Category: surveillance

Moazzam Begg, always in the paper, rarely reported.

Am I right in thinking that Moazzam Begg’s political role is getting more complicated, more important, and more impressive? Here’s a story. It kicks off with:

British jihadi fighters desperate to return home from Syria and Iraq are being issued with death threats by the leadership of Islamic State (Isis), the Observer has learned.

A source with extensive contacts among Syrian rebel groups said senior Isis figures were threatening Britons who were attempting to travel home. He said: “There are Britons who upon wanting to leave have been threatened with death, either directly or indirectly.”

The source is apparently the Observer‘s home affairs editor’s source, rather than a foreign correspondent’s source, so you might well wonder what kind of anonymous source is based in London, has contacts in Syrian rebel groups, and is very, very keen to get the message out that ISIS might kill international volunteers, specifically British ones, who want to leave.

Begg now appears in the story. It’s impossible to know whether there is any logical link between the source and Begg, or whether the Observer writer juxtaposed them to make it look like they support each other, an old hack’s trick. But if you want to reach potential jihadi volunteers with the message that they can’t trust ISIS, an ex-Guantanamo detainee would be a more convincing representative than almost anyone else. He would be a classic “surprising validator”.

Reading down, it seems he certainly knows that some wannabe jihadis have been held against their will in Syria, but any association with the “source” is either the Observer‘s gloss on it, or else that of someone who briefed them.

Begg seems to be moving from a campaign for the release of Guantanamo prisoners, to a campaign both for forgiveness towards volunteers in Syria and to prevent them going in the first place. Both are necessary. But I really wonder about the complex politics emerging around him.

He is the face of the dissident campaign demanding an end to the extralegal punishment that defines the War on Terror. He is also something like a spokesman for people who would like to leave the jihadi movement. These two are mutually consistent. But he is also increasingly a voice for de-radicalisation and prevention as a strategy.

This makes sense as an alternative policy proposal, but it also involves him in the underreported bureaucratic fight between the community-policing (in every sense) people sponsored by DCLG since Hazel Blears’ time, and the traditional intelligence services. One side is focused on prevention, policing by the community (of people who are described as a community), and works with the police and social services. The other is focused on technical surveillance and agent-running. With less money about, the two have been fighting like cats in a sack since 2010.

Mark Townsend’s piece seems to be using quotes from him to further a briefing campaign against ISIS recruiting, and also to back the DCLG-Contest-Prevent people in government versus the hard security lobby.

Then, I also wonder about the mission to Syria that landed him back in jail in 2013. When he set out on that mission, we were still supporting Syrian rebels and especially the FSA, rather than flying close air support for the FSA and the regime at the same time. More than a few testimonies from returned British jihadis mention that they believed the Syrian adventure had some sort of official Western blessing.

So, we have Begg, ex-prisoner and cause célébre. We have Begg, peace activist. We have Begg, de-radicaliser. We have Begg, continuing Islamic aid worker. We have Begg, still a target of police surveillance. Do we have any other roles? I imagine they make sense as a wider whole to the man himself.

I can see every reason to run the best possible propaganda campaign to stop people signing up with ISIS. (I’m not quite as cynical as John Dolan, whose piece is pretty good even if he thinks Luton is in Yorkshire.) But this is complicated, risky, and ambiguous stuff and wants more scrutiny than it gets.

Begg has grown into a bigger and more interesting political role than just that of wannabe jihadi or Rumsfeld victim, the Islamic adventurer the lads wish they were, but at the same time, the wise old head and voice of reason, a figure of the debatable lands. If he doesn’t get killed, I wouldn’t be totally surprised to see him as an enduring national figure of some sort. But where is he going with it, and how far does he control it?

The problems of Puffin Party security

Here’s an interesting story of a Russian military intelligence officer deployed into Ukraine, apparently under plausibly-deniable cover, whose communications were meant to hide in plain sight among the chaotic noise of the Internet. Specifically, he’s a gamer and re-enactor in private life and he tried to use the channels of this subculture.

Unfortunately for him, it only cuts both ways up to a point. You can’t operate in the apparent anonymity of the Internet without also accepting its distinctive threats, and Anonymous got into his e-mail account with hilarious consequences. What appeared to be a trivial and frivolous subculture providing nonthreatening space turned out to expose him to everything Putin hates in the form of a genuine security threat.

I have just been reading Danah Boyd’s fine It’s Complicated: The Social Lives of Networked Teens, and an important point that sticks out is that a working definition of privacy is the ability to choose your audience.

Satellites to new heights

I’ve recently seen someone from the Satellite Applications Catapult come up on the UKNOF mailing list, asking about how best to get dark fibre from their Harwell offices into London with a view to distributing lots of satellite imagery. Obviously a CDN is the way to go, but the first thing that came to mind is whether they’ve got a new satellite. I mean, it’s vaguely surprising that an organisation that runs its own cloud platform would be asking for fairly simple networking advice, and even more so one that owns this.

Context, and more, plus much more in this category.

Proliferation

OK, so the weird weather and infrastructure crisis exacerbated by the Galbraithian combination of private affluence and public squalor is being monitored by the local newspaper using a web platform for 140-character snarkfarts and cat photos, and their robot air force. That, you know, provincial newspapers just have at the back of the newsroom. This is basically a Bruce Sterling novel, isn’t it?

Some Snowden consequences

Sir Humphrey says among much else, all worth reading:

An outsider looking in may well conclude that the sort of military assets needed to build and effect long term change, stability and security are those which have effects such as training teams, defence attaches, limited professional training and so on with the nuclear deterrent as the ultimate guarantor of security, and not so much on very heavy army assets like armoured divisions which are much harder to deploy. Looking more broadly, things like focusing heavily on cyber security defence is arguably more important than some other tasks – this is perhaps the problem facing the military today. The sort of interaction many nations want is quite localised, involving maybe a training team or specialist advisors or access to training courses.

I don’t think anyone can disagree that all sorts of countries, flooded with new electronics and computing capacity, well aware of the vast advantages it gave Western militaries in the last 30 or so years, are probably both deeply worried and also only vaguely informed about their information security problems.

Similarly, deploying four people from CESG or JANET CSIRT to do an assessment is the sort of thing that might gain friends and influence people, at remarkably low cost. We sent the Red Arrows on tour around the Gulf and did a half a dozen squadron-sized Typhoon deployments trying to sell Eurofighters with vast amounts of extremely expensive taxpayer-funded whoosh. “Cyberengagement” or better “information security cooperation” sounds like a great idea.

Until you remember that we hugely overdid the intelligence half of the whole thing, our fibres are radioactive, GCHQ pulls in the Queen’s selfies to the pool boy, if you ever sent a vCard on a UK-owned GSM network they kept it, and literally nobody will ever trust us on this issue ever again.

This goes double, triple, or quadruple with the news – try ioerror’s CCC talk if you haven’t already – that we’ve been involved in trying to compromise security tools, forums, and infrastructure everybody uses. I find this more shocking than pretty much anything else in this story.

Reading the newspaper, carefully

This Indy story is making some waves.

The first point I’d draw from it is that the UK special relationship with the Gulf states is getting another go-round, and William Hague seems mad keen. As well as a lot of effort to sell stuff, and the town the size of Wigan or Oxford made up of expats, there’s been informed talk of one or other GCC state wanting an RAF squadron stationed there (as if we had Typhoon airframes to spare, which we don’t, but that’s another story). A GCHQ presence fits right in. It also fits right in with the theme of keeping some of the Iraq/Afghanistan infrastructure in being on a long term basis.

The second point is that persons interested in knowing more would do well to consult a map of submarine cable landings. The third point is that Glenn Greenwald clearly has no idea who Duncan Campbell is, although I guess this is fair for someone who isn’t a British journalism trainspotter.

The fourth point is that there is a far simpler explanation of the story that works with both the Indy‘s claims and Snowden’s denial of giving them any information. That would be “the Indy deduced it by close reading of the Snowden stories, and then trailed it past a source”. Literally every occasion this blog has published substantive news (and it has! now and then in the last 10 years) was based on something like that, and IF Stone apparently said that it’s amazing what you can find out by reading the newspaper carefully.

GPS jamming for fun and profit, or at least workplace dignity

Here’s a really fascinating article in Inside GNSS about the proliferation of electronic countermeasures against GPS. The heaviest users are lorry drivers, who use GPS jammers to disrupt management surveillance of their working day. I would guess that this has probably benefited from an existing culture of radar detectors, GATSO databases, and such.

This causes curious side effects, notably where major motorways are close to airport runways for which a GPS-based nonprecision approach is published (the authors propose various algorithms), and in financial districts where high-frequency trading systems require very accurate timing. This results in a large concentration of tier-1 NTP servers fed by GPS receivers, that get disrupted on a regular basis by a delivery van using a jammer.

Another interesting use case that comes to mind is Google’s NewSQL, globally distributed, column-based data store, Spanner, which relies for its versioning-based consistency guarantee on very accurate timing typically derived at each location from multiple GPS receivers. The Googlers did build in cross-checks between sites, not being dumb or anything, so there are limits to how much weirdness it could cause.

The devices cost a few dozen galactic credits a go. Inside GNSS points out that they are advertised on the basis of how much Tx power they crank out, which isn’t ideal as the GPS signal is very diffuse at this distance from high earth orbit, and any more than the minimum power to drown it out both buggers it up for others and increases your chances of being detected.

I feel I should point out that Charlie Stross actually suggested this solution, or actually a somewhat more advanced one more like this, in comments right here on this blog as a way of defeating Alistair Darling’s national road-pricing system. Sadly, even Google search can’t find it in the old enetation comments system.

Meanwhile, in Keighley:

Mrs Orchard, of Denholme Gate, said shortly after her sick leave started, odd phone calls were made to the family home by people asking if she could do some work for them, her family and neighbours saw men hiding in cars outside her home, and then she found a GPS tracker had been attached to the underside of her Audi car.

two points on Snowden in the UK

Just a couple of points about the British wing of Snowden. First of all, what function does it serve to go begging to the Americans for sums of money that aren’t especially big in the context of a £1.8bn single intelligence budget?

Well, the money is a costly-signal that UK cooperation is valuable to the Americans. This legitimises the “NSA ask” in return. And in turn, the “ask” can be used to lobby the rest of government. We must have X, Y, and perhaps even Z because otherwise we’d displease the NSA and they’d pull their contribution…which you would have to replace!

Second, it’s interesting the way the government likes to re-use acronyms. According to Richard Aldrich, GCHQ’s budget line-item for fundamental research in cryptography and computing was called “Methods to Improve” throughout the coldwar. It’s no surprise, then, that “Mastering the Internet” has the same acronym, and probably a fair guess that the new name meant much the same thing but with Internet awesomesauce to impress notorious e-mail printer, Tony Blair.

Get involved.

So, the Sun is on the move. This was a bit of a surprise to me, what with News reorganising to separate the UK papers from Sky. You might think the papers look like a cost centre without the TV assets, or that the division is intended for sale as a package. But they’re up to something interesting.

The headline is that the Sun website is going behind a paywall, but this is really beside the point. The core of the offering is a mobile app that provides football highlights and daily deals – the details are at the link – but the really interesting bit is that you have to buy the paper to activate the app. The website is here or there; it’s about the mobile app, the paper, and (as always with Murdoch) the crosspromotion.

The other really interesting thing here is that News knows in some detail who sells copies of the paper, how many, and where. In the UK, newspapers are distributed on a sale-or-return basis. The retailer orders as many papers as they think they need, and bundles up the unsold copies for collection with the morning’s delivery. These are counted, and deducted from the retailer’s bill. If you’ve ever been in a corner shop late at night, you’ll have seen the shopkeeper bundle up, count, and label the returns with the preprinted barcode supplied by the wholesaler.

The point of the exercise is that the newspaper, not the newsagent, takes the risk. This is important because, obviously, the paper cannot sell if it is not on the shelves. If the newsagent gets stuck with unsold copies, they will order fewer papers and take the chance of running out. Alone among British newspapers, The Guardian is distributed on cash terms, which is why it’s so often sold out. I think they consider it unsportsmanlike or something.

So, to shorterise: the sale-and-return distribution model requires the publisher to know all the points of sale. Another feature is that it is a great way to measure the newspaper’s effective circulation in detail, and as the papers are being accounted for, this is subject to the paper’s auditors. You can see why advertisers might like this.

Now, the Sun is going to be getting its readers to type or scan something in the paper into the app. If, as I pointed out on Twitter, this something is specific to the individual papers, it’s possible to identify where the user buys their newspaper. I had some doubts about practicalities in the printing process, and wondered if they intended to do something clever with the PayPoint API or hand out separate inserts to be added by the newsagents.

But today, the question is answered – I was able to examine a pile of the things, and they indeed carry a 9 12-character unique identifier, printed as part of the newspaper. Keen and agile minds will observe that this provides enough entropy to identify the whole print run uniquely, indeed, a print run substantially bigger than even the Daily Mirror‘s 1960s five-million plus. This might mean that it encodes more information than just a serial number, or alternatively that they’ve left space to do so should they want to in the future. Also, it’s not obviously sequential, so you can’t trivially work out the daily print run, although I haven’t made any serious study of this.

(Update): It’s actually 12 characters, in three alphanumeric groups of 4, and all the issues I’ve seen started SS… today. That might be part of a geographic identifier, but it might also be Sunday Sun. Anyway, that gives quite a bit of scope.)

Why is this useful? Well, this gives them insight into close-up neighbourhood geography across the UK. People are likely to buy their newspaper in the same place as they buy plenty of other things, for one. But it’s also a look into the UK’s cash economy. Newspapers have always been sold mostly for cash, anonymously. And the heavy dose of football in the experience points at other ambitions. After all, they can probably work out which is your local pub, and a lot of them have a WiFi hotspot provided by the Sky (ISP) subsidiary The Cloud.

It is probably telling that this comes just after their new “casual” Sky TV offering, something which seems to exist to satisfy demand generated by advertising in the Sun app. Also, Sky TV has always been very good at last-minute ad insertion.

But there’s also a political element here, especially for those of us who fundamentally wish ill to all Murdoch’s business ventures. When the News of the World was rolled into the sea like a sack of waste, as Hunter Thompson said of Richard Nixon’s mortal remains, I was very impressed by the public response, which was either rejoicing, or else, absolute apathy. None of its millions of readers was moved to protest or even to complain. Surprisingly few of them even bother to buy the Sun on Sunday. As a result, I asked on this blog if Sun readers actually exist, in the sense of people who self-identify as such, rather than being labelled by others, in the way that readers of the Guardian, Telegraph, or Mail do in Jamie Kenny’s sense.

In this sense, I think this project is an effort to make Sun readers out of people who happen to read the Sun in the same way as some people happened to consume the News of the World as a weekly kitschburger, a newspaper-style product. The polite way of saying this is “deepening user relationships”.

The really depressing element of this is probably how much of the ad revenue sounds like it’s going to come from gambling. No, it’s not even that, even if the goal of the week starts coming with an editorial soundbite like page 3 did in the Rebekah Wade years. (That said, the business model may well end up being all about cross-media advertising – the Springer papers in Germany seem to be trying to collect as many classified ad outlets as possible.)

The really, really depressing element of this is the increasing degree to which your local pub is being converted into an integrated Murdoch experience. I already resent this (how could I not?) but it’s only going to get worse. Note that the TV ad strapline for all this is “Get Involved”.

(Note: Le Monde‘s South Kensington correspondent Marc Roche argued a few weeks ago that the Sun‘s problems were down to the “disappearance of the blue collars and their replacement by immigrants who can’t speak English”. The Sun does not appear to be basing its strategy on this, to say the least.)