How to run your own NSA spy program
The U.S. government takes a big data approach to intelligence gathering. And so can you!
Computerworld - Everybody's talking about PRISM, the U.S. government's electronic surveillance program.
We don't know all the details about PRISM (also called US-984XN). But we learned enough from a badly designed PowerPoint presentation leaked by NSA contractor Edward Snowden to feel outraged by its reach and audacity.
In a nutshell, PRISM (and related telephone surveillance programs) take a big data approach to spying on foreign terrorists using American servers.
PRISM and related programs may harvest metadata of every phone call, every email, every Internet search, every Facebook post -- everything -- and use algorithmic filtering to find suspicious communication. Once they've found it, they can get a warrant to listen to the actual phone calls and read the actual email to find clues that enable authorities to stop terrorist attacks before they happen. (You know, Minority Report-style precrime.)
Metadata is not the content of the phone call or email, but the information about them: Who contacted whom, when, from where and for how long.
PRISM inspires shock and awe. But if you set aside the shock part -- the privacy and constitutional implications -- you realize the awe component is worth exploring.
The PRISM approach is this: Cast the widest possible information net, then use machine intelligence to serve up just the needles without the haystack.
PRISM works. It gets government snoops what they're looking for. And if it works for the NSA, it can work for you, too.
In fact, the ideas behind PRISM are built into a wide variety of tools available to everybody.
So here's how to run your own private PRISM program:
1. Capture massive amounts of data
One of the NSA's goals is to record the metadata on every phone call and email.
Obviously, no human personally reads all that data. But it's copied and stored anyway for searching later.
You can take the same approach. One easy way is to use integrated Google services together.
Google also offers an Alerts service that searches the Internet and mails you the results. Most people set up only the number of Alerts that they can read. But that's not the NSA way.
The PRISM approach would be to harvest far more Google Alerts than any human could possible process, then use Gmail filters to automatically skip the inbox and send them straight to a specially created folder within Gmail. You can set up new Alerts every day each time you think of an area of interest. These can include people you know, companies to watch, ideas to keep up with.
Alerts won't send you the data (the story), but the metadata (information about the story, plus the link). One advantage of this approach is that if a site is deleted, making it vanish also from Google Search, you'll still have a record of it with enough metadata to pursue leads.
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!