[IP] Cyberspace warriors (MOST INTERESTING djf)
Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
Date: Thu, 15 Apr 2004 14:14:48 +0200
From: Yuval Dror <kutz1@xxxxxxxxxxxx>
Subject: Cyberspace warriors
To: dave@xxxxxxxxxx
Dave,
I have this feeling that you will find the following article, published in
this weekend magazine edition of Haaretz, very interesting...
Yuval.
<http://www.haaretz.com/hasen/spages/415859.html>http://www.haaretz.com/hasen/spages/415859.html
Cyberspace warriors
[]
[]
By <mailto:yuvaldr@xxxxxxxxxxxxx>Yuval Dror
[]
Following the trauma of 9/11, Israeli-born computer security expert Prof.
Abraham Kandel heads a federally funded institute in Florida whose mission
is to monitor information about terrorist activity on the Internet. A look
at how scientists are battling the spread of terrorist communications on
the World Wide Web.
[]
The Twin Towers were only the beginning, says Prof. Abraham Kandel, who
fears an attempt by terrorists to shut down the entire Internet. Kandel is
the executive director of the National Institute for Systems Test and
Productivity in the United States, a federally-funded research institute
operated by the University of South Florida and sponsored by the Space and
Naval Warfare Systems Command (www.nistp.csee.usf.edu). Much of the
institute's work is secret; its staff is developing tools to monitor
information about terrorist activity on the Internet. The programs they are
working on can be compared to a huge filter that constantly checks millions
of electronic messages with the aim of deciding which of them could lead to
terrorists.
[]
[]
"Our programs analyze sentences such as `I sent you ten yams and five
lemons' and have to decide whether the sender of the message is a
greengrocer or a terrorist who is informing someone about a shipment of
explosives," Kandel explains. "We want to know everything. We want to know
who's using the Internet and how they are using it. `Who's who in the zoo'
is the best description I can offer of our motivation: we want to know
where everyone is located, in which cage. If he changes his color, like a
chameleon, and disappears, we still want to locate him using our method of
operation. We want to identify transfers of money, knowledge or
instructions of terrorist bodies."
Kandel is aware that his programs are liable to infringe on the privacy of
hundreds of millions of people who have nothing to do with terrorism.
However, he is not losing any sleep over this, he says. "Our job is to find
the needle in the haystack before it's too late," he says. Since September
11, 2001, the U.S. administration has become a laboratory of plans and
software programs to locate online activity. New and invasive laws, which
were adopted a few days after the attacks on the Twin Towers and the
Pentagon, make it possible for the law enforcement authorities to monitor
the citizens of the United States. The laws, which substantially reduce
Americans' sacred right to privacy, were enacted almost without opposition
after it was discovered that the terrorists had lived, learned how to fly
and planned their devastating actions on the soil of the United States, and
more specifically in the state of Florida.
However, monitoring phone calls, e-mail messages, surfing habits on the
Web, chat room conversations and announcements in discussion forums is only
half the story. The other half entails selecting from the billions of words
making their way across the Web the particles of information that will lead
to potential terrorists. Reports that were published after September 11,
2001, showed that some of the information linking the perpetrators to the
act of terrorism was in the possession of American intelligence bodies, but
that they failed to put the puzzle together into one clear picture that
would make it possible for them to issue a warning about the biggest
terrorist operation in history.
One of the systems that drew considerable media and public attention in the
United States is known as Carnivore. Developed by the FBI in the 1990s, the
system was rapidly and aggressively implemented within days of September
11. Carnivore intercepts and analyzes information that is collected
directly from the servers of the Internet providers in the United States.
Kandel is unwilling to say whether his system integrates with Carnivore.
"Carnivore is not a program but a concept," he says. "It's possible that
our tools can be integrated into Carnivore, but that's not my decision, and
in any event those who use our programs don't report to me about where and
how they use them."
Identifying intentions
Even before the first question was asked, Kandel ascertained that the
condition for conducting the interview was agreed on: his place of
residence must be kept secret. He's 62, Israeli-born and holds a degree in
electrical engineering from the Haifa Technion. After the 1967 Six-Day War
he decided to make a short visit to the United States ("I told my
mother-in-law that I'd be back within a year," he relates) to complete his
studies. He ended up staying there. Today he describes himself as an
American, adding that he spends a lot of time in Israel. "I have spent all
my sabbaticals, with the exception of one, in Israel. I feel at home here."
Kandel's field of expertise in the institution he heads is in a fascinating
side area of mathematics and computers, known as "computational
intelligence." It encompasses theories and doctrines in fields such as
"fuzzy logic," "sensor networks," "genetic algorithms" (algorithms that
emulate biological evolution and encourage the creation of mutations),
"data mining" and others. These methods help computers to make decisions in
conditions of uncertainty and in an environment that does not produce
precise data by integrating them into a "learning" system.
"Human language is fuzzy language, which is statistically imprecise,"
Kandel says. "When I say I met a tall man, the listener is called upon to
analyze my intentions solely on the basis of the term `tall,' which is a
pretty vague term, yet he is capable of understanding what I am talking
about." Kandel offers another example. "Let's say that the world's greatest
expert on differential equations is driving his car and suddenly the
traffic light in front of him changes from green to red. Does the expert
mentally calculate the formulae relating to the friction of the tires with
the road in order to decide whether to stop or keep going? No. He uses the
same type of information and intuition that we know how to catch and
introduce into a computer program."
According to Kandel, many cars now have chips based on the laws of fuzzy
logic that determine, for example, when the gears should be changed in an
automatic gearbox. "When you integrate fuzzy logic into computers or chips
that have to make decisions, you get systems that are not only smart but
also strong in terms of real-time decision making."
A good many years went by between the time Kandel decided to specialize in
the field of computational intelligence and his involvement in ferreting
out terrorism. Along the way he became one of the world's leading experts
in the field, wrote more than 40 books and 500 papers on the subject, was a
department head at the University of Florida for 13 years and then headed a
department at the University of Southern Florida for 12 years. Gradually he
began to apply his expertise to industrial products as well.
"Beyond my academic work, I have served as an adviser to bodies such as the
U.S. Air Force in spheres of software security and checking software
quality, and for Israeli bodies such as Israel Aircraft Industries [IAI]."
One of the major applications of fuzzy logic, Kandel says, was carried out
in an automatic landing system of an RPV (a pilotless aircraft), which was
developed for IAI.
Because of his ties with the U.S. Air Force, administration officials asked
him, at the end of the 1990s, to establish an institute that would examine
software systems. Initially this had nothing to do with the struggle
against terrorism. "The Department of Defense discovered that it was losing
$80 billion a year because of software that doesn't work properly," Kandel
says. "A program that orders a missile to leave the launcher but sends it
to the wrong building means a financial loss. The institute was established
in an effort to harness the technologies in which I specialize to the
automatic examination of computer programs. The major motivation was to
save money for the Department of Defense."
Then came the events of September 11, 2001. Kandel relates that at the time
his young son was working in one of the buildings of the Twin Towers
complex. A few weeks earlier he had complained of back pains and had
consulted with his father about whether to see a chiropractor. Kandel said
he would pay for the consultation. The appointment was for September 11,
and thus he was saved. "For a whole week I just stared into the television
set," Kandel relates. "I couldn't move. The event had a tremendous impact
on me."
Immediately afterward he decided to see whether it would be possible to
utilize the automatic technologies that examine the working order and
efficiency of code lines in computer programs. "I was pleased that the
answer was positive," Kandel says. The positive answer brought about a
change in the institute's order of priorities and a large injection of
funds into the new sphere.
The terms Kandel uses stimulate the imagination. "I got into a field called
`perception management,' which has the task of managing a computerized
system that tries to understand what a certain person's intentions are."
The institute staff are apparently utilizing every technology that is
capable of learning from its own experience and is capable of simulating
the activity of the human brain. As such, the programs have a tremendous
advantage: Instead of employing thousands of people who will go over every
piece of information and decide its value (not important, important, how
important), the computer does the initial filtering by emulating people's
mode of thought and way of decision-making. The result is that only the
pieces of information that the computer selects as especially important are
conveyed for human examination. The systems are programmed in such a way
that whenever they make new decisions they learn, improve and become "smarter."
Kandel is currently in Israel to carry out a study during the coming
academic year, commissioned by the U.S.-Israel Educational Foundation
(founded in 1956 to administer the Fulbright Program between the United
States and Israel) in cooperation with the Faculty of Engineering at Tel
Aviv University. On April 22 the university will hold the first-ever
conference in which experts from the field of terrorism and from other
fields will lecture on cybernetic terror and the development of tools to
monitor activity on the Internet.
Secret civilian institute
The National Institute for Systems Test and Productivity (NISTP) is a
civilian body, whose funding is decided on by the subcommittee for military
appropriations in Congress, with the budgets being transferred via the U.S.
Navy. Another investor is Boeing, the aircraft manufacturer. The NISTP
transfers its products to the Navy, which in turn transfers them to other
government bodies. The size of the institute's budget is secret, as is the
number of people it employs (it's thought to be a few dozen). The
institute's Web site in no way hints at the actual activity it is engaged in.
The institute also underwrites the activity of researchers in other
countries, including a research group at Ben-Gurion University of the Negev
in Be'er Sheva ($250,000 a year). The group in the Negev, Kandel says, is
in daily touch with the Florida institute. Part of the activity in Be'er
Sheva is funded by the Israeli defense establishment; it's reasonable to
assume that at least some of the knowledge accumulated by the American
institute ultimately reaches Israeli intelligence bodies as well.
"The real battle is moving from the conventional fields to cyberspace,"
Kandel maintains. "Ten divisions of tanks and five air squadrons wouldn't
have helped stop September 11. Accordingly, the tools that are used to
fight the new warfare also have to be different." According to Kandel,
terrorists make use of the communications networks, and the Internet above
all, to coordinate activity and transfer information. It is possible that
they will come to understand that the damage they could inflict on the
United States and on the American way of life by striking at the Internet
would be greater than any other harm they are capable of.
How is it possible to destroy the Web?
"We're not talking about developing worms and viruses of the type that
attack PCs. This will be a more brutal and more destructive assault. The
only thing that many organizations have today to defend themselves against
that kind of attack is a firewall of one kind or another."
What's wrong with that? Companies such as Checkpoint have built an empire
around firewall protection.
"There's nothing wrong with it. But it's worth asking why companies like
Checkpoint or Aladdin or other Israeli companies don't obtain huge
contracts from American defense bodies. The answer is not that it's because
they are Israeli - after all, I fund activity in Israel with the consent of
the U.S. Navy. The reason is that they are developing protective tools that
can provide protection up to a certain level against hackers who have a
certain background in infiltrating sites. Apparently there is some slight
difference between protecting a business organization and protecting U.S.
governmental bodies."
If so, why don't you develop tools for nongovernmental needs as well?
"When I hire new people, I usually ask them if in their opinion it would be
possible to launch a startup company that would be based on one of our
developments. If he says yes, I show him the door. We are not working for
an IPO on the Nasdaq. True, the salaries aren't bad - we don't work for
free - but our target market is clear and we work for it alone. There is a
great advantage in not seeking to go public and in not having the
limitations of a commercial company."
Of golems and moles
Kandel rejects out of hand the contention that he is engaged in developing
software that is the equivalent of the modern crystal ball. "They are
wonderful systems, but they don't predict everything. They deal with
forecasting that is based on the analysis of existing information. They are
systems with power, but their power is anchored in the information that
they are fed."
And where does the information come from?
"We are an organization of five initials; we get our information from
organizations of three initials," he laughs, and says he is referring to
USF (University of Southern Florida). But he doesn't really mean USF. In
the United States alone there are many intelligence organizations of three
initials: CIA, FBI and NSA (National Security Agency) are only the
best-known of them. It's reasonable to assume that his systems analyze
information from all three bodies. It's an equally reasonable assumption
that the NSA uses the institute's information analysis tools. Asked about
this, Kandel says he can neither confirm nor deny it.
The NSA was established in November 1952 and its main activity is cracking
enemy codes (so that it will be possible to listen to the enemy) and
protecting U.S. government codes (to protect the government from snoopers).
In a document outlining intentions for the new century, the NSA declared
that it will "develop applications to leverage emerging technologies and
sustain both our offensive and defensive information warfare capabilities."
The time may have come to establish an Israeli NSA, Kandel says. "The
American NSA is not a military body, it's a civilian one. True, it's a
secret body, but it's overseen by congressional subcommittees.
Unfortunately, in Israel there are no research institutes like mine. Most
of the research institutes in Israel produce position papers - they don't
develop tools. It's time to act to establish a civilian agency on the model
of the NSA and to start a massive development of intelligence tools.
Everyone will gain from that."
You deal with information that's received from intelligence agencies. Is
all the information you handle classified?
"No way. You'd be amazed at how much free information is available on the
Internet. All you have to know is how to snatch it from the air, download
it and view it. The terrorists love publicity and love to publicize
themselves."
Google, the most successful search engine on the Web, analyzes only 3
billion of about 30 billion pages that exist on the Internet. Do you have a
better search engine than Google?
Kandel is silent. "I can't answer that question," he says, his face
serious. On the other hand, he is ready to talk at length about the moral
dilemma he and his staff face when they develop tools that the government
is liable to use in order to infringe on people's private lives.
Whenever someone uses one of your tools, he monitors my e-mail and turns me
into a potential suspect. Doesn't that bother you?
"There are two dilemmas here: one legal, the other moral. At the legal
level, we don't make a move without the university's lawyers. If I want to
develop a certain feature within the software, I first of all check to make
sure that it's not against the law. I have no control or information
concerning the end users of our software. The problem at the moral level is
far greater."
Kandel here offers a surprising analogy. "We are like the group of
physicists who worked on developing the atomic bomb at Los Alamos. While
they were developing the bomb, did the scientists have a moral problem,
when it was clear that what was at stake was deciding the war? On the other
hand, I wouldn't want to have been in the shoes of Oppenheimer or Fermi
when Hiroshima and Nagasaki were blown up."
But there is a problem of balance here - we have to fight terrorism, but is
it to be done at any price?
"No, not at any price, but it seems to me that the price we are paying is a
proper one. Do you have any doubt that every one of the families of those
who were killed in the terrible attack would be ready to have their e-mail
scanned, to have it monitored, if that would have prevented the attack?"
In practice, though, that is never the question, is it?
"That's right, and we still have to examine the dilemma in those terms.
True, public opinion views the tools we are developing as a type of illegal
hacking into their privacy, but we are developing the programs in order to
protect them."
Aren't you concerned that you are creating a type of golem that will one
day rise up against its master?
"Yes, we are developing a golem, maybe even a few of them. But still, I'm
not worried. I'm more worried that one of my employees might be a mole. I
lose sleep over that. Is the atomic bomb a type of golem? Probably it is,
but the tools we are developing are not meant for offensive purposes, only
for defense. They are intended for protection against people who want to
destroy, who want to attack civilization and our way of life. I sleep well
at night; I have no qualms of conscience."
Following the money trail
Kandel is stingy with technical explanations about the operation of his
systems. When asked about the power of the computerization needed to run
the institute's programs, he replies, "Every ordinary supercomputer
supplies our needs," like someone who is used to having supercomputers at
his disposal. He declines to answer other questions. Sometimes he is silent
for some time before he succeeds in mentally formulating a reply that will
answer the question without giving away too much information. One of the
central goals in the struggle against the terrorists, he says, is to locate
their sources of funding. "If you succeed in blocking the money, you
succeed in blocking them. The problem is that the money has to be blocked
before it gets to the bank, otherwise it's a lost cause. We have to locate
it when it is transferred immediately after being created."
And how is the money created? It turns out that the terrorists have learned
to take advantage of the American system to clip coupons - literally.
"Every Sunday booklets of coupons are inserted in the papers," Kandel
explains. "The American clips the coupons and receives a discount of, say,
25 percent on the price of a bottle of Coca-Cola. The shop owner sends the
coupons to the Coca-Cola Company and receives in return a cash payment for
the value of every coupon he sends, plus 7 percent." The terrorists buy
newspapers, too, Kandel says. "The whole family sits and clips all the
coupons. There are many branches of supermarkets in the United States,
whose local managers act as accomplices to terror. The method is quite
simple. The father of the family - which has clipped out all the coupons -
takes them to the branch manager but doesn't buy Coca-Cola or anything else
with them. The manager takes the coupons to Coca-Cola and other companies,
gets their value plus 7 percent, and gives the money to the father of the
family.
From this point the money begins to roll on. "Now it's a game of
mathematics," Kandel says. "If coupons worth $30 or $40 are attached to the
paper every Sunday, and in the United States there are a few thousand
families like this who cut out coupons - after putting a dollar into the
automatic newspaper vendor but pulling out a few dozen newspapers - it
won't be long before hundreds of thousands or even millions of dollars are
collected."
When asked how the institute's software is able to differentiate between
legitimate money transfers and transfers made as part of the "coupon scam,"
he smiles as though hiding a secret. "The systems we have developed don't
search aimlessly through databases and Internet communications. They are
fed with diverse pieces of information. If you don't know what to look for,
everything seems to be the same color and there's no way to select between
the legal and the illegal. But if you know where to start, it becomes simpler."
Kandel offers an example from the financial market, which relies on sources
of information and a different type of research. "Officially, everyone can
tell you what the dollar rate is and what the interest rate is, but as a
sharp financier you want to know what the whisperers are saying, those who
are considered to be in the know. If you're connected to the right sources,
if you know how to look for the information in the right place, you get a
lead that makes it possible for you to know what and whom to concentrate
on. That's the stage at which the search becomes interesting."n
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/