Continued from page 2

Mr. Strassmann was dismissive of a Pentagon policy document on the use of social networking and other Web 2.0 capabilities by defense personnel. The document, issued in February after many delays and a lengthy process of internal consultation and review, notes that pre-existing policy “permits limited personal use of federal government resources,” such as phones and Internet connections.

“When accessing Internet-based capabilities using federal government resources in an authorized personal or unofficial capacity, individuals shall employ sound operations security (OPSEC) measures … and shall not represent the policies or official position of the Department of Defense,” the policy states.

“They just haven’t thought about it,” said Mr. Strassmann. “They are saying, ‘Be careful.’ My grandmother used to say that. … It’s not really useful.”

Mr. Strassmann said that after conversations with personnel in Iraq and elsewhere, he thinks that many, many military personnel are avid users of social-networking sites. Troops often had to contend with huge levels of boredom, and such sites were “highly habit-forming.”

He said he was told by “someone in a position to know” that up to 20 percent of all traffic on Defense Department computer networks involves social networking on public sites, “which are unprotected, as well as potentially toxic.”

In Israel, where soldiers who had served at a top-secret military base set up a Facebook page, and allowed a reporter to sign up to it, members of Sayeret 13, the elite naval commando unit that carried out the botched assault last month on the Gaza-bound aid flotilla, have been ordered to close their Facebook accounts, according to the Jerusalem Post.

China’s military also has issued regulations limiting cell phone and Internet use to prevent disclosures of military data.

Absent a straightforward ban, Mr. Strassmann said, the only solution would be to try to monitor social Internet traffic on defense computer systems, using forensic software tools and highly trained intelligence officers.

“You can trust people, yes; but you must verify also,” he said.

Network control centers - essentially hubs where computer traffic can be tracked and analyzed - already existed on Defense Department networks, he said, “but do not have the mission” to mine data from social-networking traffic looking for security breaches.