Sunday, March 12, 2006
Network Theory And NSA
Russell Tice, a former N.S.A. employee who worked on highly classified Special Access Programs, says that analysts start with a suspect and "spider-web" outward, looking at everyone he contacts, and everyone those people contact, until the list includes thousands of names. Officials familiar with the program have said that before individuals are actually wiretapped, computers sort through flows of metadata — information about who is contacting whom by phone or e-mail. An unclassified National Science Foundation report says that one tool analysts use to sort through all that data is link analysis.The article goes on to discuss the possible implications. If you have some decent info coming from intelligence abroad, you should be able to identify hubs. If you can identify hubs, you can cut down your possibles. But to identify hubs you need the cooperation of foreign governments, like the government of the UAE....
The use of such network-based analysis may explain the administration's decision, shortly after 9/11, to circumvent the Foreign Intelligence Surveillance Court. The court grants warrants on a case-by-case basis, authorizing comprehensive surveillance of specific individuals. The N.S.A. program, which enjoys backdoor access to America's major communications switches, appears to do just the opposite: the surveillance is typically much less intrusive than what a FISA warrant would permit, but it involves vast numbers of people.
In some ways, this is much less alarming than old-fashioned wiretapping. A computer that monitors the metadata of your phone calls and e-mail to see if you talk to terrorists will learn less about you than a government agent listening in to the words you speak.
It's notable that the attacks since 9/11 appear to have been one-offs. The guy who shot up LAX, the college student who drove into a crowd, the one who tried to get into a stadium wearing a bomb.... I would say it is working. These types are the people you cannot catch with such a strategy, but they are also the people who will inflict relatively little damage. What you have to detect and at least disrupt is the networks. By merely picking up a few suspects for questioning you probably blow away 3/4ths of these operations by scaring off the non-committed and the sympathizers. You don't even have to try or convict anyone. You just keep them on the run, isolated from support, and and isolated.
I do not see how those who claimed that the Dubai port deal demonsrated that Bush was not serious about national security can turn around and attack such a program. What else is there which could possibly work?
My belief is that deep-sixing the Dubai deal will hurt us badly. We are sacrificing the resources we must have in order to protect ourselves for an illusion of security that cannot withstand the slightest objective scrutiny. And the companies least to be feared are those owned by foreign governments. The link there is so direct that no government, even if it wished to launch a terroristic attack, would employ such a resource to do so. The entire advantage of state-sponsored terrorism is plausible deniability, which would not exist in such a case. The companies of which we should be wary would be much smaller, privately-owned companies.