May 8 2008 by The Systemic Analyst.

Newsday has reported that a former detainee held in Guantanamo Bay has carried out a suicide attack in Iraq that killed seven people. This shouldn’t be surprising; the mass detention of so-called enemy combatants, many without trial for years on end, only ensures that the U.S. and its allies will have a growing body of angry Muslim men who now have a real grudge to bear. In fact, “preventative strikes” and prison camps are but a recipe for future terrorism; from a security stand point such an approach never really made much sense.

Abdallah Salih al-Ajmi had reportedly been detained in Guantanamo Bay for 3.5 years where his lawyer said that al-Ajmi once “appeared for a meeting with a broken arm…that al-Ajmi said he had suffered…when guards tried to stop him from praying.” In 2005, al-Ajmi was transferred to Kuwait where he was acquitted in 2006. Settling down, al-Ajmi married and had a child, according to his cousin, Salem al-Ajmi, to whom the suicide attack came as a surprise.

Posted in Security Measures, Middle East | No Comments »

March 31 2008 by The Systemic Analyst.

The CIA chief, Michael Hayden, has reportedly told NBC that terrorists are using “operatives that…wouldn’t attract your attention if they were going through the customs line at Dulles  with you.” In other words, the new terrorist will look as Western as any citizen of North America. This should have been expected, particularly after the U.S. began using racial profiling as a border security measure; the next logical step in facilitating the crossing of potential terrorists at borders would be to use people who would never cause a red flag to be raised.

As with previous statements by CIA representatives regarding the vulnerability of power grids in North America, I’m left wondering at the quality of intelligence that they choose to share with the public. It’s as if the organization has been stockpiling the most obvious vulnerabilities or threat adaptations to security measures for release some 4 to 5  years after the bit of ‘intelligence,’ (if something so elementary can even be called that,) should have been news. Is the CIA trying to give the illusion that it is informing the public? Any thinking person should have been able to surmise this change in tactic for moving operatives across borders years ago.

It all comes back to the fundamental problem of using identity as the basis for security measures. Sure, keeping track of law abiding citizens is facilitated by identity management on a national scale; to such people the idea of abusing the system is outside their realm of contemplation. Preventing threats, such as terrorists, from crossing borders with identity based security measures isn’t so likely. In order to stop such a person from passing through a border check point, one would have to be aware that the target in fact poses a threat. Thus, only if the person is known to have committed a crime and can be firmly linked to the identity under which that crime was committed will such a suspect be apprehended.

Of course, an alert and well-trained border guard could detect slight peculiarities in a subject’s behaviour that might tip the agent off, thus escalating the case in the required 60-seconds or less. Our growing penchant for throwing technology at security problems, however, is making this scenario less and less likely all the time as we opt for automated kiosks to scan passports, manned by travellers far from the prying eyes of such adept officials.

Terrorists, and indeed organized criminals, understand how the system works.  In fact, it is generally accepted that such threats are already steps ahead of the security industry - particularly in the use of technology. Organized crime rings have readily adopted advanced technology, just as any other business has, greatly improving the efficiency of their operations. College ICT students have become prime candidates for working with such criminal organizations, particularly in regions where legitimate jobs  in the field are few or compensation is poor. If there is a way to forge hi-tech identity documents, I’m pretty sure that organized crime rings have already figured it out.

It isn’t the technological nature of enhanced identity-based national security measures which presents terrorists and mobsters with an opportunity to breach the walls of Fortress America, however; it’s the inherent flaws of the traditional system. Knowing that the system is designed to detect identifiable threats, i.e. known criminals or people who fit set profiles - for which there is none available for a terrorist - why would any well-organized crime ring send anyone across a border that would raise alarm? They wouldn’t. As a result, look for middle-class, Caucasian North Americans disgruntled by a lack of options, crumbling economy and perhaps with the scars of some distant war to bear as a far more likely candidate for terrorism in the coming years.

All of this, of course, is to say nothing of the other ways in which identity-based border security measures can be breached, which advanced technological solutions have failed to address. Such tactics include bribing a corrupt official to issue a legitimate albeit false identity, establishing an official identity using supporting documents issued to a target but linked to a deceased citizen, and operating under a legitimate identity issued by another state for the purposes of espionage or terrorism.

It makes me wonder what the point of the Chief’s statement are. On one hand, if reading between the lines, Mr. Hayden has admitted that our current identity-based approaches won’t be sufficient for the changing tactics of terrorists. On the other hand, taking his statements at face value, the fact that we know terrorists understand how the system can be breached easily will likely only result in ever-more enhanced traditional security measures; measures that although already evidently not effective for preventive purposes, will undoubtedly come into more widespread use. Indeed, the middle class Caucasian might just have been given a new reason to be screened and monitored, even more than before. 

Posted in Wiretapping & Surveillance, Identity Management, Security Measures, North America, Middle East, Central Asia | No Comments »

March 4 2008 by The Systemic Analyst.

The Jerusalem Post has reported that Israel is considering new legislation to restrict the use of wiretapping as an investigative tool.  Among some of the ideas currently being considered by the Parliamentary Inquiry Committee on Wiretapping are compelling ”the police to report to the court that approved a wiretapping at the end of its investigation,” restricting surveillance to only those conversations of a target relevant to the investigation and appointing a commissioner to oversee the entire practice of wiretapping.

Israel, like every other country tackling the issue of wiretapping, should consider implementing some sort of mechanism that would ensure long-term oversight and review of the measure. It’s always remarkable to find out how little analysis there is of data surrounding the use and success rates of wiretapping that could indicate the effectiveness of the tool. We certainly don’t have such statistics in Canada.

According to the article “Israeli courts approve about 1,200 wiretaps a year, compared to 1,800 in all of the United States. The authorities made 1,255 requests for wiretapping permits to the courts in 2006. The courts turned down seven.” 

Posted in Wiretapping & Surveillance, Middle East | No Comments »

January 8 2008 by The Systemic Analyst.

The FBI seems to be creating an international clearinghouse of biometric data, if this Washington Post article is any indication. In a massive biometric system that is already storing new personal data such as facial images, finger and palm prints, international law enforcement agencies can look forward to cross searching millions (more likely billions when all is said and done) of biometric files including “iris patterns, face-shape data, scars and perhaps even the unique ways people walk and talk”, according to the Post.

Although touted as a necessary tool for police, known and suspected criminals won’t be the only individuals with files stored in the gargantuan system. As the Post reports:

“The FBI will also retain, upon request by employers, the fingerprints of employees who have undergone criminal background checks so the employers can be notified if employees have brushes with the law.”

So much for trust in fellow man.

Americans might find comfort in knowing that they are not alone in being so closely watched as “more than 1.5 million Iraqi and Afghan detainees, Iraqi citizens and foreigners” have also been included in the system, contributing biometric data such as fingerprints, iris and face patterns and, in a separate system housed by the Department of Defense, DNA.

Anyone wishing to visit the U.S. can consider themselves apart of the group too. In addition to scanning irises at some airports, the Department of Homeland Security is also compiling a database containing millions of fingerprints of travelers passing through border checkpoints.

Allowing access to some “900,000 federal, state and local law enforcement officers” across the U.S., it is hoped that the system will eventually be capable of facilitating spot-check searches. Such applications of the system will included scanning fingerprints of drivers pulled over by police and capturing iris patterns “at distances of up to 15 feet, and of faces from as far away as 200 yards.”

Canadians are already enjoying access to the “underground facility the size of two football fields,” according to the Post, as part of the search requests reaching the FBI servers each second. The system will also be interoperable with much of the Anglo-world, as standards, used by Britain, Canada, Australia and New Zealand, are employed.

It is debatable whether such an extensive effort is worth the tangible gains to be made in curtailing crime as a result of developing the large system.

With numerous points of access not just across the country but also internationally, the obvious question remains how the system will be secured? Unless the connectivity employed is so advanced that industry experts have no knowledge of it, it is probable that the data stored in this massive database is realistically vulnerable to attack, thus compromising the overall integrity of the system.

This is to say nothing of the human factor – always the biggest drawback to using technology in futile attempts to solve man’s problems. Even if those 900,000 people given access are screened beforehand at least one of them will allow the system to be compromised, deliberately or unintentionally.

The Post article reports, “The Pentagon has already matched several Iraqi suspects against the FBI’s criminal fingerprint database” which now houses some 55 million sets of records. In a system that will include anyone who has ever applied for a serious job, traveled to the U.S. or was ever stopped and questioned by police, is making “several matches” really relevant? Anyone can be in the system, verifying that with a search won’t really prove anything, it will just provide the person searching with ever-more information on individuals unlucky enough to believe that such measures will increase security.

Posted in Identity Management, Biometrics, Middle East | No Comments »

November 15 2007 by The Systemic Analyst.

Here is more on the Israeli wiretapping scandal from The Jerusalem Post:

Strategic Affairs Minister Avigdor Lieberman was back on the Israel Police’s radar Monday, this time as an alleged victim of wiretapping.

Police said they suspect that private detectives Rafi Fridan and Aviv Mor, both of Tel Aviv, and right-wing activist Avigdor Eskin participated in a criminal conspiracy to listen in on Russian immigrant businessman Michael Chernoy’s telephone conversations, as well as those of Chernoy’s secretary.

Lieberman, who submitted an official complaint with police last week, believes the wiretapping of his friend’s office was part of a plot to get information to politically discredit the Israel Beiteinu founder.

International and Serious Crimes Unit police raided Fridan’s, Mor’s and Eskin’s homes and offices early Monday morning and arrested all three. Officers close to the investigation said police had recovered “relevant materials.”

Later Monday, all three were taken before the Petah Tikva Magistrate’s Court, where police representatives requested remand extensions, claiming that there was a legitimate fear that the suspects might try to tamper with evidence or witnesses. Mor’s and Fridan’s remands were extended by four days, and Eskin’s remand was extended by five days.

Detectives believe there may be more suspects in the case. Police and attorneys hinted that this was merely the tip of the iceberg in a wider web of political intrigue. The three current suspects may face charges on a number of offenses, including carrying out illegal wiretapping, illegal use of a wiretap, conspiracy to commit a crime and violations of the Law for the Protection of Privacy.

Fridan already had 42 previous offenses for illegal wiretapping, and Mor had “slightly fewer,” police said Monday night.

Eskin was one of the far-right-wing demonstrators at Rimonim Prison on Sunday who came to support former prime minister Yitzhak Rabin’s assassin, Yigal Amir, as Amir’s family attended his son’s circumcision. Eskin also was involved in the pulsa denura cursing ceremony against Rabin shortly before his assassination.

Posted in Wiretapping & Surveillance, Middle East | No Comments »

November 8 2007 by The Systemic Analyst.

Haaretz has reported on a wiretapping case which has two private investigators under suspicion of executing illegal wiretaps on Strategic Affairs Minister Avigdor Lieberman and businessman Michael Chernoy. It might be worth watching. For more on the story click here.

Posted in Wiretapping & Surveillance, Middle East | No Comments »

August 27 2007 by The Systemic Analyst.

Humans have developed such wonderful technology. Now, if we could just develop humans a little more perhaps the technology would be safe to use…

Wired has published an interesting interview with Lieutenant Colonel John Velliquette, the biometrics manager in Iraq for the “Coalition Police Assistance Training Team.” The interview covers a growing biometric system in Iraq that has been compared with the Rwandan identification card system left behind by the Belgians. The now infamous Rwandan system was used by the Hutus to easily determine Tutsis for extermination during the genocide in 1994. The concern with the Iraqi system stems from the degree to which personal names might denote religious or tribal affiliations and how such information might be used in an already unstable region teetering on the brink of (if not already in) civil war should the system fall into the “wrong hands”.

This seems to be a perfect case of how a tool may help one group of people in the short-term and, as a result, is implemented with little thought (or perhaps care) as to what the long-term implications might be.

Posted in Identity Management, Biometrics, North America, Middle East | No Comments »