Posted tagged ‘dnios’

Opening Statements for Day 2

September 12, 2008

Sabra Horne opens the session. SHe introduces Barbara Alexander, the Director of Collection for the Department of Homeland Security. She introduces Charlie Allan, Undersecretary of DHS and gives a short bio as well as someof his achievements and accolades.

Mr. Allen thanks the members of the IC, notably the DNI and OSC, for their help with DHS’ open source effort. He mentions that open source has always been important for the United States. Describes ways in which open source has been described in the community. He describes his past as an analyst and how he relied on only open sources and his knowledge of his area of concern. He underlines that open source is the source of first resort. Threats and breaking crises? Yes, they call their friends who have classified information but they also find out what is out in open source – what is in the press? They validate classified sources with open source. They check what is happening in the press; evaluate it but they always turn to open sources.

DHS has a responsibility to provide open source intelligence to their constituencies: the policy makers, state and local authorities and the private sector. DHS serves as the tip of the spear for homeland defense. Our audience rarely has clearances. That goal is not to produce a new stove pipe but to augment the classified intelligence.

In 2007, the DHS Open Source Enterprise was created and the new DHS strategic Vision is available at the conference. He highlights the strategic vision goals and vision.

DHS has a 2-day training program that goes out to Fusion Centers, DHS analysts and to component offices. He also highlights online training modules (available at the kiosks today) and has created a DHS website on the DNI-U network. He emphasizes sharing not only with federal partners but with partners outside the community. He intends to create an Open Source Portal for information sharing for communities of interest. They are establishing an Open Source Governing project and are active in the Open Source Steering Community. They partner with the Open Source Center.

We live in a new world, the new world order is very different and we need to work differently in order to deal with this. He thinks we are beginning to transform.

Next up is Richard Willing, Public Affairs for the DNI. Last year he was a reporter covering this event for USAToday. He discusses the vast amount of identifiers that are now online, including genetic profiles of people, communications, etc. He compares trying to track information before and after the internet and how anything online stays online, even if deleted. He mentions the laws and regulations that the community operates under that protect privacy of US citizens, including FISA and EO12333. He announces the panel:

* Jeff Jonas (IBM)

* Alex Joel (ODNI)

* Johnathon Zittrain (via satellite) (Harvard Law School)

* Moderator: David Shedd (ODNI)

Shedd opens with framework: privacy as it involves the handling of open source.

Joel: Even though information is public, it doesn’t mean there aren’t privacy issues with it. Describes EO 1233 and the newest revision. He identifies who is protected through EO 12333 and what types of information can be gathered and held. Identifies what is and what is not open source and how some activities cross the lines into other intelligence activities (such as electronic surveillance of conversations.

Shedd: asks Zittrain how we can use technology to protect privacy?

Zittrain: Agrees on the premise that open source has been seen as the “little sister” and not as sexy as classified means. The reasons? Perhaps it is seen as too easy. That surfing the web all day may not seem like hard enough work to gain the insights. But it is more than reading newspapers and surfing the web. Technology can take what looks like harmless data and crunch the numbers and figure out valuable intelligence. He discusses crowdsourcing – allowing the public to help the Intelligence Community help.

Shedd: asks Jonas same question.

Jonas: Says one of the problems is that neglecting to correlate open source with other data is a mistake. Open Source will co-mingle with other data (datalogs, etc). Tethered data- if data changes somewhere in the chain, it needs to be able to change everywhere so all users of that data have newest info.

Shedd: Where do you think technology is going?

Zittrain: Mentions police case where police used infra-red guns to find contraband in someone’s house and the defendant said it was a privacy issue. Ruling was that when the technology is widely available, it would be legal but since the infra-red gun was not yet available at the local Radio Shack and so they would need a warrant. But when the technology becomes widely available it would be ridiculous to restrict the police from this activity. Same for open source. He talks about location services (find friends nearby) and reputation services (how people rated you) and how people use them but the thought of the government using them is somewhat creepy. He mentions facial-recognition software that may identify you as a bystander in a tourists photo and tags you on the internet. Is this all open source? This is a question we need to ask ourselves before we are in the world.

Jonas: Mentions ACLU “How many minutes to midnight” doomsday clock to a total surveillance society. He says consumers are doing this to themselves. Consumers are driving the available data.

Joel: The open source disciplines are developing across the community and it is being treated as a disciple and that it is not something that can be taken lightly. Implications on the rights of Americans must be understood. Actions taken on that information must also be taken into account. Privacy enhancing technologies are being developed. Technology poses a unique challenge; we have to remember what the definition of publicly available information and distinguish it from surveillance. Directing against a single person could be considered surveillance. Everything must be related to an authorized mission.

Jonas: The scale of publicly available info goes from phone numbers to property ownership to what you paid for your house. What people want is: avoid consumer surprise. But if you want to catch a bad guy in the act, you need to observe what he didn’t mean for you to observe. And that causes a problem.

Zittrain: Brings up the constraints of public service that are not on the private sector.Discusses possibility of looking into people’s computers (cyberlaw perspective) without compromising privacy.

Joel: That would be beyond open source and you would need a warrant. Can this be devised while also be protecting privacy concerns? Technology can offer solutions.

Jonas: There can be a deeper conversation between technologists, public officials and those in the privacy community. Throws around a few acronyms (I thought he was outside the community!).

Zittrain: Is one of the founders of the OpenNet Initiative to discover the effects of filtering on the internet. Gives example of the Chinese “Great Firewall” where they tried to identify what is and is not blocked. They solicit the public at large to see what they can and cannot get. They can make a map of what is filtered around the world.

Joel: Discusses what would be improper collection. Again mentions surveillance and targetting individuals. Mentions making sure that the action is related to the mission. Hacking is not considered publicly available. Not that agencies cannot access that information lawfully but that it would not be open source. The restriction that apply to US persons and activities do not apply to non-US persons, although there may be restrictions based on agreements with foreign partners or internationally recognized laws. You can also not do something through someone else that you cannot legally do yourself as directed through EO 12333.

Zittrain: What was innocuous would be a problem if it was being used for the wrong purpose. Cautionary thing: the line between passive collection is starting to blend with participation. Participating in a public message board – the minute you click enter and send you are engaging in some activity may cross the line as to whether you need to identify yourself as working for an intelligence agency to any US persons.

Jonas: Data is going to be comingled in the network cload and it will be pushed to users as information that they may need to know. Social networks will provide more precise services as people try to streamline their lives.

Zittrain: Generation of digital-natives who are very good at this technology and they have different ideas as to what is privacy and that this would be a good time to start getting these people through the ranks. This is where the advances can take place.

Joel: Technology is advancing at an exponential rate but human nature is immutable. There are important restrictions and analysts need to know those restrictions to know how to do their jobs effectively.

Shedd: A lot of challenges and a lot of opportunities.


Operationalizing Open Source for Homeland Security

September 11, 2008

Sitting in the panel run by the Department of Homeland Security. DHS Open Source Lead, Tyler Foulkes, leads the conversation. In 2007 DHS required to build relationships with the State Fusion Centers and train the Fusuin Centers. Undersecretary Charlie Allen at DHS understood that intelligence happens in other places than the IC. They needed to find out what the state, local and tribal leaders need to complete their missions. Training for the Fusion Centers (from DHS) goes out to the centers, they don’t force the Fusion Centers to come to them. Notes the DHS Strategic Open Source Vision booklet (released today). Protecting rights and keeping balance on privacy is key and on their minds at all time.

Next up is Jack Showalter for CENTRA Technology Inc, speaks on training the analysts and not the IT staff on the technical aspects of research on today’s web. Adhoc vs standing requirements and how to use different technologies for each part of the mission.

First major theme: adhoc requirements. Obvious technology is search (search engines). To go beyond google, training on how the search engine works so the analysts know what they are getting and what they are missing. They need to know the periodicy of search engines and how the search engine gets it and why moving beyong Google and using any search engine effectively is so important.

Going from advanced syntax search on Google to clustering search engines (like Demos other clustering search engines with visualization like DIfferent analysts think differently and can get results tailored to their style.

Concept of verticle search is introduced. Shows Highbeam Research, Infomine, the NOAA National Weather Service and Search Medica.

Discusses and the need to pay attention to new resources to keep an eye out for the “next big thing” – whether they succeed or not.Looking to the horizon for emerging resources, like (natural language processing – semantic indexing). Mentions twitter (just as I send a tweet…). And twitter trends – get the news about disasters or events from locals on the twitter trends before the press gets it out (

Goes into the importance of directories when exploring topics. Mentions and Notes the importance of noting the business process of the directories (ie. volunteer or professional maintainence).

Discusses the deep web: what it is and how to tackle it.

Different needs to meet “standing requirements” – repetitious and mechanical searches should be automated. Identify important -vs- urgent taskings. Addresses time consuming nature of standing requirements and that adhoc requirements often push the standing reqs out of the picture. Obvious first strategy: RSS. Not only RSS feeds, but filtered RSS (shows as an example).

Highlights distributuion channels for open source and shows Deborah Osborne’s crime analysis podcast on blogtalkradio.This can be a method of professional development.

Highlights the need for open source professionals to be on the watch for new technologies and resources.


Q: have you found a way to search podcast for content?

A: currently we haven’t found a way to search podcast effectively.

Q: what are different research methods you teach analysts?

A: Originally analytic techniques were taught but some were cut due to time constraints. Time management and research planning are taught. The end goal is to make sure that after the research there is time for analysis. This is the first wave of classes but as the program continues, more techniques and further topics will be explored and trained.

Q: Comment: as far as searching podcasts – and

A: Fantastic, we will explore that.

Q: Are you targeting media outside of the internet?

A: major block of training is on non-internet open source.

Q: FeedRinse, is that client or server based? Have you discovered any attempts to give you misinformation?

A: Server based. Another major block in the training is focused on evaluating sources, misinformation and disinformation.

Q: Concerns about much of internet going through the US.

A: Particularly with ref to IPV6, the next version, the US will not be the belly button of the internet. We discuss assessing the credibility of sources used, but we don’t go into the weeds of the technicality of the internet and we cover the basics before delving into deep waters.

Q: Software applied to do trends and word counts (note: memes)

A: Discussions on memes and conversation tracking through the blogosphere. Tag clouds, etc.

Q: Comment: Traffic diverted through foreign servers is more of an issue for covert operations and not for open sources.

Q: How are you addressing operational security?

A: we describe web visibility and basics of IP statistics. We demostrate what the systems are showing when they visit a website and how to use basic opsec to counter these weeknesses.