Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fighting Terrorists Through Software, Anonymously?

Posted by simoniker on from the i'm-not-who-you-think-i-am dept.

Silwenae writes "MSNBC has a story online from this week's Newsweek about Jeff Jonas, founder of System Research and Development. SRD's software attempts to verify a person is who he says he is, and then tries to determine who that person may be connected with. Originally used in casinos, the CIA has invested in SRD for use in the war against terrorism. Apparently, Jonas has developed a system that can anonymize the data being analyzed through hashing, so the government can share this information with the private sector to look for hits, without the private sector seeing the specific data."

14 of 257 comments (clear)

  1. Stealth Snooping by R.Caley · · Score: 4, Insightful
    [...]so the government can share this information with the private sector to look for hits, without the private sector seeing the specific data.

    I.e. so the state can put people it doesn't like on the list of people to be tracked with less risk that that person, or the rest of us, can know who is on the list.

    Yeah, that's really reassuring.

    Big brother may be watching you, but you have no way of knowing...

    --
    _O_
    .|<     The named which can be named is not the true named
    1. Re:Stealth Snooping by Hektor_Troy · · Score: 5, Insightful

      Big brother may be watching you, but you have no way of knowing...

      Which is far more scary ... to me at least.

      Personally I'd feel more comfortable travelling in China, as I know for a fact what will happen to me, if I were to air my oppinions about their government. In the USA however ... well - I'm a foreign citizen, so hey presto - enemy combatant.

      --
      We do not live in the 21st century. We live in the 20 second century.
    2. Re:Stealth Snooping by Anonymous Coward · · Score: 5, Insightful

      What's really wonderful is that, since this is a static system, this is still subject to the Carnival Booth terrorist screeing attack which was documented not so long ago and which guarantees that this will reduce and not increase security by allowing terrorists to identify which people they can use to carry out attacks.

      Idiots.

    3. Re:Stealth Snooping by kfg · · Score: 4, Insightful

      This would be a valid criticism if any of these "antiterrorist" technologies had anything to do with security.

      They're about the DEA and tracking potential "politcal radicals." i.e. people who are likely to oppose you politically.

      KFG

    4. Re:Stealth Snooping by kfg · · Score: 4, Insightful

      So we've recreated the 2nd Red Scare

      Second? Hell, we've been down this road so many times the cobbles are worn to little nubs. We've had the French scare, the Loyalist scare, the Mexican scare, the Spanish scare, the Nez Perce scare, the bootlegger scare and the British scare alone was milked for 100 years. The Alien and Sedition acts were passed in 1798.

      Christ almighty, if you want to get an idea of how far back this goes just read the Bible.

      KFG

    5. Re:Stealth Snooping by tom's+a-cold · · Score: 5, Insightful

      The false-positive rate should be emphasized far more than it has been. What does it mean? It means that whatever system they have in place, if it's based on statistical indicators rather than someone's hunch, will inevitably identify several innocent people for every terrorist that they find. Depending on the sensitivity of the detection algoritm, the value of "several" could be anywhere from dozens to thousands. And these people are not "borderline" terrorists in any sense. They are no more likely to be real terrorists than anyone else in the population. They're entirely innocent. So the use of such a system is guaranteed to falsely identify, stigmatize and punish large numbers of innocent people. This is not a tradeoff between freedom and security. It's a tradeoff between justice and the false perception of security.

      --
      Get your teeth into a small slice: the cake of liberty
    6. Re:Stealth Snooping by R.Caley · · Score: 4, Insightful
      What happens when a crime is committed? The police round up suspects. How do they get that list of suspects?

      One would hope that they start from the crime and compile the list, rather than starting from a list and trying to fit list members to the crime.

      Otherwise we end up with Louis:

      Realising the importance of the case, my men are rounding up twice the usual number of suspects.
      The classic case in the UK is the `Birmingham Six'. Faced with the worst terrorist attack ther had ever been on the UK mainland, the police started with their list and worked really hard to find some suspects who fitted. Needless to say, those convicted were eventually found innocent and set free, and the people who did it were never caught and punished.
      --
      _O_
      .|<       The named which can be named is not the true named
  2. Using Hashing by MoonFog · · Score: 4, Insightful

    His response was to invent ANNA ("NORA's little sister," he explains), a system that "anonymizes" data by an encryption technique called hashing. Because the data are scrambled, private records can be shared with the government and secret watch lists can be distributed to private entities, all without fear--because they can't be read

    Although this is a step in the right direction, hashing algorithms can be brute forced right ?
    I mean, this information may be valid for years, a thing you did when you where 18 may still be there when you are 50. I don't think this data should be distributed much at all, even though it's encrypted.

  3. False Positives and False Negatives by billstewart · · Score: 4, Insightful

    Great. While there are definite positive privacy things they _could_ accomplish with this, it's also open to lots of possible problems like "The computer said you matched a terrorist's name, no we don't know why, or where the list came from, we just have to cancel your account and call the police on you" which are as hard to defend against as being on the "No-Fly List" of Americans whose rights to travel are arbitrarily and unconstitutionally limited, or the "Strip-Search-Before-Flying" list, or the "Hollywood Suspected Commies Blacklist".

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  4. definition of "war against terrorism"? by fantomas · · Score: 5, Insightful

    Can anybody help me and define the limits of the problem "the war against terrorism"?


    It strikes much of the issue is defining the problem, hey we're geeks right, give us a spec to build to, yup? This seems to be the chief concern of slashdot posters so far, that the problem has not been bounded and there are varying interpretations being made on what the problem is. How can we define the problem? Or are we accepting that the term is a worthless media and political construct to sell newspapers and justify military/ intelligence spending? Can we frame this fuzzy problem in a more meaningful way?

  5. Freedom for security by mu-sly · · Score: 4, Insightful

    Obligatory quote:

    "Those willing to give up a little liberty for a little security deserve neither security nor liberty." - Benjamin Franklin

    My personal opinion on the matter is that you can't fight a war against terrorism without looking at what the root causes of that terrorism are. The fact is, that at the moment the west is seemingly willing to just overlook what the causes of terrorism are, and are trying to just blow the terrorists to smithereens.

    When will people learn that labelling people "terrorists" and killing them just creates new "terrorists" at an exponential rate? As far as these "terrorists" are concerned, America and the UK are "terrorists" too.

    Clever tracking software or not, "terrorists" are not going to go away until we start looking at why they are "terrorists" in the first place.

    Just because a government chooses to carry out military activities, doesn't make them any less terroristic or any more legitimate.

    Perhaps those doubting the terrorism carried out by the US and allies in Iraq should check this page for help in visualising the numbers.

    --
    Organic free-range music... yum!
  6. This is getting absurd by hardcode57 · · Score: 5, Insightful

    The peoples of democratic countries need to wake up to the fact that terrorism represents less of a threat than their own governments' response to it. Even 9/11, the worst terrorist attack in history, did not do much to increase the annual rate of homicides in the US. It remains much more dangerous to cross the street, drive to the supermarket, walk in the hills, or go for a drink on a weekend night (let alone smoking or eating burgers). We need to accept, and insist our governments accept, that there are risks involved in the world, of which terrorism is by no means the greatest, and that these cannot be eliminated while maintining a reasonable quality of life.

  7. To what degree... by Sciamachy · · Score: 4, Insightful

    ...does this work? I mean, the theory goes that we're all connected by 6 degrees of seperation. How do they define a connection? Depending on these factors, anyone could be condemned as connected somehow with undesirables.

  8. Dumb idea... by shic · · Score: 4, Insightful

    It is not sensible to publish this data - even in "anonymous form." Use of hashing will only prevent a party with access to the hash from directly reverse engineering the hashed data to arrive at a list of suspect names - however this completely misses the mark.

    If I were a terrorist organisation planning something like 9/11 and I knew many of my lemming-recruits would be identified by airport security as risks, I would process my terrorist volunteers myself and only send those who would not raise any eyebrows. This information (anonymous though it is) would be of great value as it would eliminate another uncertainty from the evil plan.

    If I were a private individual with interest in knowing the identities of all suspects then I would be able to mount a dictionary attack using, say, the electoral role or census data - with only a few billion people worldwide, a modest cluster of PCs would be able to exhaustively search for matches in reasonable time.

    Finally - if this anonymous data were to be available only to authorities to whom the raw information would otherwise have been available then this approach is still a disadvantage. Without access to the reason for someone matching, it will make it much harder for authorities to make appropriate judgement calls based upon a match. The mere possibility that a match might be due to a hashing collision or data- entry errors prior to hashing could result in the wrong decisions being taken. There is certainly a risk that without information on why someone is a suspected risk that related vital clues may be missed - possibly resulting in an otherwise preventable disaster.