Tuesday, June 11, 2013

The NSA scandal, Meta Data and Lebanon

From a source who does not wish to be identified: 
"Meta Data is an old information concept and it means “data about data”. Take an image or a document you have on your laptop, if you scroll the mouse over the icon, you see the metadata: author of the document, date it was taken, date modified etc… this is important because it tells you more about the document or image thanks to the mentioned description. BUT it is not the content. Metadata started with library cards that listed information on a certain book, and traced the people who borrowed the book and when they returned it.
Now jumping to web, metadata is useful in search engines. The creator of a new webpage for instance, makes sure to include the search-relevant data on the webpage tag.
In telecom, especially in lawful interception and monitoring, the metadata is not the monitored and recorded call itself, but rather a field about the Call Data Record (CDR). It tells about the duration of the call, who called whom, the date of the call, etc… The content of the call is only obtained when the ma’lumat specifically tag a phone number and monitor it. The call would be recorded and stored on local servers (located secretly in Adlieh!).
I have worked on the lawful interception and monitoring solution in Lebanon in my previous job. (I designed the specs for one of the mobile operators). So these days, when ma’lumat ask for the data or “all data”, they would be asking for the CDRs. It is like they are asking for the phone bills of ALL registered users but with details on every call: date & time of call, duration, from which geographical cell to which cell, and a hundred other fields, most of which are useless. By the way, these are the files that Wissam Eid was working on before he was assassinated. He took the info he needed, about the suspected phones, and manually transformed them into an excel sheet to locate the distance between callers, duration, etc… a waste of time if you ask me as this can be achieved by a simple software used in the states that Lebanon can implement on the lawful interception and monitoring technology if they buy it.
PRISM started out the initiative to unify publishing content and information tags to help publishers in information management and searching techniques. Where the US intelligence agencies will take this, I don’t know. But if the Ma’lumat are sending information to their masters, whoever the masters are, they can only send what they have:
-          -  CDRs (files that contain information on the calls, date, time, duration…) think of detailed phone bills with extra information
-          -  and the monitored calls recordings (only the marked and selected numbers in Lebanon can be monitored). Technically, they cannot monitor everything.
Here is some information on the Lebanese monitoring and interception technology and capability:
-          -  You can never monitor all the calls in the country
-          -  You can only monitor a certain percentage of sim cards simultaneously (around 360,000 tagged phones out of 4 million, and only 20,000 or 40,000 can be simultaneously monitored, not sure of the numbers are correct today)
-          -  You only have a certain capacity of storage (information is discarded after a certain period of time passes; so imagine intelligence agents listening and deleting what they think is irrelevant, or not having enough time to listen to everything)
-          -  The system does not include the capability of detecting or recognizing voice key words like allah, god, bomb, etc…
-          -  Data (internet) monitoring is more difficult and almost impossible, whatsapp and viber, whether using voice or data, are almost impossible to monitor. Iphone and apple technologies are more fragile but you need some specific parameters to monitor
-          -  Ma’lumat recently bought (or were given) air triangulation devices that they can use to intercept over the air (At a stake out, the agent would have to hold the device and point it correctly towards the phone of the suspect and try to decrypt… a big hassle, and they still don’t know how to use it!)"