According to Hollywood, spies have access to all sorts of gizmos that mere civilians could only dream of playing with. But it turns out that American secret agents use Google just like the rest of us. Now we are able to find out exactly how, following the publication of a hush-hush spooks' guide to the internet. A 651-page tome …
Geez, I'm getting old
Still may get a copy just to see what those tax dollars have produced.
Likely to be disappointed.
"Do not rely on Wikipedia as as your sole reference or source of information."
Judging by the way some of the US authorities behave I don't think many got to the line above, especially the proof reader!
But why would you?
All the real intel is on Wikileaks, after all.
I thought they just asked the British government to get their boys to sex some stuff up for the NSA when they wanted "useful" information. Saves all that tedious typing and searching and you get exactly the information you need, if for example you want to invade someplace pronto.
The US authorities often appear not to have even made it as far as Wikipedia in their "research".
Re: But why would you?
Funny, as the information on Wikileaks that some find interesting came from networks that the NSA monitors and can access themselves.
I used to get alerts from the NSA about malware that went undetected by the commercial sensors, IDS and IPS systems and squashed it immediately, so I know what gets monitored and by whom.
Of course, what made its way to Wikileaks wasn't anything really damaging, the dangerous stuff isn't on SIPRnet, it's on JWICS, which Manning had no access to.
Nah, they ask Italian intelligence for "useful" info when they want to invade someplace pronto.
Remember, the intel on yellowcake in Iraq was injected into the Italian intelligence system by fired CIA analysts.
Bush the Lesser then ran with that "information", completely against the advice of his entire intelligence community.
RTFM - great advice to spies (or anyone else)
Great advice, to add my tuppenceworth If you need a company logo (perhaps to create a business card whilst pretending to be a rep), forget all the 'brands of the world' nonsense and search for a PDF from the company's website. Most are created using indesign and contain .eps or .ai vector logos which can be very easily ripped out and repurposed.
A basic understanding on how the web works (or rather how webmasters work) and the ability to think like a user can be considered a "hack"
It's been my experience that the link between thinking and searching the web is not as common as one might think. From a wide variety of users from different backgrounds that I've helped out, few are pretty good at it, so many others are not. It's really odd from my perspective but it does exist to my surprise.
Perhaps a Federally funded low impact study by El Reg's Special Projects Bureau is in order? The ridiculous amount of revenue received might fund other more nefarious projects - just saying.
100% agree. Trying to teach my dad to use Google is impossible. Hes an electric engine by trade but can't understand key words searching.
Training goes like this:
Me: Dad what are you looking for?
Dad: Holidays in Spain?
Me: OK, type holidays in Spain in the box.
follows him typing very slowly with is index finger.
Me: OK, see all these links on the right, ignore them their ad's same goes for the ones at the top.
Dad: whats a link?
I give up and just create loads of short cuts on his desktop for Gmail, Thomson holidays and the like.
Not forgetting that he and my mum some how think the password they use in work for work email is the same as the Gmail account I set up for them, and its some how the computer and my fault.
@I think so I am? - Is this your Dad?
I recall noting some astonishment around the room when some intelligence analysts learned that they could use boolean searches and regular expressions on Google.
A significant amount of astonishment was on my part, as I had never known that military intelligence had any comprehension of logic.
But, once they learned that fact, they became true Google ninjas!
Re: @I think so I am? - Is this your Dad?
That looks more like my wife's handiwork.
No clues here
How nice to see the the word clew in print in the 21st century. (Page 1, "Preface: The Clew to the Labyrinth"). Who'd have thought that the NSA has people who cite Popper and Borges on the same page?
What next, will we see the phrase "tow rag" in the Register? Oh, wait.
Is that icon Ariadne's coat?
Re: No clues here
I've met quite a few NSA analyst types and more than I wanted to meet Company men.
The one thing I can say is, they're incredibly literate and quite bright. It seems that the middle management is the problem, as the Peter principle is firmly in place in government.
I'm impressed. Contrary to received wisdom, it seems that there is at least one intelligent person in US Intelligence.
I'm known in the office (& by my girlfriend) as Google Boy
due to my powers at finding information through Google.
The most recent request I had from someone was to find from a description of one of Beyonce's backup dancers their name (purely for their research purposes, I'm sure).
Within 10 minutes I gave them back; her name, family details, home address, facebook, twitter & tumblr alongside a suggest plan of approach on which family & friends he should befriend first en-route to winning the target's hand in marriage. Perhaps a little too far, but hey every client loves a good powerpoint, right?
I'm going to enjoy improving my skills with this... soon I shall be unstoppable, in a creepy 'I know where you live' kinda way.
Re: I'm known in the office (& by my girlfriend) as Google Boy
Our sales team has been trained to do this. Between linked in, FB, twitter, tumblr etc its pretty easy to get everything from family photos to how much their house is worth. In a lot of cases you can make a very educated guess on income level etc. All from public sources indexed by google and freely available.
It really surprises me just how much you can find out about somebody with simple searches.
Never take information as sacrosanct which is verifiable from only one source.
Re: Tip 2
Never take information as sacrosanct which is verifiable from only one source. Quite. (1)
So now everyone believes that US spooks merely use commonplace techniques and that they congratulate themselves with the term "hack" when they RTFM? Is that what NSA wanted?
Which means that I can breathe a sigh of relief and put my correct DOB on Farcebork after all: or is that what they actually wanted?
How can I be so sure of my so-called scepticism?
(1) I'm sure I heard this somewhere else before, but don't just take my word for it.
Re: Tip 2
Actually, the majority of intelligence agencies around the world merely use commonplace techniques in part of their investigation. They add in other methods when required to further enhance understanding of a subject.
As for taking information as sacrosanct from only one source, that is how Bush the Lesser decided to invade Iraq. One injected bit of false intelligence from some fired analysts.
For the life of me, I don't understand *why* they can't get a contracting gig with the Company since then...
The bit that suprises me is people happily opening a PDF fom the NSA. I'm not going to look at it until I convert it into something less toxic than PDF.
First, I live in the US. So, if the NSA wants my data, they'll get my data.
Second, I personally know some of the NSA data guys, they're quite bright. If they want in, I know that they'll be in my system in a New York minute. *
*A New York minute is a standard amount of time equal to the amount of time a atomic nucleus fissions after absorbing a high velocity neutron. Such is also known as the unit measure of a shake. Also known as ten nanoseconds.
Not everyone is an American...particularly on a British IT site.
Also not everyone rolls over automatically. While the end result might be inevitable; there is no value in making it easy.
Of course, this begs the question...
Is ElReg mentioned in the document as a "good source" of information?
The next question: Has ElReg been approached by spooks to plant a story, as they DO have a schedule of costs for this sort of thing (I know it exists, but I don't have a link ready).
Re: Of course, this begs the question...
Yep, it's good information. None of the classified and juicy stuff though.
I've read declassified documents that had all classified information redacted. We'll suffice it to say that a few documents were quite a laugh, with only two or three words on a page and many pages blacked out.
Interestingly, digitally and properly.
Looked at the classified version and found the entire thing boring as hell. Something typical of most classified documents.
Erudition should not be surprising.
The NSA deals with communications intelligence and data retrieval.
Early selection tests were an aptitude for cross word puzzles.
Perhaps they still are?
Good point about checking the .pdf in case they've left an Easter egg or two in there.
Re: Erudition should not be surprising.
Not quite only those. Communications intelligence, data retrieval (electronic) and cryptography.
Current selection and recruitment is loads of mathematicians, really hard core coders and really bright systems engineers.
SELinux is their product initially, it was released to thrive on its own.
A few crypto systems were their baby as well.
I've personally worked with their systems engineer types during a multi-billion dollar incident, the 2008 cyber attack against the US (actually, largely the DoD). My installation was unimpacted, as I was one who followed the various STIG's and best business practices. Did that to avoid having to work hard.
Knew others from a TDY at Fort Meade.
The NSA has a rule. When asked who you work for, first respond with , "I work for the DoD". Only after many questions can you reveal your agency affiliation and state that you can't talk about it further. Indeed, as I recall, that is openly available on the NSA website.
We developed a bit of a code about the level of boring the work actually is. ;)
Anything occasionally cool or exciting was not to be further conversed about, as I also wanted to keep my clearance. :D
Really enjoyed their red and blue team examinations of my network. We both learned things from one another and I gave a well documented list of our discrepancies that were due to a lack of budget to remediate.
The red team *always* got in. Everywhere they attempted to. Reading their reports was always enlightening and some humor was permitted in said reports.
Sorry, those reports are classified.
I will say that one systems administrator was working on his elevated account on a server and ignored a pop-up box telling him to call a number. His career was short, as he didn't call the number, ignored it, didn't report it and hence, failed the test.
Even my end users called the help desk and opened a ticket, then followed the advice I left the help desk and they called the number.
Got a really good grade on a rather poorly prepared installation, due to a lack of a budget.
Also got a nice raise on my next contract. :D