Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

More Details of the NSA's Social Network Analysis

CmdrTaco posted more than 8 years ago | from the bet-some-smart-guys-work-there dept.

367

mrogers writes "USA Today has a story describing how the NSA looks for suspicious calling patterns in the huge volumes of traffic data it collects. "Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads, which are forwarded to the FBI for investigation. There have been complaints that low-quality leads are drawing agents away from other cases, and similar pattern-matching approaches have been found wanting in the past. Can data mining identify terrorists?"

cancel ×

367 comments

terrororists (3, Funny)

Douglas Simmons (628988) | more than 8 years ago | (#15435644)

I don't know about terrorists, but calling patterns can effectively be used to identify drug dealers, according to HBO's The Wire [hbo.com] . I imagine polygamists, as illustrated in HBO's Big Love [hbo.com] , would exhibit abnormal calling patterns with their supersized family calling plans.

And don't tell me That's just television because no, sir, It's not TV, it's HBO.

Re:terrororists (0)

Douglas Simmons (628988) | more than 8 years ago | (#15435668)

Terrororists? Is that a third HBO reference to Da Ali G Show? You need to get out more. :P

replying to yourself? (0)

Anonymous Coward | more than 8 years ago | (#15435738)

you forgot to check "post anonymously," dumbass

you really need to get out more

Re:replying to yourself? (0)

Anonymous Coward | more than 8 years ago | (#15435791)

No no, GP is obviously suffering from multiple personality disorder, and the second personality forgot that the first one was still logged in.

Re:replying to yourself? (1)

Douglas Simmons (628988) | more than 8 years ago | (#15435984)

The correct term is dissociative identity disorder, thankyouverymuch.

What about Tony? (1)

a_greer2005 (863926) | more than 8 years ago | (#15435763)

Given Reco, and standard, legal wiretaps and bugging, the Feds still cant touch Mr Soprano! The NSA spying program could revitalize and de-criminalize all of NJ!

"anal" I understand, but what is "ysis" ? (0)

Anonymous Coward | more than 8 years ago | (#15436037)

"According to our analysis, that annonymous coward is obviously the mastermind of the cyber-resistance."

Re:terrororists (3, Funny)

MrSquirrel (976630) | more than 8 years ago | (#15435877)

it's easy to indentify the terrorists -- they'll be the only ones who don't call in to vote on American Idol! (completely sarcastic, never even saw the show)

Re:terrororists (4, Funny)

Billosaur (927319) | more than 8 years ago | (#15435888)

I don't know about terrorists, but calling patterns can effectively be used to identify drug dealers, according to HBO's The Wire. I imagine polygamists, as illustrated in HBO's Big Love, would exhibit abnormal calling patterns with their supersized family calling plans.

And let's not forget all those out there with girlfriends/boyfriends they don't want their wives/husbands to find out about. That alone could make great extortion material and provide a new way to fund covert operations.

Dear NSA... (2, Funny)

turnstyle (588788) | more than 8 years ago | (#15435647)

For more info, see here [dearnsa.com] ...

Quick, Look the Other Way! (2, Funny)

duerra (684053) | more than 8 years ago | (#15435649)

They should formalize this practice and make a palindrome out of the resulting acronym. That way we can be distracted with how cool they are to think of such things instead of worrying about what they're actually doing.

NSA-ASN - NSA's Analysis of Social Networks.

*sigh* I'm very honestly starting to get a sick feeling in my stomach over the direction our (my) country is headed. And yet, I feel like there's nothing I can do about it. Vote? Yeah... right.

Re:Quick, Look the Other Way! (1)

LifeNLiberty (975116) | more than 8 years ago | (#15435904)

How about we do something about it besides voting, I don't know what yet but we need to organize a way to fight this in the (likely) case that elections get us nowhere.

Re:Quick, Look the Other Way! (5, Insightful)

dhasenan (758719) | more than 8 years ago | (#15435905)

Because in order for your vote to count, it has to agree with a large number of other votes. If we got a libertarian for President--say, Michael Badnarik--then the NSA would have to hide its spying from the President, as well. But for any national candidate to succeed, they need media coverage. For some reason, Ralph Nader, who was only on the ballot in 36 states, got far more coverage than Badnarik, who was on the ballot in (I believe) 49 states. Why? Because Nader couldn't have won, so the media could safely involve him.

So, your choices for every election are between media coalitions. Which generally means that each of the major US parties supports slightly differing sections of the economy--service sector for the Democrats, production for the Republicans. That's the major difference.

Now, armed resistance is ridiculous when the government has billions of dollars of military equipment. And other technological countermeasures will likely prove ineffective in a short period of time.

Terrorist activities (3, Funny)

SIInudeity (822415) | more than 8 years ago | (#15435656)

From now on, I'm using world of warcraft to plan my activities.

Re:Terrorist activities (1)

Kesch (943326) | more than 8 years ago | (#15435846)

LF15M for Jihad.

(For the non-WoWites, LF15M means "Looking for 15 More")

Re:Terrorist activities (1)

Joe The Dragon (967727) | more than 8 years ago | (#15435990)

to bad that the FIB has people looking at that data as well and likey you don't even know that thay are there.

Re:Terrorist activities (1)

Goblez (928516) | more than 8 years ago | (#15436049)

That's network traffic too, and you can guarantee that it's unencrypted. Just like any cool mic/audio program you might use as well. Sad that this topic came up in my Grad Game Design course, but they're there to ensure that you don't use this technology in anything that could be 'exploited' by 'Terrorists'.

Re:Terrorist activities (2, Insightful)

Lumpy (12016) | more than 8 years ago | (#15436074)

Honestly though, why not a simple alternative?

Terrorists are very well funded if we are to believe the crap that spews forth from our leaders so why dont they take an approach that is different from normal?

Bin laden can buy all his terrorists a SIP Wifi Phone and use Free World Dialup to keep in touch or simply dial a direct IP. Throw away prepay cellphones are easy to come by, why dont these terrorists buy a "boost mobile" and simply buy only a single airtime card and then throw the whole thing away when done and use a different unit/carrier? and to hell with phones, meet in second life or some other online pc/mac based communication system.

Either the terrorists are far more stupid than the NSA and FBI (yes, amazing to even think about) agents and leaders are or the NSA is simply using this whole Terrorism thing as a front to try and gain tighter control over american citizens.

I am betting firmly on the latter.

The strength of weak links... (4, Interesting)

nweaver (113078) | more than 8 years ago | (#15435662)

The problem is, this strategy is not only ineffective, it can be counterproductive.

There is plenty out there on the "Strength of weak links", where past associations (old roommates, sleeper cells), with not contact can be very strong service links when reinitiated.

There is also plenty out there on how this is DoSing the FBI.

And the tin foil hat crowd (a very popular piece of headware these days) will point out that this tool is far more useful for targeting individuals than searching for patterns. And what if you are the target?

Beside the point. (5, Insightful)

TripMaster Monkey (862126) | more than 8 years ago | (#15435673)


If this wholesale data mining works, then the government will tout this success as justification for its acts. If it doesn't work, the government will complain that we're not letting them do enough to ensure our safety, and use the failure to justify even more outrageous violations of our privacy.

Whether it works or not, however, is beside the point. The point is: is it legal? Enough people have maintained that it is not to warrant a serious investigation into the matter.

Re:Beside the point. (2, Insightful)

Daniel_Staal (609844) | more than 8 years ago | (#15435783)

Next question: Do we want it to be legal?

Re:Beside the point. (2, Insightful)

P3NIS_CLEAVER (860022) | more than 8 years ago | (#15435806)

The worst thing about it is that I am paying for this shit! When did our goverment get so out of control?

It's possible according to Yahoo (1, Interesting)

gasmonso (929871) | more than 8 years ago | (#15435677)

I know that YAhoo has commented on this because they datamine extensively to find surfing habits on their site to better place advertisements. Obviously this is a bit different, but the technology and methodology is similar. I have no problem with computers analyzing calling patterns. There was a distinct pattern of calls that lead up to 911 and other attacks.

http://religiousfreaks.com/ [religiousfreaks.com]

Re:It's possible according to Yahoo (4, Insightful)

plague3106 (71849) | more than 8 years ago | (#15435790)

This won't work at all.

They are operating under a logical fallacy. A flurry of calls after an overseas call does not mean the two are related in any way. Perhaps (and more likely than the person being a terrorist) is that the person which received the overseas call and then calls domestically is just relaying family information.

I know my family operated like this (although completely within the US). All you had to do was tell my grandmother something, and you could rest assured she'd spread the news to the rest of the family for you.

Re:It's possible according to Yahoo (1)

'nother poster (700681) | more than 8 years ago | (#15435916)

Well, not just that. If they are looking for patterns that look like terrorists planning attacks, they will look like any other group planning something. Planning and coordination is planning and coordination whether it is a terrorist attack on the U.S., or Great Aunt Gerties 95'th birthday. The patterns will be very similar, and after the second time that a family planning a party for their overseas cousin who is coming to visit is raided the FBI is going to be quite pissed at the false positive rate.

Re:It's possible according to Yahoo (1)

dhasenan (758719) | more than 8 years ago | (#15435937)

Moreover, if I were a terrorist, I'd use some more anonymous method than telephone calls. Ssh'ing into some remote computer where a series of encrypted text files contain the information needed would be simple, effective, and (using proxies or TOR) anonymous.

Re:It's possible according to Yahoo (1)

Descalzo (898339) | more than 8 years ago | (#15436018)

When I first read the original post, I thought the same thing: families trying to save a buck by the overseas brother calling his grandma, or a businessman calling the office and the secretary spreading the word. However, this is only an argument about the way the data is interpreted, not about the way the data is collected. If this data mining is a good or bad thing is dependent on other stuff.

Re:It's possible according to Yahoo (0, Offtopic)

ezzzD55J (697465) | more than 8 years ago | (#15435796)

You post a vacuous comment, starting a vacuous thread, in a large fraction of stories, every time posting that URL that isn't in a signature so that people who have signatures disabled, such as myself, get spammed with it nonetheless.


It annoys me. What is it you want to achieve?

Re:It's possible according to Yahoo (1)

Stanistani (808333) | more than 8 years ago | (#15435966)

Dammit!

We were tracking that post pattern.

--NSA

Distinct Patterns in Hindsight (2, Insightful)

Dareth (47614) | more than 8 years ago | (#15435826)

It is easy to spot "distinct patterns" after you know all the players and can put the pieces together in context. As they say, Hindsight is 20/20.

I have a sister over-seas. If/when she calls anyone else in the family with news/updates/etc it will generate this pattern of many domestic calls as we have a large extended family who wants to know how she and her family is doing.

This does not mean we are terrorist, even though we might fit this "pattern" of suspicious calls. I bet calls to 900 numbers are suspicious and need lots of monitoring as well.

Many ways to abuse this.

Re:It's possible according to Yahoo (1)

Whiney Mac Fanboy (963289) | more than 8 years ago | (#15435870)

There was a distinct pattern of calls that lead up to 911 and other attacks.

Can you please provide a source [prisonplanet.com] for that statement?

Re:It's possible according to Yahoo (1)

gasmonso (929871) | more than 8 years ago | (#15436017)

Here's a start... http://www.usatoday.com/news/washington/2006-05-22 -nsa-template_x.htm [usatoday.com]

Obviously, everyone wants the government to stay out of the public's provate life, but there is a big difference between listening to peoples phone calls and looking for calling patterns. I find the latter to be somewhat acceptable, but it is subject to abuse like everything else. The government is in a tough situation where people demand protection, but want to maintain their civil rights rightfully so. It's a tough task in which there is no easy solution.

http://religiousfreaks.com/ [religiousfreaks.com]

Subsceptible to multiple attacks (3, Insightful)

scorp1us (235526) | more than 8 years ago | (#15435680)

The monitered person can distribute the calls through multiple phone lines. With cooperation, a group of individuals can pool phones to use and this system won't detect them. What is detectible is how many phone lines are registered to a person.

However the government has yet to catch up to the real world. I can disitalyl distribute the message through the internet using techniques that would not arouse suspicion, partivularly with al the online gaming of today.

Roger wilco anyone?

Re:Subsceptible to multiple attacks (0)

Anonymous Coward | more than 8 years ago | (#15436064)

And that's precisely why I think that this news article, if it isn't disinformation, crosses the line. The sentence that inspired your post, assuming it wasn't disinformation, certainly qualifies as "means and methods".

Of course, this Slashdot post could also be disinformation. So could yours.

A fun game!

World Cup (-1, Offtopic)

CaymanIslandCarpedie (868408) | more than 8 years ago | (#15435683)

"Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads, which are forwarded to the FBI for investigation.

Good thing soccer (you know, the other football)isn't more popular in the states. Can you imagine the number of suspected terrorists that would be found this summer during the World Cup. I don't even know if there is a color available on the Homeland Security color chart to signify that level of terrorist activity!

Re:World Cup (0)

Anonymous Coward | more than 8 years ago | (#15435824)

I don't even know if there is a color available on the Homeland Security color chart to signify that level of terrorist activity!

Yes there is, it's mauve.

Re:World Cup (1)

Perl-Pusher (555592) | more than 8 years ago | (#15435841)

You don't think terrorists want to disrupt the world cup?

What are the chances that the germans [nytimes.com] won't be monitoring phone calls!

Attitude (4, Insightful)

symbolic (11752) | more than 8 years ago | (#15435692)


Aside from this being patently illegal, what bothers me is the cavalier attitude behind it, and the fact that it is already being abused to track down people who aren't terrorists, but who are merely doing their job to keep government entities like the NSA under some semblance of control - the journalists. There is no end to the manner in which this kind of information could be abused.

Re:Attitude (1)

KiloByte (825081) | more than 8 years ago | (#15435980)

But, could they at least do a bit of good with that information and use it to eradicate the spammers?

Nyah, I'm afraid.

Re:Attitude (3, Interesting)

whathappenedtomonday (581634) | more than 8 years ago | (#15435988)

Aside from this being patently illegal, what bothers me is the cavalier attitude behind it

I guess as the US is a democratic country, it's alright to do so. Democracy means, literally, rule by the people. The vast majority of people either doesn't care or doesn't get beyond posting "wtf, criminals!" on /.

You'd have to shut down TV for a week or only a day - I bet enough people would start to care about this and many other things...

Re:Attitude (0)

Anonymous Coward | more than 8 years ago | (#15436063)

Aside from this being patently illegal
The fact that the NSA is using modern datamining technology to monitor US citizens is certainly a scary thing. As technology progresses, more laws and guidelines need to be created to prohibit the government from using this technology against its own people. However the statement that what they are doing is illegal is not true. They are not tapping calls, they are just getting phone records. Up until now, getting phone records does not require a warrant. If they were listening in without a warrant, this would be illegal. But they are not. What we should be clamoring for is for congress to pass laws that would prohibit the government from using these data mining techniques on its people. The problem is that this technology is relatively new so there is no law prohibiting this stuff. Just because what they are doing is wrong doesn't make it illegal. Lets make it illegal for real.

My grandmother may be a terrrorist. (5, Funny)

JesseL (107722) | more than 8 years ago | (#15435694)

She's always getting calls from various places and then making a flurry of more local calls. She uses code phrases like "your cousin's baby was born last night and it's a boy", or "Great Aunt Zelda had a stroke but they say she's going to be okay".

Raise it to orange (5, Insightful)

Trails (629752) | more than 8 years ago | (#15435695)

"Hey Akbar, just calling to let you know Mohamed and Alimah just had a healthy baby boy!"

"Oh great, I'll let the family over here know!"

*meanwhile, in the basement of a bunker somewhere*

"My God! It's nine eleven times ten thousand! Nine million one hundred and ten thousand!"

Re:Raise it to orange (0)

Anonymous Coward | more than 8 years ago | (#15435829)

"It will be 911 times 2356."

"My God, that's... I don't even know what that is!"

"Nobody does!"

Re:Raise it to orange (1)

Lord_Dweomer (648696) | more than 8 years ago | (#15435913)

Or how about everybody who is in the importing/exporting business? Or companies that have offices overseas. Although as long as they are "Bush Approved" companies I'm sure they won't have any problems.

Re:Raise it to orange (4, Insightful)

IIH (33751) | more than 8 years ago | (#15435992)

Or, a foreign visitor gets a call that a close family member is seriously ill, they make a flurry of phone calls to cancel hotels, ring the airline, book taxies, and then try and get on a plane home. NSA see "foreign call, flurry of calls, trying to get on a plane in a clearly agitated state - panic, panic, red flag!" and "Oh, we're sorry you couldn't get home before your father died, national security, you know."

Terrorists? (4, Insightful)

RsG (809189) | more than 8 years ago | (#15435702)

Whoever said this was about "terrorists"?

A country of 300 million people cannot have that many actual terrorists in it, even if you count domestic lunies like Timothy McVeigh and the Unabomber in the category (or more accurately the next generation of bomb making lunies). Monitoring a sizable fraction of that 300m can't possibly be just about finding "terrorists" - for one thing it's a needle in a haystack, and for another the number of other uses/abuses of such a system are too many to count.

Bet good money that most of the people who are or will be advesely affected by this surveilance have little or no connection with terrorism. Even if there was once some noble intent of protecting people by finding monsters hidden among them, it won't just be used for that. Any time you have a major source of power in polical hands, you can bet on it being abused eventually - and what greater power over a domestic population is there than widespread spying without judicial oversight?

Re:Terrorists? (3, Funny)

Whiney Mac Fanboy (963289) | more than 8 years ago | (#15435746)

That sounds like terrorist talk to me!

Data mining sucks (1, Informative)

Anonymous Coward | more than 8 years ago | (#15435727)

In terms of catching terrorists, data-mining sucks. It makes no sense to pump enormous amounts of money into unproven technology, when national security is on the line.
If you want to catch terror cells, you'll never beat the 3 I's : intelligence, infiltration and informants.

Disarm them. (5, Insightful)

babbling (952366) | more than 8 years ago | (#15435918)

The most effective way of stopping terrorists is taking away their cause. Believe it or not, terrorists don't blow up hundreds of people as well as themselves because they "hate freedom" or any of that rubbish.

Stop making sense! (0)

Anonymous Coward | more than 8 years ago | (#15436066)

The most effective way of stopping terrorists is taking away their cause. Believe it or not, terrorists don't blow up hundreds of people as well as themselves because they "hate freedom" or any of that rubbish.
There is no place for you in modern political discourse. Get back in line, you traitor, and leave the thinking to your hereditary overlords.

Re:Data mining sucks (1)

Red Flayer (890720) | more than 8 years ago | (#15436035)

I'm against datamining by the govt, but, in re: "If you want to catch terror cells, you'll never beat the 3 I's : intelligence, infiltration and informants."

Data mining is a way of acquiring intelligence. It's not a competing strategy, it's part of the 3 I's.

i see dead people (1)

ActionAL (260721) | more than 8 years ago | (#15435728)

so if you have a relative who died who lived overseas and get a call and then have to tell your other family membersin the domestic u.s. about the bad news, i guess you're a terrorist!

How to get on the terrorist watch list (0)

Anonymous Coward | more than 8 years ago | (#15435755)

Grandma Ethel in France places a phone call to Granddaughter Becky in Georgia.

Grandma Ethel: Becky, your cousin Pierre and his wife had the baby! It's a healthy boy named George!

Becky: That's great news, Grandma Ethel!

Grandma and Becky talk for a bit. The conversation ends.

Becky calls 10 relatives in the United States to let them know the baby has been born.

Congratulations, Becky! You're now on the terrorist watch list!

Privacy be damned!

Simple answer? Kinda (5, Insightful)

Red Flayer (890720) | more than 8 years ago | (#15435756)

"Can data mining identify terrorists?"

No. It can identify people who have calling patterns associated with terrorist activity, regardless of whether they are a terrorist or not.

Note that these calling patterns cannot be used to associate that person with a committed or planned crime in the normal data mining scenario.

Data mining is unreasonable search.

Now, I have no problem if they've got evidence of a crime or plan of a crime, and use known information to deduce who might else be involved. That's investigative work.

Data mining is speculative work, not investigative, so regardless of whether it *can* be used for speculative 'research' into the activity of American citizens, it *shouldn't* be.

Re:Simple answer? Kinda (1)

RobertLTux (260313) | more than 8 years ago | (#15436038)

heres a big problem with "data mining"

imagine that you wanted to hit #target you would have a number of things you would need
split the list into sections CONTACT USING VARIOUS OTHER MEANS your "group"
then when the time is right make one phone call and say
"its time to run emerge -fu bunnyslippers" or post this to a common website.

can the TLAs connect the dots??? (hmm wasn't that the problem with...)
if you do this right nobody has the complete details the entire group is not connected
and it may only have one phone call

Re:Simple answer? Kinda (1)

Kohath (38547) | more than 8 years ago | (#15436051)

Data mining is unreasonable search.

Data mining isn't a search (in the terms of "unreasonable search and seizure") at all. You aren't being searched.

I guess I know what order to make my calls in now (1)

Unski (821437) | more than 8 years ago | (#15435767)

..ring the relatives overseas, make a three or four national calls to other relatives and then finally top it all off with a couple of calls to local friends. Excellent. I love the idea of wasting the NSA's time; if they are distracted by wasting their time on this, then can't possibly be spending that time fucking over the American public. Think of it as a service I'm providing, courtesy of your friends Over The Pond.

Spooks and social networks (1)

packetmon (977047) | more than 8 years ago | (#15435775)

I wrote an article about spooks and social networks a while back when I used to use Orkut... Many thought it was far fetched... Imagine that... Cached Article [tinyurl.com]

Historical != predictive modeling (2, Interesting)

qwijibo (101731) | more than 8 years ago | (#15435786)

This approach to finding patterns works well in marketing where getting a 1% rate of sales to contacts is a good response rate. The problem with using this approach for anything in the real world is the 99% of the time you're wrong.

They looked at the history of a few people and found a pattern. Now that the pattern has been disclosed, only historical information is likely to have any merit. If the people controlling the communications know this is a way to be found, after getting a call from a watched country, they'll have the people go somewhere else and send emails or otherwise use a different channel for communication.

Knowing all of the data points isn't enough if you don't know which ones in different databases (phone, email, etc) are related and why.

What ever happened to.... (5, Insightful)

beheaderaswp (549877) | more than 8 years ago | (#15435794)

What ever happened to "Live free or die", "Give me liberty or give me death", or "Those who are willing to sacrifice their basic liberties to assure their security deserve neither."?

Those quotes are not just platitudes... they are *good ideas*.

Keep the canned patriotism, give me my rights, and I'll just take my chances.

Re:What ever happened to.... (4, Insightful)

mrchaotica (681592) | more than 8 years ago | (#15435920)

Indeed, all this bullshit about "stopping terrorists" or even "supporting the troops" does not represent patriotism, but the quotes you mentioned do. All American citizens ought to be reminded of that.

Re:What ever happened to.... (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15435952)

What ever happened to "Live free or die", "Give me liberty or give me death", or "Those who are willing to sacrifice their basic liberties to assure their security deserve neither."?

The people who said those things died a long time ago, and their descendants value the ability to watch television, eat McDonalds and shop at Walmart much more than any abstract concept of freedom. If you want to know what the American Dream has turned into, switch on your television. Perhaps American Idol, which is literally based around the country idolising people not for their intelligence or their contribution to humanity, but for their looks and ability to carry a tune.

Keep the canned patriotism, give me my rights, and I'll just take my chances.

"Give me my rights"? Rights are not something you ask for, they are something you always have and must defend. What have you done to defend them?

Re:What ever happened to.... (1)

beheaderaswp (549877) | more than 8 years ago | (#15436050)

What have I done?

I speak out without fear in defense of *my rights* while the morons you mention watch TV.

Wasn't that apparent? Or is this another episode of "Bash the Patriot"?

Go watch TV. That's all you are good for.

Re:What ever happened to.... (1)

Maxo-Texas (864189) | more than 8 years ago | (#15436081)

Those worked in a world model where certain rules of honor and civil behavior prevented people from behaving in certain ways.

If the british had had explosives and a willingness to sneak into those states and blow things up, then they would have been forced into the same surveillance methods we are being forced into.

The only way to stop it is to eradicate people who do not follow civilized behavior

It might work (1)

aadvancedGIR (959466) | more than 8 years ago | (#15435820)

If suddently all the FBI agents are overwhelmed with an incredibly huge list of apparently unrelated suspicious (but ultimately bogus) call sequences to investigate, it might be the sign that the terrorists are on something and don't want any good guy around their sneakernet.

sensitivity vs specifcity (2, Insightful)

Anonymous Coward | more than 8 years ago | (#15435821)

The last question in the post is ill posed: can data mining find terrorists -- the answer is yes. Simply set the threshold low: select anyone who has used a phone at any time and you'll likely get most terrorists. The problem is not sensitivity -- the real problem is specificity. If you have no or low specificity then the FBI will be investigating everyone (even those who "have nothing to fear since they have nothing to hide"). Specificity is where the search process interfaces with the Bill of Rights on right to privacy and protection from unlawful search and seizure. High specificity would allow the courts to work by granting warrants; low specificity degenerates into witch hunting.

Sounds like a traditional IDS (2, Interesting)

isa-kuruption (317695) | more than 8 years ago | (#15435848)

Dismissing the legality and morality of doing this...

Let's look how most Network Intrusion Detection Systems work today, including the OSS favorite Snort [snort.org] .

We start off with a bunch if signatures. These signatures are analyzed against including network traffic. A signature is matched, an alert is sent out (syslog, mysql, whatever) and my little console displays the alert. I analyze, determine it's a "false alert". I try to tune it out, maybe, depending on frequency and annoyance, and continue on to the next (false?) alert. If the alert is deemed true, I determine if we were hacked or if something more serious is going on. Usually, I get other people involved.

Sounds like the NSA's system is very similar to the job of our favorite IDS operator. In fact, it's exactly the same thing. Some softwatre looks for patterns in telephone network traffic. Once these patterns are found, they do a quick check (basic analysis) to confirm the pattern has matched. Then, the alert is passed on to a different team to investigate whether there is a more serious event or not.

Are there false positives? Yes. Are there false negatives? Yes. Does this mean the method is ineffective? No. Does this mean it should be shut down? No. If it did, why am I, and thousands of others, getting paid for everyday?

Re:Sounds like a traditional IDS (0)

Anonymous Coward | more than 8 years ago | (#15436088)

However, IDS doesn't get you put in Jail (if lucky) or quietly "removed" (if unlucky). It just means you cannot access that machine/network.

Now, if the US government had no more power than your local network admin, then this wouldn't be a problem. However, those basts are all well armed and have NO sense of humour.

Re:Sounds like a traditional IDS (1)

runlevel 5 (977409) | more than 8 years ago | (#15436101)

Are there false positives? Yes. Are there false negatives? Yes. Does this mean the method is ineffective? No. Does this mean it should be shut down? No. If it did, why am I, and thousands of others, getting paid for everyday?

Hey, I think it's great that you and many others are making money managing networks, scrutinizing packets, etc, I am not a packet.

Of course this works! (2, Funny)

Tired and Emotional (750842) | more than 8 years ago | (#15435857)

I mean its obvious.

A band leader gets a call from a booker in Europe who wants them come play.

The band leader calls all the band members to line them up for the tour.

They cancel any local gigs that overlapped.

Those venues or bands call other bands or subs to fill those spots.

Result: The NSA gets to be first in line for tickets.

False leads? No way! (2, Interesting)

Pedrito (94783) | more than 8 years ago | (#15435862)

How could those calling patterns ever cause false leads? Surely terrorists operate like clocks and do everything by the numbers.

Okay, here's an example of how stupid the example given is (and it's not the example that's stupid, it's the intelligence community): I'm an American I have good friends, or maybe family living overseas. Let's say my brother lives in Germany and he just called me to tell me that his wife had a baby boy. So, what am I going to do? Call everyone in my family and anyone that knows my brother well and say, "Guess what, they had a baby boy."

The fact is that, with calls between friends and family overseas in particular, the calls are not infrequently going to be some sort of major or semi-major news that the person in the States is then going to want to share with other friends and family. If the FBI is getting hit with all this garbage, I'm surprised they find time to do anything else.

I'm not saying this stuff can't be used to find terrorists, but at what expense? I would imagine there are much more effective ways to spend the money.

To bring the example a little closer to home, back in the early 90s when export restrictions on encryption were quite a bit tighter than they are now, I was asked by an uncle of mine (who's a venture capitalist) to do a little research into encryption. He had been approached by a group that had come up with some new encryption algorithm and he wanted me to get some sort of feel for how theirs stacked up.

So, I go onto Usenet and start asking some questions, trying to educate myself on this stuff. A few weeks later, I'm talking to one of my neighbors and she says, "So, did you get that job at the White House?" I said, "What job at the White House?" She said, "Well, there were some agents from the State Department here asking questions about you and they said it was for a job at the White House."

Now, I'm no rocket scientist, but I can do the math. Ask about encryption, agents show up. I suspect the two were related. I'm sure they were probably NSA agents since encryption is really more of their deal, or maybe State Dept. agents tasked by the NSA. But whatever.

Had they even looked at my file, which I'm sure they had since I had a full background check for a security clearance a few years prior, they would have quickly discovered that I'm someone of little consequence and not a likely spy. But no, they had to send out a couple agents to investigate me asking questions that anyone from anywhere around the world could have posted on Usenet. What a complete waste of time and money. And it's not like you couldn't just download regulated encryption algorithms off the net at the time anyway.

But I digress. Spending money to protect us is fine, if it's spent wisely. This is costing time of valuable people and untold amounts fo money for what is sure to be barely usable information. But hey, that should come as no shock to anyone.

Re:False leads? No way! (1, Interesting)

Anonymous Coward | more than 8 years ago | (#15435936)

At NSA HQ.
Okay, here's an example of how stupid the example given is (and it's not the example that's stupid, it's the intelligence community): I'm an American I have good friends, or maybe family living overseas. Let's say my brother lives in Germany and he just called me to tell me that his wife had a baby boy. So, what am I going to do? Call everyone in my family and anyone that knows my brother well and say, "Guess what, they had a baby boy."


conclusion: Pedritos "brother" has a "baby boy".
decision: Arrest Pedrito and his dealer network, send them to Egypt and other friendly coalition countries for some "extraordinary rendition".

Re:False leads? No way! (1)

tehcyder (746570) | more than 8 years ago | (#15436015)

they had to send out a couple agents to investigate me asking questions that anyone from anywhere around the world could have posted on Usenet
You know when you're told not to post your plaintext email address on Usenet?

It sort of applies to your actual house number and street name too.

Aargh! Modded down while trying to mod up (1)

barutanseijin (907617) | more than 8 years ago | (#15436091)

I don't know if it's my fingers, the trackpad, Firefox, or Slashdot, but this isn't the first time this has happened to me.

Just for the record, I thought that this was an interesting story. Is there any way to undo moderation other than by posting?

Such as when, (1)

macdaddy (38372) | more than 8 years ago | (#15435863)

such as a call from overseas followed by a flurry of domestic calls are used to identify leads

...for example, a relative from overseas calls to say that Uncle Buck died in his sleep last night. Or when your daughter who's living abroad calls to say that she's fallen in love and is getting married. What do you do after receiving such a call? You call all the members of your family. There are 2 trivial scenarios that break the system.

Re:Such as when, (1)

plasmacutter (901737) | more than 8 years ago | (#15435928)

In the middle ages they used to take dead plague victims and catapult them over the walls of cities they were trying to besiege.

These "people" who are calling about uncle buck are really trying to commit bioterrorism! The people calling about the marriage happen to be of the same sex.. there committing "Marriage terrorism"! Why otherwise would they be setting of the NSA's infallible terrorist detector.

Remember what fox news says, you have nothing to fear if you've done nothing wrong, just make sure youve done nothing wrong folks! ; )

Just throwing out a thought (1)

GearheadX (414240) | more than 8 years ago | (#15435864)

Is it a sign that this technique is grasping at straws that I can think of one instance where this calling pattern would pop up that is totally legitimate in the first ten seconds of thinking about it?

The overseas shipping industry.

Why make this public? (1)

thePig (964303) | more than 8 years ago | (#15435879)

Why did they make this public?
Since the terrorists already have a network, they will just put more safe-guards on this, i.e. all.
Now the person, instead of making calls from the same line where it recived the intl call, might start calling others using different lines.

or - other safe-gaurds as such.

Obscurity does have its advantages.

It' a boy!!!! (2)

arthurpaliden (939626) | more than 8 years ago | (#15435880)

So how many times has this happened. One call to aunt Martha, who then spreads the workd and then gets a visit from the FBI or agents of HS.

False sense of security (4, Insightful)

HangingChad (677530) | more than 8 years ago | (#15435894)

Cheney accuses those he disagrees with of hoping our oceans defend us against terrorism, yet this bungling administration picks technologies that are both invasive to the innocent and ineffective in locating the guilty. We're spending billions on efforts that, at best, won't work and at worst will draw resources away from things that will be effective.

There was a local news story about a terrorism suspect who was picked up locally because of a tip from a flight school. Not from monitoring his phone calls, not by fingerprinting him when he came into the country, not by spy plane, satellite or any other whiz bang technology. Just a clerk at a airport counter in the middle of bf nowhere. And that's the sensor net that offers the best hope we have of combating terrorism. The clerk at the store, the landlord they rent from, the agent at the ticket counter, the hotel clerk, rental car company, bell hops, and neighbors. It's not depending on the government to keep us safe because they can't. Government is too big and too slow to respond to a ever changing threat landscape. Had we not spent the last five years alienating the muslim and mid-eastern communities in this country and abusing the few Arab allies we have in the mid-east, we might have been able to develop a community network that would have been effective and inexpensive (in relative terms).

No one seriously believes oceans can defend us, just like no one can seriously believe all the invasive technology being loosed on the people paying the bills is going to be any more effective.

It's all really quite insane.

try a darknet! (0)

Anonymous Coward | more than 8 years ago | (#15435912)

Try connecting to a dark net such as AnoNet, to keep your communication secure.

http://anonetnfo.brinkster.net/ [brinkster.net]

Probably just another conspiracy theory, but... (1)

martinultima (832468) | more than 8 years ago | (#15435935)

Says who that the NSA doesn't have something like TRANSLTR [wikipedia.org] ?

Getting off the hook (1)

GrEp (89884) | more than 8 years ago | (#15435939)

The real question is how many crooks are going to get off the hook because of this? Obtaining phone records without a warrant and then passing them to the FBI is going to get more than a few convictions vacated.

Pipe Dreams (5, Insightful)

Khammurabi (962376) | more than 8 years ago | (#15435943)

Can data mining identify terrorists?
Not really. Computers are good at recognizing patterns only when there is a large repository of data to "train" the computer with. For example, neural networks [wikipedia.org] are often better at recognizing patterns than if a person were to program a set of rules into a system. Man-made rules are often incomplete or lack the depth that a computer can bring to the table. A good example of this is Google Translate [google.com] , which is considered one of the better translation programs and is essentially an advanced neural net that was fed a huge wad of data to train from.

America's data set on terrorism is in the single digits, and the data they do have is only partially complete. This means the only system that can be programmed is a set of user-created rules that "flag" questionable behavior. The solution is a poor one and will only improve our chances at detection by a fraction of a percent. (Seems a huge price to pay for privacy trampling to me.)

In order to detect terrorism on American soil effectively, we'd need a larger data set. Otherwise we're just attempting to reverse engineer a process that essentially defines itself as dynamic enough to avoid detection. We'd need a frequent source of terrorism that we could derive models and nets off of. The immediate source that comes to mind is Iraq. If I were in charge of the NSA program, I think the best course of action would be to harness the call-traffic (satellite and domestic), email activity and other "data" that precedes suicide bombers (or other known acts of terrorism) in Iraq. Using this data you could train a system to recognize similarities in America. Short of that, anything the NSA is trying is a crap shoot.

No. Freeing up lines of communication, preparing quick and actionable responses to warnings, and better general population awareness are probably more effective than grabbing a billion pieces of data and sifting through it for answers. It's impossible for a human to know what to look for, and until the NSA comes clean in what it's actualy doing, there's no justification for stomping out the few freedoms we still have. There are better alternatives out there that can be done with the help of the community and still preserve the integrity of our privacy.

This Isn't About Terrorists (1)

Kozar_The_Malignant (738483) | more than 8 years ago | (#15435944)

This is about the US government spying on what it perceives as its biggest threat, its own citizens. The only terrorists they're going to catch with this are the mouth breathers and wannabees, like Moussawi. I can think of several far more secure ways to communicate than the freaking telephone. For one, drop your encrypted/stegged message into some high volume Usenet group in the alt.erotica.* hierarchy for your contact to surf by and pick up.

Pity the poor sod gets the call from his cousin Seamus in Belfast that their ticket in the Sweepstakes is into the final round. He hangs up and calls his six other cousins that are in the pool. Five FBI agents spend the next two months investigating this new IRA cell. 'Course you can't prove a negative, so even though no evidence is found, he might still really be in the IRA, so he gets a flag on his file with all the feds and a free body cavity search every time he tries to fly to Disneyland with his kids.

Guesswork? (1)

Eljas (911123) | more than 8 years ago | (#15435945)

Shouldn't they first do something like analyze the call patterns of known terrorists to find the call patterns that are associated to terrorism. Oh, so they haven't caught enought terrorists to make reliable statistical analysis? Maybe they should lower the bar of considering someone terrorist.

Politicians and Terrorists (1)

babbling (952366) | more than 8 years ago | (#15435953)

Don't politicians make lots of phone calls, some of which would be international calls? I knew it! Damn terrorists.

Too much information (1)

Honorbound (521347) | more than 8 years ago | (#15435954)

There have been complaints that low-quality leads are drawing agents away from other cases.

Aside from the obvious privacy implications, this is what bothers me most about this program. We had enough information to stop 9/11 before it happened, but that information did not flow to the right people. Now, instead of making info flow the primary concern, they've added more data to the system. The likely result? More gridlock, and more missed opportunities.

Templates? (1)

phorm (591458) | more than 8 years ago | (#15435975)

Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads, which are forwarded to the FBI for investigation.

Hmmm. So your father/son/sister/mother/brother/cousin/etc had some dramatic event happen overseas. Perhaps he was injured, or mugged, or perhaps everyone was just worried about him and he called to let you know he was safe.

One phone-call to the homeland, a bunch of calls among relatives and friends to pass the information along.

Sounds like it fits the pattern to me. In fact, this pattern would match up for overseas calls in many instances. In other words... useless.

A different view (1)

thePig (964303) | more than 8 years ago | (#15435991)

on why they might have sent the tracking patterns out.

Actually, compared to the local calls, a very high fraction of international calls (esp. from the countries mentioned pak, middle east etc) would have the reciever following up the news rxd to other family members in america.
Since the intl call costs are quite high, the caller invariably asks the person to forward the message to everyone. This is going to be a big mess to be sorted out.

Now, the terrorist organisations would be on the lookout for any tracking patterns, and would get this flagged to all sleeper cells here. From now on, the messages sent to sleeper cells would have different behaviour -i.e. the people would use other phones to get the message out, or email or something.

Since NSA already have data for the numbers with the earlier patterns, any change in pattern would be flagged and would have a higher % capture rate.

Others would not care to change the patterns at all.

BAD! BAD! BAD! (1)

MaxPower2 (976000) | more than 8 years ago | (#15436008)

I hope that the NSA and other organizations stop this and other similar data mining project now. There will be just as many or more false positives as actual leads to terrorists. We are talking about an endless stream of possibilities to account for and no two scenarios are guaranteed to be the same. We are talking about determinism here. Why do you think weather men are wrong half the time? I can see it now, my wife has a baby in Europe and decides to call the US to tell people. Those people she calls in the US proceed to call all of the family in the US. Is she a terrorist? Better yet, is Grandma a terrorist?

What a Waste of Time (1)

ras_b (193300) | more than 8 years ago | (#15436014)

"Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads, which are forwarded to the FBI for investigation.

So recently my uncle died. He lived in Thailand. My mom (his sister) received a call from overseas, then obviously called every relative here in the U.S. We even called travel agents and airlines trying to arrange last minute travel. So by the FBI's reasoning, we should be investigated for this "suspicious" activity. There are so many more legitimate reasons to receive an international call, then make several domestic calls, than there are suspicious ones. What a waste of resources.

are they admitting to something? (3, Interesting)

oyenstikker (536040) | more than 8 years ago | (#15436022)

Armed with details of billions of telephone calls, the National Security Agency used phone records linked to the Sept. 11, 2001 attacks to create a template of how phone activity among terrorists looks, say current and former intelligence officials who were briefed about the program. (from the USA Today article)

Are they admitting to collecting details on domestic phone calls _before_ 9/11?

Simple answer (3, Insightful)

radtea (464814) | more than 8 years ago | (#15436048)

Can data mining identify terrorists?

No.

But it can identify people with large extended families who have relatives overseas and get an important call about a death in the family, notify all their North American relatives, and then have government agents show up on their door.

Every single pattern-based terrorist screening method I have heard about sounds like something dreamed up in an air-conditioned office by some dork who never gets out very much and thinks all people are basically like him (and anyone who isn't ought to be subject to government investigation.)

Hanging around public buildings taking pictures? Must be a terrorist. As opposed to say, just interested in taking pictures of public buildings because modern-day monumental architecture happens to turn you on.

Want to learn to fly a 747 but don't have any interest in a career as a pilot? Must be a terrorist. Unless you happen to be fascinated by aircraft and think that a few weeks of flight school would give you bragging rights to die for at your local RC club.

Like to pay with cash, even for purchases in the thousands like furniture or maybe a car? Must be a terrorist. Or maybe you don't qualify for a chequing account, or are just a little bit paranoid, or just don't fucking feel like doing anything else.

These sorts of unvalidated, non-empirical, "feels like the right thing to me", ad hoc, imaginary "patterns of suspicious activity" are a major threat to freedom because they demonize and may even criminalize deviancy from the norm. It is a characteristic of unfree societies that deviancy from the norm is not just looked at asscance by the majority of the population, but is viewed as grounds for suspicion of the most heinious acts.

Furthermore, such datamining solutions are not able to identify terrorists reliably even when they have all kinds of intelligence data entered into them. A report on the chilling-named MATRIX [fas.org] system indicates that the system was only able to identify 5 of the original 9/11 hijackers in a retrospective test, a 75% false negative rate, and it further identifed 120,000 other Americans who had a "high terrorism factor." Supposedly "scores of arrests" resulted from that list, although no one knows what the arrests were for or how many of those were sucessfully prosecuted. The odds are most of them were for drug possession charges that were laid as a result of the increased scrutiny certain individuals got by virtue of wholey baseless suspicions of terrorism. But let us grant 60 successful prosecutions for terrorist-related activities. That's a false positive rate of over 99.9%

And that was when the system was loaded with specific intelligence data, which is no longer the case.

Given the complete failure of such systems to detect terrorists in retrospective studies, and the horrifically high false positive rate, and the chilling effect such programs have on the freedom to be different, it is very hard to believe that their real purpose is to spy on Americans and impose a high degree of conformity on American society.

NSA's worst nighmare (0)

Anonymous Coward | more than 8 years ago | (#15436053)

Mothers' Day

Reason seems pretty obvious to me ... (1)

Richard W.M. Jones (591125) | more than 8 years ago | (#15436072)

Templates" such as a call from overseas followed by a flurry of domestic calls are used to identify leads,

As in:

(Call from somewhere in Europe): Hi Mom, great news, it's a baby boy!

(Multiple calls to relatives in US): Hey [mother/sister/brother/uncle/aunt], Jeff and Jane have just had a baby boy!

(Next day): FBI! We have the place surrounded! Come out with your hands up!

...

Rich.

Re:Reason seems pretty obvious to me ... (1)

Richard W.M. Jones (591125) | more than 8 years ago | (#15436089)

Wow, everyone had the same idea :-)

Mod me redundant ...

Rich.

Wasteful (1)

paiute (550198) | more than 8 years ago | (#15436078)

Just as generals are always fighting the last war, the police are always solving the last crime. Terrorists are crazy but not stupid. High-tech methods are much less valuable than old-fashioned boots-on-the-ground mole-in-their- midst human intelligence.

How hard could it be to find terrorists? (1)

AndroidCat (229562) | more than 8 years ago | (#15436092)

Pick any one person, follow their social network out to six degrees of seperation, and you'll have terrorists. Lock all of them up. Problem solved.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...