Category: networks

daft IP addressing choices

This is only one of the reasons why squatting in other people’s netblocks is a bad idea. To understand the point, you’ve got to go back to the BT 21CN project, which was one of those “the Internet is just another service over our private network” ideas telcos tend to love. Although a lot of it didn’t work, like the weird ethernet-level multiservice router, they did build a huge MPLS core network that carries all the other stuff – i.e. mostly the Internet – as encapsulated traffic.

Because they did it this way, they also didn’t do IPv6, which left them with a problem. One of the advantages of doing it the way they did was that they could trivially have a parallel management network. But that meant finding at least two addresses per device for the whole of the UK. So they had the bright idea of picking a big netblock that doesn’t appear in the Internet routing table, and “borrowing” that.

Sensibly, they looked for one that would be very unlikely to ever be announced. Some organisations who got huge IP allocations back in the day, like MIT with its 3 /8 blocks, have been prevailed on to give at least some of them back for public use. The classic case is the trade show Interop, which used to own 45/8 and only use it one week a year.

The US Department of Defense, however, has a hell of a lot of address space, and usually doesn’t route publicly for fairly obvious reasons. And if they don’t want to give it up, who’s going to make them? So they peeked into the DODNIC allocation and picked 30/8. This is quite common; one day somebody will audit it all and there will be surprises.

Fun with network utilisation

Something really interesting in here, a map of DISA’s European network by link utilisation.

disn-france-550x413

I choose to read this as showing everything that runs into Sigonella running red hot, therefore showing in the most literal possible way the swing of US political/military interest from the Middle East into North Africa. That said, they seem to have a very shaky idea of the dates involved and this might be much older, in which case the link out to Bahrain is doing the work.

Lib Dems: not quite useless

So, Wired writes up three West Point professors and their algorithm to decide which members of a terrorist network to zap. Apparently they implemented it in 30 lines of Python. The paper is here, with some pseudocode and the tantalising hint that they used NetworkX, but no Python. However, even the Wired piece tells us enough to reverse engineer it.

The key idea here is that whacking terrorist leaders is often stupid, because it causes the enemy to adopt a flatter, more decentralised, and therefore less vulnerable network structure. Also, they point out, the leaders are often forces for restraint and points of contact for negotiation.

Being who they were, they decided that they could fix this with a better optimisation. They looked at the network-wide degree centrality, a measurement of the centralisation or otherwise of the whole network which is defined as the fraction of total nodes in the network an average node is connected to. They then asked how this changed when they removed a node from the network. And they reasoned that increasing it was desirable, as it rendered the network overall more fragile and unstable.

Now, the Lobster Project uses weighted betweenness centrality – the fraction of the shortest routes through the network that pass through a given node, with more important nodes being accounted for as such – as its centrality metric. There is no particular reason to think that this would work differently.

So I thought I’d implement it. Their implementation used 30 lines, but I presume that includes the test harness to generate or load a specimen network as well as the analysis. Here goes:

def greedy_fragile(mgraph, month, mini, nodes):
...network_wide_centrality = float(sum(nodes.values())/len(nodes.values()))
...mgraph.remove_node(mini[0])
...n = centrality_nodes(mgraph)
...nwc = float(sum(n.values())/len(n.values()))
...mgraph.add_node(mini[0], mini[1])
...return {'Minister': mini[0], 'Title': mini[1]['Title'], 'Department': mini[1]['Department'], 'Date': month, 'Greedy_Fragile': network_wide_centrality - nwc}

mgraph is the NetworkX graph object, month is the month, mini is the minister (or lobby), nodes is the precomputed list of nodes and their centrality values. Obviously, if it wasn’t for the weird datastore thing I’d have done this recursively and made it return the values for the whole network rather than calling it for each node.

And it works. The first result was that one particular minister was slightly reducing the overall centralisation (and therefore fragility/instability) of the system as a whole. And he’s Ed Davey. As the point of having Lib Dems is meant to be reducing the centrality of Dave from PR and paddock-boy in the system, this suggests that we shouldn’t get rid of him yet.

Going round the country, stirring up apathy

So, that PCCSpoil blog. To begin with, it was a collection of spoiled ballots from the police commissioner elections, a large (>75%) proportion of which seemed to add the hashtags #PCCSpoil or #policespoilballot. I had the impression that this suggested a campaign of some sort. After all, why the hashtag if you weren’t planning to put it on the web?

Since then, the blog has vanished, briefly shown a Mike Giggleresque student politics video, and now points at a petition to explain one’s spoiled ballot to No.10 Downing Street. Someone on Twitter thought the slogan “Don’t politicise the police”, which many of the spoilers used, might be a Police Federation internal line. But it’s not.

There was a policeman who was supporting it, CynicalBobby on twitter. Also, a well-known libertarian. But these were late to the party. Much earlier (9th November) a facebook page had appeared. Following up people who liked it or contributed in any way, I found no cops, but a variety of people who were by turns Green, sceptics, atheists, pro-Palestinian, and from Yorkshire, Wales, or the Isle of Wight, in more than one case.

Spoiltpapers.org.uk was registered by someone in Wrexham on the 9th of November, the same day the facebook page appeared. On the way, Plaid Youth glommed on. But many of the people involved were in comments to this Guardian piece, on their Northerner blog, from the 5th of November.

That, in turn, was from this lady, a regular contributor from God’s and Jimmy’s own county, a green-minded pro-Palestinian ex-Lib Dem who even introduced the slogan, on the 3rd. We have a patient-zero. Magic darts!

A special note. Tumblr, like Facebook, doesn’t delete your photos if you kill your account or even delete stuff from it. They remain in whichever content-delivery network they used. I know this because, after the PCC blog vanished, I noticed I still had a copy open in a browser tab, and I was able to wget all the images and the HTML wrapper into an archive.

Update: One of the people in this post is now claiming to be me! As a note to the TV producers who are asking me for copies of the spoiled ballots, PCCSpoil is not my blog and has nothing to do with me. My bet is the Plaid guy.

The intersection of electronic warfare and mall management

Here’s something interesting. You may remember this story from back in November about the CIA spy network in Lebanon that met at a Pizza Hut they codenamed PIZZA, and which was rolled up by a joint Hezbollah-Lebanese military intelligence investigation. The key detail is as follows:

U.S. officials also denied the source’s allegation that the former CIA station chief dismissed an email warning that some of his Lebanese agents could be identified because they used cellphones to call only their CIA handlers and no one else.

Lebanon’s security service was able to isolate the CIA informants by analyzing cellphone company records that showed the numbers called, duration of each call and location of the phone at the time of the call, the source said.

Using billing and cell tower records for hundreds of thousands of phone numbers, software can isolate cellphones used near an embassy, or used only once, or only on quick calls. The process quickly narrows down a small group of phones that a security service can monitor.

If the top paragraph is true, it would have been catastrophically ill-advised. Even somebody special, like a CIA agent under diplomatic cover, has a relatively large number of weak ties to normal people. This is the reverse of the small-world principle, and is a consequence of the fact that the great majority of people are real human beings rather than important persons. As a result, things like STELLAR WIND, the illegal Bush-era effort to analyse the whole pile of call-detail records at AT&T and Verizon in the hope that this would find terrorists, face a sort of Bayesian doom. We’ve gone over this over and over again.

However, phone numbers that only talk to special people are obviously suspicious. Most numbers with a neighbourhood length of 1 will be things like machine-to-machine SIMs in vending machines and cash points, but once you’d filtered those out, the remaining pool of possibles would be quite small. It is intuitive to think of avoiding surveillance, or keeping a low profile, but what is required is actually camouflage rather than concealment.

There are more direct methods – which is where electronic warfare and shopping mall management intersect.

Path Intelligence, a Portsmouth-based startup, will install a network of IMSI-catchers, devices which act as a mobile base station in order to identify mobile phones nearby, in your shopping centre so as to collect really detailed footfall information.

Similarly, you could plant such a device near that Pizza Hut to capture which phones passed by and when, and which ones usually coincided. Alternatively, you could use it in a targeted mode to confirm the presence or absence of a known device. Which makes me wonder about the famous Hezbollah telecoms network, and whether it was intended at least in part to be an electronic-intelligence network – as after all, nothing would be a better cover for a huge network of fake mobile base stations than a network of real ones.

Meanwhile, this year’s CCC (like last year’s) was just stuffed with GSM exploits. It really is beginning to look a lot like “time we retired that network”.

Protection….

Update: I originally didn’t want to publish this because I didn’t think it was good enough, but I hit the wrong button. Anyway, Alistair Morgan read it and thinks one of the premises of the whole thing is wrong. Namely, the weapons were going in the same direction as the drugs, not the other way around. Well, at least the story moved on a bit, but this renders mostly useless a whole additional post I put together from reading a lot of crazy-but-interesting stuff out of the bottom of the Internet. Also, despite the Jessie J reference there’s better music at the bottom if you get that far.

So, Alistair Morgan’s twitter feed frequently hints at “cocaine, weapons, and Ireland” as well as police corruption as being factors involved in the case of his brother, Daniel Morgan, the private detective murdered in 1987, probably by people who were since employed by News International. It’s often been said that Morgan was on the point of publishing some sort of huge revelation when he was killed, but nobody knows what it was beyond his brother’s hints based on what the police told him at the time.

Since the eruption of the phone-hacking scandal, a number of sidelights have come up which linked the News of the World, its cadre of ex-police gumshoes, and its contacts inside the police force. Notably, it seems to have spied on the former Army intelligence agent-handler, Ian Hurst, on an NGO, British-Irish Rights Watch (because documents of theirs were on Hurst’s computer when they hacked it), and perhaps on the chief of police, Sir Philip Orde. It would have been hard for people working for the press not to have covered at least one Northern Irish story in the last 20-odd years simply because it was such a news staple, but it’s worth noting their interest.

The War Economy of Northern Ireland

So, what might link Morgan, cocaine, weapons, Ireland, and policemen? There are some fairly well-known stylised facts or stereotypes about the economy of the Troubles. The IRA mostly funded itself from money collected in the United States, from bank robberies, and from unofficial taxes it collected in the North. It also got contributions from friendly countries, specifically Libya. The Loyalists didn’t have a reliable source of their own money abroad like NorAid, and so specialised in protection and drugs. Both sides also got involved in smuggling across the border as a commercial exercise.

That’s a glib summary ‘graf; obviously, I collect a revolutionary tax for the struggle, you impose fines on drug dealers and dishonestly stick to some of the money, and they are merely thugs operating a protection racket. Traditionally, both Sinn Fein and the British tended to stereotype the Loyalists as basically criminal and the IRA as proper insurgents – there may be some truth in there, but the distinction is one of emphasis and degree and also of propaganda rather than of kind.

Having obtained money, they both needed to convert some of it into arms. The IRA got a famous delivery in the 80s from Libya in its role as Secret Santa, and also often bought guns in the US over the counter and smuggled them back. I don’t know how well characterised the sources of Loyalist arms are, which of course gives me license to speculate.

Permanently Operating Factors

Now for the cocaine, which has often been known to land in bulk quantities on the wilder, less populated bits of the Atlantic coast that also offer good harbours. This is a rare combination, as people live near ports. Two of the best bits on that score are northwest Spain and southwest Ireland. Having landed, you can move it on anywhere in the UK-Ireland common travel area without much more trouble. Since the creation of the Schengen area, Galicia is even better for this because there is such a choice of markets you can reach without a customs inspection. But in 1987 this was an un-fact, so you might as well go to Ireland.

This transit trade had important consequences – notably the rise of Martin “The General” Cahill, the assassination of Veronica Guerin, and probably a substantial chunk of the Irish property bubble via the laundering of profits and also by the boost to those ol’ animal spirits the drug provides.

Imagine, then, that an important criminal actor supplying the London market with cocaine also had access to a reliable surplus of weapons. There is the potential for trade here.

However, it’s not that simple – the famous Libyan shipment would have fit in a couple of shipping containers, and it kept the IRA going up until peace was signed, with a fair bit left over to be buried in concrete by the international commissioners on decommissioning. It is very unlikely that any plausible flow of arms to Northern Ireland would have paid for the flow of cocaine into the South-East.

We Don’t Need Your Money, Money, Money, We Just Wanna Make The World Dance…

There’s something else going on – Diego Gambetta would have already pointed out that you need to understand the trade in protection. To sell protection, you need weapons, which are the capital equipment of the business of private protection. In so far as the buyers in the UK were paying in guns as well as cash, they were arguably expressing a protector-protectee relationship. While on our territory, we protect you, and license you to provide protection. This was also reciprocated. In accepting them, were the sellers of the cocaine undertaking to protect it in transit on their own territory?

Another way of looking at this, which Gambetta would also approve of, would be in terms of costly signalling. Being both a supplier and a protector is a powerful position, but it might be worth letting the other side have it as a guarantee or hostage, to signal that you didn’t intend to break the agreement and deal with some other supplier. This makes even more sense given that you still have a regular supply of guns you could cut off or use against them, and therefore both parties have something to lose.

Now, Gambetta’s work mostly deals with Sicily, where a very important protection supplier has often been irrelevant. London is a very different society from this point of view. Whatever you think of the police, you can’t just ignore them as a factor. In some other societies, the police might be protection consumers, but here, police corruption usually takes the form of policemen selling protection. (In a sense, the more effective the police, the more tempting this will be. Nothing sells like the good stuff.)

So, gazing down on this complex, neo-medieval exchange of cash, credit, and protection, there is a sort of Sun King whose permission is required for any protection contract to be signed. It’s like a feudal society. My liege lord is only so, because he is the King’s subject, and the King at least theoretically owes duties to the Emperor, or later, directly to God. Our buyer is in a position to offer protection for his end of the business because he enjoys protection supplied by the police.

Who were the recipients, the sellers? They might have been drug dealers who needed to buy protection from one or other paramilitary group. They might have been drug dealers who wanted to build up enough arms that they could stop buying protection, or rather, change protector. Or they might have been paramilitaries who sold protection to the drugs trade. The distinction is surprisingly unimportant.

So, to put the pieces together, there was some group of South-East London villains importing cocaine from transit providers in Ireland, who were also exporting weapons in the opposite direction as part of an exchange of protection for their common business. This required buying protection from the police. Where did the weapons come from? And why is News International involved?

Protection….

Update: I originally didn’t want to publish this because I didn’t think it was good enough, but I hit the wrong button. Anyway, Alistair Morgan read it and thinks one of the premises of the whole thing is wrong. Namely, the weapons were going in the same direction as the drugs, not the other way around. Well, at least the story moved on a bit, but this renders mostly useless a whole additional post I put together from reading a lot of crazy-but-interesting stuff out of the bottom of the Internet. Also, despite the Jessie J reference there’s better music at the bottom if you get that far.

So, Alistair Morgan’s twitter feed frequently hints at “cocaine, weapons, and Ireland” as well as police corruption as being factors involved in the case of his brother, Daniel Morgan, the private detective murdered in 1987, probably by people who were since employed by News International. It’s often been said that Morgan was on the point of publishing some sort of huge revelation when he was killed, but nobody knows what it was beyond his brother’s hints based on what the police told him at the time.

Since the eruption of the phone-hacking scandal, a number of sidelights have come up which linked the News of the World, its cadre of ex-police gumshoes, and its contacts inside the police force. Notably, it seems to have spied on the former Army intelligence agent-handler, Ian Hurst, on an NGO, British-Irish Rights Watch (because documents of theirs were on Hurst’s computer when they hacked it), and perhaps on the chief of police, Sir Philip Orde. It would have been hard for people working for the press not to have covered at least one Northern Irish story in the last 20-odd years simply because it was such a news staple, but it’s worth noting their interest.

The War Economy of Northern Ireland

So, what might link Morgan, cocaine, weapons, Ireland, and policemen? There are some fairly well-known stylised facts or stereotypes about the economy of the Troubles. The IRA mostly funded itself from money collected in the United States, from bank robberies, and from unofficial taxes it collected in the North. It also got contributions from friendly countries, specifically Libya. The Loyalists didn’t have a reliable source of their own money abroad like NorAid, and so specialised in protection and drugs. Both sides also got involved in smuggling across the border as a commercial exercise.

That’s a glib summary ‘graf; obviously, I collect a revolutionary tax for the struggle, you impose fines on drug dealers and dishonestly stick to some of the money, and they are merely thugs operating a protection racket. Traditionally, both Sinn Fein and the British tended to stereotype the Loyalists as basically criminal and the IRA as proper insurgents – there may be some truth in there, but the distinction is one of emphasis and degree and also of propaganda rather than of kind.

Having obtained money, they both needed to convert some of it into arms. The IRA got a famous delivery in the 80s from Libya in its role as Secret Santa, and also often bought guns in the US over the counter and smuggled them back. I don’t know how well characterised the sources of Loyalist arms are, which of course gives me license to speculate.

Permanently Operating Factors

Now for the cocaine, which has often been known to land in bulk quantities on the wilder, less populated bits of the Atlantic coast that also offer good harbours. This is a rare combination, as people live near ports. Two of the best bits on that score are northwest Spain and southwest Ireland. Having landed, you can move it on anywhere in the UK-Ireland common travel area without much more trouble. Since the creation of the Schengen area, Galicia is even better for this because there is such a choice of markets you can reach without a customs inspection. But in 1987 this was an un-fact, so you might as well go to Ireland.

This transit trade had important consequences – notably the rise of Martin “The General” Cahill, the assassination of Veronica Guerin, and probably a substantial chunk of the Irish property bubble via the laundering of profits and also by the boost to those ol’ animal spirits the drug provides.

Imagine, then, that an important criminal actor supplying the London market with cocaine also had access to a reliable surplus of weapons. There is the potential for trade here.

However, it’s not that simple – the famous Libyan shipment would have fit in a couple of shipping containers, and it kept the IRA going up until peace was signed, with a fair bit left over to be buried in concrete by the international commissioners on decommissioning. It is very unlikely that any plausible flow of arms to Northern Ireland would have paid for the flow of cocaine into the South-East.

We Don’t Need Your Money, Money, Money, We Just Wanna Make The World Dance…

There’s something else going on – Diego Gambetta would have already pointed out that you need to understand the trade in protection. To sell protection, you need weapons, which are the capital equipment of the business of private protection. In so far as the buyers in the UK were paying in guns as well as cash, they were arguably expressing a protector-protectee relationship. While on our territory, we protect you, and license you to provide protection. This was also reciprocated. In accepting them, were the sellers of the cocaine undertaking to protect it in transit on their own territory?

Another way of looking at this, which Gambetta would also approve of, would be in terms of costly signalling. Being both a supplier and a protector is a powerful position, but it might be worth letting the other side have it as a guarantee or hostage, to signal that you didn’t intend to break the agreement and deal with some other supplier. This makes even more sense given that you still have a regular supply of guns you could cut off or use against them, and therefore both parties have something to lose.

Now, Gambetta’s work mostly deals with Sicily, where a very important protection supplier has often been irrelevant. London is a very different society from this point of view. Whatever you think of the police, you can’t just ignore them as a factor. In some other societies, the police might be protection consumers, but here, police corruption usually takes the form of policemen selling protection. (In a sense, the more effective the police, the more tempting this will be. Nothing sells like the good stuff.)

So, gazing down on this complex, neo-medieval exchange of cash, credit, and protection, there is a sort of Sun King whose permission is required for any protection contract to be signed. It’s like a feudal society. My liege lord is only so, because he is the King’s subject, and the King at least theoretically owes duties to the Emperor, or later, directly to God. Our buyer is in a position to offer protection for his end of the business because he enjoys protection supplied by the police.

Who were the recipients, the sellers? They might have been drug dealers who needed to buy protection from one or other paramilitary group. They might have been drug dealers who wanted to build up enough arms that they could stop buying protection, or rather, change protector. Or they might have been paramilitaries who sold protection to the drugs trade. The distinction is surprisingly unimportant.

So, to put the pieces together, there was some group of South-East London villains importing cocaine from transit providers in Ireland, who were also exporting weapons in the opposite direction as part of an exchange of protection for their common business. This required buying protection from the police. Where did the weapons come from? And why is News International involved?

it flies! well, that’s what it was bloody well designed to do

The question isn’t so much “did Eric Pickles eat all the pies?”, it’s “who paid for the pies, and how many did he declare in the register of members’ interests?”. TBIJ is on an absolute tear on Tory lobbying stories at the moment, and the combination of photo and caption for the Eric Pickles one is masterly.

But this story reveals more than it says. So, four cabinet ministers accepted donations to their private offices since May, 2010. Those would be William Hague, George Osborne, Liam Fox, and Michael Gove, or to put it another way, most of Atlantic Bridge and the core of the neo-conservative group within the Conservative Party. I do not think this is a coincidence.

Curiously, it seems that if you get donations to your private office you don’t also get them to your constituency party branch and vice versa, with the exceptions of George Osborne and Michael Gove, who would have more jam on it, wouldn’t they?

Pickles, for his part, received zero, which makes perfect sense. You can’t eat money, and as for spending it on unofficial advisers, that only makes sense if you ever take advice from other people and the Bradford food-mountain has always known he’s right.

Meanwhile, Lord Astor of Hever turns up as a trustee of the Bridge and an pal of the Werritty-funding SAS walt, Iraq contract hunter, and intimate of mercenaries Tim Spicer and Anthony Buckingham.

I think I’ve said before that Astor of Hever came out of the Lobster Project proof of concept script as being a surprisingly important gatekeeper – although in himself, he isn’t a major node, people who meet him also tend to get one-to-one meetings with the most important ministers. His weighted network degree, a measurement of how many links in the lobbying network involve him adjusted for how many people took part in the meetings, is 0.125, pretty low (78th in the league), but his gatekeepership metric is 2.533, the third highest overall and the very highest score for a minister with UK-wide responsibility. (I discount the gatekeepership numbers for Scottish and Welsh ministers, as their role is partly to represent Scottish and Welsh interests and they are structurally heavily lobbied.)

The gatekeepership metric in Lobster is the ratio of the average weighted network degree of those who lobbied a given minister to the average of all lobbies, to the ratio of that minister’s network degree to that of an average minister, thus capturing the degree to which meeting that minister was associated with meeting more or less important ones while taking into account the fact that some ministerial jobs are more important than others. If it is greater than 1, you’re likely to get a boost, if less, you’re being heard out.

A limitation is that obviously, the Prime Minister can’t help you meet a more important minister, so it doesn’t yet deal with the situation where you meet the PM to get your word across and are then referred to a junior minister for action. I accept that this is a problem, although you would expect that it is easier to lobby the small fry, so the metric is nevertheless useful. However, at a network degree of 0.125, Lord Astor is not affected by this phenomenon.

OK, so we have a prediction – other ministers involved with the Werritty/Fox/Atlantic Bridge case will demonstrate unusually high gatekeepership. Step forward Gerald Howarth MP, Minister for International Security Strategy, who achieves a gatekeepership of 2.36, the fourth highest overall and the second highest UK-wide, on a network degree of 1.2. That’s some pull, when you note that he’s a significant node in terms of quantity.

Lobster detected a sinister network of influence! How awesome is that?

Liam Fox: Not Fit For Purpose

OK, so “Not All That” Foxy Liam Fox is in trouble.

“He is an odd bloke,” said one fellow minister. “He has fingers in so many pies that you kind of think one of them will land him in trouble somewhere along the line.”

Another Tory MP said Fox’s tendency to name-drop and brag about his close friendships with Republicans in the US, media magnates such as David and Frederick Barclay (owners of the Daily Telegraph), and his endless globe-trotting, even before he entered the cabinet, has made many bristle and help explain why he has plenty of enemies in the Tory party and in Whitehall. “I think you either roll with the bluster or find it repellent,” said a Tory MP.

Ah, one of them. Anyway. Part of the problem is this famous meeting where his bestie Adam Werritty just happened to turn up. What was on offer? Well, a product called Cellcrypt, whose makers were trying to sell it to the MoD to stop evilly-disposed persons from eavesdropping on British soldiers’ phone calls back to the UK. (Note: this is going to be long. Technical summary: voice encryption apps for GSM-style mobile networks can guarantee that your call will not be overheard, but not that your presence cannot be monitored, and not necessarily that the parties to your calls cannot be identified.)

Back in the early days of Iraq, the CPA permitted one mobile phone operator in each of its three zones to set up. The British zone, CPA-South/Multinational Division South-East, let the Kuwaiti national telco, MTC (now Zain and busy running Mo Ibrahim’s old Celtel business into the ground) set up there with a partner some of us may have heard of. It’s from Newbury and it’s not a pub or an estate agency and its logo is a big red comma…funny how Vodafone never talked that particular investment up, innit? Anyway. Later the Iraqi government did a major tender for permanent licences and Orascom got most of it, but that’s another story.

One thing that did happen was that soldiers took their mobiles with them to Iraq, and some of them pretty soon realised that buying a local SIM card in the bazaar was much cheaper than making roaming calls back to the UK. Either way, lots of +44 numbers started showing up in their VLR, the big database that keeps track of where phones are in a GSM network so it can route incoming calls.

Pretty soon someone who – presumably – worked for the MTC-Voda affiliate and whose purposes were not entirely aligned with Iraq The Model realised that you could use the VLR to follow the Brits (and the Yanks and the Danes and the Dutchmen and Kiwis and all sorts of contractors) around. Not only that, you could ring up their families in the UK and make threats with the benefit of apparently supernatural knowledge.

This obviously wasn’t ideal. Efforts were made to mitigate the problem; soldiers were discouraged from using local GSM networks, more computers and public phones were made available. The eventual solution, though, was to get some nice new ruggedised small-cell systems from companies like Private Mobile Networks Ltd., which basically pack a small base station and a base station controller and a satellite backhaul terminal into a tough plastic box of a suitably military colour. You open it up, unfold the antenna, turn on the power, and complete some configuration options. It logs into the mobile operator who’s providing service to you via the satellite link.

Now, because radio signals like all radiation lose intensity with the inverse square of the distance, you’ll be vastly louder than everyone else. So any mobile phone nearby will roam onto your private mobile network and will be in the UK for mobile phone purposes, a bit like the shipping container that’s technically in Egypt at the end of Four Lions. And none of this will touch any other mobile network that might be operating in your area. Obviously you can also use these powers for evil, by snarfing up everyone else’s traffic, and don’t for a moment think this isn’t also done by so-called IMSI catchers.

You’re not meant to do this, normally, because you probably don’t have a licence to use the GSM, GSM/PCS, or UMTS frequencies. But, as the founder of PMN Ltd. told a colleague of mine, the answer to that is “we’ve got bigger tanks”.

So, where were we? Well, the problem with trying to do…something…with Cellcrypt is that it doesn’t actually solve this problem, because the problem wasn’t originally that the other side could listen to the content of voice calls. Like all telecoms interception stories, it was about the traffic analysis, not the content. Actually, they probably could listen in as well because some of the Iraqi and Afghan operators may not have been using up-to-date or even *any* air interface encryption.

But if you’re going to fix this with an encryption app like Cellcrypt, you’ve got to make sure that every soldier (and sailor and diplomat and journo and MoD civilian) installs it, it works on all the phones, and you absolutely can’t make calls without it. Also, you’ve got to make sure all the people they talk to install it.

And the enemy can still follow you because the phones are still registering in the VLRs!

So, there’s not much point relying on OTA voice encryption to solve a problem that’s got nothing to do with the voice bearer channel. However, bringing your own small cell network certainly does solve the problem, elegantly, and without needing to worry about what kind of phones people bring along or buy locally.

And the military surely understand this, as by the time of the famous meeting, they’d already started deploying them. Also, back when this was a big problem, 19 year-old riflemen usually didn’t have the sort of phones that would run a big hefty application like Cellcrypt, which also uses the mobile data link and therefore would give them four figure phone bills.

To sum up, Werritty was helping someone market gear that the MoD didn’t need, that was hopelessly unfit for purpose, wouldn’t actually do what the MoD wanted, and would cost individual soldiers a fortune, by providing privileged access to the Secretary of State for Defence.