Category Archives: Counter Terrorism

How the U.S. Uses Technology to Mine More Data More Quickly

(…snip…) While once the flow of data across the Internet appeared too overwhelming for N.S.A. to keep up with, the recent revelations suggest that the agency’s capabilities are now far greater than most outsiders believed. “Five years ago, I would have said they don’t have the capability to monitor a significant amount of Internet traffic,” said Herbert S. Lin, an expert in computer science and telecommunications at the National Research Council. Now, he said, it appears “that they are getting close to that goal.”

Thanks to Tyler Cowen for the link to this NYT piece by James Risen and Eric Lichtblau. I've been casually following Palantir Technologies for some time. They are arguably one of the “new disruptors” and by chance happen to be headquartered next to the Phillz Coffee that we favor in Palo Alto (Phillz is of course full of Palantir and other denizens of the brain-powered companies based around Palo Alto). From listening to a couple of podcast interviews with CEO Dr. Alex Karp, I understood Palantir's specialty was to help clients such as drug developers or intelligence agencies discern patterns in mountains of data. Palantir is not an automated data-mining algorithms company. Their secret sauce is enabling human brainpower to analyze enormous and often separate data sets. So visualization of relationships is an important part of their solutions.

Palantir has a large number of YouTube videos - conference lectures, demos, and “Palantir 101″ type overviews.

I'll close with an apt Alex Karp quote from the Palantir website:

“There is no point in having a war on terrorism if civil liberties are being undermined to the extent that we aren’t willing to fight that war.”

Further to the cognitive computing topic, I'll also note that IBM Research Director John Kelly is speaking tonight at the Computer History Museum in nearby Mountain View. We immediately tried to reserve seats, but Kelly's talk is already sold out. His book Smart Machines: IBM’s Watson and the Era of Cognitive Computing , will be published in the fall by Columbia University Press. You can read a free chapter here.

 

David Simon on the NSA intercepts

David Simon, creator of The Wire, wrote a commentary on this topic that may help readers understand the purpose of the NSA database. I don’t know that Simon has any special knowledge – beyond his experience as a Baltimore police reporter. But I thought he did a good job explaining the basics of the why and the how.  First David outlines the equivalent procedures used by the Baltimore police and drug enforcement apparatus. Then he draws the parallels with this excerpt:

(…snip…) The question is not should the resulting data exist. It does. And it forever will, to a greater and greater extent. And therefore, the present-day question can’t seriously be this: Should law enforcement in the legitimate pursuit of criminal activity pretend that such data does not exist. The question is more fundamental: Is government accessing the data for the legitimate public safety needs of the society, or are they accessing it in ways that abuse individual liberties and violate personal privacy — and in a manner that is unsupervised.

And to that, the Guardian and those who are wailing jeremiads about this pretend-discovery of U.S. big data collection are noticeably silent. We don’t know of any actual abuse. No known illegal wiretaps, no indications of FISA-court approved intercepts of innocent Americans that occurred because weak probable cause was acceptable. Mark you, that stuff may be happening. As is the case with all law enforcement capability, it will certainly happen at some point, if it hasn’t already. Any data asset that can be properly and legally invoked, can also be misused — particularly without careful oversight. But that of course has always been the case with electronic surveillance of any kind.

Keep in mind that the FISA court was created as a means of having some definitive oversight into a world that previously had been entirely unregulated, and wiretapping abuses by the U.S. executive branch and by law enforcement agencies were in fact the raison d’etre for the creation of FISA and a federal panel of judges to review national security requests for electronic surveillance. Is it perfect? Of course not. Is it problematic that the court’s rulings are not public? Surely.

But the fact remains that for at least the last two presidential administrations, this kind of data collection has been a baseline logic of an American anti-terrorism effort that is effectively asked to find the needles before they are planted into haystacks, to prevent even such modest, grass-rooted conspiracies as the Boston Marathon Bombing before they occur.

So think for a minute about a scenario in which, say, a phone number is identified overseas as being linked to terror activity. It is so identified by, say, NSA overseas intercepts or through intelligence gathering by the CIA or the military. And say that there exists a database of billions and billions of telephonic contacts in the United States over a period of months or years. And say a computer could then run the suspect number through that data base and determine a pattern of communication between that overseas phone and several individuals in New York, or Boston, or Detroit. Would you want that connection to be made and made quickly? Or do you want to leave law enforcement to begin trying to acquire the call history on that initial phone from overseas carriers who may or may not maintain detailed retroactive call data or be unwilling to even provide that data fully to American law enforcement or do so while revealing the investigative effort to the targets themselves?

Keep in mind that law enforcement must still establish probable cause to then begin to actually monitor conversations on the domestic numbers, and that this request for electronic surveillance is then, of course, subject to judicial review by the FISA court.

Yes, I can hear the panicked libertarians and liberals and Obama-haters wailing in rare unison: But what about all the innocent Americans caught up in this voracious, overreaching dragnet? To which the answer is obvious if you think about the scale of this: What dragnet?

This is a longish essay – so you’ll profit from reading the whole thing. There are a few 4-letter words. If you are especially interested in this topic then you will probably find it very worthwhile to scan through the 430 comments to David’s essay. There you will find there is a good bit more nuance to his position than you might think.

Internet Companies Deny They’re Helping the NSA Collect User Data. Should We Believe Them?

Just the right ingredients for a new media frenzy: USA, internet traffic spying, Too-Powerful-Corporations. Megan McArdle has offered an analysis that is close to our view:

(…snip…) What to make of this? It would be stupid for them to deny this, and then get sued by their customers when it turns out it’s not true.

Last night on Twitter, my husband outlined five possibilities:

1. The companies are lying

2. Only a few people in the company know about this, and they aren’t issuing the statements

3. The Post and the Guardian are wrong and have been duped

4. PRISM was operating without the knowledge of the companies

5. The companies know, and those statements are very carefully worded.

All of these are in some way unbelievable. #1 is asking for a class action suit that destroys your company. #3 involves some very suspicious national security reporters at two different outlets simultaneously getting duped. And #2 strikes me as extremely unlikely. I can imagine one rogue employee doing this without telling his employers. I cannot imagine the exact same thing happening at nine of the biggest internet companies.

The most likely possibilities seem to be #4 or #5: the NSA is filtering this stuff at some point outside the companies, or the companies have issued some very, very carefully worded statements.

I recommend reading Megan’s entire essay, typically well-done. Something isn’t right about the headlined story, but I don’t have any knowledge of what (if anything) has actually been going on. It’s pretty much a non-issue for us as we assume governments have access to any electronic communication we use (including any phone or internet link). Presumably anyone wishing to prevent governments from “reading their mail” uses at least a VPN and, as insurance, robust encryption inside the VPN tunnel. 

In counter-terrorism terms, Indonesian jails are a mess

(…) None of the terrorists interviewed nominates poverty or alienation or, even in the general Western sense, injustice as the springboard to violent jihad. Instead, all the terrorists, even those who have recanted violent jihad, see their choices in predominantly religious terms. When they do cite injustice, it is only in the sense that they see Muslims as persecuted. Some of the terrorists went to religious schools, some to more secular schools. Some had university educations, others didn’t have much formal education.

But every one of them saw violent jihad as a religious duty for Muslims. This ought to have some salutary effect on the Australian debate. (…)

A sobering analysis from foreign editor Greg Sheridan, based on new research produced by Carl Ungerer at the Australian Strategic Policy Institute. The report is titled “Jihadists in Jail, Radicalisation and the Indonesian Prison Experience”. You can download the report here [PDF].

What really happened at Tora Bora?

At TNR Peter Bergen, author of The Osama bin Laden I Know, recounts the history of Bin Laden’s escape from Tora. In brief, the American commander, Tommy Franks, refused to authorize the 800 Rangers requested by the CIA and Delta Force commanders at Tora Bora. By insisting that the 80-odd US and British commandos use only the local bandits, Franks gave Bin Laden a free ticket to Pakistan:

(…) The real history of Tora Bora is far more disturbing. Having reconstructed the battle—based on interviews with the top American ground commander, three Afghan commanders, and three CIA officials; accounts by Al Qaeda eyewitnesses that were subsequently published on jihadist websites; recollections of captured survivors who were later questioned by interrogators or reporters; an official history of the Afghan war by the U.S. Special Operations Command; an investigation by the Senate Foreign Relations Committee; and visits to the battle sites themselves—I am convinced that Tora Bora constitutes one of the greatest military blunders in recent U.S. history. It is worth revisiting now not just in the interest of historical accuracy, but also because the story contains valuable lessons as we renew our push against Al Qaeda in Afghanistan and Pakistan.

(…) On the evening of December 3, one member of his team, a former Delta Force operator who had gone deep into Tora Bora, came to the Afghan capital to brief Berntsen about the lay of the land. He told Berntsen that taking out Al Qaeda’s hard core would require 800 Rangers, elite soldiers who had gone through the Army’s most rigorous physical training. That night, Berntsen sent a lengthy message to CIA headquarters asking for 800 Rangers to assault the complex of caves where bin Laden and his lieutenants were believed to be hiding, and to block their escape routes. Crumpton says, “I remember the message. I remember talking not only to Gary every day, but to some of his men who were at Tora Bora. Directly. And their request could not have been more direct, more clear, more certain: that we needed U.S. troops there. More men on the ground.”

(…) In the end, there were more journalists—about 100, according to Nic Robertson of CNN and Susan Glasser of The Washington Post, who both covered the battle—in and around Tora Bora than there were Western soldiers.

Yet, when Crumpton called General Tommy Franks to ask for more troops, Franks pushed back. The general, who had overall control of the Tora Bora operation, pointed out that the light-footprint approach—U.S. reliance on local proxies—had already succeeded in overthrowing the Taliban, and he argued that it would take time to get more U.S. troops to Tora Bora.

The U.S. force was to remain tiny throughout the battle. On December 7, on-the-ground responsibility for Tora Bora passed from Berntsen to a 37-year-old major in the elite and secretive Delta Force, who would later write a memoir using the pen name Dalton Fury. Under Fury’s command during the battle were 40 Delta operators from the “black” Special Forces, 14 Green Berets from the less secretive “white” Special Forces, six CIA operatives, a few Air Force specialists, including signals operators, and a dozen British commandos from the elite Special Boat Service. They were joined by three main Afghan commanders: Hajji Zaman Gamsharik, who had been living in exile in the comfortable environs of Dijon, France, before he returned to Afghanistan as the Taliban fell; Hajji Zahir, the 27-year-old son of a Jalalabad warlord; and Ali, the commander who had been helping Berntsen. The Afghan commanders disliked each other more than they did Al Qaeda. “For the most important mission to date in the global war on terror,” Fury later wrote, “our nation was relying on a fractious bunch of AK-47-toting lawless bandits and tribal thugs who were not bound by any recognized rules of warfare.”

(…) The major participants in the battle of Tora Bora have long since moved on with their lives—Fury and Berntsen both retired and wrote books; Crumpton left the CIA and became the Bush State Department’s coordinator for counterterrorism—yet the sense that something went very wrong in late 2001 has not left them. Fury is haunted by the moment on December 10 when bin Laden may have been less than 2,000 meters away. In his memoir, he wrote that the incident “still bothers me. In some ways, I can’t suppress the feeling of somehow letting down our nation at a critical time.” Earlier this month, he elaborated: “It’s a tough stigma to live with and one I wouldn’t wish on anyone.”

Read the whole thing »

Pakistan was hiding bin Laden?

The Australian Foreign Editor Greg Sheridan offers the most believable background on this development. Greg has contacts in the militaries of both AUS and US. You have to read the whole thing to get the picture.

(…) This week, The Australian spoke to several senior officials and former officials of different nationalities who have served in Pakistan. All regard it as inconceivable that bin Laden could have been there, unknown to the Pakistanis. As one senior former Indian official said: “It is impossible to live for one day in any cantonment area of a Pakistani military city without the knowledge of the military itself, much less for years at a time.”

In the analytical community, everyone now privately accepts that bin Laden must have had the support of senior figures in Pakistan’s Inter Services Intelligence and among other Pakistani intelligence agencies.

The Pakistani military chief, General Ashfaq Kayani, was head of the ISI for three years. It is inconceivable that, in such a sensitive matter, anything was done without his knowledge.

So, it’s accepted that the Pakistanis are telling lies. (…)

Pure Poison

Megan McArdle on Alex Tabarrok on agricultural terrorism:

There are forms of extortion, and terrorism, that are shockingly easy to get away with, shockingly effective–and yet, shockingly rare. For example, it’s very easy to wreak considerable agricultural damage undetected, as Alex Tabarrok notes:

Single bottles of wine from La Romanée-Conti, the legendary vineyard of Burgundy, sell for upwards of $10,000. In 2010 the owner received a threat, the vineyard would be poisoned unless the owner paid one million euro. When the owner didn’t pay a map was delivered that identified several vines that had already been poisoned by drill and syringe. The French don’t want to talk about this and for good reason, agricultural extortion is very easy and they fear copycats.

. . . Of course, a terrorist doesn’t even have to collect damages to succeed-just a bit of mad cow or corn rust and we are in trouble (and those aren’t even the biggest threats.)

I worry that this one of those dangers that is so threatening we are afraid to worry about it.

Read the whole thing »

Maritime Piracy: reliable sources

One of the most authoritative and up-to-date piracy sources we know of is the American National Geospatial-Intelligence Agency (NGA). E.g., their Daily Memorandum/Pacific Edition, such as today’s sample of piracy-related reports:

HYDROPAC 404/2011(61).

WESTERN INDIAN OCEAN.

PIRACY.

POSSIBLE MOTHERSHIP ACTIVITY IN 01-42S 055-02E AT 030739Z FEB. VESSELS ARE ADVISED TO KEEP 100 MILES CLEAR OF THIS POSITION AND TO EXERCISE EXTREME CAUTION. REPORTS TO UKMTO DUBAI, PHONE: 97 150 552 3215, E-MAIL: UKMTO@EIM.AE.

(031432Z FEB 2011)

HYDROPAC 405/2011(63).

ARABIAN SEA.

PIRACY.

M/V ATTACKED IN 16-29N 065-57E AT 031431Z FEB. VESSELS PASSING WITHIN 100 MILES ARE ADVISED TO EXERCISE EXTREME CAUTION. REPORTS TO UKMTO DUBAI, PHONE: 9 715 0552 3215, E-MAIL: UKMTO@EIM.AE.

and their weekly Worldwide Threats to Shipping Reports.

The Chamber of Commerce operates Commercial Crime Services, which is a bit more Internet-aware. CCS offers a Live Piracy Map and a Live Piracy Report. Here’s a sample report from 2 February:

02.02.2011: 0830 UTC: Posn: 20:16N – 063:36E, 225nm ESE of Ras al Hadd, Oman, (Off Somalia).

About eight pirates in two skiffs armed with RPG and automatic weapons chased and fired upon a tanker underway. The tanker raised alarm, increased speed, contacted warship for assistance. The two skiffs kept firing with automatic weapons. Warship arrived at location and the skiffs stopped chasing and moved away. A helicopter from a warship arrived at location and circled the tanker. The helicopter contacted the pirates by VHF radio and ordered them to surrender their weapons. Pirates replied that they would kill the Iraqi and Pakistani hostages held onboard the mother ship if the warships attacked the skiffs.

Wired.com follows piracy, and sometimes produces excellent graphics, like this one on Somalian Piracy (which Wired borrowed from Wikipedia):

While not a reliable source, here is some anecdotal background. In 2009 Wired examined the Somali pirate business model. For interviews with both the Danish shipping CEO and the pirate negotiator, see our earlier dispatch Pirates Have Timesheets on a four-part NPR series. Also Somali pirates launch stock market.

Is Aviation Security Mostly for Show?

Yes. I think Bruce coined the term “security theater”. This recent CNN column sums it up nicely:

Last week’s attempted terror attack on an airplane heading from Amsterdam to Detroit has given rise to a bunch of familiar questions.

(…) Reviewing what happened is important, but a lot of the discussion is off-base, a reflection of the fundamentally wrong conception most people have of terrorism and how to combat it.

(…) The best defenses against terrorism are largely invisible: investigation, intelligence, and emergency response. But even these are less effective at keeping us safe than our social and political policies, both at home and abroad. However, our elected leaders don’t think this way: They are far more likely to implement security theater against movie-plot threats.

(…) “Security theater” refers to security measures that make people feel more secure without doing anything to actually improve their security. An example: the photo ID checks that have sprung up in office buildings. No one has ever explained why verifying that someone has a photo ID provides any actual security, but it looks like security to have a uniformed guard-for-hire looking at ID cards.

(…) When people are scared, they need something done that will make them feel safe, even if it doesn’t truly make them safer. Politicians naturally want to do something in response to crisis, even if that something doesn’t make any sense.

Often, this “something” is directly related to the details of a recent event. We confiscate liquids, screen shoes, and ban box cutters on airplanes. We tell people they can’t use an airplane restroom in the last 90 minutes of an international flight. But it’s not the target and tactics of the last attack that are important, but the next attack. These measures are only effective if we happen to guess what the next terrorists are planning.

If we spend billions defending our rail systems, and the terrorists bomb a shopping mall instead, we’ve wasted our money. If we concentrate airport security on screening shoes and confiscating liquids, and the terrorists hide explosives in their brassieres and use solids, we’ve wasted our money. Terrorists don’t care what they blow up and it shouldn’t be our goal merely to force the terrorists to make a minor change in their tactics or targets.

Read the whole thing »

Bruce also linked to the not-surprising statement by British Airways chairman Martin Broughton:

Britain should stop “kowtowing” to US demands over airport security, the chairman of British Airways, Martin Broughton, has said, adding that American airports did not implement some checks on their own internal flights.

He suggested the practice of forcing passengers on US-bound flights to take off their shoes and to have their laptops checked separately in security lines should be dropped, during a conference of UK airport operators in London.

There was no need to “kowtow to the Americans every time they wanted something done”, said Broughton. “America does not do internally a lot of the things they demand that we do. We shouldn’t stand for that. We should say ‘we’ll only do things which we consider to be essential and that you Americans also consider essential’.”

Review: Cyber War

Bruce Schneier reviewed the new Richard Clarke and Robert Knake book. As I would expect from Clarke it tends towards sensationalism, but has enough good bits to be worth a library hold (not to buy). Here’s Bruce:

Cyber War is a fast and enjoyable read. This means you could give the book to your non-techy friends, and they’d understand most of it, enjoy all of it, and learn a lot from it. Unfortunately, while there’s a lot of smart discussion and good information in the book, there’s also a lot of fear-mongering and hyperbole as well. Since there’s no easy way to tell someone what parts of the book to pay attention to and what parts to take with a grain of salt, I can’t recommend it for that purpose. This is a pity, because parts of the book really need to be widely read and discussed.

The fear-mongering and hyperbole is mostly in the beginning. There, the authors describe the cyberwar of novels. Hackers disable air traffic control, delete money from bank accounts, cause widespread blackouts, release chlorine gas from chemical plants, and — this is my favorite — remotely cause your printer to catch on fire. It’s exciting and scary stuff, but not terribly realistic. Even their discussions of previous “cyber wars” — Estonia, Georgia, attacks against U.S. and South Korea on July 4, 2009 — are full of hyperbole. A lot of what they write is unproven speculation, but they don’t say that.

(…) In the last chapter, the authors lay out their agenda for the future, which largely I agree with.

(…) We need more research on secure network designs. Again, even without the cyberwar bit, this is essential. We need more research in cybersecurity, a lot more.

We need decisions about cyberwar — what weapons to build, what offensive actions to take, who to target — to be made as far up the command structure as possible. Clarke and Knake want the president to personally approve all of this, and I agree. Because of its nature, it can be easy to launch a small-scale cyber attack, and it can be easy for a small-scale attack to get out of hand and turn into a large-scale attack. We need the president to make the decisions, not some low-level military officer ensconced in a computer-filled bunker late one night.

This is great stuff, and a fine starting place for a national policy discussion on cybersecurity, whether it be against a military, espionage, or criminal threat. Unfortunately, for readers to get there, they have to wade through the rest of the book. And unless their bullshit detectors are already well-calibrated on this topic, I don’t want them reading all the hyperbole and fear-mongering that comes before, no matter how readable the book.

One of the Amazon reviewers, Ari Elias Bachrach, clearly knows the topic. His review begins:

I’ve been in the information security field just about my entire professional life, both in and out of government, and I’ve been hearing people sound the alarms about “cyber warfare” for at least the last 15 years. Most of the time their grasp of the technical aspects is limited, they don’t have a clear idea about what they’re talking about, their scenarios read like movie plots, and they’re usually trying to win government contracts. Although this book does have some serious shortcomings, Clarke’s book is without a doubt the clearest and best work I’ve seen on cyber warfare. I’ll lay out his book and his thesis first, then I’ll tell you where I thought he fell short and what I thought of it.