Your personal web archive – saved forever with iterasi

iterasi is a simple browser-based tool for saving any web page—dynamically generated or otherwise—with the click of a button. The dynamic content is saved immediately—frozen in that moment in time—in an accessible HTML format and stored to a secure personal account. With iterasi, any web page can be saved, searched and shared anytime, from anywhere, forever.

Chinese Hacker Methodology Flowchart

from IntelliBriefs:

The Dark Visitor blog

This Chinese hacker intrusion flowchart above, taken from Stuhack, clearly demonstrates Chinese hackers have developed a methodology to their attacks.
The first thing that popped into my head when I saw the chart was the Police song, “Murder by Numbers.”
Is this intrusion chart unique? Probably not. Could they have taken it from someone else? Sure.
As always, many thanks to Jumper for helping me to get the correct terminology. I really had some of them botched.

CRS, What are the Benefits of an Office of Science and Technology Policy?

from ZIA: 

Secrecy News alerts us to a series of newly released Congressional Research Service reports related to national security policy. The leading report it of particular interest to the science and technology community, especially given the incessantObama transition chatter. The report is titled, “The President’s Office of Science and Technology Policy: Issues for Congress,” and it presents a thorough analysis of how the OSTP has been used, how it interacts with the executive, and its relationship with other S&T agencies (including the organizational chart of OSTP advisory councils, pictured at the right). Later in the report, however, CRS moves forward to consider how the future president might use the OSTP, asking the question: what are the pros and cons of having an OSTP at all? To that end, CRS comes to some very interesting conclusions:

From a presidential perspective, if the S&T adviser or presidential advisory committee is not committed to the President’s agenda and is not willing to represent the Administration’s perspective, the President may believe that high-level S&T advice will provide more harm than good. If the S&T adviser has a close relationship with the President, the S&T community may fear this will lead to the politicization of S&T and subvert the S&T adviser’s ability to provide independent advice. A historical review of presidential S&T activities since the F.D. Roosevelt Administration illustrates that a presidential S&T adviser or advisory committee may be placed in a challenging position when a difference in opinion exists between the President and the majority of the S&T community. The result may be dismissal or marginalization of S&T consideration from the White House inner circle.

This jumped off the page to me, because by definition the OSTP should be committed to the promotion of good science, rather than the political ends of the President. CRS continues by presenting the alternative, which is that, “an S&T adviser who understands these sensitivities may be an asset to the Administration, providing confidential advice privately and speaking authoritatively on S&T-related issues for the Administration publically.” While these sensitives would certainly be an asset to the adviser, I shudder to think of the trade-off between political maneuvering and the promotion of a legitimate national security research agenda.

Photo: CRS

Multimedia Search Engines

From Confidential Resource:

Most multimedia searching is done on metadata like the title, links, and web page text. Using speech-recognition, Everyzing  indexes words within audio and video files.

Trooker searches videos on CBC Video, YouTube, Myspace, Metacafe, Live Video, and more. It offers some useful features, but I don’t like the use of pop-up windows and Flash.

Ushahidi Deploys In The DRC

From War & Health :  Ten months ago, War & Health discussed a little known, but promising, project called Ushahidi. Born from the 2007/2008 electoral violence in Kenya, Ushahidi is a new way to report and gain low-level, real-time intelligence in crisis zones. Today, Ushahidi, in partnership with some NGOs, took a big step forward and deployed their system in the Democratic Republic of Congo.

In a nutshell, Ushahidi allows individuals to report instances of violence, looting, and other incidents via  local SMS messages. The report is then displayed on a web-based map using the Ushahidi engine. A more detailed explanation is offered in the diagram below:

I am a strong supporter of Ushahidi and I believe it will become a standard part of any humanitarian’s toolkit. That said, the project still has work to do. Presently, while the project is an innovative technological tool, it has yet to be connected with the interests of the policy folks. How well Ushahidi’s crowdsourcing methods mesh with the operations of NGOs? Of international peacekeepers? Does the project offer a value-added service to existing local health information networks? What is the potential for armed groups to exploit Ushahidi’s crowdsourced design? How best can the raw information collected be converted into reliable and actionable intelligence? In the coming weeks, War & Health will publish a series of articles looking at Ushahidi from a political science / policy perspective. Stay tuned.

Commercial satellites alter global security

WASHINGTON — The secretive National Geospatial-Intelligence Agency is rushing to get the latest, high-definition satellite photos of Afghanistan into the hands of U.S. ground troops as they ramp up operations in the country’s tangled terrain.

Read the rest of this entry »

OSINT project assigned to students

College students get plenty of assignments, but this one was different.

It came from the Office of the Director of National Intelligence as a challenge to think tanks, security companies, collegiate teams and veterans of the U.S. intelligence community. Read the rest of this entry »

ThreatsWatch: Relevant discussion about OSINT

From ThreatsWatch.org: Open source intelligence (OSINT) is, for lack of a universally-accepted formal definition, information of value that you don’t have to steal with spies or technical means.

Read the rest of this entry »

Stratfor Analysis integrated into iThreat(R) GIM

PRINCETON, N.J., Nov 02, 2008 /PRNewswire via COMTEX/ — Internet Crimes Group, Inc. (ICG) announced today that reports from international affairs intelligence company, Stratfor, will be integrated into ICG’s iThreat(R) Global Intelligence Monitor open source intelligence product.

Read the rest of this entry »

Report: Counterterrorism should focus on open source intelligence

The new administration must broaden the scope of its counterterrorism activities, including a focus on collection of domestic and open source intelligence as well as traditional foreign intelligence, the Defense Science Board said in a report outlining the key priorities for incoming leaders. Read the rest of this entry »

Top Five National Security Research Challenges/Opportunites for the Next Adminstration

From ZIA – “These are merely a reflection of my own opinions and biases, and I welcome additional suggestions in the comments or e-mail.

1. Quantum Cryptography - Quantum computing will completely change all aspects of information technology; however, its deepest consequence for national security could be in cryptography. Read the rest of this entry »

World faces growing risk of conflict

WASHINGTON (AFP) – The world faces a growing risk of conflict over the next 20 to 30 years amid an unprecedented transfer of wealth and power from West to East, the US intelligence chief has said. Read the rest of this entry »

How-To: Determining Source Reliability On The Internet (Link List)

 

http://sourcesandmethods.blogspot.com/2008/10/how-to-determining-source-reliability.html

There are a number of great sites (mostly libraries) where there is good guidance on how to evaluate internet based sources. I intend, in this post, to list some of those sites and identify some up-and-coming tools. Finally, I want to highlight an important contribution to this literature that specifically pertains to intelligence analysis.
Virtually every good research library has a page dedicated to evaluating internet based sources. Some good examples include, among others: Read the rest of this entry »

DHS discovers the challenge of creating a collaborative social network

The GAO (Government Accountability Office) has held up the deployment of the DHS (Department of Homeland Security) critical (non-classified) information sharing system.  The unlucky group that must deal with the herculean task of launching a collaborative social network of law enforcement, state, local federal and tribal agency members must answer some tough questions before continuing.  That group is the Homeland Security Information Network Advisory Committee (HSINAC). 

Some of the things these poor guys must respond to include:  

-Conduct an immediate manpower survey for an outreach effort which is basically the sales and marketing effort of the Next Generation social network they are attempting to build
-Create a fully articulated business strategy with management controls (their words not mine.)

Large scale information sharing is what social networking is all about.   Creating a critical mass and going viral is one of the phases of any successful launch.  Having a “well articulated business plan” and “management controls” in place *before* launch is not going to help.

Look at MySpace, FaceBook, Slashdot, Craigslist, Digg, Reddit,Twitter, or even Tipd which is in the process of trying to create social site for finance.   All were launched with significantly less than the $150 million that DHS is going to spend on their critical information portal.   

Here is what DHS should do to create an effective information sharing portal. 
1.    Use open standards of course. No proprietary software that has to be deployed to each desktop or department.  
2.    Immediately take the information resources they have available now and publish them.  Lot’s of great tools for that. 
3.    Create a social bookmarking capability such as Digg or Reddit so that the important information can float to the top and discussions can occur.  (Reddit’s code is free and open source)
4.    Faciliate the social aspect. Create a Twitter like functionality so first responders can follow each other and link to each other’s resources.  
5.    Provide a feed reader capability (or just let everyone use Google Reader) so the end users can follow the stuff they determine is important. 
You know that this could be deployed in a matter of days, maybe weeks since it is a government project.  Certainly within the $3 million budget that DHS has for maintaining the failed system already deployed through next September.  The only thing that may take significant investment is the credentialing system needed to keep the bad guys off the network.  

No social network has ever succeeded through central planning, outreach efforts, and management controls. Every successful new information sharing network has just happened, usually explosively.  Unless the DHS can come to grips with that the Homeland Security Information Network-Next Generation is doomed to fail.

Source: http://www.networkworld.com/community/node/34307