Tag Archives: British Intelligence

Is SIGINT a joke?

The news has been rampant on several levels these last few days. Whether it is revelation 16 (roughly) by the traitor Snowden, whether it is the historic event that the top three in British intelligence were in one line, as requested by British parliament, or the fact of revelations we read in the press, whilst (former) press members find themselves prosecuted for blatant and indiscriminate invasion of privacy. The list goes on and on and on.

There is a lot more, but let us confine ourselves to these three events.

For the Commonwealth the event in Parliament was likely the ‘important’ one. Was it truly about the events there? Some might want to question the questions, the answers and what follows. I, with my sense of perspective wondered about the choice of the green tie that Sir John Sawers was wearing. Does it matter? It is all as trivial as choosing pancakes for breakfast!

Yes, we all think we know it, we all think we have an inkling of an idea. I did have an idea, but that was almost 29 years ago. Now, I still have an idea from my specialised view of data, data technologies as well as data collection techniques and none of that falls with MI-6 (only a small part of it). The gem of the event was with Sir Iain Lobban, director of GCHQ, which gave us the part we need to care about. You see, as the press was so willing to give out the details as the people had a right to know, as we have allowed our wrists to get cut because the press is all about advertising profits, gang bang sensation and visibility, it was willing to sacrifice safety and progress for PR and visibility. To go deep and give both criminals and terrorists the information on how to avoid certain paths of detection we see the limits of their use. These same reporters that are part of a group listening in on voice mails to get the scoop, who will sanctimoniously proclaim freedom of the press, will not hesitate to sell their neighbour down the drain for the commission of another column of text, paid per letter.

From my point, if I had the option of making the killing shot ending Edward Snowden’s life I would, even if that gets me 20 years in prison, because traitors do not deserve consideration of any kind. The entire situation of laughable as an American ran to their Communist opponent and almost 50% of the American population considered it a good thing. In addition, if in light of the revealed information a child of Guardian editor in chief Alan Rusbridger would get molested, then he would blame the system on the front page of his newspaper immediately. I do not wish anything bad on him or his family ever! He is not likely to be worried as his four hundred thousand pound a year job allows for secure private schools, but what about the other children? Those children who are not that safe environment, possibly in danger to be at the mercy of predators, whom now with knowledge of longer avoidance and as such pose even more danger to innocent victims. What about them?

It is a level of what I see as utter short-sightedness. An assault on three groups that have lived in a world of ambiguity to get their work done, now that world is in turmoil, especially as some traitor comes with information that is for the most non confirmable, too much goes from the air of ‘Snowden told us, so it must be true’. Several questions are not dealt with on many levels, especially by the press. It just drains the gravy train as it sells more and more news (papers).

The second part is directly linked to all this. Two news messages:

1. Snowden persuaded other NSA workers to give up passwords (at http://mobile.reuters.com/article/idUSBRE9A703020131108)
2. Snowden has stolen 50,000 to 200,000 Classified Items from NSA.

The second had no verifiable source and as such there is no way to tell how correct that is, the first one is more of an issue. How stupid are Americans? That is of course if there is any truth in that part.

YOU NEVER GIVE OUT THAT INFO!

You can leave your partner/spouse/lover at some university frat party to have all the sex he/she needs, you give your credit card to your kids to buy all the toys they want, giving out login information is beyond utterly stupid. Snowden would not have needed it. As an IT person he either has rights to make changes, or he does not. If he did not, then giving out login info is the worst anyone could do. If this ever went to court then he could blame the original account holder. It is a level of non-repudiation!

So were the people at the NSA born stupid and stopped evolving after birth? That remains to be seen! The point is that the press is not that trustworthy either! The second part in regards to the classified items was from a non-disclosed, but also non verifiable source. There is no way for me to know. The question from this part is the one you do not see discussed openly on the news. How did all this info leave the building? Who was in charge? Issues that are also in play for Sir Iain Lobban! How vulnerable is GCHQ? What is in play to prevent this to happen in the UK? Even though Booz Allen Hamilton was cleared as they are the official boss of Edward Snowden, yet how was the clearing process? What are the checks in place for civilian contractors? The Washington Post published a large article questioning civilian contractor issues, from this part we wonder if it was deep enough. Even more, why were these issues not looked at more than a YEAR before the Snowden issues started?

If it was up to me (Sir Iain Lobban is likely secure in the knowledge that this is the last option that should ever happen), then I would like to make a small change at GCHQ. I would add a new inner circle, consisting of a Law Lord and two members from both MI-5 and MI-6 to watch the watchers. My only worry is that whoever oversees GCHQ internally is part of the ‘problem’ (no illegal or negative inclination implied). It does not harm for a set of cleared fresh eyes to look at the system to see if there is a danger. Something similar would need to happen at the NSA, but with their systems and such it might be a different source of people (like members of cyber command FBI and cyber command military).

There is too much info out there supporting the idea that US intelligence (and other governmental departments) seems to be oblivious to the need for Common Cyber Sense (at present with the amount of published info, it is unlikely that my thought on this is wrong).

Here is the third part, the PRESS part!

Their phone hacking was all about exploitation, revenue, profit and personal gain. The Intelligence community is about keeping people safe. There is a massive difference. If you wonder about these events, then consider the fact that because of greed and revenue, no steps have been taken on a global scale to see who buys your personal details and who has them. It could influence your insurance premium, your credit rating and your financial options. No one seems to be on par to get that properly regulated, because in America, Cash is king and the president to the United States is simply a number with a possible temporary status elevation, the rest is data cattle, sold at a moment’s notice. This risk is very real in the UK and Europe too. A consumer is nothing more than a customer number with an address and with a possible shipment of goods under way, that is their value and only for as long as they need products. To some extent the Washington Post covered this a week ago at http://www.washingtonpost.com/opinions/michael-chertoff-what-the-nsa-and-social-media-have-in-common/2013/10/31/b286260e-4167-11e3-8b74-d89d714ca4dd_story.html

what is less known is that they are one of the few who took a decent look at it (the Washington post), the rest remains on the Snowden gravy train, not informing anyone, they simply re-quote a Reuters line. Seems a little wrong doesn’t it? The article by Michael Chertoff sees the gem no one properly questions half way through where he wrote “there is no assurance that what is disseminated has context or news value“.

The true part, the real smart and the questionable art! The intelligence world is ALL about disseminating information and giving proper weight to the information acquired. It is about finding the bad guys, without that weight it is all media gossip used by the press and as we saw, the disciples of Rupert Murdoch have truly dented that group’s reliability, perhaps for a long time.

So is today’s SIGINT a joke? I hope not, because if so, the questions had been phrased at the wrong people. At some point parliament gets to answer the questions asked by the innocent and the victims on how parliament asked all about data and left corporations to do whatever they liked with our personal details. How many UK companies have had a backup data server in the US?

Consider this quote by Salesquest “The Siebel Customer Intelligence List consists of 265 Fortune 1000 or Global 500 companies that have deployed Siebel in their enterprise application environment. The first tab in the spread sheet lists the 265 Siebel customers, industries, corporate headquarter addresses, phone numbers, and web site addresses.” (At http://www.salesquest.com/resources/siebel-customer-list/)

How many of those are backing up their data to some server park in San Antonio? Consider those places, all their customer data, their financial data and forecast information. In some cases, the data will come from over a dozen nations. It is nice to ask where their data is, but what about the data dumps, the logs and the backups, where were they kept?

Let the intelligence community do what it needs to do, if not, then neither we nor the press gets to point fingers at them when things truly go very wrong.

Advertisements

Leave a comment

Filed under IT, Media, Military, Politics

Patrons of Al-Qaeda

Many people have some form of religion, which is fine. To have a personal believe in something that is bigger than yourself or bigger then that what you see is not a bad thing. Many Christians have their father, their son and their holy ghost. Some go the other way and give credence to Satan, the anti-Christ and the false prophet. I cannot vouch for any of that. I agree that there is more than this in the universe, but what?

No matter how that part falls, it is likely that Al-Qaeda believes in their personal ‘information’ trinity.

They would be Edward Snowden, Bradley Manning and Julian Assange. These three people have done more to support Al-Qaeda then Osama Bin Laden ever could.

Assange, who is still hiding in an embassy, is the lowest transgressor of the three. First of all, as an Australian he did not really break any laws (although some debate should be had over hindering the actions of an ally under war time conditions). The public view is that on one side he should be nailed to a cross and on the other side he should be heralded. Information is often a lot more complex than many consider. If you want an example, you only need to look at this week’s situation where Assad is now blocking peace talks. Should there be any surprise?

I still am not completely convinced he was directly involved with the Sarin attacks; the issue here is that too much intelligence is questionable. If the USA had shown ALL OF IT publicly, the doubt might not have been there. Yet, the reality is whether they actually had hard evidence on who did it. Let us not forget that the evidence collected in the investigation was all about whether it had happened, not who did it. And guess what, Al-Qaeda was an element in Syria too, so what exactly did happen? Watching Secretary of State John Kerry go on a plane with his briefcase, shown on the news like he is some kind of rock star is not helping anyone either. It seemed as empty to me as a PowerPoint on some concept that no one wants to spend money on.

It shows two possible sides, either they have actual evidence that needs to remain a secret (which no one seemed to be accepting), or they actually didn’t have any and we were watching some version of the Punch and Judy show!

The other side is one that Assange was not into, the acts of terrorism by Al-Qaeda and the Taliban were not shown, we saw through WikiLeaks just one side of it and it changed the overall balance.

Then WikiLeaks released thousands of diplomatic cables, which I consider to be an act of utter stupidity, the information was one-sided, so the US opposition (all of them) get several free punches into play and as such, US recovery is still being hindered. This is the ‘bad’ side of Julian Assange. Their one sided act destabilised many events. Yes, there is a case to be made, but by not exposing the other side, we get a one-sided situation. In the end, the damage is done and even as there might not be any criminal activity by Julian Assange, we should ask questions.

In case the reader thinks that ‘actions’ against Julian Assange should be made, then consider that many in the financial industry did nothing ‘criminals’ either, even though thousands became homeless because of their ‘non-criminal’ actions.

By the way, remember the quote by CNBC (and many others), somewhere in 2010: “WikiLeaks honcho Julian Assange told Andy Greenberg at Forbes that he was in possession of a trove of documents that ‘could take down a bank or two.’ The documents wouldn’t necessarily show illegality but they would reveal an ‘ecosystem of corruption’ at one of the biggest banks in the United States. WikiLeaks would release it ‘early next year.’

They never came! So was this about intelligence, or about positioning banks in an even stronger place? Is it not interesting that Al-Qaeda’s patron number three and number one patron are all about neutering governments, whilst the banks stay out of play? Is it such a far fetching thought that these two idealists get played by those who believe greed is all?

In the middle we see Bradley Manning. This is not some ‘foreigner’; this was a member of the US military. In my view, he is a traitor plain and simple. A private, without any in depth education thought he had it all figured out, decides on US military policy. Which is interesting as many military members above the rank of Colonel are still trying to figure out what the best course of action is, even those with Ivy League degrees. The only positive thing from all this is that the military needs to seriously start to address its mental health issues, but beyond that small sparkle of recognition, this person was more than a small danger.

That part is not addressed even as the news still discusses the winner of this unholy threesome. Three days ago USA today published information on the fact that anti-leak software had still not been installed. I think it is even worse than many think it is. Some of these applications have (as any good application would) powerful log files. Even when we look at non-military solutions we see the following:

“The client’s log file is located at <user_directory>/Palantir/<version>/logs/client.log”

We can see at Palantir’s wiki what it logs, and depending on the settings it can give a lot (at https://wiki.palantir.com/pgkb/does-the-palantir-product-do-any-logging.html)

By the way, one needed only to change three settings to really log a lot:

# log4j.logger.com.palantir.services=error # package level
# log4j.logger.com.palantir.serveres.Nexus=warn # class level
# log4j.logger.MyLabeledLogger=info # specific logger

Removing ‘# ‘ on each line was all it would take.

This one warning gives a final view “Note that we do NOT recommend enabling logging below the warn level for production scenarios.” which means that all logging is possible mapping out the active military network in real time as the user muddles along.

This is not about Palantir, or even anti-Palantir. It is a software solution that part of the Intelligence community is currently using. IBM Modeler and SAS Miner are both data mining tools with similar abilities (and there are more). They all have these options as it is needed to make their products go smoothly. So when Bradley Manning gave it all away, he really gave it all away! The consequence might have (or could be resulting) in deep targeted attacks against a military server system. The question becomes how good is the anti-leak software? As many logging is set at higher levels (read administrator), many of them would be able to log events unhindered by many prying eyes (it is not realistic to monitor all logs on even 1 server). Even if it is all covered, who else has access to just read these log files? It is not uncommon to negate log files, as their users are usually vetted for use of the application. LOG files can however show more than many bargain for.

Unless the server architecture has been re-arranged, there is plenty of worry whether these servers are safe at this time, because log files are inherently their and needed, they are not linked to a password change and often, they do not get reconfigured away from their standard configuration as the case has been with plenty of application that it would hinder smooth operations.

Last on the list of the Patron Threesome is Edward Snowden. I have mentioned him often enough, so I will not go through it all again. He is in my view a traitor and not some ‘holier than thou’ protector. He is not some idealist, too much pointed to him making a getaway with the eye on some quick bucks (and many of them), I might be wrong, but that is how I see him. As he showed us how ‘naughty’ the NSA was, did he show us how unscrupulous Microsoft seems to be?

That view can be seen through an article in Techbeat just 4 days ago. The first quote is “Microsoft is developing a new technology to replace cookies. This work is similar to projects being undertaken by Amazon, Apple, Facebook and Google. Tracking cookies have come under scrutiny recently from regulators by many concerned about privacy; certain types of cookies (Third party tracking cookies) are now easily blocked through built-in functions and extensions/add-ons within main web browsers.

The second one from the same article is “This technology should also include Microsoft services including their search engine Bing. Tracking in mobile devices remains a key point. The big advantage of Microsoft’s emerging technology is that it could track a user across a platform.

So basically, this reads like: ‘we the consumer used to have a little privacy, but soon, thanks to Microsoft, that privacy might be gone forever, allowing for non-stop online harassment wherever we are‘ So, That Snowden fellow never gave us anything on that, did he? Even though the NSA should have been aware of such plans long before Techbeat had a clue. Does the reader still think he is such an idealist?

Yet, on the other side, he has shown one important weakness. The US intelligence branch is on that same low level as the organisation that in the 50’s used to be laughingly referred to as ‘British Intelligence’. The question is not just how weak is the NSA seems to be; it links to questions regarding the weakness that GCHQ and its current Commonwealth peers might have. There are in addition issues with the personal digital safety of people on a global scale. Not because the NSA is scanning to identify terrorist networks, but if one person (Snowden) could get away, is there anyone else who just wanted money and gave their data download to cyber criminals? There is absolute 0% guarantee that this did not happen, so in how much danger are our details?

So, why this blog today? Many do this at the start, but in certain light this had to be done at the very end. It is not just about their acts, but also about the acts you and I undertake. We willingly give out our details to Facebook (including a beheading, but excluding exposed breasts), LinkedIn and Google+, yet many scream about ‘some government‘ seeing what we are doing and who we are doing it with (or without).

The twisted world we allowed to be created is likely to throw us at least two more curve balls before Christmas. Enjoy!

 

 

Leave a comment

Filed under IT, Law, Military