NSA Sweep "Waste of Time," Analyst Says

http://www.defensetech.org/archives/002399.html


"Every Call Ever Made" in NSA Database
NSA Sweep "Waste of Time," Analyst Says

It'd be one thing if the NSA's massive sweep of our phone records was actually helping catch terrorists. But what if it's not working at all? A leading practitioner of the kind of analysis the NSA is supposedly performing in this surveillance program says that "it's a waste of time, a waste of resources. And it lets the real terrorists run free."

Re-reading the USA Today piece, one paragraph jumped out:

This kind of data collection from phone companies is not uncommon; it's been done before, though never on this large a scale, the official said. The data are used for 'social network analysis,' the official said, meaning to study how terrorist networks contact each other and how they are tied together.

So I called Valdis Krebs, who's considered by many to be the leading authority on social network analysis -- the art and science of finding the important connections in a seemingly-impenetrable mass of data. His analysis of the social network surrounding the 9/11 hijackers is a classic in the field.

Here's what Krebs had to say about the newly-revealed NSA program that aims to track "every call ever made": "If you're looking for a needle, making the haystack bigger is counterintuitive. It just doesn't make sense."

"Certain people are more suspicious than others," he adds. They make frequent trips back-and-forth to Afghanistan, for instance. "So you start with them. And you work two steps out. If none of those people are connected, you don't have a cell. Because if one was there, you'd find some clustering. You don't have to collect all the data in the world to do that."

The right thing to do is to look for the best haystack, not the biggest haystack. We knew exactly which haystack to look at in the year 2000 . We just didn't do it...

The worst part -- the thing that's most disappointing to me -- is that this is not the right way to do this. It's a waste of time, a waste of resources. And it lets the real terrorists run free.

INTERESTING WEBSITE--MORE FOLLOWS

used for something that would better serve the nation. :eyes:

edit: along with most of Louisiana and Mississippi and more...


(Trying to quit thinking of it as only NOLA that was hit. My bad.)

admin. is mining for some information OTHER than terrorist cells! It could be ANYTHING! Maybe politicl adversaries, maybe opposition candidates, maybe politicians in your own party who have disagreed with you, maybe insider corp. info for an advantage in the stock market.

I've been saying all along that if finding terrorist links was the REAL goal of this Admin. there are better methods than gathering total information, which provides SO MUCH information, it's totally unuseable! There MUST be other reasons, and we can only speculate what they might be!

...to the current scandal is being used for, as the NSA says, social network analysis in domestic situations.

Obviously, it is a poor methodology for data collection that would lead to directing the spooks to terrorist cells.

We should theorize via reverse engineering what exactly the type of data the NSA is collecting is designed to provide, post-collection, in analysis.

The obvious answer is that it will provide the security agency with a map of social relationships of American citizen-to-American citizen relations.

Deducing beyond this could prove interesting.

Donors to political opponents, different categories of activists and the level of their activism, the possibilities are intriguing and quite literally limitless.

bushit boy's people and round us up when they so deem us a threat because of our voices to the bushit boy's crap-a-long OCCUPANCY of the white house.

...US visitor and population haystack, and you're the NSA with all the best tools known to mankind, then you use a powerful magnet on a statistically meaningful haystacks, in real-time.

But if what you're doing is methodically databasing every haystraw from every haystack that is ever bailed together, and continue collecting data on every haystraw in perpetuity, all to be available to be run through a filter that's looking for social network analysis, that's a different methodology.

I work in information security. When brokerages and trading floors retain data of every trade, they can feed that data through filters that look for relationships that give brokers an advantage in future trading.

We keep aggregated audit log files from servers and firewalls and other sources sometimes. Not always and not all servers, because of the cost and difficulty of using these types of archival data. Sometimes we keep them for several years, for fiduciaries and banks, due to laws requiring the maintenance of records. But this is, generally speaking, somewhat unwieldy data.

When a breach occurs, sometimes we can feed log files through filtering technology to look for specific events that will give us information sometimes on how the breach originally compiled, now that we can filter against the general "attack static" for a specific kind of attack result. This is one way to source back to the originator of an attack.

However, real-time intrusion detection data that is processed on-the-fly is far more common a defense strategy.

We keep both things in our security methodology...but it's painful sometimes to filter through gigs of old aggregate data.

I don't buy that the NSA telco data collection rings true for what we're hearing as the reason for collection.

This sounds a little like Nixon's "enemies list" on supercomputing steroids.

Just don't reach out and touch anybody. Kill two birds with one stone, even: Surrveillance and the phone companies. Get the minimum service, and only use it to call 911 or the office.

I'm thinking of journaling a essay backgrounding INSLAW and comparing and contrasting INSLAW to the current TelcoGate.

Because the "social network analysis" really traces back to INSLAW...a very black-ops connected witches' brew of a scandal.

INSLAW is quite a mystery story. It's complete with murder and accusations the US stole software from an early programmer to use as a "social network analysis" database...and that the US gave away software to many countries free of charge that had a "back-door" whereby the spooks could pull information to aggregate information and compile the world's best globally comprehensive "social network analysis" mapping.

The spooks have been besotted with this "social network analysis" meme for a long, long time now. And our spooks aren't the only intelligence agency in the game, from what I've heard working for the .gov, defense contractors, and a US company that creates security software over the years.

That's why the push for Total Information Awareness (TIA), Tailhook, Eschelon, Carnivore, et. al. has never surprised me.

It's the SCOPE of the current collection and the target that DOES bother me, this scandal.