The rabbi at one of the synagogues told the Journal that its website had been visited dozens of times recently by individuals located in Egypt. The episode underscores how crucial it is that U.S. intelligence be able to eavesdrop on email and phone conversations between people abroad and in the U.S., and in real time without having to wait for a warrant.
This is from an Opinion piece in the Wall Street Journal (October 31, 2010), “Hallmarks of al Qaeda,” which was published after the failed parcel bomb attacks on cargo planes.
Is it assumed that I will draw a conclusion from the fact that the website of one of the synagogues targeted has been “visited dozens of times recently by individuals located in Egypt”? Am I supposed to think, “…must have been terrorists, casing the joint” — and then congratulate myself on being a regular Sherlock Holmes?
Frankly, without context, I don’t know what to make of that information. It might be an interesting data point, but to know whether or not it’s interesting, we need more.
Note: “dozens of times” is not an exact number; “recently” is not a precise time frame.
In a typical week, looked at over the last 5 years, how many hits to the website come from Egypt? Was there a sudden jump in the number of hits from Egypt recently? In the past, have there been jumps in the number of hits from Egypt that didn’t correlate with a parcel bomb attack, or is this completely unique? How does the number of hits compare to other synagogues, or to other entities, like churches or mosques?
“Visited dozens of times” — are these unique visitors, or http requests? It’s important to know what is being counted. A single unique visitor to a single page might generate dozens of http requests in the log, depending on how the page is built.
The drift of reporting has been that these parcel bombs came from Yemen. What is the significance of Egypt in this context? Is it just that Egypt is, to a geographically illiterate readership, “over there” where Yemen is? They aren’t in the same timezone, but it is probably less than 2,000 miles from Sana’a to Cairo, so I suppose you could say they are close, like Poland and Wales are close.
Is it that there are a lot of Muslims — and therefore potentially, a disproportionate number of terrorists — in Egypt? Were there recent visitors to the synagogue website from other places where there there might be terrorists, like Pakistan, or Gaza, or London, or New Jersey… or Chicago?
I presume the Journal editorial writer knows that the source IP of a website hit doesn’t say much about where the person looking at the the web page is sitting. And if that person doesn’t want his physical location known, the source IP says nothing at all, except perhaps that he’s not where the source IP is. Someone in Munich can vpn into a network in Egypt and his web requests, from the point of view of the website, will come from Egypt. And, by the way, are there TOR nodes in Egypt?
My point is that it’s silly for the Journal to throw out one piece that may or may not belong to a thousand-piece puzzle and expect intelligent readers to know whether the completed puzzle is an old man in a boat or the carcass of a leopard on Mount Kilimanjaro. And it is way beyond silly to propose that anything about this event “underscores how crucial it is that U.S. intelligence be able to eavesdrop on email and phone conversations between people abroad and in the U.S., and in real time without having to wait for a warrant.”
Warrants, among other things, prove there’s been some work done to ensure that “a person of interest” might really be up to something — not just that he appears to be in Egypt and browsed to a Chicago website. One reason, in my opinion, that the American 3-letter services want to avoid the warrant process and other controls that protect freedom, is that a large number of their employees are loafers, and protecting freedom while they try to catch bad guys is just too much like work.
Any guesses for what the ratio of false positives to real terrorists would be if U.S. Intelligence was not subject to law that prevents promiscuous snooping? Does anyone believe that promiscuous snooping would make it easier to catch real bad guys, who will, of course, change their comm channels as needed — from satellite phone to bicycle courier, or from in-the-clear email to 256-bit encryption?
U.S. “Intelligence” should just get off its obese government butt, quit whining about how it can’t do anything unless it can snoop on everything everyone is saying, and get to work.