A Word on Metadata

Collect and store ALL THE DATA/SIGNALS!

With all of this NSA stuff going on recently, it may be a bit much to take in all at once. Let's take a moment and go way back to the week before PRISM broke. Let's go back to the Verizon story. Verizon was told to give the NSA "Metadata" of all the call records anyone made.



The NSA isn't the only agency that does this, they just do it without a warrant, which is totally lame. (If you think it's lame as well, you should donate to the EFF) Even though you don't have the meat and potata's of the phone calls, you can definitely figure out quite a bit with just metadata. Take a look at this entry in Sun Tzu's Art of War:

23. When there is dust rising in a high column, it is the sign of chariots advancing; when the dust is low, but spread over a wide area, it betokens the approach of infantry. When it branches out in different directions, it shows that parties have been sent to collect firewood. A few clouds of dust moving to and fro signify that the army is encamping.

It's a good read, unless you are an Old Squirrelly Security Guy

This particular entry talks about analyzing your enemy's movement to figure out what exactly they are doing. If you see enemy soldiers moving out in all directions, they are fanning out to find supplies, if they are spread out, but moving in a single direction, they are most likely readying for attack. That is quite a bit of info from just watching the enemy from a hilltop far away.

Lovely apartment

Now, let's put this into modern terms with cell phone communication. Say you don't have the audio of a call made, but you have the GPS data, call duration, and who it was to. If I received many short calls from various numbers, and my GPS showed me moving from one central location to a location of one of the calls, you may assume that I was a drug dealer, visiting the stash house before seeing my client. That's with no identities involved, not even the location of a stash house, but it is implied.

I think I grabbed the wrong logo, oh well.

Now let's say you know someone is affiliated with a terrorist organization such as Al-Qaeda or PETA. For a few months, you track the phone metadata. Nothing out of the ordinary appears at first, but suddenly, you see MUCH more phone calls to and from the phone you are tracking. It would appear as if something has drastically changed, possibly leading to a strike or protest. You would then be able to use the GPS data to track and locate the suspects and stop something bad from happening.

Hey look! Dell Latitudes!

These examples use GPS data to track someone. What if you didn't have the GPS data? Just the data that tells you when you called, and how long? Easy. Long conversations elude to planning, and short eludes to execution. Say a drug dealer was planning a large drug movement (I know, I have a drug addi...um...fascination). If the DEA or FBI or whatever sat on the metadata of the alleged dealer, you might be able to tell when a big deal was going down. You would possibly start with a few longer phone calls detailing the deal. Then, as the deal approached, you would be able to see the call rate go up, but the length of the calls go down. This is because you are just hashing out (ha) minor details of the deal as well as contact your partners making sure they knew when and where the deal was going down. You don't want to disseminate this info too early, as these people tend to rat on each other. (As pointed out in The Departed)

Metadata: it's still leaky data.