backtop


Print 45 comment(s) - last by lexluthermiest.. on Feb 16 at 2:41 AM

Software was pitched to the U.S. government, but not yet sold

Raytheon Comp. (RTN) has created a social networking tracking program called Rapid Information Overlay Technology -- or "RIOT", for short -- which is building a database of trillions of pieces of data on millions of users' social networking profiles.  The software digs into the usual suspects -- Facebook, Inc.'s (FB) ubiquitous social network, popular microblogging site Twitter, and FourSquare, whose location-aware apps boast 25 million users.

I. RIOT is Watching You

The idea of RIOT is to allow government agents to in a click or two examine both your behavior history, and more interestingly (or alarmingly) predict your potential future actions.

Today, mobile client use has finally overtaken desktop use for Facebook, the world's largest network.  But hidden in most mobile posts by Facebook's over 1 billion users is an information is an "exif" information tag, a special string that identifies the latitude and longitude the user posted from.  By mining exif data publicly available posts (or alternatively creating Facebook softbots to friend users and lure them into RIOT's circle of friendship), RIOT is capable of tracking citizens' daily movements.

In a video, Brian Urch, principle investigator on the RIOT project at Raytheon describes, "We're going to track one of our own employees."


By mining the publicly available information, the demo shows how the client determined that "Nick" commonly frequents Washington Nationals Park.  It even shows off a photo of a blonde whom Nick posed with at the park.

But RIOT's most powerful capability is trying to analyze the future.  Its spidery webs of information spread out, assessing the trends in Nick's behaviors.  It makes a discovery --  Nick goes to the gym each day at 6 a.m.

Mr Urch comments, "... So if you ever did want to try to get hold of Nick, or maybe get hold of his laptop, you might want to visit the gym at 6am on a Monday."

He encourages users with questions to shoot him an email at brian.urch@raytheon.com.

II. Raytheon Fights to Keep Video Demo Secret

The video was never meant to be seen by the eyes of the public.  Raytheon asked Guardian, the top UK newspaper who obtained the video, not to post it.  Comments Raytheon's spokesperson:

Riot is a big data analytics system design we are working on with industry, national labs and commercial partners to help turn massive amounts of data into useable information to help meet our nation's rapidly changing security needs.

Its innovative privacy features are the most robust that we're aware of, enabling the sharing and analysis of data without personally identifiable information [such as social security numbers, bank or other financial account information] being disclosed.

But Raytheon's argument that the product was "proof of concept" was not enough to convince Guardian not to post the video.  But even before the video, clues about RIOT were leaking out.  A patent application filed by Raytheon in December -- -- contained details relating to the data mining technology in the software.

Watchful eye
[Image Source: Alex's Archives]

In an interview with Guardian, Ginger McCall, an attorney at the Washington, D.C.-based Electronic Privacy Information Center (EPIC), complains, "Social networking sites are often not transparent about what information is shared and how it is shared.  Users may be posting information that they believe will be viewed only by their friends, but instead, it is being viewed by government officials or pulled in by data collection services like the Riot search."

III. RIOT is Even Better at Playing Big Brother Than Perfect Citizen

Raytheon, whose sales accounted for $25B USD in revenue last year, has reportedly not sold the software to any nation state clients -- yet.  It reportedly demoed the software to the U.S. government at a trade show in April.

President Obama has committed $200M USD to "big data" spending -- including efforts to track citizens online.  The Obama Administration has stated multiple times publicly that it seeks to protect citizen rights/expectations of privacy, but internally it's often fought to step up intrusive monitoring, arguing that such procedures are necessary to fight the shadowy ambiguous "terrorist" threat.

Raytheon is also authorized to export the software to foreign nations/corporations interested in using the "stalking software" on their targets, acccording to the "EAR99" designation in trade documents obtained by Guardian.  EAR99 indicates that the software can "be shipped without a [government] licence to most destinations under most circumstances."

The company already has one lucrative $100M USD counterterrorism contract from the U.S. National Security Agency (NSA).  Dubbed "Perfect Citizen", the NSA software aims to deploy digital "sensors" (scripts) to detect impending cyberattacks on U.S. networks.  Some privacy experts have complained that Perfect Citizen was a guise for "Big Brother" style tracking.

Obama Big Brother
President Barack Obama has pushed for $200M USD in "big data" spending.
[Image Source: Fits News]

The NSA claims "Perfect Citizen" is a research and development project, and not fully deployed.  But EPIC obtained documents that “suggest the program is operational and confirmed, and that Raytheon was contracted to develop and deploy certain components."

By contrast RIOT takes a narrower aim at popular civilian internet activities.  That means it will likely serve little use in combatting terrorists (who are unlikely to post, tweet, or "check-in" during their evil escapades).  However, it does make the perfect tool for companies -- or governments -- to stalk citizens, and Raytheon is eager to turn that interest into sweet cash.

Sources: Guardian, YouTube



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Public Data
By JasonMick (blog) on 2/11/2013 6:20:22 PM , Rating: 1
quote:
I think you're missing his point Jason. He's not even talking about foreign governments specifically. You or I could gather this information also which he mentions. It's freely available. Raytheon and any other US entity could collect and use this info and sell it to whoever. You could collect and sell it. I do wonder how the NSA can purchase this info (if they really are) legally as it violates the spirit of a certain law that prohibits them from doing so without a warrant. Although there is a time delay before they have to stop collecting. Loophole perhaps?
And that's why my data is private (at least what I want to keep private). :)

I wasn't sure quite what his central focus was, but he did talk quite a bit about foreign governments, so I figured that was the main point.

As to domestic monitoring, I agree this is dangerous from a "stalking tools" perspective, but I think the danger from the government is far greater, as they're pouring hundreds of millions into this.

One thing to remember too, is that you or I could certainly on a small scale go out and monitor certain profiles' exif info, etc., but most users lack the technical sophistication to realize they can do so.

A full-fledged commercial option for the less tech savvy would require finding enough creeps to finance buying hardware to store and continuously monitor millions of domestic users -- a tenuous business model. Convincing an increasing Orwellian federal government to buy that hardware is a far easier pitch.

Of course smaller scale "sleuthing" will occur so to speak, but someone could always hire a PI to just tail someone IRL, so that's nothing new or different.

What concerns me more is the ubiquitous/pervasive nature of this monitoring, which is only possible via the gov't dumping massive amounts of money into defense companies who do these kinds of projects.


RE: Public Data
By IS81 on 2/11/2013 6:36:20 PM , Rating: 2
quote:
I wasn't sure quite what his central focus was, but he did talk quite a bit about foreign governments, so I figured that was the main point.


Well, yes and no. I guess the point I was trying to make underneath it all is that if you're going to write your congressman about this or something, you'd likely do more good in the long run by focusing on protecting the data at it's source (facebook, twitter, etc.), than you would by trying to terminate Raytheon's specific snooping endeavors.

Expecting the average user to know how to protect themselves, or that there's a risk in the first place, is probably unrealistic at best. Attempts to increase awareness (like this article) are still worthwhile, but I don't think we'll see these types of big data efforts go away until/unless the sources of the data (facebook, twitter, etc.) are required to improve their privacy practices in such a way as to make them sufficiently impractical for any entity, foreign or domestic, private or public.


"Folks that want porn can buy an Android phone." -- Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki