Raytheon + Social Networks = Data Mining Riot

“Users may be posting information that they believe will be viewed only by their friends, but instead, it is being viewed by government officials or pulled in by data collection services like the Riot search.”

By RYAN GALLAGHER | SMH | FEBRUARY 12, 2013

A multinational security firm has secretly developed software capable of tracking people’s movements and predicting future behaviour by mining data from social networking websites.

A video obtained by the Guardian reveals how an “extreme-scale analytics” system created by Raytheon, the world’s fifth largest defence contractor, can gather vast amounts of information about people from websites including Facebook, Twitter and Foursquare.

Raytheon says it has not sold the software – named Riot, or Rapid Information Overlay Technology – to any clients. But the Massachusetts-based company has acknowledged the technology was shared with US government and industry as part of a joint research and development effort, in 2010, to help build a national security system capable of analysing “trillions of entities” from cyberspace.

The power of Riot to harness websites for surveillance offers a rare insight into techniques that have attracted interest from intelligence and national security agencies, at the same time prompting civil liberties and online privacy concerns.

Using Riot it is possible to gain a picture of a person’s life – their friends, the places they visit charted on a map – in little more than a few clicks of a button.

In the video obtained by the Guardian, Raytheon’s “principal investigator” Brian Urch explains that photographs which users post on social networks sometimes contain latitude and longitude details – automatically embedded by smartphones within so-called “exif header data”. Riot pulls out this information, showing the location at which the pictures were taken. Riot can display online associations and relationships using Twitter and Facebook and sift GPS location information from Foursquare, a mobile phone app used by more than 25 million people to alert friends of their whereabouts. The Foursquare data can be used to display, in graph form, the top 10 places visited and the times at which they visited them.

Mining from public websites for law enforcement is considered legal in most countries. But, Ginger McCall, a lawyer at the Washington-based Electronic Privacy Information Centre, said the Raytheon technology raised concerns about how user data could be covertly collected without oversight or regulation.

“Users may be posting information that they believe will be viewed only by their friends, but instead, it is being viewed by government officials or pulled in by data collection services like the Riot search.”

Raytheon, which made sales worth an estimated US$25 billion in 2012, did not want its Riot demonstration video to be revealed on the grounds that it says it shows a “proof of concept” product that has not been sold to any clients.

Jared Adams, a spokesman for Raytheon’s intelligence and information systems department, said in an email: “Riot is a big data analytics system design we are working on with industry, national labs and commercial partners to help turn massive amounts of data into useable information to help meet our nation’s rapidly changing security needs. Its innovative privacy features are the most robust that we’re aware of, enabling the sharing and analysis of data without personally identifiable information being disclosed.”

In December, Riot was featured in a new patent Raytheon is pursuing for a system to gather data on people from social networks, blogs and other sources to identify whether they might be a security risk.

In April, Riot was scheduled to be showcased at a US government and industry national security conference for secretive, classified innovations, where it was listed under the category “big data – analytics, algorithms”.

From Physical Fear mongering to Cyber Fear mongering

United States Cyber Command “warns” about cyber Armageddon.

Ask yourself, who has the power to carry out vast cyber attacks? Right, those who control cyber space.

by Bill Gertz
Washington Times
September 14, 2011

The general in charge of U.S. cyber warfare forces said Tuesday that future computer-based combat likely will involve electronic strikes that cause widespread power outages and even physical destruction of thousand-ton machines.

Army Gen. Keith Alexander, commander of the new U.S. Cyber Command, also said that massive losses of private and public data in recent years to computer criminals and spies represent the largest theft in history.

Threats posed by cyber-attacks on computer networks and the Internet are escalating from large-scale theft of data and strikes designed to disrupt computer operations to more lethal attacks that destroy entire systems and physical equipment.

“That’s our concern about what’s coming in cyberspace — a destructive element,” Gen. Alexander, who is also the director of the National Security Agency, the electronic spying agency, said in a speech at a conference on cyber warfare.

Gen. Alexander said two cases illustrate what could happen in an attack.

The first was the August 2003 electrical power outage in the Northeast U.S. that was caused by a tree damaging two high-voltage power lines. Electrical power-grid software that controlled the distribution of electricity to millions of people improperly entered “pause” mode and shut down all power through several states.

The example highlighted the threat of sophisticated cyber warfare attackers breaking into electrical grid networks and using the access to shut down power.

“You can quickly see that there are ways now to get in and mess with [electrical] power if you have access to it,” he said.

The second example was the catastrophic destruction of a water-driven electrical generator at Russia’s Sayano-Shushenskaya dam, near the far eastern city of Cheremushki, in August 2009.

Gen. Alexander said one of the dam’s 10 650-megawatt hydroturbine generators, weighing more than 1,000 tons, was being serviced and, by mistake, was remotely restarted by a computer operator 500 miles away. The generator began spinning and rose 50 feet into the air before exploding. The flood caused by the accident killed 75 people and destroyed eight of the remaining nine turbines.

A similar deliberate attack remains a huge problem, Gen. Alexander said, saying that destruction by cyber-attacks was outranked only by nuclear bombs or other weapons of mass destruction.

In developing cyber warfare strategies, Gen. Alexander said, the U.S. will respond to computer-based attacks as it will to other attacks. The government is adopting what he termed an “active defense” strategy aimed at bolstering the readiness of computer networks to respond.

The Pentagon’s cyberstrategy announced last summer calls for treating the cyberdomain as equal to the air, land, sea and space domains and leveraging U.S. technology to improve cyberdefenses for government and the private sector.

On information theft, Gen. Alexander said the problem is so pervasive that there are two categories for major companies: firms that are aware they have been hacked and the rest who remain unaware of the problem.

“What’s been going on over the last few years in the networks … is the greatest theft that we’ve seen in history,” he said. “What we’re losing in intellectual property is astounding.”

The four-star general said estimates of the value of lost corporate and government information range as high as $1 trillion. In one recent case, a U.S. corporation that he did not identify by name lost $1 billion worth of proprietary technology that was “stolen by the adversaries.” The technology took the company more than 20 years to develop.

The problem is “on a massive scale that affects every industry and every sector of the economy and government, and it’s one that we have to get out in front of,” he said.

Recent attacks on corporate computer networks include Sony’s system that affected 7.7 million video users in April and a second incident affecting 2.5 million users in May. Google, defense contractor Booz Allen Hamilton and the security company RSA also were targets of sophisticated computer attacks.

In May 2007, computer networks in Estonia were disabled by computer operatives from neighboring Russia.

“They had to disconnect their international connections to stop these attacks after several days. It was huge and greatly impacted Estonia,” Gen. Alexander said.

Asked about conducting offensive operations, Gen. Alexander said that current cyberdefenses are “far from adequate” and that more needs to be done before adopting more offensive tools.

“In cyber, we have not solved the defensive portion,” he said. “From my perspective, there is a lot that we can do to fix that before we take offensive actions.”

Response actions to cyber-attacks need to be carefully measured to avoid escalating from a conflict in the cyber-arena to full-scale conventional warfare, he said.

One example would be to “take down ‘botnets’” — malicious computer software packages — from the Internet.

Gen. Alexander defended the U.S. government practice of not identifying major cyber threats such as those emanating from China and Russia.

Confronting foreign government complicates efforts to track cyber-activity, he said.

“Candidly, if every time we say, ‘We know you’re doing A,’ they say, ‘Oh, you can see that?’ We don’t see it anymore. We don’t see them for a while.”

The foreign governments also seek to learn information about U.S. tracking capability and, when confronted, “all they do is deny it,” he said.

Gen. Alexander warned that cyber warfare is expected to continue and that defenses need to be improved. “Whether or not we do that, it’s coming,” he said. “It’s a question of time. People say, ‘Aw that’s five years out, it’s two years out.’

“What we don’t know is how far out it is, an attack in cyberspace, and what that will be? Will it be against commercial infrastructure, government networks? Will it be against platforms? We don’t know.”

Microsoft Proposes Licensing Internet Access

Microsoft Executive proposes the creation and imposition of a license to use the web.  “The State should have power to block individual computers from connecting to world wide web,” claims Scott Charney

Paul Joseph Watson

A new proposal by a top Microsoft executive would open the door for government licensing to access the Internet, with authorities being empowered to block individual computers from connecting to the world wide web under the pretext of preventing malware attacks.

Microsoft Executive, Scott Charney

Speaking to the ISSE 2010 computer security conference in Berlin yesterday, Scott Charney, Microsoft vice president of Trustworthy Computing, said that cybersecurity should mirror public health safety laws, with infected PC’s being “quarantined” by government decree and prevented from accessing the Internet.

“If a device is known to be a danger to the internet, the user should be notified and the device should be cleaned before it is allowed unfettered access to the internet, minimizing the risk of the infected device contaminating other devices,” Charney said.

Charney said the system would be a “global collective defense” run by corporations and government and would “track and control” people’s computers similar to how government health bodies track diseases.

Invoking the threat of malware attacks as a means of dissuading or blocking people from using the Internet is becoming a common theme – but it’s one tainted with political overtones.

At the launch of the Obama administration’s cybersecurity agenda earlier this year, Democrats attempted to claim that the independent news website The Drudge Report was serving malware, an incident Senator Jim Inhofe described as a deliberate ploy “to discourage people from using Drudge”.

Under the new proposals, not only would the government cite the threat of malware to prevent people from visiting Drudge, they would be blocked from the entire world wide web, creating a dangerous precedent by giving government the power to dictate whether people can use the Internet and effectively opening the door for a licensing system to be introduced.

Similar to how vehicle inspections are mandatory for cars in some states before they can be driven, are we entering a phase where you will have to obtain a PC health check before a government IP czar will issue you with a license, or an Internet ID card, allowing you to access the web?

Of course, the only way companies or the government could know when your system becomes infected with malware is to have some kind of mandatory software or firewall installed on every PC which sends data to a centralized hub, greasing the skids for warrantless surveillance and other invasions of privacy.

Microsoft has been at the forefront of a bid to introduce Internet licensing as a means of controlling how people access and use the world wide web, an effort that has intensified over the course of the past year.

During this year’s Economic Summit in Davos, Craig Mundie, chief research and strategy officer for Microsoft, said that the Internet needed to be policed by means of introducing licenses similar to drivers licenses – in other words government permission to use the web.

“We need a kind of World Health Organization for the Internet,” he said, mirroring Charney’s rhetoric about controlling cyberspace in a public health context.

“If you want to drive a car you have to have a license to say that you are capable of driving a car, the car has to pass a test to say it is fit to drive and you have to have insurance.”

“Don’t be surprised if it becomes reality in the near future,” wrote ZD Net’s Doug Hanchard on the introduction of Internet licensing . “Every device connected to the Internet will have a permanent license plate and without it, the network won’t allow you to log in.”

Just days after Mundie’s call for Internet licensing, Time Magazine jumped on the bandwagon, publishing an article by Barbara Kiviat, one of Mundie’s fellow attendees at the elitist confab, in which she wrote that the Internet was too lawless and needed “the people in charge” to start policing it with licensing measures.

Shortly after Time Magazine started peddling the proposal, the New York Times soon followed suit with a blog entitled Driver’s Licenses for the Internet?, which merely parroted Kiviat’s talking points.

Of course there’s a very good reason for Time Magazine and the New York Times to be pushing for measures that would undoubtedly lead to a chilling effect on free speech which would in turn eviscerate the blogosphere.

Like the rest of the mainstream print dinosaurs, physical sales of Time Magazine have been plummeting, partly as a result of more people getting their news for free on the web from independent sources. Ad sales for the New York Times sunk by no less than 28 per cent last year with subscriptions and street sales also falling.

As we have documented, the entire cybersecurity agenda is couched in fearsome rhetoric about virus attacks, but its ultimate goal is to hand the Obama administration similar powers over the Internet to those enjoyed by Communist China, which are routinely exercised not for genuine security concerns, but to oppress political adversaries, locate dissidents, and crush free speech.

Indeed, Internet licensing was considered by the Chinese last year and rejected for being too authoritarian, concerns apparently not shared by Microsoft.

Any proposal which allows the government to get a foot in the door on dictating who can and can’t use the Internet should be vigorously opposed because such a system would be wide open for abuse and pave the way for full licensing and top down control of the world wide web.

Paul Joseph Watson is the editor and writer for Prison Planet.com.