Slashdot Mirror

← Back to Stories (view on slashdot.org)

Discovering NSA Code Names Via LinkedIn

Posted by timothy on from the knew-linked-in-had-to-be-good-for-something dept.

Okian Warrior writes with this news as reported by TechDirt: "The Washington Post revealed some of the code names for various NSA surveillance programs, including NUCLEON, MARINA and MAINWAY. Chris Soghoian has pointed out that a quick LinkedIn search for profiles with codenames like MARINA and NUCLEON happens to turn up profiles like this one which appear to reveal more codenames: 'Skilled in the use of several Intelligence tools and resources: ANCHORY, AMHS, NUCLEON, TRAFFICTHIEF, ARCMAP, SIGNAV, COASTLINE, DISHFIRE, FASTSCOPE, OCTAVE/CONTRAOCTAVE, PINWALE, UTT, WEBCANDID, MICHIGAN, PLUS, ASSOCIATION, MAINWAY, FASCIA, OCTSKYWARD, INTELINK, METRICS, BANYAN, MARINA.' TRAFFICTHIEF, eh? WEBCANDID? Hmm... Apparently, NSA employees don't realize that information they post online can be revealed."

3 of 201 comments (clear)

  1. Re:A fleeting moment of rich irony. by pegr · · Score: 4, Insightful

    Submitted earlier with a better headline. (sigh)

    No, the gotcha is not revealing project code names. Why post code names if the names are secret? The gotcha is...(ahem)

    REVEALING THE NAMES OF ANALYSTS WITH ACCESS TO TOP SECRET PROJECTS!

  2. Re: Irony as now google is your pal by Em+Adespoton · · Score: 5, Insightful

    Digging a little deeper, if you refactor the contents of those search results, you get a VERY complete picture of what's going on... for example, PINWALE is the code name for Mission Systems, developed for the Military by Northrop Grumman. Most of the people who developed the system appear to be on LinkedIn :)

    That's just a taste; anyone good at graph theory and data mining could probably put together quite a dossier of people and projects based on the public info available through LinkedIn/Google.

  3. Re:A fleeting moment of rich irony. by Anonymous Coward · · Score: 4, Insightful

    Yeah, because knowing there's a project called "DISHFIRE" is so utterly helpful to figuring out what they're doing. Because we all live in conspiracy theorist wish fulfillment movies where this one grizzled screwball is screaming about how he knew there was something called "DISHFIRE", and why didn't we believe him before, and now we can stop it... somehow... whatever it is.

    The names are mostly random because they don't necessarily bear any resemblance to the projects.

    But having a publicly-trawlable bunch of data that links real-world humans, their real-world qualifications, and the projects that they've been read in on, however, is precisely the sort of social graph that an adversary could use to figure out what the codenamed projects are actually all about.

    If there are dozens of cunning linguists and digital signal processing experts working on DEATHSTAR, and all the people who list MSPACMAN happen to have oceanography backgrounds or prior experience at companies that make precision optics, it doesn't take a genius to see that despite their names, DEATHSTAR is the project that's more likely to be NSA Line Eater, and MSPACMAN the project that involves sharks with frickin' lasers on their heads.