Category Archives: False Positives

Love False Positives – The Day The Bank Said I Bought A Heavy Machine Gun Online

On the 15th November 2013 I made a wire transfer using Permanent TSB Open24. Open24 is an online banking service. For those of you who do not know, Permanent TSB is a retail bank that operates in the Republic of Ireland.

Worthy of note is that retail banking in the Republic is characterised by spectacular systems malfunctionsoutages, IT meltdowns and downright thievery.

But that’s ok because the government of Ireland loves banks and they can really do or not do (as is often the case) what they like – without fear of sanction. Oh, and when they lose their shirts gambling with their customers money then the Irish tax payer gets to pay for it. But I digress.

When Kids Try To Be Adults

I first became aware of my international arms purchasing activities when I received a phone call on my cell phone from a private number. I answered and was greeted by a what sounded like a teenage girl who informed me that an intermediary bank, used by Permanent TSB for payments to South East Asia, had sent an email to the bank requesting information about an international payment that I had made a few days previously.

Before describing the contents of the email, the clearly worried banker (worried because she was talking to an international arms dealer who buys his weapons over the open internet (who needs the Dark Web)), stated that I had bought a heavy machine gun and that I had asked that it be mailed to the address of one of our corporate apartments in Dublin, Ireland. As you do.

The intermediary bank was CitiBank in Frankfurt she informed me. They had contacted the Treasury Department and they in turn were dealing directly with the beneficiary bank in Singapore who were the first to flag the transaction.

The email read:

REDACTED REDACTED REDACTED REDACTED REDACTED 

The beneficiary Bank sent the below SWIFT message to our treasury department via CitiBank:

WE HAVE BEEN INFORMED THAT THE BENEFICIARY BANK IS UNABLE TO APPLY THIS PAYMENT AND STATES:

  1. PLEASE CONTACT REMITTER TO OBTAIN BELOW.
    1. WHAT DOES TMG REFER TO PER F70?
    2. WHAT DOES IT STAND FOR?
    3. WHAT IS ITS FULL FORM?
    4. IF IT REFERS TO AN ORGANIZATION, PLS OBTAIN THE FOLLOWING:
      1. FULL NAME.
      2. FULL PHYSICAL ADDRESS AND COUNTRY OF LOCATION.

I trust the above is in order.

Kind Regards,

REDACTED REDACTED

She informed me that the Bank could not facilitate international arms purchases and that law enforcement had been informed including the local police station to the bank branch from which my transaction emanated, the Organised Crime Unit, and of course Security & Intelligence. The latter is the central point of contact for An Garda Síochána with all external agencies – both law enforcement and security/intelligence – with regard to international cooperation in the fight against terrorism and organised crime.

The Very Boring Reality

The transfer that caused this international “counter-terrorism / counter organised crime” flurry of activity between one local bank, two international banks and law enforcement in three countries was made by me to an organisation called SERVCORP.

SERVCORP is a company in SINGAPORE that provide a telephone answering service for my company TMG Corporate Services. The actual mandate for the transfer had been set up months previously by Permanent TSB themselves at the request of TMG Corporate Services Accounts Department. The same payment had been made on several previous occasions.

The transfer they said was for the purchase of an automatic weapon namely a BROWNING M2 Machine Gun TMG F70.

And how had they come to this conclusion? Well, simply because the reference on the payment was TMGF70. The reference was TMGF70 because that was the reference used by SERVCORP on the invoice that they had issued for that months services.

“TMG” being an acronym for The Mediator Group and F70 some internal reference for SERVCORP.

The Browning M2

The Browning M2 is a chain-fed, air-cooled heavy machine gun (TMG) in caliber 12.70 x 99 mm NATO , produced by the American manufacturer Browning at the end of World War II. The rifle has a maximum range of 7,500 meters and an effective range of 1,800 meters and can use different types of ammunition: full sharp, armor, armor fire and tracer.

Here I am proudly modelling a “Ma Deuce” I managed to buy in the duty free shop at Heathrow Airport.

Ma Deuce

Bargain Hunter

What was even more impressive about my purchase was that I acquired this impressive weapon for SGD$70 or EUR€45.25 at todays spot rate on XE.COM.

ENDS

 

Mass Surveillance & The Oxford Comma Analogy

Acknowledgments, Contributions & References: This blog post was written in collaboration with and using contributions from Mr. Dean Webb (find Dean’s profile on PeerLyst). The clever and insightful bits are all Dean, the space fillers and punctuation are mine – except the “Oxford Comma” analogy, which even though it is lifted from @Grammarly on Twitter, is mine – and I like it (a lot). Enjoy.

Who Do We Like, Who Do We Dislike (Today)

Wearable tech is on its way, for surveillance during times when one is away from the vidscreen. But we need this stuff in order to protect against Eurasia. We have always been at war with Eurasia. We will always be at war with Eurasia until 20 January, at noon. Then we will always have been at war with Eastasia. And then we will need all this stuff to protect against Eastasia.

On a more serious note, anonymity has been dead for quite some time. As an example, about 10 years ago Dean Webb was running a web forum for students involved in an academic competition.

He and other teachers had volunteered to be admins for the board. They had a student that began to harass others on the board and post some highly inappropriate material. They banned his account, and he would connect again with another account.

So, Dean took down the IP addresses he’d used for his accounts and did a quick lookup on their ownership. They were at a certain university, so he contacted that university with the information and the times of access and they were able to determine which student was involved.

He was told to stop posting, or face discipline at the university. That got him to stop.

Simple Methods, Complex Implications

The point is, that IP address and timestamp for most people is going to be what gets them in the end. They don’t know what a VPN is from a hole in the ground, let alone what a TOR node is.

At best, most of them will use a browser in anonymous / incognito mode, without realising that cookies are still retained and updated, credit card transactions remain on the record, and ISPs will still retain IP address information with timestamps.

It could be argued that a Layer 2 hijacking of someone else’s line is the way to go anonymously, but that involves a physical alteration of someone’s gear, and that means physical evidence, which is very difficult to erase completely.

Even if anonymity is not completely dead (mostly dead, perhaps?), it is certainly outside the reach of most people because they lack general IT knowledge about the basics of the Internet.

I (Graham) was met with the following comment when I posted a tweet some time before Xmas 2016 about Identity Theft:

“despite the hysteria the theft of most peoples personal information is / will be inconsequential”

The use of the word “inconsequential” by the commenter on my post reminded me of the hilarious Doctor Evil therapy session monologue in the Austin Powers movie when Doctor Evil stated, when asked about his life, that “the details of my life are quite inconsequential”. But 60 seconds of monologue later it was quite clear that they were far from “inconsequential” – it is a matter of perspective as to what is and what is not. That is the problem. And that is the potential worry.

Threat Awareness & Counter Measures

The vast majority of people and their browsing habits are innocuous. The point though that the comment misses and which is the point that Dean makes in his comments about the average John Q. Citizen’s awareness of the threats and the countermeasures available is that the public in general has moved their private communications on to a platform where they do not understand the implications of the ability of externals to eavesdrop or to store and reference data at a future point.

There was a blog post I (Graham) made some time ago about the risk of “profiling” and of “false positives” and the threat that they posed especially with respect to miscarriages of justice. (See “The Sword of Islam” story below)

The point is not whether “the theft of most peoples personal information is / will be inconsequential” or the storage of most peoples browsing history or contacts with other parties is / will be inconsequential or not – the point is that it can be made to look very different to what was actually happening originally.

Like a misquoted partial comment in a newspaper article – actions taken out of context can look very different.

The Oxford Comma Analogy

Recently I posted a tweet about the Oxford comma and it does indirectly inform the point that I am trying to make here:

Excerpt begins from Grammarly

“Unless you’re writing for a particular publication or drafting an essay for school, whether or not you use the Oxford comma is generally up to you. However, omitting it can sometimes cause some strange misunderstandings.

“I love my parents, Lady Gaga and Humpty Dumpty.”

Without the Oxford comma, the sentence above could be interpreted as stating that you love your parents, and your parents are Lady Gaga and Humpty Dumpty. Here’s the same sentence with the Oxford comma:

“I love my parents, Lady Gaga, and Humpty Dumpty.”

Those who oppose the Oxford comma argue that rephrasing an already unclear sentence can solve the same problems that using the Oxford comma does. For example:

“I love my parents, Lady Gaga and Humpty Dumpty.”

could be rewritten as:

“I love Lady Gaga, Humpty Dumpty and my parents.”

Excerpt Ends

The analogy serves to demonstrate one of the main concerns of mass surveillance and mass retention of user data. People are now being profiled and tracked and their behaviours stored and analysed and they do not know why or by whom or for what purpose – they barely understand how to use a browser.

In the wrong hands that potentially makes them cannon fodder. Accuse me of being alarmist and dramatic – fair enough – so did everyone four years ago when I wrote about mass immigration as a weapon, the rise of radical Islam and the dangers of the USA supporting a sectarian Shi’a government in Baghdad, the marginalisation of Sunnis and the Ba’ath party, the randomness of the Arab Spring, the threat of Libya turning into a terrorist haven and so on.

The point is people ignore these developments at their peril but you may as well be talking to a concrete block. You can make all the compelling philosophical points that you like to someone but if they do not have the capacity to understand them then you are wasting your time.

And most of our politicians fall into that category.

Mass Profiling, Mass Surveillance Will Be Inconsequential Until It Isn’t

Dean once met a man named Saifal Islam. He has a devil of a time getting on an airplane because a terror group has the same name – “Sword of Islam”.

He is constantly explaining that the man (him) isn’t the group (them) and that he’s had his name longer than they’ve had theirs. That, yes, the group (them) should be banned from getting on airplanes, but that, no, the man (him) should be allowed on the plane.

Hell of a false positive, and that’s not the only one. Mismatches on felon voting lists, warrants served to the wrong address for no-knock police invasions, people told that they can’t renew driver’s licenses because they’re dead, the list goes on.

Be happy in the knowledge though that your data is apparently “inconsequential” and this privacy debate and the growing intrusion on your personal life is all “hysterical” alarmism.

You can use that statement when you are in the dock defending your very own hysterical “false positive” – no charge.

The next post will be “KarmaWare & Thieves of Thoughts” again in collaboration with Mr. Dean Webb.

ENDS

Is the Metadata Based US Drone Program, State Sponsored Terrorism?

Yes it is. By the rules of international law an intervention on foreign soil is an act of war. If there is not a declared war between the two countries then it is a unilateral decision to attack another without the “correct” mandate. In any other case that is referred to as “terrorism” when carried out by a proscribed organization or a nation.

CIA and NSA Michael Hayden

Former CIA and NSA Director, Michael Hayden

Over 3000 Pakistanis have been killed in US drone strikes targeting a few dozen or so “known” terrorists. Obama has been under heavy scrutiny for authorizing drone campaigns that result in gross mistakes, killing a great number of innocent people while targeting “confirmed terrorists.”

Since 2004, there have been 401 US drone strikes in Afghanistan, alone, killing 3,058 people total. In Pakistan, hundreds, including children, have died in pursuit of a mere two dozen declared terrorists.

In 2014, the former director of both the CIA and NSA, Michael Hayden, proudly claimed they “kill people based on metadata”, using drones – but not the right people in most cases and the source of the information used to determine the “terrorist” classification has been shown to be hopelessly flawed via an NSA program named SKYNET.

The war on extremists is acceptable – the “collateral” casualties as they are called – which demonstrates the lack of value placed on innocent lives – is terrorism – pure and simple.

About SKYNET

SKYNET is a program by the U.S. National Security Agency that performs machine learning analysis on communications data to extract information about possible terror suspects. The tool is used to identify targets, such as al-Qaeda couriers, who move between GSM cellular networks. These couriers often swap SIM cards within phones that have the same ESN, MEID or IMEI number.

The tool uses classification techniques like random forest analysis. Because the data set includes a very large proportion of true negatives and a small training set, there is a risk of overfitting.

Bruce Schneier argues that a false positive rate of 0.008% would be low for commercial applications where “if Google makes a mistake, people see an ad for a car they don’t want to buy” but “if the government makes a mistake, they kill innocents.”

The SKYNET project was linked with drone systems, thus creating the potential for false-positives to lead to deaths.

Al-Jazeera’s bureau chief in Islamabad, Ahmad Zaidan, was wrongly identified as the most probable member of al-Qaeda and the Muslim Brotherhood on their records. Despite the fact it is improbable to be a member of both groups, he is also widely and publicly known for traveling to meet with radical groups, but was instead identified due to mobile phone surveillance placing him in rural locations.

This has been seen to show the failing of the system, as it has misidentified a journalist conducting legitimate, public business as a potential terrorist, whilst also harming freedom of the press and breaking US law on surveillance of journalists.

Source: SKYNET – Wiki