9 November 2001. Thanks to Daniel Brandt.
By Daniel Brandt NameBase
http://www.pir.org/
There have been suggestions recently that the FBI will be fairly aggressive in its use of the new Internet surveillance portions of the anti-terror law.
The source for this is Stewart Baker, a former NSA lawyer [ this was found on a newsgroup through Google Groups ]:
> From: "Baker, Stewart" <SBaker@steptoe.com> > To: "declan@well.com" <declan@well.com> > cc: "Albertazzie, Sally" <SAlbertazzie@steptoe.com> > Subject: Fox News goes overboard > Date: 29 Oct 2001 09:48:17 -0500 > > Fox News recently reported that the FBI has a plan to change the > architecture of the Internet, centralizing it and providing "a > technical backdoor to the networks of Internet service providers." > Like many others, I thought this was big news, and rather surprising. > Until I realized that the reporter only cited one source and that > it was, well, me. Fox News's claims go beyond the facts I provided > to her, and beyond any that I know about. > > To be clear, I believe that the FBI is at work on an initiative to > make Internet communications, indeed any packet data communications, > more susceptible to intercept and more productive of non-content > data about communications -- the sort of "pen register" data that > was expressly approved for Internet communications in the recent > antiterrorism bill. This initiative will have architectural > implications for packet data communications systems. The FBI is > likely to press providers of those services to centralize communications > in nodes where interception will be more convenient, and it is > likely to call on packet data services to build systems that provide > more information about the communications of their subscribers. > > The vehicle for this initiative is CALEA, the Communications > Assistance for Law Enforcement Act, a 1994 enactment that actually > requires telecom carriers to redesign their networks to provide > better wiretap capabilities. The act is supposed to exempt > information services, but the vagueness of that provision has > encouraged the FBI to expand its mandate into packet-data > communications. The Bureau is now preparing a general CALEA proposal > for all packet-data systems. While I have not seen it, the Bureau's > past interventions into packet-data and other communications > architecture have had two characteristics -- they have sought more > centralization in order to simplify interception and they have > asked providers to generate new data messages about their subscribers' > activities -- messages that are of value only to law enforcement. > > There are real legal and policy questions that should be raised > about this effort. In my view, it goes beyond what Congress intended > in 1994. And the implications for Internet users and technologies > deserve to be debated. But making these points, as I did with Fox > News, is not the same as saying that the FBI has a firm plan to > centralize the Internet and build back doors into all ISP networks. > If Fox News wants to break that story, it will need a source other > than me. > > -- > Stewart Baker > Steptoe & Johnson LLP > 1330 Connecticut Avenue, N.W. > Washington, DC 20036
I would like to add a dimension that has not been covered in this discussion of Internet surveillance. One item I brought up earlier was the possibility that the search terms added to the URL for Net searching are now fair game, because they can be considered part of the address as opposed to part of the content. I note with approval that the problem of search terms for engines such as Google has been mentioned both by the ACLU and by the EFF in their analysis of the new law.
But there's a further dimension that occurred to me more recently, that bears watching. That is the dimension of what's referred to generally as "traffic analysis." NameBase has a visualized "proximity search" that draws social network diagrams based on public information, and it was during the course of developing this several years ago that I became familiar with what the intelligence agencies are doing with traffic analysis and data visualization.
Federal agencies such as NSA, CIA, FinCEN, and DEA, have been doing a great deal of traffic analysis of telecommunications. Presumably this has involved circuits outside the U.S., for the most part, and is traffic that is non-Internet in nature, such as telephone toll records. This has been going on for at least ten years. It is a rather well-developed field by now.
There are a number of software vendors that write programs for traffic analysis. These are frequently termed "link analysis" or "cluster analysis" or "network analysis" software, which involves "data mining" and "visualization." These vendors often contract with the government. They don't talk much about their work, but you can search Google Groups and get hints of what's been happening in the field.
The new law allows data sharing between agencies. The FBI, which is now empowered to employ link analysis on the Internet, is in a position to obtain software expertise from those agencies that are more advanced in this field. They are also in a position to place a next-generation Carnivore close to some major Internet hubs, and mine most of the traffic for purposes of traffic analysis.
Pundits like to say that they're not worried, because the FBI couldn't possibly monitor all the data that flows over the Net.
That's not what the FBI wants to do with their Net surveillance, in my opinion. Rather, they want to be able to visualize clusters of cross-connect activity, perhaps based on some prior parameters, and see if the clusters suggest that certain IP addresses may be worthy of further investigation.
This is considered an excellent technique when you don't have any other clues or leads to work, because it at least allows you to get started by focusing on a subset of the data, based on patterns that look interesting.
The fact that nearly all search terms use query string information after the URL means that all these terms are very handy for use in traffic analysis. These terms are tightly focused already, because the user put some thought into which terms will deliver the desired data. It would be very easy to integrate these search terms into a traffic analysis software package. It would be much more interesting than telephone toll numbers, because there's much more data available for crunching in a software program.
When combined with email "to" and "from" addresses, and analyzed on a mainframe or distributed network of computers, you could zero in on anything suspicious happening on the net and target sub-populations of IP addresses for further scrutiny, or for past behavior if you have logs that go back in time. This is all very easy to do. Look what Google has been able to do with its 10,000 networked Linux boxes. It can crawl the entire Web once a month and handle over 110 million searches per day, all on $50 million or so per year, which isn't much by government standards.
There's no possibility of overload, despite the pundits. All you have to do is add more boxes, or scale down the parameters a bit on the front end so that less traffic gets analyzed.
This, I feel, is what the FBI plans to do with their new access to the Net. Essentially, it means the end of Internet privacy.
From: NameBase@cs.com
Date: Thu, 8 Nov 2001 12:19:56 EST
Subject: CIA and web surveillance
To: jya@pipeline.com
http://www.siliconvalley.com/docs/opinion/termsheet/mm110801.htm
2001-11-07
By Matt Marshall
Mercury News
The Central Intelligence Agency may seem a bizarre source of support for struggling Silicon Valley start-ups, but it may be a sure patron in a dour economy.
Ask Nimish Mehta, chief executive of Mountain View's Stratify, formerly known as Purple Yogi. His company combs through billions of Web pages to find answers to users' questions.
This week, it accepted millions in venture funding from the CIA's venture capital arm, In-Q-Tel. In return, In-Q-Tel wants Stratify's help in trawling through millions of Web and other electronic documents, including those written in Middle Eastern languages. "That would be nice to have,'' says Eric Kaufmann, a partner at In-Q-Tel's Menlo Park office.
Neither the CIA nor the company will disclose the exact amount of the funding, for fear of offending the CIA's other portfolio companies, which have gotten less. The amount was more than $1 million but less than $5 million.
The deal could be a good omen for Stratify, which wasn't pulling in much revenue under its dot-com business model. Indeed, if Mehta has his way, he'll be stealing a page from Oracle CEO Larry Ellison's playbook.
Rewind about 25 years. Back in the late 1970s, the spy agency became Oracle's first customer. A happy camper with Oracle, the CIA helped open doors for Ellison at other government agencies and corporations.
This way, Ellison survived through the recession years of the early 1980s with no venture capital injections at all. And by not watering down ownership with VC investments, Ellison emerged with 39 percent of Oracle's shares -- and since has become the nation's second- or third-richest man.
Mehta, a former Oracle executive himself, says he doesn't want venture capital, and didn't seek out the CIA's investment. He joined Stratify in February, when it was still Purple Yogi, a frugal company that still had $20 million of the $30 million venture funding it had received over the past two years.
But like Ellison, Mehta sees a good customer in the CIA, one that can open similar doors for his company. "I've seen Larry fight that battle, and I want to fight it the same way,'' says Mehta, who once reported directly to Ellison.
The parallels run deeper. Mehta wants Stratify to tap into what he believes is a huge potential market for mining, and then ordering, "unstructured'' data. Oracle and its early competitors discovered the database-software market -- which orders "structured'' information.
Of the information that a typical company carries on its Web server and computers, 85 percent is unstructured, Mehta says. That's why Mehta says he can build Stratify into a giant that rivals Oracle.
That's also the reason why the CIA is interested. In-Q-Tel's Kaufmann says Stratify is better than its competitors because it creates a hierarchy for the information it seeks, has superior classification technology, and is nimble in the way it allows users to decide what research to conduct. The company is brainy. It has about 15 employees with doctorate degrees. Twenty of its 75 employees are engineers based in India.
Stratify recently won a deal with Infosys, a management-consulting company that uses Stratify's software in the products it offers to clients. Investors say Stratify is more advanced than Autonomy, a publicly traded U.K. competitor. "It can handle millions of documents and can crawl over everything looking for stuff,'' says Bill Burnham, a partner at Softbank Venture Capital and an earlier investor.
He and other investors encouraged Mehta to take up the relationship with the CIA. In times like this, any funding at all is "nothing but positive,'' says Purvi Gandhi, a venture capitalist with H&Q Asia Pacific, who also invested in the company.
The CIA deal was in the works before the Sept. 11 attack, and it was sought out by Gilman Louie, In-Q-Tel's chief executive. Louie, otherwise known as Q -- a reference to the technologist Q in James Bond movies who shows 007 the latest gadgets -- is a man who "pulses with energy,'' according to Mehta. That the CIA sought a deal that is relevant for the attack's aftermath is a coincidence, Mehta says.
Mehta has presided over a 21 percent reduction in workforce, preparing the company to survive through 2003 -- even before the CIA's investment.
Mehta learned the hard way. His previous company, Sunnyvale's Impresse, went out of business early this year after burning through about $80 million in venture capital.
Purple Yogi was frugal, but Mehta says newly named Stratify is even cheaper now that he's arrived. Forget credit cards, free food, massages or big-budget outings. To have fun, the company created a 21-hole miniature-golf course on premises. Employees went to a baseball game on public transit.
And Mehta's cubicle is tiny. He recalls his senior vice president's digs at Oracle: a sprawling private office, a waiting room, a secretary, a training room and sauna. "My personal bathroom was as big as my cubicle,'' he says, pointing to his new humble digs.
He's not Ellison yet.
END