Re: [ISN] FBI Delays Awarding Contract For Computer-System Overhaul

From: InfoSec News (isn@private)
Date: Tue Dec 06 2005 - 22:16:28 PST


Forwarded from: matthew patton <pattonme@private>

> investigations, for example, often "bank records all have to be
> pulled into the case-file system, and some of these cases have 13
> million financial transactions," this person said.

So? It's called a hyper-link and a file of a few MB in size. I could
have a 1000 pieces of evidence each one a tens of GB's in size. Aside
from buying disks, the case management software only needs 1000
records to keep track of it. Data-mining the actual financial records
is a whole different ball of wax. If the FBI can't distinguish between
case management and evidence sleuthing, we've got another train wreck
brewing.

> With a wide variety of investigations, the FBI must be able to
> collect and store information in several different systems -- top
> secret, secret, classified, and sensitive but unclassified -- and
> any given document might contain information that falls into all
> four categories.

Unless I was dozing off in the classification HOWTO class, this one is
easy. Tag the document at the highlest level of classification -
called system high. Oh sure, it would be really nice to have key words
and other data-mining fields available at lower classification levels.
Based on user credentials and profiles (CAC/PKI cards come in handy
for this) the "search" queries could join against the appropriate
classification table. Except last I remember there was a very hard and
fast rule about everybody posessing a TS clearance to work cases so
there was no notion of a multi-level system. There are all kinds of
messy regs that anybody in their right mind would want to steer clear
of. so the only real issue is one of 'visibility' of data elements.
Maybe the FBI et. al. would like to have a SECRET or FOUO meta-data
repository for local law enforcement to look at, but that should be a
totally separate thing. Since before any data can flow downward, it's
gotta get thru a whole process of declassification and that takes some
serious manpower and time.

> Thus, the new system needs strict security controls to prevent
> information from falling into the wrong hands, such as in the case
> of rogue FBI agent Robert Hanssen

I guess the reporter doesn't realize "rogue agents" have TS
clearances. The WHOLE POINT of VCF, er Sentinel is for agents to look
at the material across a wide number of cases and connect dots if they
can. This REQUIRES a fairly open system - sure, some really sensitive
details that need to be closely held, can still be closely held. But
if one adopts the "gotta prevent Hanssen v2.0" attitude you end up
with the current system's 'solution' of restricting case visibility to
narrow geographic region or activity team. That wouldn't really change
anything. No matter how good the case management system, the FBI is
NOT in the business of intelligence but rather police work. Software
isn't going to change that one bit.

For data-mining to work well, the FBI/Justice needs to somehow get out
from under a pile of regs that Congress put into place to prevent the
flow of information. I'm every much a patriot but err considerably on
the side of citizen privacy. The continuing saga of FBI missteps does
nothing to engender trust. and proposed legislation has civil
libertarians up in arms and rightfully so. Yes, we need a degree of
national security and yes that requires information. But beyond a case
management system, the US administration needs to focus on real
problems - like the wide-open borders which we ignore in order to
pander to the hispanic vote, poor aircrew protection, and the muslim
clerics who reside in this country preaching hate, sedition, and
murder. The Australians have got it straight - if you don't want to
live by our customs, under our laws, speak our language, and live in
peace with your neighbors, then clear off! We will happily deport you
and ban you from entering our country again. This is not a matter of
1st Amendment rights. Peaceful disagreement and protest is one thing.
Deliberate inciting of terrorist acts is illegal and has no protection
under the law.

So, I wonder if I can have my job back...



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Tue Dec 06 2005 - 22:36:29 PST