Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Wednesday February 17 2016, @02:40AM   Printer-friendly
from the make-bad-scifi-real dept.

[Important Note: Some links (especially Ars Technica) are NSFW for US government employees as they contain slides that are marked "Top Secret". Exercise discretion/caution in this story's comments, too. -Ed.]

Yes, it is cloud-based, yes, it does decide about the fate of hundreds of humans, and yes, ultimately it does direct robots to kill innocent humans.

SKYNET is a system created by the NSA that applies machine learning algorithms to supposedly determine the likelihood of someone turning into a terrorist based on mobile phone metadata. According to slides published at Ars Technica, evil acts like switching off your mobile phone (= evading surveillance), switching SIM cards (= trying unsuccessfully to evade surveillance, thanks to IMEI, etc.), swapping phones with others (= trying unsuccessfully to evade surveillance, thanks to other surveillance data) will be taken together as indicators of your evil intentions.

Patrick Ball—a data scientist and the executive director at the Human Rights Data Analysis Group—who has previously given expert testimony before war crimes tribunals, described the NSA's methods as "ridiculously optimistic" and "completely bullshit." A flaw in how the NSA trains SKYNET's machine learning algorithm to analyse cellular metadata, Ball told Ars, makes the results scientifically unsound.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday February 17 2016, @04:14AM

    by Anonymous Coward on Wednesday February 17 2016, @04:14AM (#305590)

    Patrick Ball—a data scientist and the executive director at the Human Rights Data Analysis Group—who has previously given expert testimony before war crimes tribunals, described the NSA's methods as "ridiculously optimistic" and "completely bullshit."

    So then it's like every "information security" security theater [wikipedia.org] fishing expedition ever launched? The NSA is the equivalent to the Globe Theatre in the "security theater" sphere, so of course they have to ensure the most grandiose of dot-connecting escapades, all unknowingly funded by American taxpayers.

  • (Score: 2) by takyon on Wednesday February 17 2016, @04:35AM

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Wednesday February 17 2016, @04:35AM (#305595) Journal

    Once they break all encryption we'll be real safe.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
    • (Score: 1, Interesting) by Anonymous Coward on Wednesday February 17 2016, @05:04AM

      by Anonymous Coward on Wednesday February 17 2016, @05:04AM (#305600)

      One day I was looking at SHA-512.

      I looked at its constants. Now, most hashing functions start off with some initialization vector data and have some chaotic looking hex numerals. Cryptographers don't trust it if you carefully select those numbers from thin air -- they could be designed to reveal something, adding a back door, etc. So, we insist that the constants used in crypto primitives, like SHA-512, have to be some series of digits out there for all to see. Perhaps the Fibonacci sequence in binary beginning at iteration number 1984, or the mantissa of the digits of Pi beginning at bit #29Ah (666th bit), etc. You know, nothing that we could have just made up on the spot.

      Then I realized something. These hashing constants are basically arbitrarily selected from a high entropy source. They don't have to be the one given, I could use the names of my family members in packed 7bit ASCII codes.

      Just change one single bit and suddenly I've got a completely new hashing function -- no rainbow tables on the planet exist for it, and just paying some lackey at NSA to code up an implementation of this hashing function for their super cluster computing system is enough incentive to do so for my products.

      Turns out there are lots of constants like that. Problem is, you actually can pick bad constants sometimes -- low entropy, or ones that don't develop enough bit interdependency with the others (not having a large enough hamming value, etc). But as long as you know just a tiny bit about crypto and know how to use a hex editor you can make it vastly exponentially more difficult to fuck with the ciphers you use.

      P.S. If you're worried about interoperability, then you're already compromised.

      • (Score: 0) by Anonymous Coward on Wednesday February 17 2016, @06:42AM

        by Anonymous Coward on Wednesday February 17 2016, @06:42AM (#305636)

        P.S. If you're worried about interoperability, then you're already compromised.

        Yeah if your money is in a bank then you're already compromised.
        And if you try to connect to someone else's server securely using stuff like TLS you're already compromised.

        BTW what's the internet service like from your private island?

        • (Score: 2) by HiThere on Wednesday February 17 2016, @09:55PM

          by HiThere (866) Subscriber Badge on Wednesday February 17 2016, @09:55PM (#305969) Journal

          Internet communication isn't the only possible use for encryption.

          --
          Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
  • (Score: 2) by rts008 on Wednesday February 17 2016, @05:11AM

    by rts008 (3001) on Wednesday February 17 2016, @05:11AM (#305602)

    ...dot-connecting escapades,...

    They currently have more 'dots' than they can connect. If they collect any more 'dots', they will effectively cover the whole page, with no dots to connect, it will be a completely covered page.

    The last I heard, they could barely keep up with collecting and storing the data, and no realistic hope of ever getting around to organizing, or examining the data they already have, much less the data pouring in.

    Since they have already been collecting this stuff, I hope they choke and die trying to swallow it all, while the hard-copy(dry, no lube) of the PATRIOT Act gets shoved up their asses(one full copy(verbatim) per person, not one copy divided among the many deserving politicians), at the same time.

    • (Score: 4, Interesting) by legont on Wednesday February 17 2016, @06:40AM

      by legont (4179) on Wednesday February 17 2016, @06:40AM (#305633)

      Russians during Stalin times tried this argument which would go like this: if all the people are on KGB list, KGB will not be able to put them all in prisons. Guess what, KGB just got a totally legal way to put anybody away and prove it in court cause everybody had a sheet. Yes, they did not arrest everybody, but just enough.
      Back to nowadays, NSA can pick up anybody and prove terrorist relationships. They have the same on everybody else? What a conspiracy theory Your Honer!

      --
      "Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
      • (Score: 0) by Anonymous Coward on Wednesday February 17 2016, @07:58AM

        by Anonymous Coward on Wednesday February 17 2016, @07:58AM (#305658)
      • (Score: 0) by Anonymous Coward on Wednesday February 17 2016, @02:31PM

        by Anonymous Coward on Wednesday February 17 2016, @02:31PM (#305784)

        Also the Soviets didn't have Big Data, advanced supercomputers and network theory.

        I wonder whether it is anymore possible to hide something with volume. (The ultimate machine to find the needle in the haystack is of course the quantum computer which can look simultaneously under every straw regardless of the amount of straws. We're not there yet but it literally is the end of the world as we know it when we do.)

        • (Score: 0) by Anonymous Coward on Wednesday February 17 2016, @07:02PM

          by Anonymous Coward on Wednesday February 17 2016, @07:02PM (#305885)

          Soviets of those days (note that after Stalin it was very different) did not care that much whom to prison. Same the US now does not care which particular black unemployed is imprisoned as long as there are enough of them to claim unemployment figures and hit welfare targets.

          • (Score: 2) by GreatAuntAnesthesia on Thursday February 18 2016, @09:23AM

            by GreatAuntAnesthesia (3275) on Thursday February 18 2016, @09:23AM (#306240) Journal

            > the US now does not care which particular black unemployed is imprisoned as long as there are enough of them unable to vote a black guy into the Whitehouse

            FTFY (This cunning plan obviously failed somehow back in 2008)

        • (Score: 0) by Anonymous Coward on Sunday February 21 2016, @08:09PM

          by Anonymous Coward on Sunday February 21 2016, @08:09PM (#307845)

          I wonder whether it is anymore possible to hide something with volume.

          Sure it is. So long as they aren't looking for something very specific.

          If they are just looking for people who might be terrorists, for example, then the number of false positives will overwhelm them. Let's say they have data on 10 million people, and their algorithm is very good and only has a false positive rate of 0.1% (which would be very low), that means they would have 10,000 innocent people falsely flagged as terrorists which they would have to manually examine and exclude (or put under surveilance just in case), on the flip side you also have to consider false negatives, where they don't identify actual terrorists, the lower the false positives, the lower the false negatives, so if they had a false positive rate of 0.1%, they might have a false negative rate of 50%, which would be no good, you could be exceedingly generous and assume they could get it down to 10%, but that would still be missing quite a lot of terrorists and including far too many innocent people. If there were 100 terrorists in that data set, then they would flag 10,090 people as terrorists and then somehow have to determine out of those which are actually terrorist, and yet there are still 10 of them they have failed to spot. In all likelihood here, I am being far too generous with my numbers and they would have both more false positives and more false negatives. If they want to decrease the false negative rate, they will also increase the false positive rate.

          This is a nutshell is the problem with trying to find something rare in a large population.