DU techno geeks.......NSA question

THEY are spying on 200,000 phone numbers which represents 10's of trillions of calls. How tough would it be to write a program to make some sense of these calls and find some pattern? It seems overwhelming, even for the FEDS.
I was just wondering IF they were trying to 'stir the pot' and REALLY were not looking for anything. There just seems to be an easier way to find Al Queda calls in the US.

It collects 10 gigabits/second, is "providing analysts with real-time, surgical targeting of suspect information", and has been installed by ATT in 5 major Western hub switch rooms.

http://www.narus.com/products/intercept.html

Believe it. Every call is listened to.

...I looked this thing up yesterday. That is what they installed at AT & T and from what I understand, it was developed for just that purpose.

:sarcasm:

their are billons of calls each week in the US. To make heads or tails of them is crazy. I worked at a small Telco and we had a disk farm for wharehousing that data.

Read this - the equipment they installed in the secret rooms across the country over the past few years are designed to do precisely what you asked.

http://www.wired.com/news/technology/0,70621-0.html

words and phrases. Not really a good way to find terrorists, IMO. There are much better methods. However, you can do a lot more with that. Keep in mind, currently they're stopping terrorist Quakers, and PETA members. I'm pretty sure they could find all members of the "Grandmothers Against the War organization" this way with greatest of ease. Real terrorists, if they're worth their salt, know they're being watched, and if they speak on the phone, they speak in some kind of code.

all of the above is my humble and rather uneducated opinion... in terms of truth, your mileage may vary

with 256-bit encryption. That IS impossible to decode in real time (and in any reasonable amount of time). And it's free.

Big middle finger to NSA.

Well maybe not impossible.

All it takes is a weakness in the keying algorithm combined with a prekeyed dictionairy (attack).

Or What if Skype was actually sponsered by the NSA? A bit of tinhattery but not beyond the realm of possibility.

That's how long 256-bit RSA encryption would take, with the most powerful supercomputer to date, to break with a brute force attack. No "keying algorithm" -- just find the two prime factors of a number like this:

408,230,838,728,874,513,867,435,709,618,973,461,982,767,132,477,102,384,612,037,462,183,746,154,287,453

Impossible.

Relatively speaking, your other scenario is a sure thing. Although Skype was started by a Dutch company it's since been bought by AOL. All it would take is someone at Skype leaking private keys to the NSA and the encryption is worthless.

One of the common flaws in a keying mechanism is that the entire length isn't used. Btw, what you posted is an example of a keying mechanism and the resulting factor IS THE KEY.

so while a 256 bit key is computed, maybe only 60 bits is used in the computations. Or maybe there is a flaw in the computation. This has happened to a number of products and is very common mistake that vendors make when writing encryption mechanisms. This frequently happens because vendors want to increase the speed of decryption and begin to take shortcuts in key computations. Is this true with Skype? I have no idea.

So anyway, if its 60 bits, or even 128, the NSA simply precomputes them all. Then using that dictionary of keys you compare it to the captured traffic and see which one is being used. In any conversation you are going to have silent time and makes for a good place to do a dictionairy attack against a known set of keys. Once you determine which one is being used, live decryption is trivial.

So what you posted in a "pure" environment is definitely true, the reality is that these products are rarely pure and usually have flaws that betray aspects of the key.

Now for you and me most everyone else, Skype is pretty damn good and good enough. However if the NSA wanted to monitor a known terrorist (and I mean a real one, not just a disgruntled Democrat), I'd given even money that they'll be able decode their skype data in real time. They do this by confiscating their phone/laptop temporarily and returning it to them surreptitiously/a man in the middle attacks, or techniques which I mentioned briefly above.

deposable cell phones. I have no doubt that they can collect the data but find the bad guys seems to be a futile effort. You should HEAR my calls. I have no conversation that don't spend hours talking about * and his evil buddies. What a waste to target me.

"Hi babe" is terror message, Australia court hears
Fri May 12, 2006 4:10am ET165
Email This Article | Print This Article | Reprints
<-> Text <+>

SYDNEY (Reuters) - Nine Muslim men arrested in Australia's biggest security swoop, and charged with planning a terrorist act, pretended to be women texting girlfriends to secretly communicate, a prosecutor told a court on Friday.

"Hi babes, I'm missing you," one message read, while another said: "How you going love, did Sue want to meet me".

During a bail application for one of the men, Khaled Cheikho, 32, in the New South Wales Supreme Court, a prosecutor said the men used "covert phones" under false names and code to communicate, Australian Associated Press reported from the court.

One message between Cheikho and co-accused Mohammed Elomar referred to the purchase of some insulation tape allegedly used to make explosives, said prosecutor Wendy Abraham.

http://today.reuters.com/news/newsArticle.aspx?type=topNews&storyID=2006-05-12T080911Z_01_SYD280115_RTRUKOC_0_US-SECURITY-AUSTRALIA-COURT.xml&archived=False

The problem lies in the tradeoff between the size of the list of hits that you spit out for a human to read and the number of humans you have to hire and train to read the output. If your criteria are stringent (small hit list size) you will miss things (terrorists about to blow up Manhattan, say). It your criteria are lax (large hit list size), you will need to hire too many people to scan through all the drivel, and they will fall asleep. The core technical issue is to make the computer do as good a job of selecting "hits" as a fresh human would do, but much faster, and so far computers are too mechanical in the handling of human language, they don't do near as "good" a job as a real person would. So what you wind up with is a partially effective filter that will find some of the bad guys, and a lot of other people too.

Of course the real problem is that any halfway intelligent bad guys will use special language and make all this scanning futile. So almost all of your hits will be naive users, with the occasional stupid bad guy thrown in. And the smart bad guys will be missed clean.

You should always assume you are being listened to, but there is a good deal of protection in being a small fish in a very big school of fish, and a great deal more in using "coded" language.

we know it will be a waste of time :sarcasm: remember the article on the billions of bits of info that the FEDS had that needed to be translated from ME languages?

And scanning encrypted idiomatic Arabic would be even trickier.
:rofl::rofl:

Who's going to stop this CORRUPT Administration from listening to every single word during Phone Cons by their political rivals and those pesky little old lady and nun anti-war protesters? :shrug: :grr:

I mean, we want them to hear us, right?

Nothing better than knowing your opposition's strategy!

Remember, the telephone companies already have massive databases that track the source and destination of each and every call; that is how the connection is made after all. Delegating responsibility to the local and regional telephone exchanges solves both processing power and data storage issues for the massive number of calls made every day.

With the infrastructure already in place, any number of algorithms can be applied. One simple example simply requires giving each telephone number already in the telecos' databases a new data field, let's call it a "weight." Each call is also given a weight field. Numbers known to be used by "suspect groups" are given a high weight, relative to the threat the group using the number might pose. Numbers merely suspected of being used by suspect groups are given lower weights, again relative to likely threat. This goes down until you reach a relatively low weight for (hopefully) the mass majority of telephone numbers that are in no way suspect.

Each time a call is made and recorded (again, remember this sort of thing has been happening for decades, long before * came to power), the call itself is given a weight, made by combining the weight of the two numbers being connected. Based on the weight of the call, an individual telephone number might be given a higher or lower weight. In this way, most numbers will float to the top, leaving a layer of sediment calls and telephone numbers that need to be looked at. This sedimentary layer can be defined by a threshhold: calls that weigh, say, 100 or more will be flagged as sediment, while calls at 99 or less will be ignored.

Periodically -- every hour, perhaps, or every couple of hours -- the telecos' computers send this sediment to the central NSA processing plant. Now, instead of tens of millions of calls a day, the NSA only processes perhaps a few tens of thousands; that level can be done with the kind of Windows server and MS-SQL server found in any mid-size company; the brokerage firm I work for as a database programmer has two servers that would be up to such a task. Looking at this data, it is possible to build up information that might be useful.

There are a number of refinements that can be made to help filter out false leads. If three suspect groups call a number associated with a pizza place, but only once or twice a week and the pizza place never calls them, chances are it is just a pizza place and there will be little, if any, increase in the pizza place's weight. If, however, the pizza place does call the three suspect groups while most customers do not get called, or if the suspect groups are calling frequently, that might increase the weight of the pizza place's number, making it more likely that it's calls will sink to the bottom and come to official attention.

Anyway, because the telephone companies are cooperating (willingly or not), the problems of starting and running such a massive operation is almost trivial.

NOT!!!!

:tinfoilhat: