Category Archives: PRISM

Using Stylometry DHS have id’d Bitcoin creator Nakamoto with help from NSA PRISM & MUSCULAR programs

Allegedly using word surveillance and stylometry the effort took less than a month. Apparently using encryption and complex obfuscation methods is not a defence when the “seeker” has access to trillions of writing samples from a billion or so people across the globe.

By taking Satoshi’s texts and finding the 50 most common words, the NSA was able to break down his text into 5,000 word chunks and analyse each to find the frequency of those 50 words. This would result in a unique 50-number identifier for each chunk. The NSA then placed each of these numbers into a 50-dimensional space and flatten them into a plane using principal components analysis. The result is a ‘fingerprint’ for anything written by Satoshi that could easily be compared to any other writing.

It is worth noting that the original post is littered with comments that request more details on the source of the information that informed the post or some other such proof of the veracity of the claims being made but the author declared in response:

Many readers have asked that I provide third party citations to ‘prove’ the NSA identified Satoshi using stylometry. Unfortunately, I cannot as I haven’t read this anywhere else — hence the reason I wrote this post. I’m not trying to convince the reader of anything, instead my goal is to share the information I received and make the reader aware of the possibility that the NSA can easily determine the authorship of any email through the use of their various sources, methods, and resources.

Many readers have asked who Satoshi is and I’ve made it clear that information wasn’t shared with me. Based on my conversation I got the impression (never confirmed) that he might have been more than one person. This made me think that perhaps the Obama administration was right that Bitcoin was created by a state actor. One person commented on this post that Satoshi was actually four people. Again, I have no idea.

If it is true then “The moral of the story? You can’t hide on the internet anymore. Your sentence structure and word use is MORE unique than your own fingerprint. If an organization, like the NSA, wants to find you [sic] they will.

Full story by Alexander Muse is on Medium.

ENDS

When The Privacy Advocate Becomes An Apologist For The Opponent

It does not matter to me whether the “The Guardian Falsely Slammed WhatsApp For a “Security Backdoor” – It’s Actually Not” according to a Peter Stone thread on Peerlyst.

Bruce Schneier also weighed into the debate saying “This is not a backdoor. This really isn’t even a flaw. It’s a design decision that put usability ahead of security in this particular instance.”

Tellingly though he went to say that “How serious this is depends on your threat model. If you are worried about the US government — or any other government that can pressure Facebook — snooping on your messages, then this is a small vulnerability. If not, then it’s nothing to worry about.”

The main stream media sponsored spat had @Moxie from @WhisperSystems siding with @WhatsApp and @Facebook in a face off against @Guardian and their contributor @tobiasboelter (Security and Crypto at UC Berkeley) in a “man in the middle” versus “design” versus “vulnerability” versus “backdoor” versus “privacy” versus “convenience” versus “user experience” tit for tat.

If you take Schneier’s statement about who should worry about the WhatsApp “design choice” in handling “blocking” / “non-blocking” then irony drips from Moxie’s apologist defence of the WhatsApp handling of key changes when one notes that in a Jun 12, 2013 blog post he wrote “We Should All Have Something To Hide” .

Moxie at Open Whisper Systems, the designers of the well respected SIGNAL encrypted voice and messaging app, responded to the “backdoor” allegations in WhatsApp’s implementation of the SIGNAL protocol in a blog post on their site.

It was in response to Mr. Boelter’s piece in the Guardian newspaper “WhatsApp vulnerability explained: by the man who discovered it” which they say was in response to the Facebook denial that the vulnerability was a deliberate loophole.

The debate is complicated for people not involved in the security industry there are pro’s and con’s in the arguments that both sides make. Some of it is pure semantics, some of it represents shades of opinion other aspects are “interpretations”.

It all essentially stems from WhatsApp approach to handling encryption key changes in certain scenarios and their attitude to “non-blocking”. SIGNAL handles all key changes with “blocking” but WhatsApp chooses to go with “non-blocking”. There is therefore a fundamental difference between the WhatsApp app’s implementation of the Open Whisper System protocol and the implementation that underpins the SIGNAL app.

The integrity of the SIGNAL app is not being questioned. The Wall Street Journal stated about the latter in a Jan. 24, 2017 11:16 a.m. ET article that “Messaging App Has Bipartisan Support Amid Hacking Concerns” describing SIGNAL “as a smartphone app that allows users to send encrypted messages, is gaining popularity in the political world amid rising fears about hacking and surveillance in the wake of a tumultuous election year.”

My worry is not about WhatsApp’s Open Whisper Systems implementation because frankly I would not use it. I would not use it because I do not trust Facebook (the owners of WhatsApp or Zuckerberg). Zuckerberg because he tried to cover up the Facebook facilitation of the NSA PRISM program before the Snowden revelations embarrassed him into trying to apply a retrofit fix to his betrayal of Facebook users. And WhatsApp because frankly they are sharing their users data with Facebook despite denials.

When the advocates become apologists for the mainstream then they longer deserve to be called advocates in the purest sense of the word. And Moxie does consider himself “pure”. He is not.

In July 2016 Wired wrote “Meet Moxie Marlinspike, the Anarchist Bringing Encryption to All of Us” but being an “anarchist” and an ally of Zuckerberg are incompatible ideological stances.

ENDS

NSA, GCHQ, The Five Eyes Handing Ireland Cyber-Security Opportunity

It is perfectly achievable to maintain national security and manage the security risks posed domestically by extremists without instituting mass-surveillance programs of ones own citizens and corporate entities.

While this would seem like common sense, the continuing activities of authorities in the United States of America and the United Kingdom would suggest otherwise. But the French have also dipped a toe (or rather an entire leg) in these waters when after the Paris attacks they expanded the 1955 State of Emergency law and legislated for a French mass-surveillance program.

The implications of the Snowden revelations were slow to filter through to ordinary people not working in the security domain. The NSA, the PRISM program and the Patriot Act had produced a culture of widespread surveillance of ordinary citizens’ activities with the assistance of many household names and brands.

Shocking news. Huge outcry. Much apologising and “contextualising” and “perspective” setting occurred. “Expediency” and “imminent threat” were debated and on it went.

The collaborators in the form of telco’s, social networks, media organisations and household brands went into overdrive to backpedal from the disastrous PR outcome their involvement created.

At the same time – encryption and privacy software companies made wild claims about the strength of their products and hundreds of new entrants emerged to fill the public demand for Private Messaging, Email Encryption, Secure Voice, VPN’s, Proxy Spoofers and other privacy tools – a space previously reserved for paranoid board room members, activists and some well informed underworld organisations.

It was supposed to have been a watershed  – the worst excesses of intelligence agencies exposed and now oversight, accountability and proportionate measures would rule the day.

Not so.

The Investigatory Powers Bill

The Investigatory Powers bill will become law in the United Kingdom sometime toward the end of 2016. Inside this legal maze of mass surveillance facilitators the UK alphabet agencies can now:

  • Hack any device, any network or any service;
  • Perform these hacks without restriction and against any target;
  • Store the resulting information indefinitely;
  • Maintain databases of private and confidential information on any citizen of the United Kingdom or person in the United Kingdom;
  • Targets do not have to be “persons of interest” nor do they have to be of any interest whatsoever – at this time;
  • It is an omnipresent power to simply gather information on everyone, at anytime, from anywhere – without any reason and store it – “just in case”;
  • In the commercial context the law allows the state to pressure any company to perform decryption on any data that they store – on request – without reason or right to appeal;
  • This in so many words means that un-compromised commercially available encryption products will no longer exist in the United Kingdom after the Bill becomes Law and no company that is based in the United Kingdom  can make that claim to its users and no company that stores its data in the United Kingdom can assure it’s users that it is safe from hacking or more likely simply being handed over to whatever department of the government of the United Kingdom asks for it;
  • It also requires communications service providers to maintain an ongoing log of all digital services their users connect to for a full year.

It has been quite rightly criticised widely and has already been named the most extreme law ever passed in a democracy — because it cements the legality of mass surveillance.

The English Speaking World Is Giving Ireland the Chance for Privacy Leadership 

This blog has already discussed the The “Five Eyes” (FVEY‍) intel‍ alliance many times. The organisation unifies elements of the national alphabet agencies of the United Kingdom, the United States, Australia, Canada and New Zealand and their intel gathering infrastructures.

The AA’s in each member country and the terms of their information exchange mandate is encapsulated in the multilateral‍ agreement called the “UKUSA Agreement”.

This alliance and it’s mass-surveillance capabilities leading to large scale undermining of personal freedoms and civil liberty has really only come into its own with the advent of social networks, big data, the cloud and AI.

Brexit, Trump, US Corporation Tax & Mass Surveillance 

Brexit presents challenges for Ireland but it also presents opportunities. This is one of them.

Trump will shortly be in the White House and he has pledged to end the Irish FDI arrangement of convenience with US corporations. His attitude to surveillance is well known and not categorised by its message of restraint.

Brexit, Trump, The Five Eyes, PRISM, the NSA, GCHQ and now the Investigatory Powers Bill are a frontal assault of epic proportions on the right to privacy of citizens in democracies.

A sort of perfect storm of oppression and suppression tools just standing there waiting – in the wings – for a time when someone will come along and use them for the polar opposite purpose of what they were allegedly created for.

Out of Adversity, Opportunity

The opportunity created by this adversity is not to convince Facebook, Google, Microsoft, Yahoo, Paypal, eBay or the host of other US corporations in Ireland who are either facilitators of the surveillance culture or, like Twitter, engaged in widespread in-house censorship.

But if for once the Irish government showed some spine then the opportunity exists to create an entirely new sector catering to the privacy needs of freedom loving citizens and organisations who dwell in jurisdictions governed by these Stasi like surveillance laws.

And the market size? Well, it’s somewhere around seven billion people and rising.

The attitude of these politicians (Trump, May, Valls & Co.) and their intelligence organisations and the new “laws” – in the form of the revised Patriot Act and the Investigatory Powers Bill – means that’s the vast majority of the worlds English speaking population now live under governments who can – legally – invade their privacy at will – whether at home, at work or at leisure – store the information and use it for any purpose, at any time, at any point in the future – for any reason.

But Ireland has a long way to go to create credibility – the view that Ireland is a Privacy Advocate for the world whose lives are described on social media sites whose data is located in the Irish jurisdiction is a total myth.

I dearly hope that for once Ireland can take the lead – despite its size and influence – and act even if out of self-interest as a stopgap for the complete erosion of civil liberty and privacy in the Western World.

 

END 

uXDT & Audio Beacons – Introduce your Paranoia to your Imagination

Ultrasonic‍ cross-device tracking‍ (uXDT‍) apparently represents an apocalyptic threat to privacy‍ . The techis being embedded in many apps but despite its significant intrusive abilities it is not complying – in most cases it would seem – with explicit consumer optin‍ / optout‍ choices.

At best it is an underhand advertising trick, at worst it stands to become one of the alphabet agencies handiest IoT mass surveillance piggybacking collection methods for device ownership cross referencing and tracking.

What the debate regarding uXDT and audio beacons does indicate though is that as IOTdevices expand exponentially they are accompanied by many little known and little understood elements that potentially expose consumers to threats ranging from low level adware‍ to full scale identitytheft and in the processinadvertently or intentionally expand the toolset available for mass surveillance‍ .

The concept of cross device tracking has been pitched as every marketers wet dream. In basic terms using audio beacons it can cross reference your habits across multiple devices to tell advertisers – amongst other things – what and where you are watching TV and more importantly use that to refine advertising.

“Audio Beacons” – As Used by SilverPush

The issue with creepy emerging‍ tech is well demonstrated by Silverpush which researchers from University College london last month again alleged could expose millions of devices to malicioushacking‍ . Signal360 and Audible Magic who have attracted investment from several VC leading lights and interest from a host of major companies are also engaged in rolling out uXDT services.

Even after silverpush withdrew the previous version of their software after an FTC warning to developers in March 2016 their current website still has very vague descriptions of their service offerings which fall squarely in the “creepy” category of marketing speak.

One of their TV products for marketeers is the unfortunately and unbelievably named PRISM‍ – whose NSA‍ surveillance program namesake was the subject of the snowden‍ revelations.

Chaps – I would have the marketing guys take another look at that choice of branding if I were you.

Using Inaudible Sounds To Link Device Ownership

In a Techcrunch article in 2014 SilverPush‘s original approach was explained by their CEO Hitesh Chawla. The company he said used “ultrasonic inaudible sounds.” If you are browsing and engage with a SilverPush advertiser then as they drop their cookie‍ they also ping one of those “inaudible” sounds.

You didn’t hear it but the app did and so did any app that used the SilverPush product suite. It passively listened for these sounds in the background. When an “audio beacon” was detected it was then able to establish that a desktop, laptop, phone, tablet or any other IoT device in range with the app installed belonged to the same person.

Who Uses / Used It

Sound.ly based in korea and Shopkick are other examples of a couple of startups embedding the tech in their stack. Before the FTC warning there were twelve app developers whose apps were available fordownload in the google play store who had the tech embedded in their product suites or apps.

The FTC was explicit about what it could mean for those developers “If your application enabled thirdparties to monitortelevision-viewing habits of U.S. consumers‍ and your statements or user interfacestated or implied otherwise, this could constitute a violation of the Federal Trade Commission Act,” the FTC’s letter to developers warned.

At that point several products and apps were voluntarily withdrawn.

Researching The “Threat”

There are now several research groups who have declared that they are planning to explore the uXDTecosystem‍, dig into the inner workings of popular uXDT frameworks‍, and perform an in-depth technicalanalysis‍ of the underlying technology, exposing both implementation & design vulnerabilities, and criticalsecurity‍ & Privacy shortcomings.

I look forward to reading their findings.

END

The “FVEY” SIGINT Espionage Alliance

The French, Belgian, Egyptian and Yemeni authorities have all in the last 12 months failed to connect the dots on available data that might have prevented or lessened the Hebdo, Bataclan, Zaventem & Maalbeek atrocities.

Some of their foreign counterparts however are part of an exclusive alliance that shares intelligence that does in many cases provide insights that the individual portions do not.

The Five Eyes intelligence alliance is led by the USA. Often abbreviated as “FVEY” the alliance comprises Australia, Canada, New Zealand, the United Kingdom, and the United States. They are bound by the multilateral UKUSA Agreement, a treaty for joint cooperation in signals intelligence.

STASI - FIVE EYES

FVEY’s origins can be traced back to the Atlantic Charter issued by the Allies to lay out their goals for a post-war world in 1945. During the Cold War, the ECHELON surveillance system was initially developed by the FVEY to monitor the communications of the former Soviet Union and the Eastern Bloc. Later, it was alleged that it was also used to monitor billions of private communications worldwide.

ECHELON’s existence was disclosed in the late 1990’s and it triggered a major debate in the European Parliament. As part of efforts in the so called War on Terror the FVEY further expanded their surveillance capabilities, with much emphasis placed on monitoring internet communications.

Snowden describes the Five Eyes as a “supra-national intelligence organisation that doesn’t answer to the known laws of its own countries”. Documents leaked by Snowden in 2013 revealed that the FVEY have been spying on one another’s citizens and sharing the collected information with each other in order to circumvent restrictive domestic regulations on surveillance of citizens.

The leaked documents also revealed the existence of numerous surveillance programs jointly operated by the Five Eyes including:

  • PRISM – Operated by the NSA together with the GCHQ and the ASD;
  • XKeyscore – Operated by the NSA with contributions from the ASD and the GCSB;
  • Tempora – Operated by the GCHQ with contributions from the NSA;
  • MUSCULAR – Operated by the GCHQ and the NSA;
  • STATEROOM – Operated by the ASD, CIA, CSEC, GCHQ, and NSA.

Despite the disclosures no amount of outrage will affect the Five Eyes which remains the most extensive known espionage alliance in history.

END.

You Are Not In Safe Hands

The way sensitive information was handled by Hillary Clinton and her staffers at Foggy Bottom during her tenure as Secretary of State is indicative of the lack of respect shown by even uber-senior government officials to data collected by governments by legal and illegal means.

With every additional reduction in personal freedoms or intrusive piece of surveillance or data collection legislation the citizen’s concerns are salved by the oft used mantra that the data is in “good hands” and will be treated with the respect required and used only for the purposes outlined.

How hard it is to accept those type of assurances from state actors in the normal course of events is obvious with even a cursory knowledge of the antics of the NSA and GCHQ under the PRISM, XKeyscore and Tempora surveillance programs.

How much harder it is when juxtaposed with the reckless abandon with which senior state department officials under Clinton treated data, the mis-handling of which literally placed peoples lives at risk.

It is an arrogance with which those in power have always demonstrated and one which is an important lesson to every citizen as they stand idly by while governments and corporations globally aided by flawed laws, but more often illegally, peak into their personal lives for economic, political and personal gain.

Apologists have consistently sought to dilute the gravity of the situation with respect to Clinton’s offices’ behaviour. Obfuscation notwithstanding, highly classified information was wilfully placed on unclassified and unencrypted networks.

The fact that this was allowed shows the systemic lack of checks and balances in place to audit the flow of sensitive surveillance and intelligence information within and between governments. It additionally renders moot any government assurances regarding the handling of sensitive information – not that this event was required to reach that obvious conclusion – it simply presents a perfect case in point to illuminate the problem.

Intelligence community analysts at multiple American, UK and other Five Eyes alphabet agencies write intelligence assessments based on multiple information sources every day. They are then classified according to their content, sensitivity and source and then shared with senior government leadership.

In the USA, the Secretary of State is always the top consumer of this data. The State Department has its own in-house intelligence analysis shop, the Bureau of Intelligence and Research (INR) to handle that department’s need for additional classified assessments and reporting.

Broadly, the classifications and other acronyms typically used in IA’s are:

TOPSECRET / TS – The highest “official” classification in the U.S. Government;

SECRET / S – This data is not based on SIGINT (Signals Intelligence) and is normally sourced from local classified assessments from US Embassy or CIA Station staff;

SI – Special Intelligence is a security caveat that falls under the rubric of Sensitive Compartmented Information or SCI. Not everybody cleared for TOPSECRET also has access to SCI, that’s a separate matter and all SCI materials require special handling to protect them from compromise. These SI classifications are normally information derived from NSA SIGINT programmes;

NOFORN / NF – This caveat means it cannot be shared with non-Americans. However, large portions of NSA SIGINT, even at the TS/SI level, are shared with close foreign partners such as the Five Eyes countries;

TK / TALENT KEYHOLE – Information derived from foreign communications intercepts by assets or intelligence satellites;

FOUO – The For Official Use Only marking, meaning it cannot be released to the public without official approval. Local media reports are important sources for this type of information and make up the raw materials analysed by the CIA’s Open Source Center (OSINT). This is the agencies hub for translating foreign media reports;

NFI – means No Further Information;

U – Entirely unclassified.

Save for the U classification no portion of information denoted by any of the other acronyms can be released to the public, or placed on any unclassified information system, by anybody, not even a cabinet secretary, without specific approval from outside agencies.

SIGINT, in particular, is highly sensitive. This type of data should only ever see the light of day outside of the official audience for these reports with explicit NSA permission. Even talking around such information represents a security breach and is normally considered illegal by the legislation used to grant the powers to collect the information in the first instance.

Clinton and her office breached all of these rules.

END.

Avoiding the Creation of a 21st Century “Stasi” in France

France has powerful intelligence agencies and highly sophisticated capabilities. However, similar to all Western agencies they do not possess the requisite legal powers, manpower or resources to conduct highly intrusive and persistent surveillance of thousands of individuals, many of whom will have never been charged with a crime.
Even if they did, the public attitude to and willingness to support blanket surveillance of large segments of the population, plays to the fears of many who see in that action echoes of George Orwell’s dystopian concept of “thought crime” surveillance.
The challenge is to identify which networks of individuals deserve further attention. In light of recent events, the upswell of public outrage at the Hebdo attacks, the mass migration to Southern Europe of refugees fleeing the conflicts in the Middle East, North Africa and Sub Saharan Africa as well as Eritrea, Somalia and Yemen and a general perception in France that French society is under attack from within, would it be possible to speculate that the French are unwittingly considering the creation of the own Stasi? Albeit in a more benign guise and with best intentions. 


The Ministerium für Staatssicherheit (MfS) or The Ministry for State Security commonly known as the Stasi was the official state security service of the German Democratic Republic (GDR), colloquially known as East Germany. The service was headquartered in East Berlin and has been described as one of the most effective and repressive intelligence and secret police agencies to have ever existed.
One of its main tasks was spying on the population, mainly through a vast network of citizens turned informants, and fighting any opposition by overt and covert measures, including hidden psychological destruction of dissidents. Without the aid of modern technology the Stasi in East Germany ran a network of over 2,000,000 informants and ostensibly had an entire nation under active surveillance and effectively so.
The Buttes-Chaumont Network & the Charlie Hebdo Watershed
The protagonists of the Charlie Hebdo attacks were known not just to the French authorities but to other European authorities and their counterparts in the United States. It is well known and has been widely reported that one had travelled to Yemen over a three-year period and another had been convicted of earlier seeking to travel to Iraq and that they were both associated with long-established European jihadist networks.
Cherif was part of the “Buttes-Chaumont network” that assisted would-be jihadists fight for al-Qaeda in Iraq after the invasion in 2003. He was detained in 2005 just as he was about to board a plane for Syria which at that time was a gateway for jihadists looking to fight US troops in Iraq. The Kouachi brothers had allegedly attended a mosque near Buttes-Chaumont, an area of northern Paris, where they came under the influence of a radical imam called Farid Benyettou.
Following Cherif’s imprisonment between January 2005 and October 2006, he first came into contact with the man who would become his mentor – Djamel Beghal. Beghal was sentenced to 10 years in prison in France in 2001 for his part in a plot to bomb the US embassy in Paris. In 2008, Cherif was again jailed for three years for his role in sending militants to Iraq, 18 months of the sentence was suspended.
AQII Flag

                                        
Another key figure in the Buttes-Chaumont network was Boubaker al-Hakim, a militant linked to al-Qaeda in Iraq. al-Hakim also recruited militants to fight in Falluja, an Iraqi city that became an al-Qaeda stronghold in 2004. 

al-Hakim is also wanted in Tunisia over the murder of two Tunisian left-wing opposition politicians in 2013 – he claimed the murders in the name of the Islamic State militant group. A French court jailed al-Hakim for seven years in 2008.
That action appeared to break up the jihadist network that Beghal, al-Hakim and Cherif Kouachi had created.
In 2010 Cherif Kouachi was named in connection with a plot to assist in the escape of another Islamist, Smain Ait Ali Belkacem, from jail. 

A plot hatched by Beghal, according to French anti-terror police. 

Belkacem used to be in the outlawed Algerian Islamic Armed Group (GIA) and was jailed for life in 2002 for a Paris metro station bombing in 1995 which injured 30 people.
Original GIA Flag

                       

AQAP Flag

The older Kouachi undertook military training in Yemen in 2011, where he met the influential preacher Anwar al-Awlaki. 

Awlaki was a senior figure in al-Qaeda in the Arabian Peninsula (AQAP). 

The branch of al-Qaeda that has proven most effective at placing bombs on Western-bound aircraft, and which claimed responsibility for the Hebdo attacks.
It is important to remember, however, that thousands of people would have been connected to these very same networks, some of which are well over a decade old. On top of this, more than 1,200 French nationals – a large proportion of whom would be previously unknown – have travelled to Iraq and Syria to fight with Islamic State in the last few years. About 350 have returned according to unofficial figures.


The “Five Eyes”
The French authorities and their foreign counterparts, especially those in Yemen and the US, shared intelligence that might, taken together, have thrown up insight that the individual portions could not. One report suggests that France de-prioritized the Kouachi brothers because Yemen was a US priority, whereas American officials left it to the French.
France is not a member of the US-led Five Eyes intelligence alliance – a fact which may have contributed to the threat detection failure that led to the recent attacks.
The “Five Eyes”, often abbreviated as “FVEY”, refer to an intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are bound by the multilateral UKUSA Agreement, a treaty for joint cooperation in signals intelligence.

Click image to enlarge

The origins of the FVEY can be traced back to World War II, when the Atlantic Charter was issued by the Allies to lay out their goals for a post-war world. During the course of the Cold War, the ECHELON surveillance system was initially developed by the FVEY to monitor the communications of the former Soviet Union and the Eastern Bloc, although it allegedly was later used to monitor billions of private communications worldwide.
In the late 1990s, the existence of ECHELON was disclosed to the public, triggering a major debate in the European Parliament and, to a lesser extent, the United States Congress. As part of efforts in the ongoing War on Terror since 2001, the FVEY further expanded their surveillance capabilities, with much emphasis placed on monitoring the World Wide Web.
The former NSA contractor Edward Snowden described the Five Eyes as a “supra-national intelligence organisation that doesn’t answer to the known laws of its own countries”. Documents leaked by Snowden in 2013 revealed that the FVEY have been spying on one another’s citizens and sharing the collected information with each other in order to circumvent restrictive domestic regulations on surveillance of citizens.
In 2013, documents leaked by the former NSA contractor Edward Snowden revealed the existence of numerous surveillance programs jointly operated by the Five Eyes. The following list includes several notable examples reported in the media:


  • PRISM – Operated by the NSA together with the GCHQ and the ASD
  • XKeyscore – Operated by the NSA with contributions from the ASD and the GCSB
  • Tempora – Operated by the GCHQ with contributions from the NSA
  • MUSCULAR – Operated by the GCHQ and the NSA
  • STATEROOM – Operated by the ASD, CIA, CSEC, GCHQ, and NSA
Despite the impact of Snowden’s disclosures, some experts in the intelligence community believe that no amount of global concern or outrage will affect the Five Eyes relationship, which to this day remains the most extensive known espionage alliance in history.
The Emergence of “Boutique” Terrorism
Recently extremists groups based in conflict hotspots have called on sympathisers in Western countries to take the initiative and plan and execute terrorist actions locally with little or no external assistance.
Simplistically many people tend to seek to place terrorist attacks into one of two categories: low-tech, independent operations by individuals (“lone wolf”) or small groups (“wolf packs”), or complex and large scale operations resourced and commanded by organizations.
The last six months has seen a profusion of low-level attacks across Europe and North America, giving the impression that even slightly larger attacks – involving higher-calibre weaponry or better preparation – must represent formal plots by established terrorist groups.
In the Hebdo case, the attackers themselves claimed to have been sent by AQAP, which itself claimed to have “directed” the plot. But we should treat this claim sceptically. As the Australian counterterrorism analyst Leah Farrall reminds us, the al-Qaeda operatives who attacked US embassies in 1998 were given only general instructions to strike Americans.
Al-Qaeda’s leadership learned of the targets while the attack was under way. This is closer to inspiration or encouragement than direction or command. This was the model in the Paris attacks, particularly as AQAP’s past plots have been built around advanced bombs rather than the use of gunmen. Amidst the rise of IS, al-Qaeda – and especially its Yemeni branch – remains a potent threat for this type of action.


However, the Paris attacks are not a new kind of terrorism. The use of gunmen, the seizure of hostages, the focus on screen-time rather than death toll, and the role played by complex networks of individuals cutting across different countries and groups have been features of attacks over the past 50 years. The new challenge isn’t the prioritisation of threats, but the growing mismatch between the number of potential threats and limited resources.
Cell” Structures & Suicidal Tendencies
Many of the recent plots appear to have been developed without foreign direction which minimises the possibility of eavesdropping. The concept of the “terrorist cell” developed in the 1970s to counter the prevailing intelligence gathering techniques at that time were difficult, if not bordering on the impossible, to detect.
For example in the 1970’s the IRA overhauled its internal structures, greatly reducing the numbers of volunteers who engaged in attacks and organising them into closed cells, or “active service units”, so that the information any one IRA man would have about the organisation would be limited to five or six people.
This process reduced the numbers of active IRA personnel greatly. At its peak in the early 1970s, the Belfast Brigade had had up to 1,500 members. By the early 1980s, this had been reduced to about 100 men in active service units and another 200-300 in supporting roles.
The cell structure also increased the control of the Brigade’s leadership over its volunteers, since all weapons were held by one “quartermaster” attached to each unit and could only be used for operations authorised by the Brigade leadership.
The objective was to preserve high value operatives and their skills for continued and ongoing use against their targets.
With the emergence of the extremist jihadi threat in Europe in recent years and the seemingly vast pool of resources from which these groups can draw from – the “cell” structure is used to avoid detection pre-event but not so much concerned with the preservation of the “cell”, “lone wolf” or “wolf packs” post event. 

Manpower has ceased to be an issue.
Where plots use more easily available resources, such as firearms rather than sophisticated explosives, then the challenges faced in implementing a robust prevention strategy are exponentially greater.
The reasons for the decision by the French intelligence services to lift their surveillance of Said Kouachi after his return from Yemen is not clearly known. Likely it was based on balancing the perceived threat from Kouachi versus other competing threats and was also informed by what initial surveillance of him had yielded post his return to France.
It is a matter of the size of the competing needles in a very large haystack rather than an example of an intelligence failure or a systemic problem with the tactics being employed by the French authorities.
Information Myopia
Intelligence agencies globally suffer from a modern problem best defined as “information myopia”*. There is simply too much data available from too many sources much of which is of questionable value but all of which ends up in the same “cube” available for analysis. Extending the remit and sources that are under the surveillance lens will only exacerbate this problem and will not necessarily lead to improved security outcomes.
If the “cube” of data to be analysed is vast then the sieving process that is employed is the key to the success of the analysis. This sieving process though is currently largely based on keywords or watchwords and prone to error. Unless a would be attacked is incredibly naïve then most of this processes effectiveness is rendered useless.
Pattern analysis too has its pitfalls – simply because someone is a frequent visitor to sites that would seem to indicate extremism does not make them an extremist. What about researchers, journalists, the genuinely curious?
There is reason to think that the French failed to get some information they ought to have had. The Kouachi brothers had succeeded in building up a cache of arms in their apartment. Neighbours discovered that cache, but they were then intimidated into silence.
This, however, might represent more a failure of local policing – and poor relations between the local Muslim community and the authorities – than national intelligence. Nevertheless, assault rifles and rocket launchers are not easily available in Western Europe, and the French authorities could reasonably be expected to have had a tighter grip on the supply networks.

* The terms “myopia” and “myopic” (or the common terms “short-sightedness” or “short-sighted”, respectively) have been used metaphorically to refer to cognitive thinking and decision making that is narrow in scope or lacking in foresight or in concern for wider interests or for longer-term consequences. It is often used to describe a decision that may be beneficial in the present, but detrimental in the future, or a viewpoint that fails to consider anything outside a very narrow and limited range. Hyperopia, the biological opposite of myopia, may also be used metaphorically for a value system or motivation that exhibits “farsighted” or possibly visionary thinking and behavior; that is, emphasizing long-term interests at the apparent expense of near-term benefit.

What is the French word for PRISM?

Last December (2014) the French government published a decree enacting an internet surveillance law that was passed a year before. The measure allowed authorities ‘administrative access to connection data,’ and came into force on the 1st January 2015. The decree, providing French officials with access to data from a wide range of telecom services in the country – including phone calls, text messages and internet access by both private users and operators – was published over the Christmas holidays, France’s Le Point reported. 
The legislation was passed in December last year, and was a surprise to many as less than two months before it was approved, the country’s president François Hollande – during a phone conversation with Barack Obama – expressed his “deep disapproval” at revelations that the NSA had been intercepting millions of phone calls in France, having described it as an “unacceptable practice.” 
Notwithstanding that comment from 1st January 2015, the French government itself is in control of its residents’ connection data, with an “interdepartmental group” being in charge of security interceptions and administrative access, gathering requests for certain data and obtaining it from operators. Departments, authorized to issue data requests, include several branches within the Interior Ministry, the Ministry of Defense and a directorate at the Ministry of Finance. 
Laws, empowering state officials to monitor the population by means of communication and information access, have been passed under the flag of protection from the terrorist threat. Powers, granted to the government by the new surveillance law, have been met with protests in France. Before it was eventually enacted, authorities set up an oversight body – National Control Commission for Security Interceptions (CNCIS), which will supervise governmental data control powers. Although it is allowed to oversee documents and information asked to be disclosed to the authorities, it has no power to sanction anyone, or alert any third party of an alleged abuse.
“THIS IS NOT A FRENCH PATRIOT ACT” – Prime Minister Manuel Valls
From the 13th April 2015 French lawmakers spent four days debating a controversial anti-terrorism bill that, if passed, would dramatically expand the government’s surveillance powers. 


The law’s backers describe it as a necessary measure to thwart terrorist attacks, and it has strong support on both sides of the aisle. But the bill has drawn sharp criticism from French internet companies over fears that it could harm business, and from privacy advocates who say it would severely curtail civil liberties. 

The proposed law would allow the government to monitor emails and phone calls of suspected terrorists and their contacts, without seeking authorization from a judge. Telecommunications and internet companies would be forced to automatically filter vast amounts of metadata to flag suspicious patterns, and would have to make that data freely available to intelligence services. Agents would also be able to plant cameras and bugs in the homes of suspected terrorists, as well as key-loggers to track their online behavior.

Privacy International, Amnesty International, and other human rights organizations expressed alarm over the bill when it was announced last month, urging Parliament to give it careful scrutiny. It’s also been criticized by the National Digital Council, which advises France’s government on technological issues, and by several French web hosting companies, which say the threat of constant government intrusion would undermine their business. 

Of particular concern is the provision requiring telecoms to automatically filter internet traffic. Under the law, internet service providers would have to install monitoring mechanisms — referred to by the French media as “black boxes” — that would use algorithms to detect, in real time, suspicious behaviors in internet metadata. 

The bill’s supporters stress that this metadata would remain anonymous and that content of communications would not be automatically swept up, but the behaviors that would constitute a “terrorist-like” pattern are still unclear. Critics say the measure effectively amounts to mass surveillance of web traffic on a disproportionately large scale. 

Under the bill, recordings could be stored for up to one month, and metadata for up to five years. France’s current data protection laws date back to 1978, and are among the strongest in Europe. “It’s a comprehensive data protection framework that applies to both the public sector and all industries,” Fabrice Naftalski, a data privacy attorney and partner at the legal firm EY in Paris, says of current French law. “Protection of personal data is a fundamental right.” 

But the country’s counter-terrorism laws haven’t been revised since 1991, which was the original impetus behind drafting this bill last summer. The legislation took on a new sense of urgency following January’s attacks, when Valls moved to fast-track it for passage by this summer. (A vote is expected early next month.)

It seems 2,000,000 East German HUMINT Stasi assets have been supplanted by 66,000,000 French SIGINT black boxes. Thats progress – at least technologically.  

References & Acknowledgements
  1. Perspectives on Terrorism The Modus Operandi of Jihadi Terrorists in Europe by Petter Nesser and Anne Stenersen terrorismanalysts.com/pt/index.php/pot/article/view/388/html
  2. The XX Committee: Intelligence, Strategy, and Security in a Dangerous World – www.20committee.com
  3. Darktrace – www.darktrace.com
  4. al-Araby al-Jadeed – http://www.alaraby.co.uk/english
  5. The Verge – www.theverge.com
  6. Russia Today – www.RT.com
  7. Science X Network – www.phys.org
  8. The Long War Journal – www.longwarjournal.org
  9. Academia – www.academia.com
  10. TMG Corporate Services – www.tmgcorporateservices.com
  11. Al Jazeera – www.aljazeera.com
  12. Al Monitor – www.al-monitor.com
  13. Le Monde 
  14. Le Figaro 
  15. Le Point
  16. Die Welt 
  17. CNN 
  18. Fox News 
  19. TIME Magazine –
  20. The New York Times 
  21. The Washington Post
  22. The Times 
  23. The Mail on Sunday 
  24. The Telegraph 
  25. Wikipedia