-------- Original Message -------- Subject: Re: [Politech] CIA funded study to spy on chat rooms [priv] Date: Mon, 29 Nov 2004 09:19:33 -0800 From: Ross Stapleton-Gray <ross@stapleton-gray.com> To: Declan McCullagh <declan@private>, politech@private CC: david Farber <dfarber@private> References: <41AACA1F.5040806@private> At 11:05 PM 11/28/2004, Declan McCullagh wrote: >http://news.com.com/2100-7348_3-5466140.html > >Security officials to spy on chat rooms >Published: November 24, 2004, 10:28 AM PST > >The CIA is quietly funding federal research into surveillance of Internet >chat rooms as part of an effort to identify possible terrorists, newly >released documents reveal. > >In April 2003, the CIA agreed to fund a series of research projects that >the documents indicate were intended to create "new capabilities to combat >terrorism through advanced technology." One of those projects is research >at the Rensselaer Polytechnic Institute in Troy, N.Y., devoted to >automated monitoring and profiling of the behavior of chat-room users. Not to pick a nit, but funding research on tools doesn't guarantee that *they* (the CIA, here) will use them; it could be that the CIA is concerned that law enforcement needs tools that they (law enforcement) can't/won't afford. Stranger things have happened... I saw an NSF grant go by earlier this year that seemed to be aimed at buying an NSF IT security person's time on behalf of the (abysmally insecure) Department of Interior (where there've been several court-directed shutdowns of the Dept's Internet access, because of lax security in the Bureau of Indian Affairs). A couple more comments... firstly, whatever the stated purpose of the grant, the CIA could have a use for such tools *internally*. As we may or may not recall, the "CIA chat room incident," from 2000, involved Agency employees communicating "inappropriately" on CIA computers and networks: http://www.washingtonpost.com/ac2/wp-dyn/A64444-2000Nov11 I was a CIA employee during some of the period of concern, and knew many of those affected in the subsequent crackdown (I left the Agency in October 1994). Robert Steele's comments in that article are on the mark... these were bright people, who were, at worst, involved in the electronic equivalent of chatting around the virtual watercooler about their pointy-haired bosses. Be that as it may, organizations will want appropriate tools to detect and alarm on abuses of corporate resources; arguably, a national security agency entrusted with the most-classified secrets will be more paranoid than most. Secondly, there are a variety of federal sources for research grants on issues of interest to the Intelligence Community, including unclassified grants. In addition to this (perhaps anomalous) NSF source, agencies would include DARPA (of course); ARDA (http://www.ic-arda.org), whose web site could be more current, but which does fund some rather far-thinking, innovative "thrusts;" the DOD more generally; and the National Geospatial-Intelligence Agency (NGA, formerly NIMA), which is alone among the Intelligence Community agencies in availing itself of the Small Business Innovative Research (SBIR) program, making small (six month, $100K) awards for speculative research, largely on issues around visualization (and not just geospatial imagery). There is also In-Q-Tel (http://www.in-q-tel.org), though their focus is later-stage R&D, i.e., investible small companies focused on technologies of potential interest to the CIA and IC, but ultimately intended to be self-sufficient in larger markets. Ross ----- Ross Stapleton-Gray, Ph.D., CISSP Stapleton-Gray & Associates, Inc. http://www.stapleton-gray.com _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Thu Dec 02 2004 - 23:06:04 PST