"Insider Threat" Detection Software

Notice this bit from an article on the arrest of Christopher Hasson:

It was only after Hasson's arrest last Friday at his workplace that the chilling plans prosecutors assert he was crafting became apparent, detected by an internal Coast Guard program that watches for any "insider threat."

The program identified suspicious computer activity tied to Hasson, prompting the agency's investigative service to launch an investigation last fall, said Lt. Cmdr. Scott McBride, a service spokesman.

Any detection system of this kind is going to have to balance false positives with false negatives. Could it be something as simple as visiting right-wing extremist websites or watching their videos? It just has to be something more sophisticated than researching pressure cookers. I'm glad that Hasson was arrested before he killed anyone rather than after, but I worry that these systems are basically creating thoughtcrime.

Posted on February 27, 2019 at 6:22 AM • 55 Comments

Comments

WinterFebruary 27, 2019 8:27 AM

"but I can't find anything in either of those articles that amounts to evidence he committed any crime."

I do not know how it is in the USA, but preparing a terrorist attack is a criminal offense in most countries.

This guy seems to have followed the example of Anders Breivick very closely. If you prepare to follow the example of Anders Breivick, then you should be stopped. Period. Doing otherwise is foolish.

Bruce SchneierFebruary 27, 2019 9:04 AM

Note to commenters: the discussion is about threat detection software. It is not about gun control policy in the US. I just deleted a slew of comments and counter-comments about guns, and will continue to delete those posts when I see them.

There are lots of places to debate guns on the Internet. This is not one of them. Thank you for your understanding.

TimHFebruary 27, 2019 9:23 AM

These a basic problem with any of these programs, whether stopping kids and searching for drugs or guns, or analysing social media posts, or looking for key words on searches.

It's used as a targetted weapon against a subset of society.

So when the police stop and search mostly black kids, the statistics for kids with a reefer come up with mostly black kids, even if useage is evenly spread across race.

So, I ask... is everyone going to analysed real time (and acted on), or just the dissenters of the moment? Think Cointelpro.

Just MeFebruary 27, 2019 9:25 AM

My first thought on this topic wasn't terrorism, but rather plain old IT sabotage or data leakage.

It may prove useful to monitor unusual internal data access & volume. Imagine an unhappy IT admin that suddenly is reading (copying) terabytes of data. That should be a red (yellow?) flag for further investigation.

tazer2000February 27, 2019 10:03 AM

"but I worry that these systems are basically creating thoughtcrime." Bruce S.

I think your right to worry. But let me add:

The history of human civilization can be viewed as a power struggle between people and the various groups with which they identify. A person or groups relative levels of "power" can be conceptualized in terms of a zero-sum game, because it is such that there must be winners and losers, oppressed and oppressors. The evolution of technology has empowered the individual like never before. Currently, I can do the work of tens of thousands of men everyday, if I have tractor. If I have produce to sell, with an automobile I can drive to a large farmers market 50 miles away to hawk it. Who needs a storefront for a service based business when I can just make a website. Who needs delivery trucks when I can just have it shipped. Or perhaps I'd like to eliminate a large number of people for some perceived wrong. Start up the old 76 chevy and find a crowded sidewalk (Might I add, mass carnage without me having to get out of my car seat *Thumbs Up*). Sooo...We have a natural inclination to engage in power struggles, while at the same time all involved parties grow more empowered by the day. At some point, any dominate group will desire to suppress any threat to there dominance. Simple as that. Thoughcrime appears to me to be a likely outcome of all of this...

AndyFebruary 27, 2019 10:06 AM

We haven't heard about a rash of malicious prosecutions at the Coast Guard, so I assume that the pattern analysis is more sophisticated than just "did he ever visit this website?"

False positives waste valuable investigative resources, and worse they mask true positives in a sea of noise. It's in everybody's interest (including those who might be unfairly investigated or charged) to tune pattern classifiers to a low rate of false positives. That will increase false negatives, but make it easier to action the positive events detected.

BillFebruary 27, 2019 10:45 AM

Andy, I suspect that many people designing these systems will look at the cost of a false negative - the potential death of innocents - as unacceptable. Thus they will tune the system to eliminates those, generating false positives and shrug saying "It's just the cost of safety."

TimHFebruary 27, 2019 10:49 AM

@Andy: "False positives waste valuable investigative resources". Yes, if everything will be investigated. But instead, investigations are selected. So false positives give a veneer of probable cause for harassing whoever is in control of the investigations chooses.

A case in point is those appallingly poor roadside drug tests.

VinnyGFebruary 27, 2019 10:56 AM

@Winter - Where in that article do you see compelling evidence that Hasson was actually "preparing a terrorist attack?"

CraigFebruary 27, 2019 11:07 AM

[Mr. Schneier - I'm a long time reade; first-time poster. Thx for your work, generally, & this blog in particular.]

"... I worry that these systems are basically creating thoughtcrime."

It's happening. From the WaPo article:

"The judge, Charles B. Day, said that it is unusual to detain a defendant based on the charges Hasson was facing and that the issue at hand is “all about the defendant’s state of mind and intentions.”


UEBA (User and Entity Behavior Analytics), in large part, is all about predicting malevolent acts before they happen. It entails establishing "standard" profiles of user and entity behaviors and flagging anomalous behavior.

Of course, it's all about analytics, algorithms and machine learning. Gartner estimates that UEBA will be folded into most SEIMs w/in a couple of years. And a lot of the frothy talk around UEBA is its supposed predictive abilities.

Pre-emptive detentions and arraignments are currently occurring based on these systems. We've arrived and there's no going back. Knowing that, the next step is to ask what the process is for error-checking and resolution?

As the reporter Peter Waldman put it, ""There is no algorithm for redemption, really."
https://www.wbur.org/hereandnow/2018/05/22/palantir-data-mining

Question answeredFebruary 27, 2019 11:13 AM

"Could it be something as simple as visiting right-wing extremist websites or watching their videos?"

Yes. Yes it can.

(required)February 27, 2019 11:17 AM

Thoughtcrime = you are to be PROSECUTED and punished proactively for having a thought or pursuing some idea, vaguely.

This = predicting where crime is LIKELY TO OCCUR and intervening or observing ahead of time proactively.

The two are related but not conflatable concepts.

Viewing right wing extremist crap is not a crime, but it may be a valid red flag for proactive follow up to prevent one.

tazer2000February 27, 2019 11:38 AM

In regards to actual algorithms...

Any machine learning algorithm is only as good as the data set used to train it. Both quantity and quality of the data matter, I'd say we got plenty of the quantity. The trick is to avoid any biases in the training data which would skew the results. Garbage in / Garbage out, as they say. Honestly, I suspect that human == innate biases. From an evolutionary standpoint, these built in biases are a necessity. The world is not a padded playpen, it is a very dangerous place and sometimes biases are a good thing because they increase the probability of survival. So the short a skinny. Cant have one without the other.

asdfFebruary 27, 2019 12:21 PM

@OP I worry that these systems are basically creating thoughtcrime.

These systems don't create thoughtcrime; they merely enforce it.

Political correctness is the thoughtcrime regime created by Progressivism. "Hate speech" is the expression of prohibited thoughts. "Hate" itself is a proscribed grievance. No progressive can allow himself to admit that someone he calls a "hater" could possibly have a valid grievance.

Progressivism with its proscribed speech and thoughtcrimes is now the status quo. It is the Establishment. Orwell himself could not have created a more precise taxonomy of control and oppression.

A new generation of radicals is needed to oppose it.

FaustusFebruary 27, 2019 12:26 PM

@ Craig

"There is no algorithm for redemption"

Sure it's a pithy saying, but that doesn't make it true. Data ageing, reducing the importance of data based on its age, is one type of algorithmic redemption. This approach can be honed by looking for.more current data in appropriate categories.

I'm sure there are other possibilities that could be developed if anyone had an interest. The fact is that we want forgiveness for ourselves and our friends and family, while have no interest in forgiving the long past "misdeeds" of.our "enemies".

It is humans that have a hard time forgiving. This is not an algorithmic problem.

notreallyanonymousFebruary 27, 2019 12:34 PM

> Andy, I suspect that many people designing these systems will look at the cost of a false negative - the potential death of innocents - as unacceptable. Thus they will tune the system to eliminates those, generating false positives and shrug saying "It's just the cost of safety."

False positives kill innocent people too.

parabarbarianFebruary 27, 2019 12:42 PM

Threat detection software sounds eerily like a nascent "social credit score" regimen similar to what the Chicoms are busy imposing on the citizens of China. The opportunities for abuse and corruption are legion.

Remember, even if you are innocent of the crimes the Feds and the lapdog media are claiming you can still be convicted and imprisoned. The process is not hard. First find some discrepancy between an agent's notes from an interview versus an actual statement by the accused. Then leverage that into a violation of 18 U.S. Code Section 1001. (Such legal chicanery is sometimes referred to as a "Martha Stewart" strategy). One reason you *never* talk to the Feds without a lawyer present. Ever.

Bruce's concerns are justified. So far only one charge looks legitimate. The others are either charge stacking or vague allusions to thoughtcrimes.

solaricFebruary 27, 2019 1:39 PM

Any detection system of this kind is going to have to balance false positives with false negatives.[...]but I worry that these systems are basically creating thoughtcrime.
I don't think your fears are justified in this specific area, or at least not by this case, because a detection system like this is merely another starting point for an actual investigation. I don't see how it's really any different from an anonymous tips thing for example, which will also receive plenty of "false positives" (be they malicious or not). Actual investigators then still have to actually take a closer look and find more concerning hard evidence, which then justifies warrants, which then need to find evidence that is prosecutable. If all they ultimately find is something "as simple as visiting right-wing extremist websites or watching their videos" then there's no case, investigation closed, simple as that.


It'd be something else entirely if firing/jailing was being done purely on the basis of a program like this, but that's not the standard here one bit. I'm honestly kind of confused why this jumped out at you and raised your concerns vs all the other endless fuzzy ways investigations have gotten stared for the entire history of human legal systems. Everything fundamentally begins with wide fuzzy nets which necessarily have very high false positives, much of which will be noise and get tossed. Concerns there tend to be if such subjective assessments move into discrimination based on natural attributes, harassment from false positives, etc, but it doesn't appear to be the case here. He's not in trouble for thoughtcrime, he's in trouble for concrete actions. Could you maybe elaborate further on what you see as the point of concern in general?

AJWMFebruary 27, 2019 1:44 PM

"UEBA (User and Entity Behavior Analytics), in large part, is all about predicting malevolent acts before they happen. It entails establishing "standard" profiles of user and entity behaviors and flagging anomalous behavior."

In Philip K. Dick's story "The Minority Report", they called that Precrime. It is indeed now a thing.

From the story: "in our society we have no major crimes ... but we do have a detention camp full of would-be criminals." In other times and places, many of those might be called political prisoners.

AJWMFebruary 27, 2019 1:53 PM

Viewing right wing extremist crap is not a crime, but it may be a valid red flag for proactive follow up to prevent one.

What about viewing left wing extremist crap? Or Islam extremist crap? Or Branch-Davidian? Or Mormon? Or ....

Where is that line drawn, and, more importantly, who draws it? And just how "proactive" is that follow-up prevention? Re-education camps?

solaricFebruary 27, 2019 2:10 PM

AJWM • February 27, 2019 1:53 PM What about viewing left wing extremist crap? Or Islam extremist crap? Or Branch-Davidian? Or Mormon? Or ....

Where is that line drawn, and, more importantly, who draws it? And just how "proactive" is that follow-up prevention?


Do those have correlation the same way the right wing does or not? It's quite possible they do, but also that for whatever reason they don't. You're acting like there is some basic principle at stake here where investigators have to be "fair" towards wildly different things, but you haven't justified that. If one kind of "extremist crap" is directly calling for violence while another is calling for political votes in primaries say, they aren't equivalent regardless of what "side" they're on.


The self-regulating line comes from the fact that they'll still need to then conduct investigations, and those cost money and resources which they have limits on. They don't want someone dangerous getting cultivated and shooting a place up, but neither do they want 99.9% false positives that frivolously eat up resources for no value (which itself would directly raise the likelihood of someone serious slipping through). As long as it still requires pretty hard real evidence to actually take concrete action (firing/prosecuting) they'll be facing fairly strong incentives to pick lines and criteria that actually work.


Re: precrime, no that's not what this is nor is The Minority Report relevant since it involves stuff around causality violation. Being caught taking concrete actions and planning to commit a crime in the immediate future, with all the hard evidence needed to back that up, doesn't make for "political prisoners" whether it's for mass shootings or a robbery.

WeatherFebruary 27, 2019 2:11 PM

They are inside, so when things change they change with it.
Is the program updated with new data?

David WalshFebruary 27, 2019 3:02 PM


'Don't Talk To The Police'

this is a classic lecture. Highly practical. Detective explains the many ways get someone to incriminate themselves - it being the only trick they have when lacking sufficient evidence. He includes people 'trying to help' end up getting arrested because they say something interesting.


https://www.youtube.com/watch?v=d-7o9xYp7eE


I note there are some follow ups and related videos on the topic available

KenFebruary 27, 2019 3:14 PM

As a former government employee in the IC whose day to day work brought him in contact with insider threat personnel, whenever I see/read pieces like this, the first thought that comes to mind is this:

Who watches the watchers?

Unfortunately, this type of workforce monitoring solutions are necessary. You just need to find a way to ensure it's not abused/misused.

Petre Peter February 27, 2019 4:18 PM

Can the detection software take an oath to uphold the law or does it come with a disclaimer. In law software is defined as a service and according to 'serve and protect' so is policing. Why are police officers giving up their oaths by using software that most likely disclaims liability?

wumpusFebruary 27, 2019 4:32 PM

You've [Bruce] have been stressing the need for vigilance of "hinky" behavior, and now the Coast Guard has caught and extremely hinky sailor. Now what was the point of watching for such things if you don't act on them?

Looks like it is more than just looking at right wing websites and accumulating weapons. Planning terrorism likely falls under one or more Post 9/11 statutes, although traditionally plannign a crime was only a crime (conspiracy) if more than one person was involved.

tazer2000February 27, 2019 11:21 PM

@AL:

WOW...That article from the register is really something. Frankly, I'm lost for words. Theregister.co.uk, is somewhat a reputable source from across the pond. I've been a lurker here for several years, but just recently decided to post because ive become concerned about recent political developments, but its quite obvious which way the wind is blowing. Im thinking im getting tired of training bots into the methods for human exploitation by posting, so its time to drop off. Good luck everyone...Believe in something and fight for it. Im out. I recommend watching some of the starcraft 2 alphazero matches, to learn tactics and how it fights. I wonder, could doing something completely unpredictable and which doesnt make sense at the start of a match, give a human an advantage? ... Time to step up. Never quit, never surrender...

Jonathon SevenFebruary 28, 2019 12:55 AM

The Register article- new laws

Wow. Bruce perhaps you will make a brief post about it?

do the laws cover false flags and those running them?

Is it interesting to note, there have been no false flag attacks as Brexit has becoming increasingly complicated, like they can only deal with one thing at a time?

WinterFebruary 28, 2019 2:06 AM

@VinnyG
"@Winter - Where in that article do you see compelling evidence that Hasson was actually "preparing a terrorist attack?""

From: Lawfare
https://www.lawfareblog.com/document-christopher-hasson-indictment


On Wednesday, a grand jury returned a three-count indictment charging Christopher Hasson in the U.S. District Court for the District of Maryland with unlawful possession of unregistered firearm silencers, unlawful possession of unregistered firearm silencers unidentified by serial numbers, and possession of firearms by an unlawful user and addict of a controlled substance.

It is interesting to read the full court filings:
https://int.nyt.com/data/documenthelper/625-us-v-hasson/be7a4841596aba86cce4/optimized/full.pdf

Hasson literally followed Breivik's playbook to the letter, down to stockpiling performance enhancing drugs and making lists of potential "class A" targets and trying to find out where to find them.

However, the picture of the weapons arsenal together with the list of names of people he hates and where to find them is quite convincing in itself.

1&1~=UmmFebruary 28, 2019 2:11 AM

@Ken:

"Unfortunately, this type of workforce monitoring solutions are necessary. You just need to find a way to ensure it's not abused/misused."

The problem with 'Who watches the watchers?'[1] is the result is almost always hierarchically structured which means 'Power corrupts, absolute power corrupts absolutly'[2] applies as automatically.

Thus you 'first' need to design a system that can not be as you say "abused/misused".

There are two problems with that,

1, It's a 'Holy Grail' search.
2, Those in authority will not alow such a system to be used.

But good luck on your quest of finding such a system, people have been looking for atleast a life time so far in what we now call ITSec, oh and atleast a couple of thousand years before that[1]. It's one of the reasons so very very few people live in a real democracy, and those lucky few are decreasing every day.

[1] As far as we can tell the earliest written version of this was 'Quis custodiet ipsos custodes?' which is in the 'Satires' of Roman poet Juvenal from the turn of the first century. But it must go back considerably further as a moral question, Plato in the Republic addressed Socrates' concerns about societies guardians. Unfortunatly the solution given is 'To properly train their souls', which no moralist or preacher has ever been able to reliably do, which is why we have guardians/watchmen in the first place.

[2] Is derived from the words of the delightfully named John Emerich Edward Dalberg Acton, a historian with a deep interest in sociopolitical liberty[3]. Who as first Baron Acton in 1887 wrote in a letter to an Anglican bishop 'Power tends to corrupt, and absolute power corrupts absolutely. Great men are almost always bad men, even when they exercise influence and not authority, still more when you superadd the tendency or the certainty of corruption by authority.' It's that second sentence people should realy remember.

[3] John Acton correctly predicted from historical context what would happen in the US with the rise of the Federal Government. The same outcome that is 'built in' to the EU due to the hierarchical stucture that gives the unelected Council of Ministers near absolute power over the European Citizens and their chosen representatives elected to the Euopean Parliament.

WinterFebruary 28, 2019 2:28 AM

@1&1~=Umm
"The problem with 'Who watches the watchers?'[1] is the result is almost always hierarchically structured which means 'Power corrupts, absolute power corrupts absolutly'[2] applies as automatically."

The solution to "Power Corrupts" is to reduce power.

In politics this problems is solved by democracy: The watchers are hold in check by those they watch.

When employees have a powerful say in workplace practices, they can stop pathological policies. This is standard practice in, e.g., Germany. The strong hierarchies and almost absolute power of employers in the USA lead to the abuses discussed.

WinterFebruary 28, 2019 2:37 AM

@1&1~=Umm
"The same outcome that is 'built in' to the EU due to the hierarchical stucture that gives the unelected Council of Ministers near absolute power over the European Citizens and their chosen representatives elected to the European Parliament. "

Sorry, but the "unelected" part is just propaganda. The council of ministers consists of representatives of democratically elected governments. Each minister in the council is accountable to a an elected national parliament.

The council represents the nations of the EU. Every citizen of the EU has a minister of her own government in the council. If she does not like what this person does, she can take appropriate action through her elected representatives in her national parliament.

As the situation is now, it seems most of the citizens of the EU rather strengthen the representation of the national governments in the EU than that of the elected parliament.
(full disclosure, I would prefer to strengthen the position of the elected parliament)

Shin-Chin YangFebruary 28, 2019 5:32 AM

I agreed with Schneier, it has to be much more sophisticated than simply trusting a threat detection software. That is why A.I. should never be blindly trusted to replace people, and a judiciary system is always necessary in society.

On the other hands, it is a coast guard’s duty to serve,. His physical and mental status has to be regularly assessed to fit his duty. I was glad the alarm was brought up to the court for the judicial system to decide. And I support the idea of implementing such detection software inside an organization to detect any unusual use of data. Any unusual access of data that has nothing to do with performing his task should cause alarms.

If a coast guard writes something about killing innocents, it must be alarmed. And up to the judicial system to decide.

I strongly support privacy, and against thought-crime.

Best regards,
Shih-Chin Yang

1&1~=UmmFebruary 28, 2019 7:29 AM

As far as I can tell reading around the two "specimin charges" are just to hold him on. As the items they refere to were in his home out of sight the question of what the search warrent was based on arises...

I've already seen misinformation in the press, apparently they found "Tramadol" in his work area, found after video footage of him taking pills at work. It incorrectly claims Tramadol as an "opiate", it's not, Tramadol is structurally related to but has different properties to the traditional opioids and their derivatives like codeine and morphine hence it is described as an 'opiate analog' (think humans and other primates are structurally related but different in oh so many ways).

I guess the journalistic wording was in order to make it sound like the defendant is a 'recreational drug abuser'[1]. Rather than what Tramadol is which is an "opiate analog" that was and still is very widely prescribed because for the likes of chronic lower back or neck pain[2]. The rise of Tramadol was that it appeared to be neither addictive or give the euphoric side effects that made traditional opiates much used for "recreational drug abuse". Thus at one point in time doctors were effectively giving it away. Further the World Health Organization (WHO) say of Tramadol, it is generally thought to have a 'low potential for dependence relative to morphine'.

With morphine being the standard for opioids and their analogs by which addiction is measured. The reason is that the 'euphoria' effect that is desired in 'recreational drug abuse' is comparatively very much lacking when Tramadol is compared to traditional opiates.

However it is known that Tramadol can reduce depression and importantly interaction with other drugs such as antidepressants can have significantly changes in Tramadols side effects. Unfortunately in the US significant numbers of doctors are apparently still prescribing people with BOTH medications together. The reason given by some observers is the cost of health care. Pills like Tramadol and many antidepressants are negligible compared to the cost of actual one on one therapy. Thus the 30 times over prescriprtion in the US figures you sometimes see.

Such over prescribing in the US, means that in by far the majority of cases Tramadol has been obtained via legal prescriptions. Most often for accute or chronic pain that is a major workplace cost[2][3]. Which is one of the reasons the prescribing practices for Tramadol have been changed Federally, which will for the above mentioned health care costs reasons drive many to illegal drugs for their pain and depression needs. Thus official policy not the drugs themselves are the 'gateway to illegal street drugs" which is a very real security issue[3].

But Tramadol was not the drug the authorities chose to put up in their pictures after they raded the defendants home, but 'Human Growth Hormone' (HGH).

Interestingly though is HGH used to be used unsuprisingly by athletes. However there is no evidence that in fact it does increase performance on the track or field (so not a "roid" replacment which shoots down one argument the authorities have put forward).

But more surprisingly for many is these days HGH is consumed by those who want to look younger or live longer. It is part of that same 'Death Disruption' mindset of certain Silicon Valley entrepreneurs who do the 'blood transfusions' from young people at around $2000/bag.

https://www.wired.com/story/startups-flock-to-turn-young-blood-into-an-elixir-of-youth/

Part of this is that for some years now in the US, it has been possible to get prescriptions from some health care providers for HGH to increase 'vitality' in the elderly. Because it has been shown to improve not just blood supply to the brain but memory improvments as well hence it is being looked at with regards some forms of early onset dementia. It's also been used by some of the 'smart drug' set wishing to improve their exam outcomes. As well as in some places it has been looked at as part of experomental cancer treatments.

It will be interesting to see what the defence has to say on these should these specimin charges be taken forward to court.

However they may not be, it appears they are going after things he has written on computers he has access to and has subsequently deleted.

Which kind of suggests he did not get or read the 'Not Suitable For Work' (NSFW) memo.

[1] It maybe to try and link into the scares around Opioid Deaths that appear to be spiraling upwards by as much as 30%/year according to some sources in the US. Especially with an entirely different drug Fentanyl, for which the demad is high enough that it is made and imported illegally for 'Street Sale'.

https://www.cdc.gov/drugoverdose/epidemic/index.html

https://edition.cnn.com/2018/12/12/health/drugs-overdose-fentanyl-study/index.html

However the WHO puts the number of accidental deaths by Tramadol over the eight years of 2006-2013 as '265' with '212' of those being in the US. Over the same period deaths by suicide worldwide as '557' and the US '525'. Combined in the US that is 0.25/day, whilst the US CDC put Fentanyl deaths at 140/day, 555 times that of Tramadol. The US deaths from Tramadol are nearly 9 times that for the rest of the world or if you prefer 184 times based on per person.

[2] Lower back pain is probably the Western worlds biggest cause of lost productivity when you consider time off of work. It presents as acute LBP and if it remains after three to six months it is considered chronic and usually has an increased co-morbidity of depression. LBP is increasing in populations that are aging due to low birth rates and higher life expectancy as you would expect but more importantly the LBP rate is increasing with the societal move from agrarian to industrial production. Office workers appear to suffer more with LBP as well as short sightedness, which might account for both the neck and back pain. Which suggests that there are issues with the majority of work places where computer and desk work predominate. Depending on who you ask LBP and neck pain costs the US 87-100billion or ~$350/employee and is quoted as one of the reasons pay rises have not been given (though this appears unsound bassed on figures). What is clear however is the massive rise in prescribed painkiller drugs along with the co-morbidity of depression.

https://www.theguardian.com/society/2017/feb/10/epidemic-of-untreatable-back-and-neck-pain-costs-billions-study-finds

https://www.corporatewellnessmagazine.com/article/sore-points-how-much-is-employee-back-pain-costing-your-company

[3] Pain managment is actually a less talked about than it should be security issue especially in the US. Acute and chronic pain are major causes of poor performance and work related stress. As peoples success or failure in life is usually based on work performance, workers will try to rid themselves of pain via the use of drugs as they start to fall behind expectations. Due to changes in drug policy obtaining effective pain relief may either be not possible or impact work. As a result a percentage of people will seek other medications illegaly, often whilst they may look like the pain meds they have been on they are 'cooked up' illegaly with no controls and may well contain other substances. Any person who acts illegaly for what ever reason can become liable to coercion in various ways.

Don't Talk to PoliceFebruary 28, 2019 10:01 AM

"One reason you *never* talk to the Feds without a lawyer present. Ever."

Let me correct that: "One reason you *never* talk to the Feds... period. Ever."

The key difference is: if you have something to say to them, you tell it to your lawyer, and your lawyer tells it to them.... that way, when the "Feds" hear it, it's called "hearsay" (i.e. someone else said it about you, you didn't say it yourself directly) and cannot be twisted into a confession of some other unrelated crime, just because they want to take you down.

In the U.S. The 5th amendment is everyone's friend... not something criminals hide behind. Everyone needs to use it. https://www.youtube.com/watch?v=d-7o9xYp7eE

VinnyGFebruary 28, 2019 10:16 AM

@Winter - re Hasson filings - I read them. Did you? I see a lot of supposition and speculation that appear to be of the hyperbolic, broadest-possible-claim variety typical in such documents, little else. Hasson might well be nothing more than a delusional narcotics addict who has "legend in his own mind" fantasies. To term what is pictured and listed in the filing an "arsenal" is a bit ludicrous. I'll stop there so as to refrain from making this post a discussion of firearms, not security, but anyone with any real knowledge of the subject who reads the filing will know what I mean.

CallMeLateForSupperFebruary 28, 2019 10:36 AM

@Bruce @All
"[...] I worry that [the] [internal Coast Guard program] systems are basically creating thoughtcrime(sic)."

The concern should be that the human resources that monitor what those programs cough up actually provide effective checks, and that e.g. cost-cutting measures "moving forward" do not remove humans from the process. A program that monitors humans' network use is like aircraft automatic threat detection, in this regard: a human, not the system, should "pull the trigger".


And where the heck is Clive Robinson?

Leonardo HerreraFebruary 28, 2019 1:28 PM

I've watching a lot of right-leaning videos lately. Joe Rogan interviews, Jordan Petersen, and even Ben Shapiro. I'm having a blast watching Flat Earth videos. But now my Youtube pixie must think I'm some kind of some alt-right conspiracy nut (diclaimer: I'm not) and all it does is promoting more and more extreme videos to me.

It's like Youtube is trying to indoctrinate me. But it worries me when the thought police comes knocking down Youtube's lock, and I'd be exposed as having a weird mind.

Rach ElFebruary 28, 2019 2:31 PM

CallMeLateForSupper

at war time, the BBC service would make an announcement after the news 'and now some messages for our friends'

Rach ElFebruary 28, 2019 2:37 PM

Leonardo Herrera

good point about youtube selections

TPTB are declaring what one can and can't be exposed to online.

One enters a benign search term into Giggle. For simplicity lets say it's an image search. Giggle delivers responses to the benign term, some of which are dodgy.

Shouldn't Giggle be liable for this? Or the person behind the screen
'You're viewing incriminating material'

I'm search they are protected comprehensively in ToS.
algorithms get it wrong, but humans can be made to suffer

vas pupFebruary 28, 2019 3:43 PM

@solaric • February 27, 2019 1:39 PM:
"because a detection system like this is merely another starting point for an actual investigation." I agree it only provide leads, but could not be used as is for harassing employee before any other evidence could be found.

@asdf • February 27, 2019 12:21 PM
Fascism could be left or right. As soon you try to oppress any opinion you are not agree with, you could have totalitarian state with thought police as main instrument of its power.

When you have 1000 people, and 999 have the same opinion and only one has the opposite, then I'd like to have opportunity to listen to this opinion as well. Truth is not decided by numbers or vote, but rather by logic, facts, experts, unbiased scientific analysis and practical outcomes.
Moreover, the same problem could be seen under different angles: if you look at elephant standing in front of him, and your opponent behind of him and each describe own experience, both are right, but if both don't want to move around and take a look from other point, they could fight to death for their rightness.

Conclusion: I don't want any type of Thought Police (government like in 1984) or political correctness of any type to decide for me what I can say, hear or watch. But that is personal choice of anybody. You may live with one eye, hear with one ear and think only with one part of the brain. But picture of the world would very distorted for you. It is like court with prosecutor and no defense lawyer or vice versa. That called Inquisition.
As B. Franklin stated "There no wisdom without freedom of thought". I could add that Thought Police bring society to Idiocracy sooner or later.

WinterMarch 1, 2019 5:08 AM

@VinnyG
"@Winter - re Hasson filings - I read them. Did you? I see a lot of supposition and speculation that appear to be of the hyperbolic, broadest-possible-claim variety typical in such documents, little else. Hasson might well be nothing more than a delusional narcotics addict who has "legend in his own mind" fantasies."

That is why Hasson is currently INDICTED, not CONVICTED yet.

There is ample ground for assuming Hasson planned a large terrorist attack. For one thing, he wrote about it and was collecting the information and means to do so.

@VinnyG
"To term what is pictured and listed in the filing an "arsenal" is a bit ludicrous."

It was more than enough to serve the purpose of a terrorist attack.

If someone professes to have the motive and intention to carry out a terrorist attack AND has amassed the means and target information to do so, it would be insane NOT to stop him.

If you proclaim you will blow up an air plane while boarding, you will be arrested. This is nothing different.

It will take the courts to decide whether there is enough evidence to convict him.

WinterMarch 1, 2019 5:15 AM

"It's like Youtube is trying to indoctrinate me. But it worries me when the thought police comes knocking down Youtube's lock, and I'd be exposed as having a weird mind."

Youtube et al will always nudge you deeper into the extreme.

It works with everything. I read about someone who had been looking at running videos and would get ever more extreme running videos towards ultramarathon and also into steroids etc.

Whatever your subject, the algorithms will suck you into the insane.

TheoMarch 1, 2019 2:45 PM

I have to question if this is, or should be, an "insider threat". It is only an insider threat if the Coast Guards functions are defined very broadly, such as "preventing terrorism". If we are going to do that we should be honest about it and merge all the law enforcement agencies.

If detecting wing-nut job terrorists is not a core duty of the Coast Guard then this should have been caught by whoever has that job.

There are advantages to having multiple law enforcement agencies with distinct skills and jurisdictions. There is a real problem with the culture of law enforcement that believes each agency is a law onto itself and solely responsible for deciding which laws its members have to follow.

vas pupMarch 1, 2019 4:16 PM

@Anura:
"one question for you about the free marketplace of ideas"
Free market of ideas is necessity (mechanism)to set fair criteria which ideas are good and which are bad (for whom? for how long?) before starting debate on subject matter (kind of due process and fair rules of engagement).
Who has monopoly on absolute truth/or crystal ball?
If you want to find truth in social science you have to set up generally acceptable criteria (at least for 66% - kind of bell-shape distribution). Polls, statistics are just mechanisms of manipulation.
In natural science it is easy, because real science starts from measurement which set up universal rule for truth evaluation.
In social science you should be opened to deliberation (yes, not accepting as starting denial of facts like slavery, Holocaust) not argument because in deliberation you have chance to find truth even you changing/adjusting your views on the subject. In argument - you are involved in zero sum game just protecting your point as absolute truth blindly rejecting anything including facts which contradicts your point. You may win in argument (temporary), but never find truth and therefore fail in the long run.
Inquisition suppressed by force/violence ideas that Earth is ball-shaped , but who was right on that at the end?

Thank you for links. I just have a chance to watch the first one. I recall that after attempted coup in 1923 Hitler was not only imprisoned, but thereafter banned for any kind of public speech. He learned from that experience very well when he came to power and banned any freedom of speech. Just observation.
Methods could make opposites twin-brothers regardless of subject differences.

By the way, many featured movies made by Goebbels propaganda now available in Germany for general public, BUT before run professional analysis is provided to the audience as counterbalance of the images. I guess that is better than ban them altogether. That is kind of inoculation.

Bruce SchneierMarch 2, 2019 12:08 PM

@1&1~=Umm:

You asked why a comment of yours was deleted. My automatic system caught it; my guess is because it was a lengthy description of a pharmaceutical -- which is often a spam indicator.

I have restored the comment, as well as several others that aren't extremist but use words that I flag.

Carry on.

moopsMarch 2, 2019 4:02 PM


Internal threat detection is of a similar kind to police walking a beat. They are supposed to look for suspicious behavior and investigate further. When there seems to be a lot of circumstantial evidence that a crime is in the offing then you take the information to a judge and get a warrant to do a search.

as with beat cops, this needs to be monitored for abuse. The watchers need to be watched. The protocols need to be known to all parties and followed.

A problem with threat detection is usually being secretive makes it easier, but "secretive policing" and omnipresent monitoring turns into the Stasi.

So, internal threat detection should probably be done in the open if we want healthy work environments. Yes, that means it will be less effective.

1984March 3, 2019 6:42 PM

The news that I heard about Christopher Hasson had stated that authorities found, on his email account, a draft email containing threatening language addressed to members of congress.

When I heard about that I thought that they had some scanner that had tracked his emails.

(Maybe it is similar to Bruce's spam detector)

GeorgeMarch 4, 2019 3:25 AM

@1+1~=Umm wrote, "Thus you 'first' need to design a system that can not be as you say "abused/misused"."

If the first step is to design a system that cannot be "abused/misused", then the next step would be to design one that can only be abused by you or so-called "dual use."

If a system cannot be subverted thru "non-normal use" then it becomes a dangerous system that could not be effectively stopped. This was a popular belief that was explored in the past decades of AI fiction, but very recently abandoned, IMHO.

GeorgeMarch 4, 2019 3:33 AM

@vas pus wrote, "When you have 1000 people, and 999 have the same opinion and only one has the opposite, then I'd like to have opportunity to listen to this opinion as well. Truth is not decided by numbers or vote, but rather by logic, facts, experts, unbiased scientific analysis and practical outcomes."

This is one of the reasons why a taboo system is highly effective social shaping behavior. If an individual out of 1000 is "encouraged" to have a different opinion, then it is likely not to change its opinion based on the 1 to 999 odd. However, if the one individual is constantly attacked by random members of the 999 crowd (a taboo system encourages this type of personal attacks), then it is very like to change its opinion to fit in line with the 999's.

Bob WeissMarch 17, 2019 4:23 PM

Reminds me of the movie Minority Report. Did they really stop a crime before it happened? Or just sweep up a guy who hold opinions that are no longer mainstream. The article you referenced did not mention any specifics about the drug charges. The court documents list Tr*m*d*l, which in my experience is a really crappy pain killer, barely any better than ibuprofen. Don't think I could find him guilty of weapons charges based on what was in the article. I am with you here, sounds like the Thought Police are at work.

Sorry for the obfuscation, but the drug name triggered your comment spam filter.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.