CodeBetter.Com
Sign in | Join | Help
in Search
CodeBetter.Com
RSS 2.0 via Feedburner
           Do you Twitter? Follow us @CodeBetter

Eric Wise

Business & .NET

Tech of NSA Wiretapping (and why the warrants argument is dumb)

So it's been all over the news that a judge ruled that the nsa wiretapping program is illegal etc etc etc.  I'm not a lawyer, so I'm not really going to go into the legal aspect, however, I got to thinking from a technology perspective, if I was asked to create an effective program to track terror communications over communication lines, how would I go about it?

First, we have to define the scope of the problem:

1. We don't know who the terrorists are.

2. We don't know when and where they are calling from.

3. There are tens of thousands of international communications going on 24/7.

So based upon this problem scope, how would one handle not only identifying terrorists, but ensuring that if one was identified you could quickly and effectively "connect the dots" and identify co-conspirators etc?  There are a few obvious things based on the above assumptions:

1. There is no way for any team of humans to manually tap calls.

2. There is no way for a team of humans to listen to every single call.

3. If you do identify a terror suspect, you not only want future records, but past ones as well possibly including the calls of people linked to them via number cross reference.

With these concepts in mind, I can only come up with one conclusion.  The only way to effectively handle this type of monitoring is to log all calls, indexed by datetime and phone numbers of both parties.  This is a huge amount of data, being that no one can go through it all, the purpose of the system would be whenever any agency raised a red flag on someone, you could pull their records as well as the records of anyone they're in contact with, and then you get the warrant to crack the records open.

Thus, I think this whole hysteria from some people about "warrantless wiretapping" is kind of a FUD argument.  If the NSA is recording all of my calls, but never listening to them without probable cause and a warrant, it doesn't really hurt anyone, in addition it maintains the history so if a red flag gets raised, you can go back and figure out what's been going on historically as well as future calls, as well as follow the links by phone number, getting as many warrants as you need to at this point.  Because there are tens of thousands of calls a day, it is unfeasible to expect to get warrants to monitor every call, and it is also unfeasible to just delete the ones you aren't listening to, since they may need to be cross referenced and analyzed some day.  However, I do think that as soon as a flag is raised, they best be getting a judge and warrant involved.

 


Published Aug 18 2006, 02:47 PM by Eric Wise

Comments

Shane C said:

Your view of the issue is fairly short sighted.  There are two assumptions you are making...

1) That the USA will remaining a citizen friendly democracy for the foreseeable future.  While I'll agree it is a bit paranoid to think we'll be seeing an American version of V for Vendetta I also don't think it's completely out of the question.

And if that were to happen how hard would it be to rerun that word matching algorithm against all those phone calls for whatever new word has been deemed offensive.

2) That at some point we won't have a system powerful enough to categorize every conversation and start to build useful information on the people involved in each call.  The gov't itself doesn't need to be corrupt for this kind of information to be used inappropriately.  All it takes is one bad apple.  

At the end of the day I'm more worried about how this data may one day be used.. and who has access to it.  Of course I'm Canadian so as long as I'm not calling any American I should be okay ;)
# August 18, 2006 3:25 PM

FransBouma said:

the data is stored and therefore can be used for any datamining purpose required, oh, for example to mine data to manipulate the upcoming elections in the US.

What's even dumber about this whole program is that it assumes bin-laden and friends use telephone lines to communicate with eachother. It's been known for some time these groups have a very loose connection with eachother, and use wicked kinds of communication, for example image files with embedded messages, posted on some website.

And Eric, don't fall into the trap of "I've nothing to hide so why should I be worried?". There's always something to find if you look hard enough and pull everything out of context.
# August 18, 2006 3:59 PM

Matt said:

I would take a look at the algorithm behind the supercomputers that were used to play chess against the Grandmasters. They don't just blindly crunch numbers on all possible moves, they use some patterns and logic to quickly determine likely moves and just look at them.

You are assuming that all people are potential terrorists- from this, you:
A. Would need a ridiculous amount storage to hold all the data (probably on the level of impossible)
B. Violate the US Constitution by treating people as guilty until proven innocent

I think assuming that terrorists will provide no reasons to monitor them other than their communications is erroneous, which makes the warrant argument a valid one.
# August 18, 2006 4:29 PM

Leonard Smith said:

Well, it's reasonable to trace thousands of conversations and flag them if certain words are spoken.  But the problem still is that <b>it's currently illegal.</b>  The president has willfully broken the law.

If they wanted to implement this type of program, they should've consulted the congress and created a new bill (with the appropiate oversight) in order to do it.

I'd probably support that legislation.  But the President doesn't believe he needs to consult congress to do whatever he pleases.  When you don't feel bound by the existing laws of the nation, that makes you a dictator.


# August 18, 2006 4:30 PM

Greg said:

I don't have much to say on the political implications of this but Matt .. you are 100% incorrect when it comes to chess programs.

They are nothing but simple searchers .. they do not look at a board the way you do. They generally use alpha beta pruning with minimax http://en.wikipedia.org/wiki/Minimax_theorem http://ai-depot.com/LogicGames/MiniMax.html http://en.wikipedia.org/wiki/Alpha-beta_pruning in a breadth first search ... there no real intelligence or pattern matching here but brute force and realizing that a given line is terrible compared to the way the others are turning out.

Of course this type of logic is much easier with a fixed zero sum game such as chess tactics than it would be with arbitrary pattern matching dealing with natural voices and associations. More likely you would end up in the realm of the connectionists (such as http://www.cnbc.cmu.edu/~jlm/ .. his works hold alot of merit for this type of problem)

# August 18, 2006 6:44 PM

Auros said:

So, I think your commentary may be missing the point that the ruling actually punted on data-mining -- it allowed the administration's State Secrets argument, and excluded discovery of any evidence concerning that portion of the program.  But it ruled that the part where they actually wiretapped (or listened to recordings) calls, without warrants, was a violation of the 1st and 4th amendments, and the FISA statute.  So it sounds like you actually agree with the content of the ruling.

<a href="http://www.slate.com/id/2147955/">Analysis here.</a>
# August 18, 2006 7:08 PM

Eric Wise said:

Matt - I disagree that the amount of storage would be ridiculous, your cell and telephone providers already provide voicemail for just about everyone.  In addition, you can use compression.  Besides, this is likely what the program is already doing.

"treating people as guilty until proven innocent"?  Under that logic, you must think that security cameras in stores are against the constitution.

The "right to privacy" is based on the 4th amendment, which is a protection against unreasonable search and seizure.  Is it unreasonable in this day and age to monitor foreign calls, particularily to countries which don't view us in a favorable light?  That's a question for the judges.  However, I often wonder at the right to privacy... if I am sending data outside my home, over lines and switches that I have no personal control over... in unencrypted form... do I really have a reasonable expectation of privacy?  That also, is a question for future judges and lawyers.

Frans - If Bin Laden and co didn't use phones to communicate, the British plot that just got broken up wouldn't have been detected.  That was two weeks ago.  People wouldn't be getting caught with 1000 disposable cell phones either.

Shane- While I agree with the concern about data being misused, I'm sure it doesn't stop you from using a credit card at a store.  Also, a corrupt police officer can do a lot of damage, but we certainly don't ban police officers.  Part of having a representative democracy is that you are supposed to trust your members of congress etc to run programs properly.

It has also been noted that members of congress were briefed on this repeatedly, and judges have been brought in for warrant issuing etc.  The idea that the president just "went and did it" is a complete fallacy and does not stand up to research.

# August 18, 2006 7:23 PM

Ayende Rahien said:

Eric,

Security cameras on stores are for when _I am in the store_.
In the same manner that my employer can keep track of all the email that I send from work, and has the right to read them.

My employer has _no_ right to read my personal email.

The problem with your suggestion is that it assume that what you mean is what will happen. Didn't your goverment abused the laws after 9/11   to go after other criminals?

About encryption. You are aware that the US used to forbid exporting encryption, right?
And that encryption may have high cost for me as the user? If I want to talk on an encyrpted line, I need to go through some trouble on both ends.
I have no problem understanding that I need protection from criminals, I have a LOT of problem understanding that I need protection from the goverment.
That put ME in an awkward position.
You are doing _something_ wrong, otherwise you wouldn't have encyrption.
# August 18, 2006 10:10 PM

Colin said:

This is really a general comment about mass communication monitoring. I just wanted to say that the data inside a communication is not required for the data to be useful. It was mentioned on a "this week in tech" podcast (I wish I could remember which one) that Interpol have in the past demonstrated a system that could practically show you an organisational structure of who’s who in any organisation just by the patterns of who is calling who and when.

If you combined this information with other information such as geographical location or what ever you wanted then there is certainly enough information to allow you to make a decision on who you want to do some more in depth investigation on and perhaps log content too so from a technical aspect this is clearly more than possible.

With all that said the people who governments probably want to find should be smart enough to avoid communication in this manor and instead use a drop box method (e.g. creating an email account saving your chosen information and then passing the login details to the recipient in multiple parts through various mediums). A better way to use this mined information would be to make money on the stock market rather than catch terrorists and criminals
# August 19, 2006 8:28 AM

Eric Wise said:

Ayende,

It's more of a comment about "attempting to have privacy".  If you are inside your home, windows and doors shut, but having a loud, violent, domestic dispute and a cop or neighbor hears it, you can't claim that your right to privacy protects you in any way.

When you send something through US mail, you seal the envelope, you know that you are protected by federal law from having others open the mail without a warrant.

When you are walking around using a cell phone, any yahoo with a scanner or standing close enough to you can hear part or all of your conversation.  You have made no attempt to be private.  Thus, I stretch that to say that if you're not attempting to be private in other mediums, you would likely have the same lack of protection legally.

You know, there are other countries in Europe etc, where you can go to the local gov office and pull anyone's complete information, phone, address, tax receipts, etc.  These societies haven't collapsed, it's an open system.  Thus, if we changed our perception from an assumption of privacy to an assumption of openness, this wouldn't even be an issue.
# August 19, 2006 9:59 AM

Eric Wise said:

Colin- One would think that, but we continue to catch these people using the phone systems and internet email/message board, etc.  Part of coordinating an attack of any sophistication (like blowing up 10 airliners at once like the Britain plot) requires fast, reliable communication.  The sneaky mediums you are suggesting don't really work so well at meeting that need.

In addtion, if you read the point I made about just recording it all.  You'll see that I mentioned using the call information without the content to do cross referencing etc, but actually having the content available when/if a warrant is issued.  If someone is found to have been plotting a terror attack, wouldn't it be useful to get the whole chain of communication instead of just the future ones?  
# August 19, 2006 10:03 AM

Colin said:

If you can log it all then I agree, if I was building such a system I would log it as much as was practically possible. If this was not practical to log everything, then this is probably the point at which you would want a system to selectively record communications.
If I was putting together such a system I would employ AI techniques to build a model of interesting and uninteresting calls and then log and listen on that basis. This can feed back in to itself to make decision on what is becoming interesting.
Regarding my sneeky methods mentioned before, I disagree that these would not be useful, taking the example you mention there is no need for such communication to be fast and reliable till nearer the time (say within a couple of months)
# August 20, 2006 10:06 AM

Eric Marvets said:

First off, it is reported that they are recieving records from the phone companies off all the calls made.  There has never been an admission that they are recording all these calls, only conspiracy theories.  If they had reason to suspect someone of terrorism, all they would have to do is serve the phone companies with a subponea to get those particular records.

The only reason for them to have this data is to apply social networking algorithms against them to profile people.  It has already proven ineffective (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9000515) and makes you wonder if this program wasn't put in place under the guise of preventing terrorism.

It WILL be abused.
# August 21, 2006 11:07 AM

Dave said:

Eric,

Will you even concede that what you’re talking about can be abused?

If so, then you may have a small understanding as to why so many people are upset about it.  It leads to the gradual degradation of any type of privacy that you could hope to have, so it is up to us to resist this type incursion on our communication.  

As for this:
Thus, if we changed our perception from an assumption of privacy to an assumption of openness, this wouldn't even be an issue.

I hope you really don't believe this statement.  I can see it now...Eric is denied work and insurance because information gathered from his medical information reveals that he has cancer.  Thus, he is too much of a risk for employment.  Or how about, Eric excessive porn suffering, which is now publicly available, ends in divorce and being shunned by his fellow church members.  

It should be harder to find out information about the guy sitting next to you, not easier.  It could be that a woman is running from an abusive husband who might beat or kill her if he finds here.  She thought that leaving the state would help, but Eric and the like think that all information should be public.  He merely does some searches of phone and mailing records and tracks her down.  New flash:  Women found dead in local apartment complex today news at 11.  

There are a lot of things that people would rather keep to themselves and that others have no business knowing about.  

Dave

PS – Watergate sure would have been easier if everything was already recorded for them.
# August 22, 2006 11:28 PM

Eric Wise said:

Dave,

Everything has the potential to be abused.  A waiter taking your credit card at a restaurant could make a copy of the numbers while you weren't looking.  Just because something can be abused doesn't mean you ban it.  You impose hefty penalties for those that do.

You already get denied for health insurance on prexisting conditions.  Employment already is allowed to run background and credit checks on you, so I would say they already have access to most of the information you're claiming is abusive.

Are you suggesting that looking at pornography and hiding it from your wife and going to church and acting all holy when you're not is a nobel thing that deserves protection?

The dead woman argument is very weak as well.  You can already hire private investigators that search credit reports etc and locate people quite easily.  If you're in that much danger, you need to get into a protection program and change your identity.

PS- the watergate people were punished.  Nixon stepped down and the party paid a political price.  If you're auditing access like you should be, with congressional oversight, this shouldn't happen often, and should be discovered and prosecuted if it does.
# August 24, 2006 10:33 AM

Dave said:

Eric,

You’re an optimistic guy and I like that, but I don't think that making things easy for people is the answer.  

For example:

Take your wallet, keys and all the other contents in your pockets and place them on a silver platter.  Now, walk with that platter down the streets of any major city (Paris, Rome, New York, etc).  What you are basically doing is allowing thieves to easily see what you have a take it if they want to take it.  If however, you had items in your pockets, they would have to probe a little harder to find out what you've got and taking it from you would be a lot harder.  Now, if they are caught stealing, they will be prosecuted, but you have to catch them first.  Regardless, the damage is done.

I consider your plan of easy access to my information the same as placing my stuff on a silver platter.  I will resist this type of discloser till my dieing breath.  

Dave

# August 25, 2006 9:40 PM

Right Voices » Blog Archive » RV Poll #16 - Should Court Orders Be Required for Wiretapping? said:

PingBack from http://rightvoices.com/2006/09/18/rv-poll-16-should-court-orders-be-required-for-wiretapping/

# September 18, 2006 9:41 PM

Leave a Comment

(required)  
(optional)
(required)  

Enter the numbers above:
Add
Check out Devlicio.us!

About CodeBetter.Com

CodeBetter.Com FAQ
Our Manifesto
Advertisers should contact Brendan

Subscribe

Google Reader or Homepage
del.icio.us CodeBetter.com Latest Items
Add to My Yahoo!
Subscribe with Bloglines
Subscribe in NewsGator Online
Subscribe with myFeedster
Add to My AOL
Furl CodeBetter.com Latest Items
Subscribe in Rojo

Member Projects

WSMQ - Brendan Tompkins
Sarasota Web Design - David Hayden
Patterns & Practices - David Hayden
dotMath - Steve Hebert
EZWeb - Jeffrey Palermo
Structure Map - Jeremy D. Miller
StoryTeller - Jeremy D. Miller
The Code Wiki - Karl Seguin

 

Friends of CodeBetter.Com

Red-Gate Tools For SQL and .NET
 BlogJet
CodeSmith 3.0
 SourceGear Vault
Telerik
 ComponentArt
VistaDB
JetBrains - ReSharper
 Beyond Compare
 .NET Memory Profiler
NDepend
AliCommerce
Ruby In Steel
SlickEdit
SmartInspect .NET Logging
NGEDIT: ViEmu and Codekana
LiteAccounting.Com <-- NEW Friend!


Site Copyright © 2007 CodeBetter.Com
Content Copyright Individual Bloggers

Community Server (Commercial Edition)