Open Source Spying

eldavojohn writes "The New York Times is running a very lengthy but amazingly interesting article on the short history of open source software and information on the inside of the intelligence community. The article discusses the transformation of the intelligence community from fighting the Cold War with traditional information exchange to fighting terrorism today utilizing things like wikis & blogs. From the end of the article, 'Today's spies exist in an age of constant information exchange, in which everyday citizens swap news, dial up satellite pictures of their houses and collaborate on distant Web sites with strangers. As John Arquilla told me, if the spies do not join the rest of the world, they risk growing to resemble the rigid, unchanging bureaucracy that they once confronted during the cold war. "Fifteen years ago we were fighting the Soviet Union," he said. "Who knew it would be replicated today in the intelligence community?"' You may recall that the CIA now has their own classified Wiki. I think it's interesting that the 9/11 Report recommended that United States agencies such as the DoD, CIA & FBI learn to share information more freely to overcome terrorism and now they're turning to internet community applications to accomplish that."

Movie OS is a lie?

[BadAnalogyGuy (945258)]

I hope I don't have to repeat myself.

THAT'S WHAT THEY WANT YOU TO THINK.

"Yeah, our systems are like old and stuff. Boy we sure aren't very technically adept at all. We couldn't monitor all phone calls in the world and automatically flag some for futher investigation. Nosiree. We're just some bumpkins who fell off the turnip truck near the guardpost at Langley. What's a cumpooter?"

Re:

[dbIII (701233)]

There's a big difference between a Tom Clancy fantasy and reality. These agencies are nowhere near as competant as the conspiracy theorists think - I'll guess that after a long list of dramatic failures the agencies of other nations will not trust US intelligence unless it is verified from another source. There's even loonies that think polygraph tests and torture work to find out if people are telling the truth at the top of some of those agencies. The famous link between Saddam and Bin Laden shown to t

Re:

[stunt_penguin (906223)]

Thing is, I think Clancy didn't to too badly when showing that actually half the time the intelligence community doesn't know what's going on, they're not omnipotent, and that communication is very far from perfect; with multiple levels of bureaucracy, personal matters getting in the way of getting things done, and the occasional bout of duplicity.

Re:

[by Anonymous Coward]

These agencies are nowhere near as competant as the conspiracy theorists think

Having been a full-time employee at the NSA, I can say that these agencies are nowhere near as competent as Hollywood often thinks, much less what the conspiracy theorists think.

Posting anonymously for obvious reasons...

Re:

[ripcrd (31538)]

Ah, but the drowning of one terrorist is always a good start. If only they were drowned at birth or left in the woods for the wolves to raise. We would then have a bunch of Mowglis running around in the sand and not a bunch of human bomb triggers.

Re:Movie OS is a lie?

[SunTzuWarmaster (930093)]

If you are weak, let your enemies think you are strong, for they will be afraid to attack. If you are strong, let your enemies think you are weak, for they will attack the ground of your choosing. - Sun Tzu, The Art of War

Re:Movie OS is a lie?

[TubeSteak (669689)]

The only problem with Sun Tzu's words is that "your enemies" are not always easily distinguishable from "citizens of your country who have done nothing wrong".

Which is exactly the issue that intelligence agencies are dealing with.

Re:

[SunTzuWarmaster (930093)]

So we should tell them everything that we are capable of?

Like it or not, this is an information war just as much as it is a religious one. Terrorists/Guerilla troops never purposely attack strong locations. If we can mislead them into thinking a strong location is weak, they will attack it (and hopefully lose). If we can mislead them into thinking a weak location is strong, they will not attack it. It is that simple.

What you imply is that terrorists drive down the street weilding rocket launchers and at

It makes you wonder

[aussie_a (778472)]

It makes you wonder whether or not people will take offense to their tools being used by such agencies and whether or not they'll develop licenses to ban them from using them. If they do, would they be enforceable (assuming the person somehow found out). And if it was enforceable, is there absolutely any way to find out legally? Whistle blower? If the government breaks license agreements and classifies that information, shouldn't that be illegal?

Re:

[Salvance (1014001)]

It seems unlikely that an open source license that restricts a small group of people would hold in any court. The CIA/NSA/etc is going to continue using open source software as a jumpstarter for building other software. Heck, even if these groups blatantly broke all license terms in the process, the government would declare their Use a matter of national security and nix any legal proceedings before they started.

Re:It makes you wonder

[arun_s (877518)]

RTFA please! The title is a bit misleading, the article is not one bit about open source software. Its about having a more 'open' online presence within its branches, such as through the use of blogs and wikis. The blogs example particularly has a good case for it: the example of google using links to rank the importances of pages is given, compared to the mess of unsortable data the government previously seemed to be having.

Re:

[Monsuco (998964)]

It makes you wonder whether or not people will take offense to their tools being used by such agencies and whether or not they'll develop licenses to ban them from using them

The NSA made security enhanced Linux, other government agencies have worked with FOSS projects. Rather than banning it, they should encourage it. Besides, our enemies don't care about licenses. Which do you prefer, the NSA using Linux and FBI using Wiki software, or seeing our enemies be the only ones to take advantage of it?

Re:

[tomjen (839882)]

Besides, our enemies
Not all software developers comes from the US. I most certainly do not want the NSA to have any software at all.

Re:

[EQ (28372)]

"I most certainly do not want the NSA to have any software at all."

Too bad you are so close-minded (and actually pretty stupid given that absolute statment about an agency which you know little of, other than inaccurate press reports). The NSA does do good work amongst all its tasks, need I remind you of SE-Linux?

And besides, the GPL means to make software Free - and that means *anyone* can use it.

Re:It makes you wonder

[Daniel Dvorkin (106857)]

I most certainly do not want the NSA to have any software at all.

Then realistically, you're going to have to stop developing not only open source software, but any software at all.

This is the flip side of "information wants to be free" -- once it is free, it's really free. Proprietary, open source, whatever; once the bits are out there, they're not going back. Microsoft cannot stop people from using Word to write documents critical of Microsoft, or Visual Studio to develop software that competes with Microsoft's offerings. The NSA cannot stop people from using SE Linux to securely store, process, and transmit information that might be detrimental to the US. China cannot stop its citizens from reading web sites which contain content the government doesn't like; neither can Iran. And you, once you write a piece of software that might somehow be useful to some spook in some three-letter agency, and release that software into the wild, have absolutely no control over what happens afterwards.

Re:

[kabocox (199019)]

It makes you wonder whether or not people will take offense to their tools being used by such agencies and whether or not they'll develop licenses to ban them from using them. If they do, would they be enforceable (assuming the person somehow found out). And if it was enforceable, is there absolutely any way to find out legally? Whistle blower? If the government breaks license agreements and classifies that information, shouldn't that be illegal?

Trying to go against the government is a lossing battle unless

Re:

[RAMMS+EIN (578166)]

If you disallow intelligence agencies from using your software, it's not open source [opensource.org]

Back then

[El Lobo (994537)]

Back in the cold war times, secret services agencies had hundred of peoples reading ad analyzing every number of the must important publications in the world, searching for clues and disguised information. I guess the same can be applied now for the web, with the advantage that it's a lot easier to search the web and classify information using database filters than it was back then.

Re:

[hazem (472289)]

Ironically, such people are called "Open Source Analysts" - as in the source is not classified/closed and is out in the open. Even a few years ago the CIA was still advertising such positions. They typically require a high level of language fluency and cultural literacy.

Re:

[Daniel Dvorkin (106857)]

But are they GPL'ed? Can I fork one as long as I make available any modifications to the source? 'Cause I'll bet some of those Open Source Analysts are pretty hot.

Re:

[EQ (28372)]

"The only way to defeat "terrorism" is by getting rid of interventionism and changing the foreign policy"

And how would that placate those violent Salafists who wish a world-wide Caliphate, and are prepared to inflict mass casualties to obtain it?

You seem to be woefully ignorant of the "causes of the issue" if you are imply they are economic - and remember that the 9/11 terrorists were middle-class Saudis. No poverty issue there. They were not flying into the buildings screaming "Gimme More Money", nope it

Re:

[Hognoxious (631665)]

But it damn sure isnt more of the same that we tried in the 80's (supporting "our" dictators) and 90's (treating it as a socio-economic and police issue).

Nuke them from orbit. It's the only way to be sure.

Re:

[mspohr (589790)]

One of the most interesting points of TFA (yes, I did RTFA), is the point that the "old" spying was about discovering a few vital secrets (i.e. USSR had secrets about numbers of weapons, etc.) and this required moles, traitors, secrets, etc. However, the "new" spying is largely about reading what is already out there "on the street" and putting it together. This is a completely different mode of operation and requires wikis, networks, social spaces, and Google type searches... thus the "open" spying of th

Re:

[Daniel Dvorkin (106857)]

Carrot and stick. We should, absolutely, do what we can to reduce the root causes of terrorism (which includes things like, oh, say, not invading countries that pose no realistic threat to us at all) in the well-founded hope that such a policy will, in the long run, diminish the threat considerably, if not make it disappear.

But.

The fact of the matter is, right now, there are a fairly large number of people (not all of the Arab or Muslim, by any means) who do hate us enough to do things like flying planes i

Re:

[lixee (863589)]

We need to be ready and able to defend ourselves against such people -- if possible by stopping their plans

You mean their planes?

Seriously though, I agree with you that intelligence would play a role in avoididng more damage. The problem is that, from my standpoint, all the supposed "war against terror" achieved was stripping Americans of their liberties, killed thousands of perfectly innocent Iraqis and triggered a witch-hunt against Muslims that McArthur would be proud of. The last two consequences a

Do other countries spy agencies do the same thing?

[dnarepair (936270)]

One thing tha was not really discussed in the Times article was whether the same type of "social software" is being used in other countries' spy agencies. And what about international groups like Interpol and NATO. How do they share information that is sensitive and/or secret in some way?

They will be sharing internally

[cold fjord (826450)]

I think it's interesting that the 9/11 Report recommended that United States agencies such as the DoD, CIA & FBI learn to share information more freely to overcome terrorism and now they're turning to internet community applications to accomplish that."

They will be sharing more internally, cutting across organizational boundaries and through previous barriers, and not necessarily with the outside world.

We will often never hear of their successes [whitehouse.gov], even when some of them [usdoj.gov] are readily available. I'm astonis

Re:

[ScentCone (795499)]

Just like every person shot or bombed in Iraq is an 'insurgent' or 'terrorist' because the US has magic 'insurgent seeking munitions'.

Do you have any idea how different that conflict would look if we did act like the insurgents and exhibit no concern over who got killed on the sidelines? If we know there's an Acme IED Factory franchise operating out of the basement of a Baghdad apartment building, we can either risk the lives of our own people, and try to surgically deal with it, or we can just drop some

Re:

[ScentCone (795499)]

Do you wonder why they are shooting at you in Iraq

You use the word "they" as if "the Iraqi people" are doing the shooting. Most of the people being shot by Iraqi people are other Iraqi people - but that's only a very small part of the carnage. Just like under Saddam - except that then, it was the minority Sunnis as brutally ruled by a family from Tikrit, killing people by the tens of thousands, for decades on end. Now you've got small sectarian cells fueled by cash and weapons from Iran and Syria, with t

Argument 101

[Quadraginta (902985)]

We will never hear of their failures, because those are bad for politics and being secrets that are not subject to scrutiny, they never have to be revealed.

Hmmm...and so how is it you know enough about the many failures to be so cynical? Who revealed the deep dark secrets to you? Or when you say "we" do you really mean you stupid yobos, us, the great ignorant unwashed public, who aren't nearly as clever as youself and can't see the obvious?

Just like every person shot or bombed in Iraq is an 'insurgent' or

Open Source?

[teoryn (801633)]

Just because they said Open Source on one of ten pages doesn't meant they're talking about open source software. Blogs and Wikis are concepts, and it wasn't mentioned what software they run on. The whole thing was just about (surprise surprise) how much technology sucks in the government, and how two people (out of all of inteligence community) are trying to change it. The reported just used the term 'Open Source' to mean shareing.

RTFA.

Re:

[Carewolf (581105)]

Which is what open source means in the intelligence services. It is opposed to secret source where you need to keep your sources and results secret.

DoD Using OSS

[Derlum (216320)]

I think it's interesting that the 9/11 Report recommended that United States agencies such as the DoD, CIA & FBI learn to share information more freely to overcome terrorism and now they're turning to internet community applications to accomplish that.

Very interesting, but certainly not surprising. Tools such as Wikis and blogs have exploded in popularity with the private sector because they are easy to use and more efficient than available alternatives (if any exist). It makes perfect sense that government agencies would be looking to harness those same advantages that have worked to the benefit of the public at large.

I think one of the most interesting things to me in my limited dealings with unclassified DoD communications contracting is that these government entities do not have an aversion to or ignorance of the available OSS technologies. On the contrary, they frequently have a strong desire to use these tools, but they're waiting for budget money to contract someone to tell them how to use it properly and securely. Unfortunately they often end up waiting far longer than they should.

Re:

[Elektroschock (659467)]

The point is that secret services have a severe problem which is secrecy. Secret organisations tend to be inefficient and unaccountable. Not because they do evil things but because they waste ressources and nobody watches it. You don't really know whether their work is worth the money spent. Today everyone of us can find out a lot more than a bureaucratic agency does for hard cash.

....not Open Source...

[trainsnpep (608418)]

I read the article yesterday. I almost submited it to /., but then I realized it has almost nothing to do with open source. The article primarily talks about the "wiki" style of intelligence the US gov't is trying to set up, instead of the "need-to-know" style. It talks about technical issues preventing that which could easily be solved among the /. crowd.

This is a good article

[bgfay (5362)]

I read it Sunday and also submitted it to /. The thing about it is that the author gets both the spy agency and the technology. I heard a comment on the radio the other day that I can't quite remember but it said that terrorism is just a technology problem waiting to be solved and the best way to do it is to open source it and have a million eyeballs on the thing.

Anything would be better than the annoyance of having to be at an airport for two hours, ditch most carry-on items, and submit to ridiculous searc

Re:

[Quadraginta (902985)]

Anything would be better than the annoyance of having to be at an airport for two hours, ditch most carry-on items, and submit to ridiculous searches and checks.

Christ, yes. I say let's dump the entire security/screening circus for passengers, and instead put a big bin of .45s right next to the boarding gate, and any passenger who wants can pick one up for the flight, dump it in a similar bin when he gets off the plane at the other end. We'll put in some .38s for the grandmas, too.

I can't imagine anyone w

Re:

[ScentCone (795499)]

anyone have really cared if richard reid had a bit of a smoke?

Ah! See, I didn't know that all he was trying to do, while lighting fuses going into the explosives in his shoes, was just to "have a smoke." Yes, your credibility is solid, solid, solid.

The sad part?

[Mr. Underbridge (666784)]

Pathetic that an open-source wiki *needs* to be established, but it's accomplished more than, say, SAIC's failed $200M boondoggle that was supposed to modernize the FBI's computer systems. See http://www.washingtonpost.com/wp-dyn/content/artic le/2006/08/17/AR2006081701485_pf.html [washingtonpost.com] for an enlightening read.

Classified wikiality

[Rob T Firefly (844560)]

Did you know that the number of terrorists has tripled in the past six months? [wikipedia.org]

Rule By Obfuscation

[brother bloat (888898)]

There are (at least) two ways to prevent people from doing what you don't want them to do. The first is making it impossible for them to do it, even if they know how you're preventing them. I argue that this is analogous to the open-source model of security - the algorithms are open source but the encryption is still hard to break.

The second method is obfuscation - making "doing what you don't want people to do" or "reading what you don't want people to read" so difficult, obscure (secret), bureaucratic,

Friends-only

[mattwarden (699984)]

What's the point of this kind of research when terrorists can just make their myspace friends only?!

Can you imagine it?

[3.5 stripes (578410)]

A wiki without trolls. My mind is aboggle*.

*yeah, made up word.

Be careful with meaning of "open source"

[apfsds (763138)]

First of all, Slashdotters need to understand that the term "open source" can be used differently in other contexts. In the intelligence community it has a specific meaning that has nothing to do with software - it refers to intelligence information available through publicly available sources (e.g., the news media, jihadist web sites, web blogs). Don't read too much into the title of the article - I doubt even the author knows for sure which meaning of "open source" was intended.

Vague communism hint?

[init100 (915886)]

"Fifteen years ago we were fighting the Soviet Union," he said. "Who knew it would be replicated today in the intelligence community?"'

What is this? A vague hint that open source is communism?

other way around

[owlnation (858981)]

Ah, if it were only possible to tell when the Feds were viewing your information... Any spending time on some blogs would have some explaining to do. There's not always coded messages, there's not always secrets - um, unless you count Victoria...

Re:

[aussie_a (778472)]

But.... doesn't the Patriot Act allow people to be thrown into jail without a warrant, without a timelimit and without due process? What does an information sharing law have to do with allowing certain people to get locked up?

Re:

[BadAnalogyGuy (945258)]

The Patriot Act was designed to address the lack of interagency communication, specifically with regards to intelligence. The FBI didn't know what the CIA didn't know what the NSA didn't know what the local police didn't know. Now that all the federal agencies are under the DHS banner, they can share information easily and openly.

All that other stuff was just a bonus!

Re:

[morgan_greywolf (835522)]

Um, have you actually read the Patriot Act [epic.org]? Of the Act's 10 Titles, only one section of one title (Sec. 504) even remotely relates to improving coordination among government agencies. Most of the rest of the act is designed to increase government powers relating to anti-terrorism enforcement, anti-money-laundering enforcement, anti-counterfeiting enforcement, and increasing the powers and authority of the Director of Central Intelligence and the President.

The Patriot Act does not setup DHS, nor does it pu

Re:

[thePowerOfGrayskull (905905)]

Um, have you actually read the Patriot Act [epic.org]? Of the Act's 10 Titles, only one section of one title (Sec. 504) even remotely relates to improving coordination among government agencies.

Have you actually read it? Or just skimmed the TOC? After having taken the time to read it, I can say you're not quite wrong -- but you're also not correct. In short: it ensures that powers already held by the US government for use in various investigations also apply to counter-terrorism. It expands what information can be shared and with whom (increasing communication) -- but it also limits the use of that information to the matter at hand. That's section 204, which also seems to cover improving in