Slashdot Mirror
DARPA Fears Big Data Could Become Big Threat
Nerval's Lobster writes "For most businesses, data analytics presents an opportunity. But for DARPA, the military agency responsible for developing new technology, so-called 'Big Data' could represent a big threat. DARPA is apparently looking to fund researchers who can 'investigate the national security threat posed by public data available either for purchase or through open sources.' That means developing tools that can evaluate whether a particular public dataset will have a significant impact on national security, as well as blunt the force of that impact if necessary. 'The threat of active data spills and breaches of corporate and government information systems are being addressed by many private, commercial, and government organizations,' reads DARPA's posting on the matter. 'The purpose of this research is to investigate data sources that are readily available for any individual to purchase, mine, and exploit.' As Foreign Policy points out, there's a certain amount of irony in the government soliciting ways to reduce its vulnerability to data exploitation. 'At the time government officials are assuring Americans they have nothing to fear from the National Security Agency poring through their personal records,' the publication wrote, 'the military is worried that Russia or al Qaeda is going to wreak nationwide havoc after combing through people's personal records.'"
Is the government declaring Facebook a national security threat because of all the information people post on it, and having it shut down.
I'm definitely concerned about big data, but the big data that concerns me the most is in the hands of the NSA.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
No. But it certainly makes you wonder what sort of analysis is currently being run by our government. As processing speeds increase (a thousand fold in the next 10-15 years) such analysis could be run by many organizations.
If you're scared of your govt then you need to further restrict its powers
Vote 3rd Party in 2016 and beyond
If DARPA is trying to mitigate the threat then this effort deserves support.
If they are looking a way to "shut it down" then they're being way naive. This is happening (among other reasons) because of Moore's Law and you aren't going to change it.
We've but a woefully inept government and bad leadership at all levels of society, so I really don't know which this proposal aims at.
(and I haven't read TFA).
Or enacting laws on what data companies can collect about you and what they're legally allowed to do with it. You know, actual privacy laws and laws around data security.
But that won't happen -- because it would cut into corporate profits, and because it would cut down on some of the sources the NSA themselves use.
This in the end will be DARPA saying "how can we collect all of this information while still trying to keep it out of the hands of them." And nothing at all will change.
Lost at C:>. Found at C.
but it is federal, state and local governments that are the people's main enemy here, not the russians or chinese.
It's the ability to destroy anyone's career or political ambitions through selective "summarization", and to win with certainty over any competing business in any industry with unmatchable demographic and competitive analysis information.
Of course the NSA wants to be the only people with this particular "weapon", and likewise the only people their corporate cronies' revolving-doors are open for.
the government having their hands on Big Data is the real danger.
Big companies will data mine for the government. It's the small companies that don't give up data that will be killed, because of terrorism or whatever.
Considering all the discussions about 'big data' and DARPA is actually in this rare instance way behind the curve.
My own data analysis of what has happened says that the combination of processing and storage in the potential adversarial hands is so great, a set of counter measures is really hard to find now.
There are extrinsic factors, but DARPA is far from the right theoretical understanding. Albeit, the DARPA research that helped propel big data, the ARPA-NET has spawned so much, so quickly it is nearly hopeless and now requires a brand new paradigm to get that tiger by the tail for security.
FYI, make sure Snowden gets a pardon as soon as possible, that will help!
http://www.aisnota.com/slashdot/ Welcome to Logic and the Future
I can hit: ChoicePoint, Credit Bureaus, various database services that aggregate all that data and then some - like court records, insurance claims - and then there's Google.
And if I can't find anything or very little, then I think you're an illegal alien - with all the legal trappings with that.
So folks, unless employment laws get less restricting (ADA, EEOC, etc ..) and Immigration laws get reformed, you're just fucked because corporate America is spying on you and you agreed to it when: you got that credit card, that loan, that student loan, and when you applied for that job. Yep, it's circular, baby! Apply for a job makes you vulnerable!
This only applies in the US of A.
Oh! Let's not get into the horseshit of FaceBook or LinkedIN!
Big Government is afraid of the damage Big Data could do because it knows the impact of storing and processing massive quantities of data. It has a lot of experience doing this, itself, and is afraid of anyone else doing the same thing.
If DARPA is looking into this, that means that they are looking at whether the *analytics* applied to publicly or purchasable big datasets could mine information like troop buildup/movements, military targets, etc., etc.
For example, if I'm a subcontractor of a defense contractor and I suddenly post on the Interwebz that I am purchasing 300 million gallons of drone aviation fuel, you might be able to combine that with other little bits of data (e.g. another subcontractor suddenly posts that they are purchasing 15,000 airline tickets to Giblisztan), you might be able to predict that a strike is coming in and react appropriately.
Obviously the DoD and their contractors attempt to make sure that those obvious details above aren't readily available, but you might still be able to piece together US military activities pretty readily from even tiny bits of correlated information that are available.
However, from the original summary:
If that's really what was written in the original publication, then whoever wrote that did a terrible fucking job of analyzing what DARPA really wants this for and conveying that in writing, or was just trying to turn this into clickbait/fear-mongering/whatever.
It is unlikely that any enemy will pose a genuine threat to these guys. The real threat is the general public and jail time for what amounts to treason.
You take down Facebook, people will just move on to the next platform. Then the next. Then the next. End result is government going on an endless goose chase the same way we do for piracy.
All your big data are belong to us. You know, for great national security.
ITT: Counterculture asshats who think this is 4chan.
Write like a human being. What's next? Greentext?
I would welcome governments shutting down social websites, but after that they would probably start thinking about shutting down any websites where people gather, such as arcadecontrols.com
Because you know, someone could block traffic trying to bring home his Frogger machine that's been rigged to a car battery to keep his high score alive.
Get free satoshi (Bitcoin) and Dogecoins
"multitudinous shades of gray where some secrets are necessary for any society to function"
Name one case where a state secret is necessary for a society to function. Not vague justifications of "because the other guy". An actual, demonstrable necessity.
Is the government declaring Facebook a national security threat because of all the information people post on it, and having it shut down.
Yeah, and?
I don't see the problem.
.. that the ad immediately to the right of this was for BIG DATA & ANALYTICS services for IBM? Apropos ad placement humor.
Insert witty
ITT: Pro-government cheerleader defends blatant violations of the constitution. What else is new?
ITT: Neckbeards who live to whine about their imagined rights to privacy
Yes, they're imaginary. Who needs rights anyway?
Filthy, filthy copyrapists!
If anyone is confused about the definition of irony, this is one pretty darn good example.
Way to "pull a Homer", DARPA.
Of course by "certain" they mean "obscene".
A looming danger is that everyone in these institutions becomes so zealous in the execution of their appointed duties that they lose all sense of humor, humanity, and irony. In the US I see this sort of humorless automaton behavior all the time: in cops, tsa agents, border patrol - basically from people in most positions of state authority. When you constantly subdue your humanity, you give yourself over to authoritarian tendencies, so expect all sorts of abuses to follow.
At the risk of sounding histrionic: the real threat isn't that machines will take over humanity, but rather humans will become machines.
don't even realize what the DARPA project is about, and why it's a legitimate area of research and concern for national security.
Absolutely correct. I don't think 10% of the people posting here even read the linked document. This has nothing to do with "DARPA shutting down Facebook" (whatever the hell that even means). It's about whether or not adversaries could mine big data to determine attack vectors, in the same way advertisers mine big data to determine where to spend their marketing dollars.
For example, could big data tell our enemies where there might be high concentrations of Jews in August? Could big data reveal which bridges have the highest number of heavy trucks on them on Friday afternoons? Correctly mined, big data might be able to provide lots of information about where best to direct terror resources.
Come to think of it, there's a good Tom Clancy or Brad Thor novel in the making here...
Four words which have never before existed to suggest the rest of the paragraph is pure propaganda.
Join the Slashcott! Feb 10 thru Feb 17!
Nice job with the fear-mongering to generate click throughs.
"DARPA Fears Big Data Could Become A Threat." "Big Data" is a term that implies corporations like Google or major analytics firms like IBM, along the lines of the term "Big Pharma". The article clearly states that it's a research project designed to understand the potential risks of the release of major databases publicly; what happens if Wall Street's datasets get hacked, what happens if the IRS's mainframe was hacked and several of it's data sets were stolen and released; what is the potential risk and damage? Also a grading system about whether a given dataset if released would cause major damage or minor, which allows the military to prioritize defense resources to important areas. That's a far cry from what the title says.
"...there's a certain amount of irony in the government soliciting ways to reduce its vulnerability to data exploitation." No there's not. The military uses guns and it also develops body armor to defeat guns. They use missiles and it also develops anti-missile systems to defeat missiles. Anyone using a tool would also recognize that that same tool could be used against them, and therefore develop defenses to counter it. Not to mention the fact that the NSA is a civilian intelligence bureau designed to detect threats, whereas DARPA is a military research agency designed to develop tools to help the military stop threats. THey don't work together, they don't share a budget, and they have different missions, but it's also perfectly logical that in a world where several data breaches have happened in the last few years that the military would be interested in identifying vulnerable and valuable data sets and figure out ways to protect those.
This article is pointless.
It also won't happen because it's so easy for companies to argue that the information is voluntarily being shared with the company. And the thing is, the company is actually correct in observing this. As to what they may do with that information, well, it's moot as long as the government can demand it at any time.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
I don't really see why you're trying to communicate with the ITT on slashdot....
This in the end will be DARPA saying "how can we collect all of this information while still trying to keep it out of the hands of them." And nothing at all will change.
Well, wrong. They can issue a strict privacy law with specific exceptions for NSA/CIA/FBI. No problem for a government. Government ties to corporations might preclude it though.
But make no mistake. Any big data analysis the big corporations can do, is available to foreign companies as well. And, of course, foreign companies that are fronts for chinese/russian/arab spy/terror setups.
He's (at least partially) right, though: most of the responders are going on about the NSA and government spying without realizing that this project has absolutely nothing whatsoever to do with any of that. The project is to see if potential enemy states (or terrorists, anyone interested in exploiting a vulnerability) can, using large sets of easily available information, find potential national vulnerabilities (at the economical, social, and military level) of another country. Maybe a pattern that indicates a strike at x factory would disrupt y supply chain, potentially devastating a whole section of the economy. Or maybe that a post on z news site that would prompt mass panic. That kind of thing. Not warrantless wiretaps: the goal is to use information that literally anyone could access, and to find vulnerabilities to an entire country or community, not the life story of singular individuals.
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
No. But it certainly makes you wonder what sort of analysis is currently being run by our government. As processing speeds increase (a thousand fold in the next 10-15 years) such analysis could be run by many organizations.
But unlike the US government, Al Qaeda probably doesn't have access to people's profiles if they've jacked up the privacy settings. Besides, there's a million+ ways to create havoc in the US without accessing that data.
Taking guns away from the 99% gives the 1% 100% of the power.
Of course, that's bullshit, but they'll claim it.
As an experiment, I just went to the LA Times website. By your theory, if my bullshit blockers hadn't blocked revsci.com, gigya.com, newsinc.com, jumptime.com, and brightcove.com -- then I will have voluntarily provided information to these fuckers.
So, no, just because sites put web bugs, ads, polls, and all sorts of 3rd party shit in their web pages that might not be obvious -- that doesn't mean there was anything voluntary (or even informed) in this. It means a sneaky bunch of marketing assholes are in there without asking me, and they feel self entitled to do so.
Lost at C:>. Found at C.
Why don't they ask the NSA then? DARPA has more money and time than they know what to do with it appears.
No, but with all the public data available on social networks, the web itself, and the data that you can purchase, given enough computing power (whatever that may mean), I am pretty sure one could identify national security situations.
If a terrorist organization or any US-unfriendly organization has enough money to buy the required computing power, then collect the vast amounts of public data available about individuals in the US on an ongoing basis and try to identify certain patterns, it could, IMHO, identify potential targets for attacking the US in one way or another.
One of the key problems for these organizations, I believe, is not to find the "right weapon" to use for an attack, but rather to find the "right weakness" where the right weapon could have the highest impact. Unfortunately, it is the traditional "Return on Investment" calculation that they need to do.
I believe DARPA is right to understand whether this is possible with publicly available data of individuals in the US and it could be a very interesting research and analysis topic. Given enough time and computing power/resources, I'm pretty sure I could myself identify certain attack vectors.
For quite some time, I was always interested in identifying possible "attack vectors", whether of IT systems or social systems. Just for the "fun of identifying". Seeing that DARPA finally recognizes this problem public is not bad, as there are probably some huge possibilities using Big Data.
Let's not just dismiss this and mix it with PRISM/NSA or so - this could be really interesting and could help everybody by also identifying ways to protect against such attack vectors.
Government can still have secrecy, because it is a necessary thing sometimes. But perpetual secrecy? No. Everyone in government has to be answerable to the public in a democracy, and you can't do that if you don't know what people in government are doing. Even if it is a generation later, it MUST become public at some point. Maybe after a few decades the best you can do is decide that you won't be doing things that way ever again, but at least it's an accounting.
I'm fine with *temporary* secrecy for operational reasons, but it's got to have an expiry date in a reasonable amount of time, and you have to be able to challenge government to come up with legitimate reasons why something should continue to be secret, otherwise it should be turned over if they can't (hence Freedom of Information requests). This nonsense about National Security Letters that you can't even reveal exist, ever, has got to stop (for example).
If DARPA really wants to figure out where security leaks could originate from big data, I would start by trying to figure out attack vectors into Canada or China thru big data. Thinking you have the NSA big data set might lull you into a false sense that you've scanned all the security vectors ;-)
Troop dispositions, unit strength & capabilities, weapon system capabilities;
(What, you thought armies were only for offensive operations? Silly goose.)
Details of ongoing diplomatic negotiations.
(What, you thought diplomats were required to tell the truth all the time? Or even that forcing diplomats to tell the truth all the time would be a good thing? You pretty little fool.)
There's 2. Keep the change.
I don't think there's any irony here. The fewer that have access to some kinds of data, the more valuable it becomes. The just want a monopoly on 3d party use.
Competition Good, Monopoly Bad.
These are the same people who make tanks and anti-tank missiles. They make airplanes and surface-to-air missiles. They put body armor on their soldiers and hand them guns to shoot other soldiers with.
They know the power of Big Data, so they both try to use it to their advantage and try to mitigate the advantage it would give to their foes.
http://lkml.org/lkml/2005/8/20/95
We are talking about the military here. If they conclude that big data is a threat what will their go-to response be? That's right.. BIGGER DATA!
Just think, now we can finally find a use for the ridiculous number of potential addresses in IPv6!
you and I agree on this matter. I'm simply pointing out the arguments that will be (successfully) used. I use the same sort of blockers for the same sort of reasons.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
We have some European Data Protection directives as law. Which means that a company can't give your information out to third parties. But they _can_ give it out to their "partners". Of course, some companies now list upwards of 500 such "partners"
So remember, when you go with a company, you also go with anyone that company has ever been with.
I think we're going to have to start calling out some companies as "data whores."
I wonder at what point they realized that Google knows more about Americans than they do?
Speaking of *ahem* analysis.
are you using firewall rules? or a hosts file to block that stuff?
I said "necessary".
Do away with the military beyond "we have enough nukes to turn your country into glass if you invade our territory", do away with diplomats and diplomatic negotiations. There is nothing that should be said on behalf of a country's citizens that they are not allowed to know about.
I have no doubt one can construct a profitable self-serving institution that has self-generated reasons to offer that they are supposedly necessary. I just haven't seen evidence they are actually necessary.
Some firewall rules, some hosts, and some extensions.
Firefox: NoScript, AdBlockPlus, DoNotTrackMe
Chrome: ScriptSafe, DoNotTrackMe, AdBlockPlus
Lost at C:>. Found at C.
As Foreign Policy points out, there's a certain amount of irony in the government soliciting ways to reduce its vulnerability to data exploitation. 'At the time government officials are assuring Americans they have nothing to fear from the National Security Agency poring through their personal records,' the publication wrote, 'the military is worried that Russia or al Qaeda is going to wreak nationwide havoc after combing through people's personal records.'"
I'm not seeing the irony here, replace data exploitation with nukes, bombers, ships, subs, or any other tool we wield.
Wow, did you know the US has an aircraft carriers parked off my coast, several hundreds of thousands of soldiers garrisoned on my soil, and nuclear weapons deployed here? Well, yah... I live in the US and I'm not even remotely afraid of these things.
You can snicker all you want when I say we really do trust our government, but at the end of the day, what is your real beef with it? The "fears" of the NSA are overblown, many of you will prove that by saying _ANYTHING_ you want here. This hypothetical the government is bad because they _could_ do X Y Z is just silly.
You have just described pretty much the problem they fear. Via the publicly available data, those individuals most likely to accept bribes or those most likely to be readily blackmailed can be tracked down and exploited. No matter how good your security when someone sells company passwords, or someone is extorted into handing it over, your security defunct. A whole range of direct access hacks become available once those weal links have been exposed.
Chaos - everything, everywhere, everywhen
Here' what you do, put your big database into a bigger database which goes into an even bigger database, then reduce the biggest database into a smaller database while reducing the less bigger database into an even smaller database that goes into the smallest database possible. You with me so far? Good.
Now, take the smallest database and encrypt it with RSA 4096, then take the largest database and encrypt it with PGP. Make two copies of each database, place the smallest database into the largest one, now do the inverse with the other two copies, these become your public and private keys, or the other way around if you please.
Gererate some goof ball data to prove that it works, then see which of the three letter acronym agencies is stupid enough to buy it for 1 bbbbbillion dollars. I sure at least three of the said agencies will fall over themselves trying to be the first to acquire it. Then, install a backdoor into the system and sell it to the politicians.
The mind conceives, the body achieves, the spirit manifests.
And give everybody the launch codes, detailed technical specs, keys to the silos, and just rely on the honor system!? Yep, no need for secrets there, AT ALL.
The day that happens, you better have a really strong military, because when you eliminate talk as an option, the only thing left is the stick.
By your own argument, these are "necessary." Don't blame me because you're a naive idiot.
just saying
This is basically a report about how the NSA is going to start blackmailing Congress into increasing its budget.
Sleep your way to a whiter smile...date a dentist!
At what point will we as Americans stand together and vote these guys OUT of office?