Schneier on Security
A blog covering security and security technology.
« Driver's License Printer Stolen and Recovered |
| House of Lords on the Liquid Ban »
October 31, 2007
Programming for Wholesale Surveillance and Data Mining
AT&T has done the research:
They use high-tech data-mining algorithms to scan through the huge daily logs of every call made on the AT&T network; then they use sophisticated algorithms to analyze the connections between phone numbers: who is talking to whom? The paper literally uses the term "Guilt by Association" to describe what they're looking for: what phone numbers are in contact with other numbers that are in contact with the bad guys?
When this research was done, back in the last century, the bad guys where people who wanted to rip off AT&T by making fraudulent credit-card calls. (Remember, back in the last century, intercontinental long-distance voice communication actually cost money!) But it's easy to see how the FBI could use this to chase down anyone who talked to anyone who talked to a terrorist. Or even to a "terrorist."
Posted on October 31, 2007 at 12:03 PM
• 12 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
"Hancock" just doesn't sound right, it doesn't have that zip or pizazz for a language optimized for this sort of purpose.
What the summary doesn't hammer home is that this is more than an academic exercise. Quoting the Wired blog:
"But it's of interest to THREAT LEVEL because of recent revelations that the FBI has been requesting "communities of interest" records from phone companies under the USA PATRIOT Act without a warrant. Where the bureau got the idea that phone companies collect such data has, until now, been a mystery."
If their data mining algorithms are so high tech, why haven't they shared some of that expertise with the accounting and HR departments?
I bought several iPhones for the family and signed us up for AT&T wireless service. One salesman gave me a free $150 Nokia just to get a slightly larger bonus from the new non-iPhone account.
Changing area codes took three hours at AT&T store counters, and they "lost" $2,000 in deposits because these had to be transferred manually through several systems by means of various employees emailing each other. Good thing it's so hard to forge RFC822 emails!
Finally a smart store employee called the external customer support 800 number and read out my account, password, and SSN suffix from his screen, after asking me for nothing more than my phone number, and told them what changes to make.
If these same people are in charge of finding terrorists, either they have an excellent cover, or we're in serious trouble.
I always thought that analyzing call data (who's calling who) is a lot like google's page rank.
PageRank is really nifty. Building some sort of AI that can read pages and decide which one on a given subject is best is impossible. But ignoring the content of the page, and ranking them through an analysis of the topology of the links is easy.
In practice, though, the topology does a pretty good job of telling you which pages are best.
So it doesn't seem like that crazy of a stretch to think that looking at the shape of the graph that phone calls make could, in fact, give you useful information about the content of those calls, even though the content wasn't being analyzed.
Obviously, if someone pops up, you'd have to have a human being double check.
I have really mixed feelings about this, because I'm very much opposed to the massive wave of surveillance that's washing over us, but I'm kind of excited by this technology.
It might be that I'm totally wrong about it, though. This is not anything I have expertise in.
Going OT: "(Remember, back in the last century, intercontinental long-distance voice communication actually cost money!) "
Yeah, it still does. A lot. Maybe not if you're in the US or the UK, but in other countries it's still pretty expensive. (And before anyone mentions VOIP - yes, but broadband is paid for by the Gb, and it's pretty expensive too).
Hmm, "Guilt by Association" eh? I'm sure glad I'm back in High School working for the local Pizza Hut! I can only imagine the number of times that the local fast food chains get flagged as a "suspect of interest".
Of course that would also be an excellent cover tactic. Get a few bad guys working the phones and taking orders, but when another bad guy calls in their order can be coded words. The order delivery is the other half of the code.
Heck, even if the pizza guy wasn't a "bad guy", he could still be used to deliver messages this way.
(Maybe I've been reading too many trashy spy novels lately...)
IF (and I do mean if!) I was a "person of interest" to terrorist hunters, I would be tempted on this basis to open up a phone book and start making calls to random people. I could easily make 100 meaningless calls per one good one. And imagine the turmoil having the FBI go and check out each one of these potential terrorist cells. In fact, with VOIP, it is essentially free!
If the ooma device (http://www.ooma.com) became prevalent, this analysis would become much more difficult. It's likely no single company would have all the data available to them to connect the dots. Unless ooma keeps records of all end-points...
There's always the old 'Domino's Effect', in which a Domino's pizza outlet in Washington D.C. claimed it could predict major shifts in foreign policy based on an increased number of pizza orders from the Pentagon...
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.