Normal

One of the government contractors slurping up our tax money has a slick idea for how the Department of Defense can spot the next Bradley Manning before that yet-to-be-discovered individual steals classified information and makes it public. [1]

This is the mission:

…blue-sky research firm Darpa asked software engineers to design a system to sift through Defense Department e-mail, web and network usage for “anomalous missions” indicating that a user might intend to siphon sensitive information to unauthorized entities. The program is called CINDER, short for the Cyber Insider Threat Program.[2]

According to Wired, HBGary claims it can create the necessary software.

Data will be collected on employees while they work. This data will include what they do, where they go on the internal network and the internet, how and what they type, mouse movements, etc. Computer webcams trained on employees could be used to get snapshots and video. A lot of data would be accumulated and used to determine what is “normal”. Employees who deviate from Normal in particular ways would be flagged as potential Bradley Mannings.

HBGary’s proposal acknowledges: The only way to judge anomalous user behavior is to create a model for normal behavior; that in turn requires mapping normal behavior for the median user — which in the Defense Department’s case is millions of people.[3]

Got that?

Now, if you think this project is credible, that it makes sense, on any level, in any way, you need to think about it a little longer. Thirty seconds should be sufficient.

Pause here to think…

Now you get it, right?

And you didn’t need the whole 30 seconds, did you? A regular snake-oil scam if there ever was one. But of course, DARPA put out an RFP that said, in essence, “Please submit snake-oil scams…”

Snake-oil scams are entertaining for everyone in the audience who has paused to think for a few seconds.

I like this bit:

The only way to judge anomalous user behavior is to create a model for normal behavior…[4]

Let’s work on that, come up with a couple of situations where we can identify “normal behavior”.

Here’s one: Picture yourself as a striking, 20-something blonde female US Army master sergeant employed by the Department of Defense. You know the webcam built into your computer monitor may at any time (or all the time) be taking close-up still shots or video of you while you work. Is it normal or abnormal for you to put a Post-it note or piece of chewing gum over the camera?

Normal, of course. In fact, it’s normal for everyone to put a Post-it note over the camera, simply because people don’t like being spied on and photographed at close range without their permission. Of course, every now and then a smart aleck will take off the Post-it to make a rude gesture, stick his tongue out at the camera, or to pose for a few seconds wearing mirror shades and a Bedoin-style turban.

Smart aleck behavior at some level is normal, and the HBGary software would have the intelligence to treat it as normal. [5]

But that’s an easy one. Let’s try something a little tougher.

You’re still a DOD employee, male or female, age is irrelevant. Would it be normal or abnormal for you to start your day by typing “Bradley Manning for President”, or “a republic, if you can keep it”, or the NSA couch potato joke-of-the-day …with nothing but a black DOS box in focus? Nothing saved; nothing sent; just private keystrokes.

That behavior wouldn’t be average, but remember, what this cool Bradley Manning detection software must do is figure out what “Normal” is in such a way that an employee’s deviation from “Normal” isn’t just any deviation, but a particular kind of deviation — a deviation that indicates that person intends to steal and misuse confidential information.

In any sizable group of Americans it will be absolutely normal to find one or two, or several, who are passionately American. They are wary of government power, they believe the 4th Amendment was written because it really does happen that jerks get into government, and they detest unwarranted government invasions into the lives of free citizens. They strenuously object to government lawlessness, incompetence, corruption and stupidity.

Again, in a normal group of Americans, there will be a few passionate Americans — Americans who take their citizenship seriously.

So, out of, say, ten thousand DOD employees, it will be perfectly normal for some number of them to occasionally type unsaved, unsent messages on their keyboards — if they think they are being  studied for deviations from Normal — because they take the view that the only way those messages can be read is if the reader is an anti-American (domestic) enemy of the Constitution, and they like to send taunting, insulting messages to enemies of the Constitution and enemies of America.

“Wikileaks Rocks! (for your eyes only, Stooge)”

It’s perfectly normal for a group to have a few indiduals of that sort.

Now, switch roles: You’re the tax-money-slurping contractor. You’ve collected a ton of data on ten thousand DOD employees. Those employees know you’ve been watching them, testing whether or not they are Normal, collecting and saving data — keystrokes, mouseclicks, video, still shots, whatever — in order to analyze them in detail, as individuals who may or may not be Normal. Out of that ten thousand DOD employees, not one person, not a single American, has ever typed “Bradley Manning for President” or some such provocative thing into a DOS window.

Now you’ve really got a problem.

A normal group of ten thousand Americans should include a few history-conscious, passionate Americans with enough courage to resist, at least quietly, a spirit of anti-American stupidity.

Here you’ve got a group of ten thousand Americans that is not Normal.

What will you do with that group?

PB

[1] At the time of this writing, Bradley Manning is accused; he has not been convicted of any crime. Regrettably, in this period of American history, it is possible for an accused-but-not-convicted individual to be cruelly mistreated if he has the misfortune to be held by the Department of Defense.

[2] Wired. “‘Paranoia Meter’ Is HBGary’s Plot to Find the Pentagon’s Next WikiLeaker”. Spencer Ackerman. http://www.wired.com/dangerroom/2011/04/paranoia-meter-hbgarys-plot-to-find-the-next-pentagon-wikileaker/

[3] Ibid.

[4] Ibid.

[5] And snake oil is known to cure cancer.

Advertisements

About pmbarry

One of these days a man's gonna walk up to you with a shoe on one foot and a boot on the other, and he's gonna tell you 'bout things you ain't never heard of.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s