Watching the Watchers: Building a Sousveillance State

Video in TIB AV-Portal: Watching the Watchers: Building a Sousveillance State

Formal Metadata

Watching the Watchers: Building a Sousveillance State
Title of Series
Part Number
Number of Parts
CC Attribution - ShareAlike 3.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date
Production Place

Content Metadata

Subject Area
Secret surveillance programs have metadata too. The same people and companies that operate secret surveillance programs also publish details about their work on the open internet. We can use this data to watch the watchers. “Proficient in Microsoft Word and Xkeyscore” and similar phrases are surprisingly common on LinkedIn profiles. NSA contractors, military, and others involved in the surveillance state post seemingly coded and harmless details about their work in job listings, social media, and other open websites. But this information provides useful metadata that can be used to understand the function of secret programs and map the surveillance state. Transparency Toolkit has been building open source tools to collect and analyze this open source intelligence. This talk discusses how we can use these data sources and tools to build a sousveillance state that holds the surveillance state accountable.
Computer animation Meeting/Interview Lecture/Conference
Point (geometry) Latent heat Interactive television Energy level Functional programming Stationary state Computer programming
Word Process (computing) Lecture/Conference Telecommunication Database
Computer animation
Computer animation Meeting/Interview Family
Laptop Standard deviation Computer animation Lecture/Conference Telecommunication Mathematical analysis Field (computer science)
Word Computer animation Database Software testing Basis <Mathematik> Computer programming
Message passing Computer animation Computer programming Database
Royal Navy Message passing Computer animation Figurate number Office suite Metadata Reading (process)
Facebook Coefficient of determination Process (computing) Computer animation Lecture/Conference Variety (linguistics) Interrupt <Informatik> Amsterdam Ordnance Datum Family Information security
Greatest element Service (economics) Computer animation Resonator Bernoulli number Software testing Mereology Active contour model Position operator
Filter <Stochastik> Ocean current Standard deviation Pattern recognition Set (mathematics) Metadata Biostatistics Wave packet Inclusion map Computer animation Software Lecture/Conference Internetworking Profil (magazine) Freezing
Pattern recognition Touchscreen Computer animation Software Figurate number Rule of inference
Word Arithmetic mean Process (computing) Computer animation Code Personal digital assistant Electronic mailing list Similarity (geometry) Database Solid geometry
Latent heat Uniform resource locator Computer animation Direction (geometry) Pattern language Position operator Computing platform
Process (computing) Computer animation Operator (mathematics) Electronic mailing list Website Descriptive statistics Computing platform
Data management Process (computing) Computer animation Independence (probability theory) Stationary state Descriptive statistics
Computer animation 1 (number)
Process (computing) Computer animation Electronic mailing list System programming
Open source 1 (number)
Web 2.0 Slide rule Server (computing) Computer animation Bit
Computer animation Open source Hypermedia Open set Stationary state Quantum state Computer programming Vector potential
Open source Open set Vulnerability (computing)
Scaling (geometry) Computer animation Demo (music) Lecture/Conference Profil (magazine) Web browser Resultant Front and back ends
Computer animation Lecture/Conference
Process (computing) Computer animation Open source Profil (magazine) Different (Kate Ryan album) Field (computer science) 2 (number)
Web page Area Process (computing) Constraint (mathematics) Computer animation Profil (magazine) Electronic mailing list ACID Descriptive statistics
Lecture/Conference Sheaf (mathematics)
Lecture/Conference Term (mathematics) Ontology Bit
Service (economics) Lecture/Conference Term (mathematics) Limit (category theory) Stationary state Sinc function Twitter
Computer animation Computer file Lecture/Conference Operator (mathematics) Orientation (vector space) Information security Power (physics) Connected space
Word Lecture/Conference Single-precision floating-point format Approximation
Dot product Multiplication Graph (mathematics) 1 (number) Parameter (computer programming) Computer programming Prototype Computer animation Software Visualization (computer graphics) Lecture/Conference Computer programming Position operator
Server (computing) Distribution (mathematics) Computer animation Lecture/Conference Graph (mathematics)
Graph (mathematics) Computer animation Lecture/Conference Multiplication sign Special unitary group Stationary state Twitter
Process (computing) Graph (mathematics) Computer animation Lecture/Conference Term (mathematics) Profil (magazine) Electronic mailing list Sound effect Drop (liquid) Signal processing
Computer animation Open source Lecture/Conference Forcing (mathematics) Computer programming Twitter
Process (computing) Graph (mathematics) Lecture/Conference Multiplication sign Sampling (statistics) Database Descriptive statistics Field (computer science)
Word Uniform resource locator Process (computing) Matching (graph theory) Spherical cap Lecture/Conference Code Different (Kate Ryan album) Multiplication sign Electronic mailing list Mathematical analysis Computer programming
Filter <Stochastik> Noise (electronics) Word Computer animation Lecture/Conference Term (mathematics) Operator (mathematics) Electronic mailing list
Mechanism design Roundness (object) Internet forum Lecture/Conference Quantum state Computer programming
Point (geometry) Computer animation Information Data conversion Computer programming
Noise (electronics) Presentation of a group Lecture/Conference Electronic mailing list
Noise (electronics) Pattern recognition Word Open source Meeting/Interview Augmented reality Open set Cartesian coordinate system Family
Email Integrated development environment Open source Lecture/Conference Profil (magazine) Feedback System programming Quicksort
Service (economics) Meeting/Interview Multiplication sign Selectivity (electronic) Quantum state Information security Number
Pattern recognition Meeting/Interview System programming Family Address space Fingerprint Number
Computer animation Lecture/Conference Meeting/Interview
so if this is the without the
so my name is honesty and I work with transparency talk that and for these are some people watching us and there's a lot of great work of people looking at what intelligence contractors
view and about the function of specific surveillance programs that were intelligent
ECU in interactions between them but no 1 is really look at this that much of an individual level however I think it's important to look at is around state for individual level because institutions are made up of people and when we can understand what people do with institutions why did they do it with the role of you is how they got that point we can get a better understanding of how they function how we can reform them and Buckley it's very easy to find out who is along the surveillance state with just a few simple Google searches the because people need
jobs and so we need a job you need you post about what you can do it and in the intelligence community the necessary skills are things like intercepting communications and using secret surveillance databases and Alex tools so people those things like I know how to use excuse score on along
with I know how to use microsoft word and all these other things so I'd like to introduce
you to a few of the specific people who were watching us today this is the
at the Teatro and he lives in Denver in
this house I and few and he's a pretty normal guy and he has a
wife and kids family uh he joined the
Navy back in 1993 in C A 1 side that's immunity and the others and that's in his last year and maybe he worked in the beaver 20 years just long enough to get a government pension doing intelligence work and then he moved into the private industry where he started working
for Lockheed Martin it's pretty standard career path paired preference his better so we can see from his
skills certain idea of what he does His field include pretty standard signals intelligence things like and 3
and Analyst Notebook and intelligence analysis and electronic
warfare and also includes programs like dish fire right along mundane things like
microsoft word so for get some idea of his workflow chances are there on a daily basis based on whatever the current old disparities were here be selecting targets and putting them into a testing database something like ah cave or a later it's
successor t t and he
would be using that to justify why it hurts foreign and gain approval for once he did that the main database he had access to was this fire
despite there is a program that collects around 194 text messages per day so but the most interesting but thing about this is not the text messages themselves it's the metadata with
the metadata that he could use it to figure
out where people were and from nickel contact chaining this figure out there now so it gets a pretty normal guy who just happens we will to read people's text messages and track them down and find out everyone and they now so now I started the apple the she also German navy and back and 97 er actually left just over your office in is a
family and you the dogs who likes
to wake up in the morning and interrupted naps according to her Facebook the the and
she joined the navy in and 7 worked there
for about 4 years and then as she was a private sector she had a variety of jobs in the private sector creating some involving security
research penetration testing but right now she works furry told contour recalled his advocacy services
bernoulli she works on reviewing resonators of people maybe even some of the same may so I have here but she also the highest stint as a network analysis part of this position you can see at the bottom this is some of the skills and things that she knew had this using
is in our galaxy is a pretty standard set of filters in the sixties Taupin
well and they're not so basically his pn Internet traffic and metadata but she had a particular specialty that
is really interesting and he describes this on a profile training junior analysts in their respective disciplines in in the use of current biometric tools and data to specifically include facial recognition software and facial recognition techniques that is tundra freeze which might recognize from this article so she would is training
people to go and edges of traffic and then usage
recognition software to detect figure of who the work and last person skies
very interesting so only Bernardo he also has a long career in intelligence agency although he doesn't work in the middle of the screen the anymore Indiana and he said working in military intelligence in 1989 a lot of rules
there I think go through all of them but here's 1 presented example with a long list of databases and collection tools in
the use of like multi-cluster Pinwale excuse for similar with intercepting traffic and analyzing it but and there's some that we also don't recognize in this list are like the central which there's a lot of interesting new code words and the data of collected and some of them we can infer some meaning from the names and from the words that are mentioned in the same job thing but some cases can go even further like in solids
next position mentioned that he identified collected and perform direction finding a specific target signals using pattern entries displayed you insects and so this looks like something around you
location data and he mentioned something about their Morency get platform so potentially something this again drones but of bodies to where they haven't found anywhere else pennant is something I've only
seen in job listings resonates but likely the other is amazing right guidance as to what that is exactly so this says that's this is someone else's resonate on entirely different websites and they provide a very helpful description of a pennant races
use access operator were collection platform penetrates that sounds like some drawn to me
so the last is something else interesting about this to do a job descriptions Solomon has and that at the end so he says that he lobbied for independent review of collection manager processes and redefined mission in daily duties and I
find that very interesting combined with the fact that only state in this this is where 2 months after saying the other ones for over a year so after working L 3 he moves on too where the
national unity that are pretty similar role to is L 3 1 this is definitely dealing with
processing us again data from Durán's a handler is a program for
processing idea from Durán's and in this 1 he also stays there only for 2 months and a very interesting about this is because after he does this have released for us goes and the the intelligence
community entirely after working there for 22 years and instead he goes and he works at a used car dealership
as a used car salesman so
it's possible that he got frustrated with some other processes is hard to know but from what I can Delphinus revile that's what it looks like and also be reminded that not necessarily everyone this list is like a bad person who's doing horrible things some people are probably trying to change a system
from within and we don't necessarily know it that
so lots of data out there just openly available on individuals and where are the only ones to use open source intelligence a the and is that more as of since is 1 of the main
intelligence disciplines along with its against collecting tilt into signals in humans collecting intelligence from human sources and so
I was going to make a slide with all of the information available on the could use understands that the individuals online but I realize the anacidity for me so I did that the NSA even has guidance for its
analysts on collecting get online this is 1 of them it's really quite amazing we defined on the and the web server and and so they it was a little bit out of date it suggests using ICQ people search as a wonderful way to find people and I'm not really sure who uses races you still so that's that's your hopeful that would be maybe for
historical data but it's open source intelligence something at the intelligence community or in dollars and increasingly so because
terror has gone social and this is marketing material from a company called 0 Fox that helps the
intelligence community track ISIS via social media so what are you working on this and what we for as secrets have also gone social and I think that open source intelligence is 1 of our biggest assets in understanding secret surveillance programs because it's something that can be shut down and it's something that can be collected in a very decentralized fashion so we have the potential to actually build a surveillance state that's a decentralized check on the surveillance states have basins Open Data it's possible that
some data sources will disappear but I think like security vulnerabilities there will always be more open data sources that we can use to learn about ceramics and some people already use this open data to understand
this real estate and there's a lot of a work of this but most of it has been on a smaller scale and so it can compared to things like what the and they can do the the Azeri has tools later collected all and you go through an examiner led data and we need similar tools to be able to collect open-source intelligence and analyze it but
until now there hasn't been anything really great at scale but now we have some release the start of some
this is a search with about 27 thousand LinkedIn profiles of people in the intelligence community and then transplanted toolkit
made a knows the back end front affected the front-end and that Kevin Gallagher cancer as a result and things I'd like to actually use some demos of this if I can get the browser and working in over
here of the the Christian someone explain and so this is this search of
where ends it's possible
to uh search through say what see anyone who use is uh open Source Intelligence can be tricky and a yeah using soft letters like that uh that you can search the 2nd both all the fields users with this as regards the user-selected like Maynard search the job Taylor inscription of filter by date but it's pretty well takes a few seconds that so these are all
people mention open-source intelligence the profiles and it's also possible to filter by different things like the company they work at her where they live so see what see everyone works for Lockheed Martin on Open Source Intelligence can see that
there and it's possible to scroll down the list of profiles in see the listing with their job title and descriptions and what they do and then if you click on the pages in the profile
and all that peoples for constraints so it's you can see the original intent and then if you click on any of these acids you can also see the other I areas the other people who mentioned wasn't in their skills on the other people who work for Lockheed Martin nor any of the other things of apply of the lives that while
still this loan money so please occasions when you
use it to so here's all the people who less than of since specifically in skill section check to go back to present and for now maybe the New this so in it went up to but but that's
In but it just disappear of this place the so this is a little bit bigger us so we collected this data from again I using terms like known codewords intelligence agencies departments Ontologies contractors
and industry terms things like C and since TSSC I had to be and it will just collect from the services there are some limitations of the state of most of the data we have is focused on the US partially this is due to research
trends partially this is due to the US intelligence community just being very large and some of it is also because Americans have bad opsek and that they think they have been opsek
alot of people with operational security is 1 of the
skills in their files of there are also some other the the power of the
orientation is that uh we couldn't get people's connections you can't even get connections on linking with richer attract but there's a nice this on the side of people also viewed I was spaghetti people who are
working in a similar industry or who are doing now will renew the person so we use as an approximation for people who were probably connected to the person and we also request collateral all information single out 3 hops and people also you listen the people of this from the and then
there's another of a sure that there are also some more words experimentally
always we've been trying to visualize data user more at the prototype side of things but so this is a network graph are showing which companies
have which surveillance programs can see in the middle of the blue dots are companies in military and around the edges the red dots surveillance program so you can get some sense the ones the center at once you can help of multiple surrounds parameters ones on the edges are either false positives or ones just help with a couple so you can also just because you've written that then we also have a experimental
are graphs and quite learning right on the server but you can see the geographic distribution of the people working on most from care
you know this is you the that so it's also
possible to look at the broader trends of intelligence industry from the state and this is a
graph of people who mentioned looking and signals intelligence over time things the it goes up and up and up and then in 2013 it drops in 2014 it keeps dropping and then in 2015 it starts going back up again and it's hard to say for sure but this could be the sun
effects and it might've drops to to that's um back to this is countered by going through different
people's profiles and seeing in which job listings they mentioned that the mentioned see Guenter signals intelligence sir terms like batters signals analysis and in on the graph similarly ever graph of people who are working for or with the
and saying which starts dropping in 2010 and then starts going up again in 2015
as the source possible to use force to that surrounds and so can well uh
that ensued spikes in 2006 you can use it to approximate when people start working on programs Brim start when they're succeeded by other programs hiring trends things like
that the sample size on this was fairly small and that's because we can only use the job description fields these the other fields are correlated the time people working on it so if we were to look at the whole prevail we consume people entered the workforce but not necessarily when they started working on
these grounds and similarly is a graph of again database users which is just
going up over time and there are some other possibilities for interesting analysis that could be done that I haven't quite got to yet you could do % breakdowns of the people who work on different surveillance programs by company by location thereby skill set it's possible to figure out which answer related based on which 1 which code words co-occur in the same job listings and it's even possible to automatically detect new words
based on not taking a comb Mr. Juncker words in a list of known acronyms and looking for all the words in all caps past a certain like that don't match those particular lists so this is so the war he
ensured access operations and and when they actually care about is that this isn't in the hit lists this
isn't a surrealist listed is bad people 1st of all there is some noise in the data it said there are people who actually got accepted at present is a very
bad term for this this is something a lot of people use as an acronym we reveal the filters on down by using additional complex against for commonly occurring occurring words but it's not perfect but more forget they'll find people who may be work at a contractor doing something on the
mediator no other people on the intelligence community there on the periphery so not everyone is working on secret rounds forums but a significant majority of people in the US are but that said even refer people who are working on these things I don't think they're all necessarily horrible people that we should even items i.e. my goal of this is to provide a face to the surveillance states and a better mechanism for a researching and understanding these programs and accountability so reverting
to keep gathering this data and so I'm hoping that it can be used to start debates about using details a secret surrounds friends that were previously known that looking to the question why certain companies are suddenly hiring for something that sounds really sketchy or the
these these as starting point for requests a other requests for information or even just to start conversations with some of the people who are involved in these programs as so if you're interested in and said it's difficult to build a pseudo once the especially a decentralized 1 alone so if you could use your help and if you're interested in doing something like this in applying tactics like ocellatus know we could probably help
if that
and thank you very much and see for this wonderful presentation and I'm sure that tons of questions as you know we are running a little work soul of my allowed the 3 questions and the rest of you will have to discuss things with the MC probably in the front of this room OK soul hands up where questions None everyone is completely flattened by this presentation OK where I can understand that OK here we go
the so you said it's not a hit list because there's some noise in the data from and I
wonder if it's possible that we can make an augmented reality application where you can do facial recognition on people when you read them and then source the data so you could take a picture of a person you think is an intelligence agent and then it'll say 0 yes and here's the data and here's the special specializations the major reduce some Open Data for something like that like a pig finder out of some kind there's there's some
ways to filter out the noise are in the over filter which is why I haven't done that here but if you're good word but did you something you could filter family of something that's fully and they have fixed all the pictures and data are given by the ways of anyone to do this again just from the all 3 suffered
relevances OK he talking about open
source intelligence but it's about 14 thousand pictures to living environment 27 thousand profiles the 1st of hello and thank you for the very inspiring interesting talk really enjoyed it I was wondering did you get
any feedback from the person Utrecht there or did you receive any hate mail Soros something like such a such a system that on thing not yet but this is sort of favor some presenting it possible as well but not
best guess in any other reactions from the from the uh um security community and see I mean is anything it's that at 1 approach to it doesn't have to be a male I don't have the American people on it but not really you have no immunity to Persian randomly about this now and it did anyone follow up on the story about the guy works as you start states and this is the 1st time I talked about it OK OK so journalists in the United States where was that Indiana awarded the number 2 so long as it had been at it probably can't so we can start a crowdsourced research here OK last question anyone OK how do you get good the for 1 thing you might wanna consider you have for selecting is the best talk at this conference and
you agree really great work I'm like that someone who's really start-up funds you because of the other service for garbage and this that and have you thought so there's a constitutional crisis happening in Germany right now about selectors have you thought about maybe helping the German government with some of the selectors for counterintelligence that may be produced selected from all of this panel and automate the
creation of xt score fingerprints of all the
selectors of all the people including facial recognition telephone numbers addresses names family members and just build suitable for its use for fingerprint for everybody in the American intelligence community it is low that interview new systems and the radio and the Chancellor doesn't even have to help in the use and I
wasn't the using of his lectures that is 1 of the things that that was the OK so the birth of a new road safety of the book because I think you really much in the graph and go