Metadata in Tumultuous Times:
There has been a lot of talk in the news lately about metadata. The NSA at first assured us that all that was being collected from our telephone calls was metadata. What time calls were made, how long they lasted and who called whom. This seems reasonable on the face of things. They told us, once they were caught at it, this information was only used to identify potential terrorists, but the information is maintained and we should ask ourselves what other kinds of information might be extrapolated. The answer is “Volumes!”
The FCC licenses all radio users including government users. A quick look at the FCC licenses issued in Arlington, Texas reveals that some applicants are careful about how they describe their use of the frequency in their license application and some are very specific. For example the Arlington Police Department has a license for a frequency pair on the 70 cm band with typical repeater separation for a “bomb robot”. Hopefully this is an encrypted link, but if you hear traffic on that frequency, you know they are working a bomb case nearby and can tune to the normal police scanner channels to figure out where. In some cases, SWAT teams have actually applied for licenses with the stated cause of “SWAT operations”. Again, I am sure it would be encrypted, but the mere presence of carrier on this frequency (if I was a bad gay) would be enough to shut my operation down temporarily and send me into hiding. This is Metadata and volumes of information can be deduced without ever knowing the actual content of the traffic. Just be aware of metadata and the value of it to intelligence types. Ask yourself what can be ascertained by the information you are giving people. I trust the government not to abuse this information. The problem I have is that government, any government, is made up of people. People are inherently fallible and there are so many people with access to government information that at any given moment, your information is passing through the hands of someone whose personal agenda could damage you or your loved ones.
Operational security should be practiced at every level. Metadata is your friend only if you are on the receiving end of it, and are able to deduce deeper meaning from it. Otherwise, you can count on it being used against you. The good news is that metadata can also be useful to you, thanks in part to the nature of a bureaucracy. When you hear information, no matter how innocuous it sounds, ask yourself what it might mean. During the buildup for Operation Desert Shield, a newspaper reported put two and two together from publicly available information and came up with journalistic gold. This may not be true since I have not been able to verify it, but it does represent the wealth of information available for a data miner using publicly available information to deduce top secret information.
First, the journalist noticed that all the pizza and other restaurant delivery places within 50 miles of a major military base in his area were looking for drivers immediately. Second, he heard a department store manager telling someone that a military Colonel had bought out all his bug spray, which he thought was odd not just because of the quantity, but the season. Calling one of the local pizza places to enquire about the job, the reporter learned that they generally used a lot of off-duty military, but they had all quit in the last week or so. Taking this a bit further, the reporter got a list of federal business opportunities (requests for bids). Here he discovered that the military was looking for contractors to bid on painting an enormous number of armored vehicles in desert camouflage as well as some fuel delivery purchases. With this information in hand, he was able to ask the right questions to determine that Saudi Arabia was the target of a mass troop movement and we had news teams on the beach with their lights and reporters to greet the secret landing force as they came ashore in the middle of the night.
The lesson here is that metadata is a very valuable information tool with edges on both sides. You can use it if you are aware of it and it will use you if you are not.
No comments:
Post a Comment