How to catch a spy

Source: Plame vs. Whitehouse

For those of you who do not remember, Valerie Plame was working for CIA as an undercover agent and the Whitehouse leaked her CIA identify in 2003. With her cover identify blown, she left CIA in 2005.

In 2007, she published a memoir "Fair Game: My Life as a Spy, My Betrayal by the White House". CIA intervened and redacted (blacked out) "sensitive" information in the published book.

A page of the redacted Fair Game


How to catch a spy, the PARC way

A PARC team has developed a machine learning engine that is able to use contextual information that may not be sensitive by itself but in aggregate provides strong inference on what the missing information should be.

The Plame book is a perfect test case because, although the book has been redacted, the actual information is available in other public sources. In other words, we can run the book through the engine and see what kind of inference the engine can tell us and check it against the known answers.

Test case: where was her first assignment?

So, we fed the available and seemingly innocuous description on the location (redacted) of her first assignment such as "Europe, chaotic, outdoor café, traffic, summer heat" into the software.

Lo and behold, the engine comes back with Greece as the most probable answer which was indeed the case.

--
How would you use this software engine beyond figuring out if your censors are good enough? Conversely, how would you use the output of this engine? How about removing sensitive medical information in unstructured format? Or, finding that smoking gun in the mountain of data and emails in a legal case? This is an instance where tireless software with perfect memory to a large corpus of information is a better solution than the best trained/paid human attention any day.

Let me know how you would use this capability. For the most interesting idea(s), maybe I can get you a copy of the software engine to play with.

Look forward to hearing from you.

===
P@P

Cloud Computing and Security

Cloud Computing and PARC

Cloud Computing is hot - now that is a truism for the technology world today.

Beyond the hype of processing xTb of data in 24 hours by EC2 or Azure and the alphabet soup of cloud solutions, a bit of good ole' fashioned investigation seems to be important to figure out how it actually impacts the technology landscape.

In other words, PARC's Security team is intrigued after the Security Workshop.

PARC Security's Cloud Computing Offer

If you are a practitioner in the cloud computing space, we would love to hear from you. Here is a brief description of what we are doing:

==
PARC is investigating cloud computing security as a potential research area. Knowledge of current practices, use cases, and problems with regards to cloud computing security would be very helpful for this investigation. We hope to understand the actual security issues in the new world of cloud computing.
==

As for being the discovery process, we will share consolidated/anonymized information with you at the end of the study.

Please drop me a note if you wish to participate.

===
P@P

Third fire alarm

Fire! Again!

What's up with this! A third accidental fire alarm in as many months. Seems like we are on a roll. Or, there is a minor conspiracy that I am not aware of.

While waiting in the emergency area, I did have a chance to strike up a conversation about PARC during the 1989 Loma Prieta earthquake, a.k.a. the World Series Quake. Back then, people were using car radios to get updates on the status.

If it were to happen today, I wonder if the cell phone towers would hold up during the quake and if the towers would be overwhelmed with calls. Maybe a distributed and ad-hoc networking backbone would be a more robust solution, although I think people used WiMax for the 2004 Tsunami in the Indian Ocean.

Yeah, back to work.

==
P@P

"1 second" Unix Party

Ad Hoc Networking Meeting

Was in a meeting discussing CAPE. Spirited discussion all around as always.

But, we had to wrap it up early because:

Party Time

==


Sent: Friday, February 13, 2009
Subject: 1234567890 day!

Happy 1234567890 day everyone!

Today at 3:31:30pm, the number of seconds since midnight, January 1, 1970 (not counting leap seconds)—otherwise known as unix time or posix time — becomes 1234567890.

Please join us in a 1-second party in the CSL bistro area at the appropriate moment.


==

Gosh, I am surrounded by geeks!

Brilliant!

===
P@P

Security Workshop

Security as an Enabler: Visions
Highlights of a Workshop sponsored by Fujitsu Laboratories and PARC

Key areas considered
* Data Loss Prevention (DLP)
* Reputation and Trust
* Malware and Fraud Detection

Homework Questions

Where does Cloud Computing fit? Because of the cooperative nature of cloud computing, frameworks and standards might be important here. In fact, the security problems for cloud computing are at this point is not well-defined.

Interplay of reputation, malware, and social networks. The phenomenon of malvertising seems to show that the problem cannot be solved by any one party. In other words, how can reputation and social networks be used to expose and combat malware?

P@P Workshop Notes

This was a highly interactive workshop that allowed academic, corporate practitioners, and researchers to challenge each other’s ideas and find areas of common interests.

The most fascinating story for me is on the development of the DLP market when people did not think such a need existed. Now DLP is one of the fastest growing segments in the security industry.

Drop me a note if you want a copy of the workshop’s output.

===
P@P

What comes after trillion?

The short answer: Quadrillion

Lunch at PARC

One of the interesting things about lunch at PARC is that, as a result of the interdisciplinary nature of our work, people toss out conversation topics that can only be described as uncommon.

Here is one recent exchange:

--
Q: Trillion used to be a safely large number. But, with all the financial crisis and trillion dollar rescue packages, I need to know what comes after trillion.

A: Let me confirm. Ah, it is "quadrillion."

Q: Did you know that there is a long scale and a short scale. A billion in short scale is 1,000 million but in long scale is 1,000,000 million?

A: That is interesting. American is short scale. I think French is long scale. Britain used to be long scale too, but it seems to be in flux these days.

Q: I believe Chinese numerals increment by 4 zeros (1,0000; 1,0000,0000; 1,0000,0000,0000).

A: Yeah, it is call the myriad system. As a matter of a fact, the decimal system is not the most obvious numeral system for different cultures.

A: There are many ways that decimal system would not work. For example, I have been considering a 60 based systems because it is more efficient for networking.
--

Uncommon, yes. Fascinating, definitely.

Or, you had to be there.

===
P@P

2 alarms in as many months

Fire!

There is something funky about this. There were two fire alarms in as many months.

The good news is that none were real fires. Somebody accidentally triggered the fire alarms.

The bad news is that it takes a while for the whole thing to be sorted out by the professionals while everyone sits on their hands in the parking lots.

Should have brought my laptop out so I can do some work.

I wonder how good is the wireless coverage in the parking lot.

===
P@P