Thursday, February 09, 2006

NSA scandal got you worried? Then, I ADVISE you read this.

Total information awareness lives! From the CS Monitor:

The US government is developing a massive computer system that can collect huge amounts of data and, by linking far-flung information from blogs and e-mail to government records and intelligence reports, search for patterns of terrorist activity.
The core of this effort is a little-known system called Analysis, Dissemination, Visualization, Insight, and Semantic Enhancement (ADVISE). Only a few public documents mention it. ADVISE is a research and development program within the Department of Homeland Security (DHS), part of its three-year-old "Threat and Vulnerability, Testing and Assessment" portfolio. The TVTA received nearly $50 million in federal funding this year.
What sets ADVISE apart is its scope. It would collect a vast array of corporate and public online information - from financial records to CNN news stories - and cross-reference it against US intelligence and law-enforcement records. The system would then store it as "entities" - linked data about people, places, things, organizations, and events, according to a report summarizing a 2004 DHS conference in Alexandria, Va. The storage requirements alone are huge - enough to retain information about 1 quadrillion entities, the report estimated. If each entity were a penny, they would collectively form a cube a half-mile high - roughly double the height of the Empire State Building.

I’m leery of this on a couple different levels. First, it seems like it would be easy to screw up. Last night on Olbermann’s Countdown the “Worst Person in the World” was a toss up between a bank and DHS because they froze the bank accounts of some nuns under provisions of the patriot act. Why? Because of they didn’t have the right info on file. And the track record of the “no-fly” list doesn’t give me a warm fuzzy about this type of program either. What happens if ADVISE and the no fly list are linked? Sorry sir, you bought a copy of the wrong book from Amazon so you can’t board the plane.

Of course, I can see the intelligence utility of such a program, but I can also see the civil liberties pitfalls. In our increasingly connected world, our society needs to think about these things. How will our government exercise independent oversight of ADVISE? Or will it be like NSA programs and be so highly classified that anyone outside the intelligence community won’t be able to see what’s going on? Perhaps we should start electing people to congress who already have Top Secret clearances.

Finally, I wonder if this is not yet another example of our country’s over-reliance on technology to try to solve its intelligence problems. UBL probably isn’t clicking around on Amazon. The bad guys are smart enough to adapt to the environment in which they live. They know when our satellites are passing over. They know that we monitor their communications and work to counter that. They’ll counter this too. I’m not saying that something like this won’t produce useful intelligence. I’m sure it will, but we’ll still be left with gaps.

The key to success in the counter-terror fight is Human Intelligence and cultural adaptability. ADVISE will be mining tons of data, but how many of its operators will speak Arabic? Not many based on our thru-put for language training. ADVISE may be able to tip or cue the intelligence community that something might be happening, but without a robust HUMINT follow through, you’re just jousting electrons.

Udate: DefenseTech has a great post on this. There is a great comment on the post as well:
I wonder how well the data mining stuff can work.

I once read the Earth Liberation Front's "How to Commit Arson" document
(I worry about the Dirt-First types and cyberattacks).

They focused a lot on how to avoid traceability through electronic
records (purchases, etc). If a bunch of shaggy, granola eating, firebombing,
hummer-burning treehuggers can figure it out, couldn't Osama & co?


At February 13, 2006, Anonymous Retired Army Guy said...

Timely post. Having some experience in this area, I've been mulling over the implications of the whole NSA and other DOD monitoring efforts. From a constitutional and legal standpoint, I have some problems. We still have a 4th Amendment and I think we still have rule of law. A fundamental precept has long been the fact that bad guys actually get more leeway than do good guys—specifically because of the danger that good guys can turn into bad guys rapidly. Further, our philosophy has always been "better to let 99 guilty go free than to convict one innocent man." Or something like that.

Then there is the ultilitarian perspective. My work was always on the ground, as a special agent and case officer. Nailing bad guys ain't easy, not if you want to stay within the law. These electronic. remote monitoring activities, while sometimes useful, do not represent a silver bullet, no matter what the DIRNSA or SECDEF may say. They can be useful as targeting/tipoff devices, but the fact is trained and qualified human beings have to get out there and do the legwork for any of this to matter. Unfortunately for this nation, our leadership, civilian and military, view the on-the-ground work as messy and inefficient; it also seems as if only idiosyncratic, non-team players excel at it. Plus you don't get rapid promotions from doing it. So it's been relegated to the back rooms for years, with those favoring high-tech, "clean" solutions getting the promotions and the budget dollars. To my knowledge, no one has ever asked them to provide any sort of cost-effectiveness reports.

The American people probably have little to worry about, even if it is illegal and/or unconstitutional. Fact is, the vacuum cleaner approach favored by the agencies doing these types of things ensures that the system will be overloaded to the point that human beings—who ultimately have to do the grunt work—will be overwhelmed. This is especially true because the Government has never seen fit to hire sufficient numbers of humans operationally and linguistically qualified to follow up on the leads generated through these efforts.

Much huffing and puffing, lots of tax dollars spent, little of value produced is how I see it.

At February 18, 2006, Blogger "Frankly Opinionated" said...

I noticed the phrase: "We should elect those with "Top Secret Clearances", or nearly so...... Merely having a "Top Secret Clearance", offers no access to any classified document, none. The mitigating factor is "The Need to Know". Most of the dummies up there at Foggy Bottom don't have "The need to know", so therefore are rightly, left in the dark. We citizens have no "Need to Know", on how our security is being done; only that it is being done and in a proper fashion. If the NSA thing has produced a complaintant, one who has been eavesdropped on, I haven't heard of it. If my government has the ability to monitor calls into or out of a known terrorist region, they damned well better do all of it that they can. I insist that they do as much as is reasonably possible to help me take care of my security. I have a clearance, but I don't have the "need to know", so I leave it with those I elected, and those appointed by the ones that I elected. Any thing being done today that one would not want the government to know of, is quite safe using conventional communications. Unless you are a huge fish, you aren't at risk.
nuf sed

At April 19, 2006, Anonymous Anonymous said...

Существует масса более совершенных аналогов ADVISE, например SEMNET.

Извините, если потревожил.


Post a Comment

<< Home