Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Privacy Security PHP Programming

Datamining the NSA 236

elmartinos writes "With official permission from the data protection committee in the Austrian Office of the Federal Chancellor, quintessence (an association for the re-establishment of information civil rights) has data mined an extensive mailing list related to the Biometric Consortium, which is part of the NSA. Heise (Google translation) writes that a quintessenz activist was able to get access to the mailing list through social engineering, and used a PHP script to extract 1GB worth of data. Quintessenz is using the open source tool Weka for data mining, and Kea for text mining. The first chapter of the gathered information is available online."
This discussion has been archived. No new comments can be posted.

Datamining the NSA

Comments Filter:
  • by Anonymous Coward on Friday March 04, 2005 @10:14AM (#11844149)
    Oh, great.

    Now we're going to end up with a hundred thousand troops in Austria. Thanks!

    • by harmonica ( 29841 ) on Friday March 04, 2005 @11:20AM (#11844739)
      Oh, great. Now we're going to end up with a hundred thousand troops in Austria. Thanks!

      But the troops will have Strudel and Schnitzel instead of Falafel. That is quite an improvement.

      If you make Ahnuld commander, Austrians will welcome the invasion whole-heartedly. They sure like their Arnold. And if I remember 1938 correctly, they'll welcome anyone [wikipedia.org] anyway.

      Yes, it's a bit flamebait-y, but you can learn something if you follow the Wikipedia link.
  • by BJZQ8 ( 644168 ) on Friday March 04, 2005 @10:14AM (#11844151) Homepage Journal
    Obviously then, Open Source Software should be banned for national security reasons!
  • "The first chapter of the gathered information is available online."

    Was. Online.

    Damn, this is something i want to read ... the article is not loading already :( Mirrors anyone?
  • Maybe now... (Score:4, Insightful)

    by Drantin ( 569921 ) * on Friday March 04, 2005 @10:15AM (#11844153)
    ...people will stop downplaying social engineering?

    And why does it matter what language the script used was in, unless there was some bug in a script on the webserver related to the script parser...
    • And why does it matter what language the script used was in...
      Err, because the script you follow in a social engineering attack needs to be in a language the guy at the other end of the phone can actually understand?
  • by JLavezzo ( 161308 ) on Friday March 04, 2005 @10:15AM (#11844157) Homepage
    But, your honor, I'm not a Con Artist, I'm a professional Social Engineer!
  • Mother of God, that's got to be one of the worse translations I've ever tried to read.

  • Dear Sir... (Score:3, Funny)

    by gowen ( 141411 ) <gwowen@gmail.com> on Friday March 04, 2005 @10:16AM (#11844169) Homepage Journal
    We are the Feds. And as soon as we can game access to your slashdotted server, we're coming after you.

    Yours,
    J. Edgar Hoover (deceased)
  • Not smart (Score:5, Funny)

    by SlayerofGods ( 682938 ) on Friday March 04, 2005 @10:16AM (#11844172)
    How smart is it to make a fool of the NSA?
    I mean look how fast they made their server disappear.
  • NATO crumbling (Score:3, Insightful)

    by geoffspear ( 692508 ) * on Friday March 04, 2005 @10:21AM (#11844215) Homepage
    The Austrian government gave someone permission to hack the NSA? That's got "serious diplomatic incident" written all over it.
    • Re:NATO crumbling (Score:5, Informative)

      by barnacle ( 522370 ) on Friday March 04, 2005 @10:40AM (#11844382) Homepage
      Austria's not a member of NATO.

      Secondly this mailing list was/is an open list. The magical "hack" here was writing a script to get some historical postings that weren't easily accessed.

      Also Quintessenz apparently notified the list that it was going to be analyzed and nobody complained (probably because it's an open list anyway).

      This, like many other Slashdot stories lately (or is it just me?) is unbelievably overhyped bullshit.

      Or, if prefer another viewpoint, and you too would like to join the ranks of NSA hackers - follow this secret link to the mailing list!
      http://www.biometrics.org/html/listserv.htm l

      (but don't tell anyone I posted this link. I don't have a tinfoil hat... yet)
  • by zardor ( 452852 ) on Friday March 04, 2005 @10:22AM (#11844225)
    In related news, Austria was today added to the members of the "Axis of Evil"

    • by Nailer ( 69468 ) on Friday March 04, 2005 @10:45AM (#11844432)
      In other news, the US will declare war on Australia in six months time.
    • by Anonymous Coward
      In related news, Austria was today added to the members of the "Axis of Evil"

      What a ridiculous idea! Austria could never produce anyone truly evil!
  • Good grief (Score:5, Insightful)

    by Otter ( 3800 ) on Friday March 04, 2005 @10:26AM (#11844243) Journal
    1) The Biometric Consortium is not "part of the NSA"
    2) Somebody lied a bit to get onto a relatively open mailing list
    3) This whole thing is on par with kids grabbing some telephone switch manuals out of a dumpster and bringing them to a 2600 meeting to show off to other losers.
    • Exactly. This isn't 'Top Secret' information here.

      Ten to one you could have just FOIAed this and more.

      • No way, An FOIA request would have resulted in them locking it all down and crying "national security". I bet half of that list is just stuff like government contract managers asking if someone can tap their ex-girlfriend's cell phone.
        • Wrong. I did an FOIA task while stationed at the location in question. You're paranoid and don't know what you're talking about. FOIA doesn't automagically declassify things.
    • Re:Good grief (Score:5, Informative)

      by dnxthx ( 22324 ) <rmicheals&lehigh,edu> on Friday March 04, 2005 @10:36AM (#11844338) Homepage
      "The Biometric Consortium's Electronic Discussion Group is for federal, state and local government employees and others in industry and academia interested in biometrics. The Electronic Discussion Group is a free electronic mailing list for sharing discussions about all things biometric, ranging from research questions to meeting announcements.
      "
    • Whatever they do, I wanna join. Simply so I can put on my resume "member of the Biometric Consortuim". If they ask what that is, I'll simply explain that it is associated with the NSA and I cannot say any more than that. After which I would let them know it would REALLY be in their best interests to offer me a position...
    • by tigeba ( 208671 ) on Friday March 04, 2005 @11:07AM (#11844620)

      1. Sign up for "secret NSA mailing list" at http://www.biometrics.org/html/listserv.html

      2. Read archives

      3. Super haxxor!
  • what this project is and what it means? I can see they got access to a mailing list, and they're putting together key dates in it, but I can't see the broader goal this is in support of.

    Could some kind soul let me know?

    Many thanks.

    D
  • by account_deleted ( 4530225 ) on Friday March 04, 2005 @10:31AM (#11844301)
    Comment removed based on user account deletion
    • So you're giving a grep command that will generate output to stderr and piping stdout to another grep command that will not accept any input, which completely doesn't make sense. Brilliant.
  • by duffbeer703 ( 177751 ) * on Friday March 04, 2005 @10:46AM (#11844438)
    I've conducted extensive analysis of a top-secret message board called "Slashdot". Slashdot is known to be regularly visited by employees of many government agencies, including military and espionage organizations.

    Based on my expert analysis of the message traffic, I have determined:

    1998-2000 - Using supercomputing VA-Linux beowulf clusters and drawing upon the grit-making skills of Natalie Portman, the NSA was doing bad things.

    2000-2003 - Mr. Goatse and Tubgirl complete the VA-Linux transition to OSDN and formulate the Slashdot/NSA/CIA business plan:
    1. Take distgusting pictures
    2. Utilize legacy hot grits(tm) technology
    3. ???
    4. Profit!

    2004-present - RIAA sues everyone. The universe is safe.
  • by jkitchel ( 615599 ) <<jacob_kitchel> <at> <hotmail.com>> on Friday March 04, 2005 @10:47AM (#11844450)

    If you want to know what's going on in the US with respect to biometrics, head over to the site for the M1 working group [ncits.org] which writes the standards.
  • by mcc ( 14761 ) <amcclure@purdue.edu> on Friday March 04, 2005 @10:50AM (#11844464) Homepage
    This slashdot blurb is the most dense collection of buzzwords I think I've seen in months. I try to make sense of it and all I can see is "Linux crypto hackers open sourced the BSD Microsoft monopoly!"

    I think it has its own gravitational field
  • NSA not that secret. (Score:5, Interesting)

    by BeProf ( 597697 ) on Friday March 04, 2005 @10:58AM (#11844530)
    Contrary to popular belief most (or at least a lot) of what the NSA does isn't all that secret. They're mostly just concerned with improving I.T. security in general, both for the gub'mint and private corporations. The do research. They publish papers. The typical boring CompSci stuff. This mailing list was probably a bunch of people involved in this sort of low-level work.

    The secret stuff is done by Central Security Services and the Information Assurance Directorate. They're the guys that "certify" trusted networks and systems. They basically do for networks what the FBI does for people when they investigate them for clearance. Of course, as part of their job, they "audit" the security of our critical systems remotely and covertly (i.e. Red Teaming).

    The really secret stuff is done by the SIGINT folks. They're tasked with intercepting and analyzing any "interesting" communications while at the same time keeping our communications secure. They're the codemakers and the codebreakers. Even in this über-secretive area, they're pretty much just a bunch of crypto-geeks who never get their hands dirty (they leave HUMINT to the CIA).

    Heck, the only guys at NSA HQ who even carry guns are the security guards. Well.. them and the several thousand soldiers surrounding them (they are in the middle of an Army base after all).

    That all having been said, whoever "harvested" this information is asking for trouble. They can expect a visit from some counter-intelligence officers who will want to know exactly why these persons are so interested in who's on the NSA's payroll.
    • Well that's not what I *read* in Paranoia Magazine [paranoiamagazine.com]...

      You might want to check your sources of information there, buddy.
    • At least these guys could belly-up-to-the-bar and release their modifications to the GPL'ed software they used, especialy considering that SELinux is GPL'd and is basicaly a NSA project, and Larry Wall started perl developement while at the NSA. All uber-secret stuff. Kind of like playing I'll show you mine if you'll show me your's and chickening out after you got a peek.
    • The really secret stuff is done by the SIGINT folks ... they're pretty much just a bunch of crypto-geeks who never get their hands dirty (they leave HUMINT to the CIA).

      Funny, I would have thought "getting your hands dirty" would have been called SIGKILL...
    • Contrary to popular belief most (or at least a lot) of what the NSA does isn't all that secret.

      Later on...

      The really secret stuff is done by the SIGINT folks.

      WTF!? They're "not that secret" but they do "really secret stuff"?
      That fact is that the NSA is a highly secretive organization. Try reading their employee manual. [think-aboutit.com] As a matter of fact, if you asked me for an example of a "secretive organization", the NSA would be one of the first examples to come to mind.

      Heck, the only guys at NSA HQ who
  • Give me a break... (Score:5, Insightful)

    by Granos ( 746051 ) on Friday March 04, 2005 @10:58AM (#11844535)
    Social engineering? Signing up for the listserv is a matter of going to this website. [biometrics.org], then filling out such hard hitting forms as "Name" and "Interest in Biometrics", and waiting for an e-mail confirmation stating you've been approved. Since the website says that its a free listserv for anyone interested in Biometrics, I don't think approval would be all that hard to get. After they signed up, they then summarized the most interesting things from each year that were posted to the listserv, and posted the results on the web. Wow! From the summary and translated article make it seem like they pulled a government approved hack of the NSA using cunning wit and unmatched skill or something.
  • coral cache here [nyud.net]

    It's slowly filling, but looks like I got to it before the quintessenz server imploded.
  • Wrong Story (Score:5, Insightful)

    by Tom ( 822 ) on Friday March 04, 2005 @11:26AM (#11844814) Homepage Journal
    The story isn't that they got onto the mailing list.

    The story is that they have sifted through huge amounts of data to extract the interesting parts, and essentially made an analysis of the history of biometric standards, and the respective attempts of NSA people to push it this way or that.

    It's one thing to post "I think the NSA is influencing biometric companies" to /. and it's an entirely different thing to analyse thousands of postings to prove that and how they influence whom and when.
  • by ndogg ( 158021 ) <the.rhorn@NoSPAm.gmail.com> on Friday March 04, 2005 @12:34PM (#11845456) Homepage Journal
    At least the NSA can relax now. The slashdotting is melting the server right now.
  • This is excellent news. Our NSA is (by design, by nature, arguably by necessity, though I would suggest our Constitutional code on treason should serve as argument against that theory) much too opaque, and anything which increases the transparency of government is a good thing, IMO.

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...