Slashdot Mirror
AT&T Invents Surveillance Programming Language
An anonymous reader writes "AT&T has long been associated with advances in the programming arts as well as communications. They've recently brought those disciplines together to create a powerful datamining language called Hancock. Hancock is a C variant developed to mine gigabytes of the company's telephone and internet records for surveillance purposes. 'The manual for the language includes a Hello World variant that shows you how to write a program that will parse logs of IP addresses and record them into permanent hashes. The program for parsing millions of records as they flow into permanent data farms sounds oddly close to the data mining the NSA performed after 9/11 to find targets for its warrantless spying on American citizens calls and emails."
What, was Palmdong taken?
One would think that John Hancock would not be pleased to learn that his name is being applied to a project that violates the Constitution he so famously signed.
Can I replace php with this? PHP is insecure I heard. Hancock must be secure because it is the government.
"Hey, what's that whirring sound?"
"It's the founding father this programming language is named after...spinning in his grave..."
Don't tell me to get a life. I'm a gamer; I have LOTS of lives!
Monitoring communities of interest is no doubt something of interest there..
We are already working on:
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
Hancock signed the Declaration of Independence.
"You don't need a weatherman to know which way the wind blows." - Bob Dylan
This is at least a decade old, was published in 2000 (I like the breathless "unearthed today", like it was some sort of secret -- the original Hancock paper is listed as having 29 cites) and has rather obvious applications for marketing, billing and security. The "oddly close to the data mining the NSA performed after 9/11" seems a bit excessive.
What I'm listening to now on Pandora...
If you haven't done anything wrong, then you have nowhere to hide!
Whoops - I mean nothing. Nothing to hide.
Step into a huge movement. Don't Tread In Me.
update Users set Status = 'suspicious' where Username in (SELECT Username, ipAddress, MissleAddress from IncomingCalls ic, OutgoinCalls oc where Volume = 'whispering' and Username not in (select Username from RepublicanDonors));
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
this is a collection of libraries and some domain specific keywords/structures, but to say that this is a new language is a stretch of imagination.
You can't handle the truth.
Well, at least they didn't realize they could do it in perl and then give perl the bad name...
less inflamitory, later it states:
It seems to have been created with slightly better intent (fraud detection, as well as, unfortunately, marketing - your phone company is spyware!).
A tool may not necessarily be bad, but it can have more bad uses than good, and may be been intended for rathern malevolent purposes. The rack comes to mind (although this language certainly isn't in that league).
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
I think we've been seeing a trickling of stories and evidence showing that Bush/Cheney/Addington were ALREADY doing many 'questionable' things prior to 9-11. At the speed of government, doesn't it make you ask how they were able to cobble together the DHS?! And if I recall, some of the surveillance activities declined by Qwest were requested prior to 9-11.
Bottom line? 9-11 is irrelevant to their intent... 9-11 helped provide some justification in the eyes of some, but the evidence shows that this stuff has been planned WELL in advance of 9-11 and this is not a reaction or over-reaction.
The language already exists: it's Soviet East German.
--
make install -not war
Never has that program name been so fitting.
Jokes aside, is this related to John Hancock?
John Hancock was an American Revolutionary, one of the signers of the Declaration of Independence. He signed it as largely and boldly as possible, much larger than any of the other signatures on that document, so that the King of England would have NO trouble identifying him in the face of his (and his compatriots) clear act of treason. His name is now synonymous with autograph or signature, as in, "Can I have your John Hancock here, please?"
If the AT&T technical staff called their data mining "language" Hancock, it may have been a poetic choice: AT&T is signaling their actions, and/or the actions of the government agents, are akin to treasonous. Yes, the charge of 'treason' is nearly moot in modern US law, but the fact remains that any sensible reading of the Constitution would not indicate any authority for what the government is doing with our communications.
[
-TheDawgLives suckitdown
I've been Hancocked!
Consider, for instance, a baseball bat. Under normal useage, it's used to play a game. Sure, accidents do happen, sometimes erious, but these are minority cases. For the most part, it's all in fun.
Now consider that baseball bat in the hands of a crazed psychopath who thinks YOUR head is a baseball. See the difference?
Understanding the scope of the problem is the first step on the path to true panic.
I try to stay upbeat about all this, I try to think of ways to fight back against this kind of crap, I do everything I can to not have to deal with this kind of obscenely orwellian garbage...but...sometimes it just hits ya right in the gut...and you feel dreadfully sick...
Happiness does not come from having much, but from being attached to little.
I'm going to be pedantic about the origins of C: C was not an AT&T invention, but was invented by Bell Labs researchers, which was not at the time wholly owned by AT&T. Ownership was evenly split between AT&T and Western Electric. Nowadays, Bell Labs is not even part of AT&T, but is owned by Alcatel-Lucent.
with a Manual Guide... I wonder when this application will "cock up" (in English parlance) and screw over people not part of the serve.. sir vail-ance ... umm surveillance.
I thought many of these ISP and ISP parent companies had stated officially that they had issues with excessive data retention (storage space, processing of the enormous data sets, legal issues, etc...). Now, this, from one company that is probably going to make some enemies.
What good (other than government surveillance and corporate marketing) can come from this without harming privacy?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Its basically just C with some generic structures thrown on top of it.
Also, it was created in 2000.
Its intent, as some have mentioned, was marketing.
Basically it does what Google Analytics or WebTrends does for the web.
It actually seems like a nice language, for those who want to quickly run through gigs of data.
I see nothing evil about the language itself.
It, like C, perl, PHP, or any other language you chose to use - Can be used for whatever purpose the programmer chooses.
Its intent was marketing, and almost every company in existence wants to know more about their customers.
Now if if someone is using a tool in a way you don't like, then just say so, don't try to cast aspersions on the tool itself.
The problem with power is that if it can be abused... It will be.
So it often behooves citizens to keep these tools out of the hands of the government as long as possible.
Not that it will make much difference in the end.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
"oddly close to the data mining the NSA performed BEFORE 9/11"
Except that Western Electric was once part of Ma Bell / AT&T...
Gee, can you conspiracy theorists take a break for a second and consider that, just perhaps, this was written for commercial telecom management, marketing and fraud detection purposes? It was written and in the public domain before 9-11.
The US Government uses Linux, so are we to presume that Linus Torvalds is an agent of George Bush and the broad conspiracy to spy on you?
The government has captured aliens. It then drops them off 1 mile past the fence, where the Mexicans give them food and water for their return trip.
Oh... you meant the other type of alien conspiracy. Sorry, AC, can't help you there. As entertaining as they are, the claims are extraordinary and require extraordinary proof, not fuzzy pictures of Halloween costumes.
Sure, I can just imagine what the hash function is, based on AT&T's recent history:
If you look here and research the case a bit, you'll find that a Maryland company may have actually been more responsible for ATT's abilities than ATT would like to admit. That company is now defunct, unfortunately, and so it's now safe for ATT to pretend that they've done work in the area without answering to more law suits.
It was a very technically challenging job. We helped to index records for these guys until mid-2005. We did it in effectively O(n) time - the cool factor was higher than the say-nothing factor.
And yes - I know that academia will claim that it's not possible, that data correlation must be O(n^2). For the decade that we did it, we were sure glad that academia held to that position.
Enough reminiscing.
Wat, someone reinvented regexp?
Everybody gets what the majority deserves.
Because I know the Han(d)s are on my shoulders and I then know where the rest of the name is going!!
Slashdot, where armchair scientists get shouted down and armchair theologians get modded up.
Anyway - just because it's possible to collect and mine data doesn't mean that the same tools can be used by the "bad" guys too to understand how the technology can be circumvented or made to be misleading.
But a new tool may find new surprising uses too, so there are nothing that can be considered completely bad by this tool.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Any of you young-uns here remember the clipper chip? President Clinton's ingenious plan to bug every phone in America:
http://en.wikipedia.org/wiki/Clipper_chip
Wasn't Hancock the name of the academic stooge that was pushed front and center by the feds to shill for this thing, claiming that we could trust Bill & Algore with the key escrow? I seem to remember a fawining article in the ACM Communications pimping for the clipper chip.
I wanna say Ellen Hancock, former IBM and Apple exec, but her bio makes no mention of time spent in academia or shilling for bad wiretapping schemes:
http://en.wikipedia.org/wiki/Ellen_Hancock
Even if it's not her, I wonder if the programming language namesake and the government spying toady are one in the same.
Additionally, one can easily download the Hancock source code (for non-commercial use), manuals, and various research papers here:
http://www.research.att.com/~kfisher/hancock/
Conspiracy!
Did we give up when the Germans bombed Pearl Harbor?
But bear in mind, this programming language was invented by people who are so insecure that they're willing to shred the Fourth Amendment to try and assuage their fear of terrorists. I think C=> might be more accurate.
Oh, good god.
./.
Either you must be new to this whole inter-tubes thing, or you're a right-wing apologist who's been assigned to
How about you go through the huge mass of stories reference here on Slashdot alone before whining about what everyone else is up to speed on, that you personally have been ignoring all this time. That link points to a large number of articles that touch on the subject (and several more showing that sadly, the US isn't the only government attempting to bloom into full-blown fascism using any possible excuse).
Or, if you just want a very simple primer to get you started, how about these three, related to the original exposure of the ILLEGAL NSA wiretap program, additional evidence supporting the allegations, and the federal circuit ruling clearly declaring it to be ILLEGAL:
The AT&T Whistleblower's Evidence
Wired Releases Full Text of AT&T NSA Document
Judge Rules NSA Wiretapping Unconstitutional
This isn't FUD. This is the real deal smoking gun. The only conspiracy here is the one this administration is engaged in to circumvent any and all legal protections intended to, for very good reason, explicitly limit the power of the executive to do exactly what they're doing.
I started to notice patterns on how people would get busted.
Kid A finds a valid code.
Kid A calls his buddy Kid B using the code, and gives him the code.
Kid B then calls Kid A back using the code.
From there the dispersion of this code goes out exponentially for 2 weeks till the code gets deactivated.
I start to see a pattern were this kids would then get Busted, or at least a nasty phone call, maybe even some letters.
Later I would start to see my software pass over valid codes as not valid.
The phone networks started to sense we were trying numbers sequentially and deactivate them just before we would try it.
This had to be done in realtime.
Next was pseudo random numbers we were using, but this eventually failed in the same way.
Then I used just the random() function in the basic language our code ran in.
That also eventually started to fail!
Noticing this intelligence in the system I came up with what I called the reverse pyramid around 1983.
I Eventually came up with a scheme for pseudo random generators that wouldn't fail. This was done using a central server(over phone lines) and was the only way to solve this since it had become obvious that telco security people were also getting copies of our war dialers. ( The purpose for pseudo random instead of pure random was that we wanted to get full coverage of a specific number space each kid was scanning. )
Basically the dialers would not tell the kid running the software they had come across a code.
Instead it would contact a very small server hidden in the phone network and upload the code it had found.
Then at a regular interval, all thousands of users would get the same code all at once.
Most kids probably thought that it was there computer that had found the code, but really it was out of a large pool of codes we had acquired. This solved the "guilt by association." problem.
So after the code was disbursed widely starting with what would usually be the last people to get a code, it would throw off such fancy analysis tools.
Then after a week or so the "inner circle" of our core group would start using the code, when they were well in the noise of millions of people stealing long distance using the same code.
Anyhow, the point of all of this is to finally see some confirmation that they had developed such software that they were using against us, and that out countermeasures had worked.
This might be an interesting language for many purposes... just because those who created it had one purpose in mind, doesn't mean it can't be used elsewhere. But that depends on the license, which the article doesn't seem to mention.
The license clearly isn't BSD, but it could, conceivably, be GPL...depending on what the article writer translated into "Hancock's source code and binaries (now up to version 2.0) are available free to noncommercial users from an AT&T Research website. " (In the article there's a link to the source code site...but without knowing the license I'm not looking any further.)
I think we've pushed this "anyone can grow up to be president" thing too far.
Nothing to C here. Move along.
Have gnu, will travel.
Absolutely right. The rack comes later.
SQL jokes FTW!
I wish the satellite providers would offer (one way) internet service. They could use several TV channels, and continously download channels of information. You could have a geek channel with slashdot, cnet, lwn (linux week news). You could have a news channel. Yes could still get on the internet through other means as well. 0) No extra satellite dish required. 1) We have very large, affordable, hard drives to store the information. 2) We have many channels available on satellite already and most of the existing stuff is useless anyway. Unfortunately the satellite provider would determine what to download. There also may be IP concerns but I think these are minor. What do you think?