positions since we "stood down" inf AFG.

It's devolving into the standard support vs ops argument. Yawn... I'll leave it at this. Just because the door gets locked at 1630, doesn't mean Airmen aren't still working. I've got many flyer friends and family, and perhaps it's the different airframes, but I've seen Ops Sq's shutdown for farewells, naming's or other (awesome) heritage events. Sure, there's still a crew or 2 out flying, but I've still got someone manning the CFP and doing high-priority tickets/outages. The Ops Sq's here play football for PT and show up after 0900.. except for the crews flying or mission planning. But again.. the Cyber Amn I've got working tickets/outages... don't go to PT. On an interesting note we did close the CFP on Fridays for training. Because the AF decided to separate a ton of experienced NCO's and deploy the rest I've got a ton of Amn who completed tech school.. but really can't do anything. Do you guys have customers that walk in? Classes are had, tasks are checked off, learning is accomplished and experienced is shared from the (no kidding) 1 hot-shot TSgt we've got. We can't do that with customers walking in. It's show significant impacts to ticket numbers going DOWN, but it still sucks we're closed on Fridays.

Wasn't complaining. I just had seen it done before and was wondering if it was going to happen.

So it wasn't about hacking the mission as a rated operator vs a support Amn. It was about appearances.

To expand on the OPM hack. Watch the video and realize these are senior gov't employees in all facets of the force. They're the ones making decisions about how to implement cyber. They're in the AF too.. https://www3.blogs.rollcall.com/hill-blotter/opm-breach-includes-congressional-staffers/ Additionally Krebs does a good breakdown of the history of this. CLEARLY targeted, persistent, and skilled. I briefed this to leadership this week, they were not please. https://krebsonsecurity.com/2015/06/catching-up-on-the-opm-breach/

Are we going to do a separate thread for each of his (great) posts? Or can we do a consolidated thread?

I had a 2Lt who plugged a wireless mouse into his SIPR workstation once. Asked him to remove it, that per the "rules" it wasn't allowed. We were in a SCIF as well. He asked why, that all it passed was X/Y axis data and there was no information to be gotten off of that. I informed him as a lowly SSgt I didn't have the details as to why he couldn't, but the NSA wrote the rules. He said they didn't know what they were doing. I side that's fine, remove the mouse. There's a lot of cool stuff going on right now with side-channel analysis. Attacking systems and getting information about what's happening in a system from other means. TEMPEST was the start of everything in this realm. I generally try to be cool about these things. Wireless mouse on NIPR? I don't care. I've got a MSgt that I supervise that's got one right now actually. But a lot of the Pilots/Nav's roll into SCIF's here with their iPhones and bricks like it's no big deal. I was going to say Ops dudes since it would cover the back-end Intel guys, Ravens and other folks as well.. but it doesn't. It's mostly front end rated-bros... just thought about that. Not hating, an observation. Some of the rules are stupid. Some asses interpret them their own way to be a pain/powertrip/etc (Gravedigger's 2nd paragraph). But I can assure they're their for a reason when it comes to EMSEC. I've seen the same thing with the stacked classifications. Drives me nuts, but I'm a little older-school. I think a lot of the problem was mitigated with shielded-copper, fiber, and flat screen monitors that don't emit like the old CRT's. Also, the switch boxes should be NSA approved. There were... 2(?) approved when I was at Vandenberg for some of their systems to co-exist. That being said, I've seen images pulled off side-by-side ethernet connections that I didn't think would be there. Correct JRSS is a unicorn when it comes to DoD programatic function. Army's paying for it, AF's helping with a bunch of stuff. Navy has the NMCI and can sit in the corner until they learn how to cyber like adults. As much as it pains me to say it the move to a joint cyber environment is the right thing to do. It shouldn't be AF NIPR, Army NIPR.. Navy... vomit. Real savings in time, $$ and manpower can be leveraged with that. Security for the DoD networks can be vastly enhanced. The AF no-kidding leads the way in getting this done in some areas (AFNet, 24th AF, security) and the Army in others (DISA Email). Additionally, like the sky we don't (to my knowledge) have Air Force sections, Navy sections, etc. It's all under control of the CFACC. Same should be for Cyber, and JIE/JRSS is going to get us there. I'm tired as hell, so I hope this made sense.

Eh, I'll try to look into it. Clickers.. should be fine. Is your IA shop saying otherwise? Have them site the source as Warrior states. Note who says it's default no, vs yes. Murder them. Another thing to add to this is the oncoming JIE and JRSS - https://www.disa.mil/Initiatives/JRSS https://www.disa.mil/About/Our-Work/JIE I imagine this is akin to what prop guys felt like when jet engines came along. But you know.. minus the fun.

Don't have a lot of time to reply right now. You'll see the AF has been pushing for this sort of thing for awhile. I think I said in a earlier post that DISA said they were the arbiter of all things cloud.. then certified no cloud services besides their own. DoD CIO punched them in the dick and now they're moving on to approve other cloud providers. But don't think they don't have downtime (AWS and Google have both had outages). Sure, it's not the same as my/your base, but their business model is different, their mission is different, and their costs are different. If "we" low-ball it just like ESD, and other "Cyber Support Servcies" have been it won't be any better than what you've got now. Yep. Thanks. $400 to move that network drop in an office please.

So.. McCain decided BAH was too much for the DoD to cover while leadership's decrying the retirement, "rising" medical costs and the general poor return on investment all around on actual people. Here's section section 591, from the Senate version of the NDAA (S.1376) - Looks like blue-suit base support is over boys, time to go home.

CMSAF Reddit AMA #1 unanswered question - Why do we still have tops in blue? I get it.. he's a top dude and has to answer a certain way.. but man.. so much coolaid.

Christ on a pony, I'm starting to have this argument with "high speed" Airmen and Lt's. Would be nice if the CMSAF didn't look like he shaves with this damn stripes. I'm sure he just "bought it that way." I don't like the rim of my cap folded in, so I straighten by hand when I put it on. But those frenchified caps look live vomit. Ugh... It's amazing how the AF can't write a fucking regulation that isn't ambiguous, even when leadership said repeatedly during phase in what the goal for this was - Per 36-2903 - Per the label on the inside of the "blouse" I'm wearing - That's right, the label on the inside of the uniform is more directive than the AF regulation. When can us Cyber Ops folks have flight suits so we can step away from this bullshit "uniform"?

Behold, what your cyber force is doing -

CSAF talking to FoxNews about all the issues he's been talking about (people, planes and lack of pilots) https://www.foxnews.com/politics/2015/05/25/budget-cuts-impact-us-ability-to-fight-enemy-air-force-general-warns/

Mad Max ruled. Go see it.

Ah, the Cyber Mecca.