Which military Web sites are more prone at leaking harmful information to enemies of the United States: the military's own Web sites or individual soldiers' blogs?

According to an internal audit by the Army reported at Wired.com, the military's own Web sites receive that distinction.

Wired.com summed the report's surprising findings [1]:

 The audits [2], performed by the Army Web Risk Assessment Cell [3] between January 2006 and January 2007, found at least 1,813 violations of operational security policy on 878 official military websites. In contrast, the 10-man, Manassas, Virginia, unit discovered 28 breaches, at most, on 594 individual blogs during the same period.

The findings come after repeated statements from the Army regarding the risks soldiers' blogs pose to security. In May, according to the Associated Press [4], the Army handed down stricter regulations which required a soldier to receive  a commander's approval before blogging.

But as Marcia Hoffman, a staff attorney for the Electronic Frontier Foundation that filed a Freedom of Information Act request for the audits, said "It's clear that official Army websites are the real security problem, not blogs. Bloggers, on the whole, have been very careful and conscientious. It's a pretty major disparity."

Over at Foreign Policy's Passport blog, Blake Hounshell writes this shouldn't be surprising [5]. He quotes Army spokesman Gordon Vlan Veet as saying: "Often these bloggers are stationed in the combat areas and they more than anyone understand the importance of security and the potential impact any OPSEC violations could have on themselves and their fellow Soldiers, Airmen and Marines."