Sunday, June 9, 2013

Why the "They're not listening to your calls" argument is entirely irrelevant

There's a huge amount of information that can be gleaned from observing the pattern of unreadable communications.  Whether the call is unreadable because it's encrypted, or whether it's unreadable because of the lack of a court warrant doesn't matter.  Traffic Analysis is a well understood and amazingly powerful technique that excels at identifying organizational relationships.

In the Pleistocene Age of this blog I posted about how the Allies fooled the Germans on the location of the D-Day invasion, using George Patton and the mythical First US Army Group (FUSAG) and a bunch of radios to sucker the German traffic analysis:
Armies used radio extensively to coordinate movements. Orders were sent via radio (encrypted, or coded) from FUSAG HQ to several make believe "Corps HQ" in Southeast England, whence more messages would be sent from each Corps HQ to several phantom "Division HQ", and on down the chain. A small army of radio technicians spent their days sending completely made up messages back and forth to each other.

The Germans, of course, were listening, and using the patterns of signal, reply, etc to build an org chart of Patton's Army Group. To verify that all this activity was legit, the Luftwaffe made repeated recon sorties over Kent, photographing inflated tanks and empty tent encampments which made the whole thing look real.
 NSA understands traffic analysis, which is why they want the phone "meta data" (actually, the Call Detail Records).  The CDRs provide pretty much everything that the NSA computers need to start building calling trees - who knows whom.  Mapping terror watch list suspects into this tree makes other potential terrorists pop out.  I have absolutely no idea whether they've caught anyone via this - it's all deeply classified, as it should be - but suspect that this is been perhaps the primary weapon in the Global War On Terror.

But here's where it gets creepy.  Add in data from Google and the other high tech companies and you take this to a whole other level.  Look at Apple: the iPhone has been known for years to poorly anonymize GPS data, allowing someone (hello, NSA) to track the physical movements of a person of interest.  Now add in tracking the physical movements of another person in this traffic analysis calling tree, and they could tell that you met up in a park, even if you never called, emailed, or texted.

And that's just one form of electronic data; credit card transactions are also caught up in this dragnet.  The rabbit hole goes deep indeed.  And remember - none of this involves listening in on phone conversations.

Where things turn ugly is when you think on the IRS scrutiny of Tea Party organizations.  This was done enthusiastically by most of the IRS personnel.  It was done to thwart a particular form of political activity that was considered antithetical to the mission of the IRS - after all, if taxes are reduced, as the Tea Parties hoped - what do you need an IRS for?  Or at least, as big an IRS?

And so to NSA - which domestic political activity would be seen as hindering the activity of that Agency?  Could, say, the Electronic Frontier Foundation become a target of interest?  How would we know?

There's an old saying that while there are friendly foreign governments, there are no friendly foreign Intelligence Agencies.  I'm starting to wonder if you can change that to "domestic".


Old NFO said...

At this point, hell yes you can change it...

eiaftinfo said...

Throughout history - large governments have always turned towards tyranny (for the good of the people).

They have used all government resources to aid in this level of "security".

And, they have all become enemies of the people.

Ours is no different . . . .

Unknown said...

There are no friendly intelligence agencies, period. The best anyone can hope for is indifference from the right ones, and "hope for" is emphatically not the same thing as "count on".

Sean D Sorrentino said...

If I was a bad person with access to this sort of data on my subjects I wouldn't need to listen to the phone calls. I also wouldn't give a damn about terrorists. The terrorists are useful to scare my peasants into clinging ever more tightly to my state security apparatus.

Here's what I'd do. I'd keep all the records in some massive database, pretty much unused. Since I don't care about real time threats, there's no reason to analyze the data in real time. Then I wait until a leader of the opposition arises. I would use the database to ID his support structure, and his probable activities.

Since basically everything is a felony these days, I'd use the database to identify a few of his his three felonies a day, and arrest him. The best part, these are REAL felonies, not trumped up charges. He might even feel guilty about breaking the law!

It's all so much easier than working FOR the people, protecting their lives instead of my own power.