Interesting People mailing list archives
Reading Saddam's e-mail
From: David Farber <dave () farber net>
Date: Mon, 30 Jan 2006 14:55:29 -0500
Begin forwarded message: From: h_bray () globe com Date: January 30, 2006 2:37:40 PM EST To: dave () farber net Subject: Reading Saddam's e-mailhttp://weeklystandard.com/Content/Public/Articles/ 000/000/006/652zozfg.asp
A veteran intelligence guy fills us in on why so little of the capturedIraqi data have been analyzed so far. It's a fascinating overview of how
intelligence analysis is supposed to work Excerpts:The process of exploitation begins with the recognition that neither human
intelligence nor signals intelligence is the be-all and end-all. Human sources can lie. They can hide parts of the truth. Unwitting dupes in a deception scheme can honestly tell you what they think is the truth.Intercepted signals generally reveal only part of the intelligence picture. In a complex web of bad guys, tapping the phones of one or two leaves a lot
of gaps, especially when your adversary is a whole network of webs. Digital media, on the other hand, are less prone to be a means ofdeception, and even one node of a network can reveal a significant amount
about the entire network. Think about the data that you keep on yourcomputers at work and at home. Unless you write fiction for a living, these
are the most accurate and factual data that can be obtained about you (short of reading your mind). The memos and letters you write, thefinancial information you calculate, the websites you visit, and the people you email or instant-message--all this is a gold mine for anyone looking to know who you are, what you do, and with whom you cavort. Now imagine having
access to the same data about your adversary. <snip>...when data come without any meaningful context, we have to re- create it after the fact. We begin to do this by building lists of keywords, phrases, personalities, and other data that pertain to the topics of interest to our intelligence services. These lists can easily include tens of thousands of
terms, names, figures, and data formats. The next step is to create a forensically sound process to spin off the more meaningful pieces of data (user-created documents, emails,spreadsheets, etc.) while leaving behind data that have less utility (files associated with the operating system and software applications). Let's call
this our forensic centrifuge.Ideally our centrifuge will be built out of a cluster of computers: dozens of cheap processors networked together and scaled to rival a supercomputer in power. Cluster computers have been used by academia and the government
for years, notably in places like NASA and the Department of Energy. Computer programs written to take advantage of the multiprocessorcapabilities of the centrifuge will extract the easy-to-obtain data files, recover deleted files and those that have been obfuscated by various means,
and find the data stored in web browsers, email software, and other programs. There are commercial applications that do this, but our applications will have to be custom-made. Hiawatha Bray ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Reading Saddam's e-mail David Farber (Jan 30)