Silk Road forums
Discussion => Security => Topic started by: fizzy on March 11, 2012, 05:45 am
-
Lots of good stuff on this site I've been sorting through.
This is far too large to copy/paste' - the table of contents alone is too long, actually, but I excerpted it below.
I did not find it on here elsewhere, sorry if it's a duplication.
http://www.ialeia.org/files/docs/CARTER_Intelligence_Guide_2d-cert%20study%20guide.pdf
The section on civil rights and "expressive activity" is worth a review, as is the "open source intelligence" section.
I have it in full if it gets taken down.
It looks to be a good outline of the whole system, valuable reference document for systems and also rules/regs.
It's >490 pages and I am still really considering printing most of it out. Brief topical excerpt below is much more inane than most of the rest of the text in the areas where I can compare it to my skill set.
The Underground Web
The underground web is a cultural dynamic that has evolved on the Internet, just as it has in the physical society. An article in Business Week described it this way:
Warning: You are about to enter the dark side of the Internet. It's a place where crime is rampant and every twisted urge can be satisfied. Thousands of virtual streets are lined with casinos, porn shops, and drug dealers. Scam artists and terrorists skulk behind seemingly lawful Web sites. And cops wander through once in a while, mostly looking lost.140
Many visible web sites reflect the underground culture where transactions constantly traverse the line between lawful and unlawful behavior. While they are virtually impossible to police, these visible sites—whether trafficking in illegal commodities or purveying any other kind of illegal activity—are often relatively
easy to find through diligent standard search techniques. Often operated offshore, the sites’ owners do not want to be overly visible drawing attention to their activities, but they need to be found with relative ease to make a profit for their operations.
Other types of underground deep web sites exist with the intent to keep
their activities as secret as possible from the visible web world. Nonetheless, they must be accessible for their clientele, with URLs often passed between individual referrals by those who are participants in the underground activities. Identity thieves selling stolen credit card information, pedophiles exchanging photographs, traffickers unlawfully selling controlled substances, and criminal extremists planning an event are examples of open source information that exist in the underground deep web.
While this kind of information is of great interest to law enforcement intelligence, it is difficult and time-consuming to locate. Painstaking searches of the deep web and labor-intensive reading of deep web content and blogs can produce evidence and leads for a criminal inquiry. Nonetheless, this process will be faster and more effective in identifying criminal threats than traditional methods of inquiry.
There is some optimism that this process could become easier. In mid-2006 the Symantec Corporation beta-tested new software called Dark Vision that mines underground web sites and chat rooms for sensitive information that is being sold.141 The original plan was to target carder web sites—deep underground web sites where identity thieves sell stolen credit card information. While Symantec is uncertain when or if the software will be rolled out, it nonetheless represents a breakthrough that could be applied to other criminal activity.
A vast amount of open source incriminating information is available in the deep underground web. The challenge is to develop the searching expertise and investing the time to find this critical information.
Partial TOC:
Chapter 7
Civil Rights and Privacy in the Law Enforcement Intelligence Process � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 129
Privacy and Civil Rights: A Foundation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Increased Scrutiny of Law Enforcement Intelligence: The Challenge of
Balancing Civil Liberties and Community Safety . . . . . . . . . . . . . . . . . . . . . 134
Lawsuits and Decrees Related to Law Enforcement Intelligence
Activities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Civil Rights Example: First Amendment Free Expression—Two Views
143
The Need for More Controls of Intelligence Inquiries than Criminal
Investigations40. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Maintaining Privacy in the Intelligence Process . . . . . . . . . . . . . . . . . . . . . . . . 146
28 CFR Part 23 – Criminal Intelligence Operating Policies . . . . . . . . . . . . . . . 149
Federal Civil Rights Liability and Intelligence55 . . . . . . . . . . . . . . . . . . . . . . . . 155
Providing a Transparent Process. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Steps to Ensure Protection of Citizens’ Civil Rights . . . . . . . . . . . . . . . . . . . . . . 160
Conclusion ...........................................................163
Chapter Annex 7-1: Protecting Civil Rights and Immunizing an Agency from Liability in the Law Enforcement Intelligence Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
----
Chapter 10: Managing Information: A Closer Look at Suspicious Activity Reports, Intelligence Requirements,
Collection, Analysis, and Products � � � � � � � � � � � � � � � � 235
Suspicious Activity Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
Suspicious Activity Reporting for a Law Enforcement Agency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Suspicious Activity Reporting Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
SARs and Personal Identifying Information . . . . . . . . . . . . . . . . . . . . . . . . 243
Establishing Controls on Suspicious Activity Reports/Information . . 243
Policy Recommendations for Developing and Managing a Suspicious
Activity Reporting System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
The Nationwide Suspicious Activity Reporting Initiative . . . . . . . . . . . . . . . . 246
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248 Intelligence Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Filling Gaps/Fulfilling Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Applying the Concept to Law Enforcement . . . . . . . . . . . . . . . . . . . . . . . . 254
Comparing Intelligence Requirements and Crime Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Requirements and Strategic Priorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Typologies of Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
Requirements and Criminal Evidence. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Collection ............................................................259
Collecting Information from Corrections Agencies . . . . . . . . . . . . . . . . . 261
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
Analysis ..............................................................262
Analytic Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Predictive Analysis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
Critical Variables for the Analysis of a Threat .......................271
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Intelligence Outputs and Products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Practices to Avoid with Intelligence Products . . . . . . . . . . . . . . . . . . . . . . 276
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
Conclusion ...........................................................277
Chapter 11:
Open Source Information and Intelligence: A Perspective for State, Local, and Tribal Law Enforcement Agencies � � � � � � � � � � � � � � � � � � � � � � � � � � �
Understanding“Open Source”. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Why Is there Value in Open Source Information? . . . . . . . . . . . . . . . . .
Definitions and Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Source of First Resort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
National Initiatives: The National Open Source Enterprise . . . . . . . .
Open Source and Law Enforcement Intelligence (Tradecraft) . . . . . . . . .
Law Enforcement Applications of Open Source . . . . . . . . . . . . . . . . . .
Open Sources and Civil Rights. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Attribution and Copyrighted Materials in the Intelligence Process and Reports 294
Metrics for Open Source Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Open Source Content for the Intelligence Process. . . . . . . . . . . . . . . . . . . . . . 296
Open Source Information Identifying People and Organizations from Subscription Services and the Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
The Social Networking Concept and Issues for Open Source. . . . . . . . 298
Newsletters and Blogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Wikis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
RSS Feeds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
Gray Literature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
The Deep Web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
The Underground Web .......... .................................306
A Broadened Perspective of Open Source for Law Enforcement . . . . 307
Homeland Security Intelligence and
Open Sources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Open Source Processes and Protocols .................................309
Using an Open Source Collection Plan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
Techniques and Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
The Need to Determine Accuracy, Reliability, and Validity . . . . . . . . . . 311
Avoiding Traffic Analysis: Becoming Anonymous on the Web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
The Investment in Critical Thought and Time . . . . . . . . . . . . . . . . . . . . . . 314
Conclusion ...........................................................314
Chapter Annex 11-1: Eclectic Web Sites Sometimes Found Useful for Intelligence 315
Chapter Annex 11-2: The Pre-Search Development Plan . . . . . . . . . . . . . . . . 317
Federal and National Law Enforcement Intelligence Resources, Networks, and Systems � � � � � � � � � � � � � � � � � 319
What Is Needed to Start?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
Federal and National Law Enforcement
Intelligence Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
Classified Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323
Security Clearances for SLTLE Personnel . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Sensitive but Unclassified and Controlled Unclassified Information . . . . . 328
Sensitive but Unclassified Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
Controlled Unclassified Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
Federal and National Intelligence Resources
and Products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
Department of Justice— Law Enforcement Information Sharing Program 336
Federal Bureau of Investigation Intelligence Initiatives40. . . . . . . . . . . 342
Terrorist Screening Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Law Enforcement Online42 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Guardian and eGuardian . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
Department of Homeland Security Intelligence and Analysis Directorate . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
Homeland Security–State and Local Intelligence Community of Interest (HS SLIC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
National Counterterrorism Center (NCTC)50 . . . . . . . . . . . . . . . . . . . . . . . 351
Regional Information Sharing System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
RISS.NET .........................................................354
Drug Enforcement Administration58 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
El Paso Intelligence Center62 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
National Drug Intelligence Center63 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
High Intensity Drug Trafficking Areas65 . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
Bureau of Alcohol, Tobacco, Firearms and Explosives68 . . . . . . . . . . . . 360
Federal Protective Service Secure Portal70. . . . . . . . . . . . . . . . . . . . . . . . . 361
Financial Crimes Enforcement Network72 . . . . . . . . . . . . . . . . . . . . . . . . . 361
High-Risk Money Laundering and Related Financial Crimes Areas73 363
Gateway .........................................................363
International Justice and Public Safety Network74 . . . . . . . . . . . . . . . . . 364
Accelerated Information Sharing for Law Enforcement . . . . . . . . . . . . 364
Operation Archangel and the Automated Critical Asset Management
System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Constellation/Automated Critical Asset Management System . . . . . . 366
Law Enforcement Intelligence Unit82 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
Information Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
International Criminal Police Organization83 . . . . . . . . . . . . . . . . . . . . . . 367
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
A Summary of Selected Intelligence Networks and Applications . . . . . . . . 369
SBU/CUI Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
SBU/CUI Network Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Conclusion ...........................................................371
-
excellentsauce! (it's the new improved edition of awesomesauce)
-
Tasty! Thanks Fizzy. That should keep me busy.
-
If they are relying on data miners, the answer is simple.
bots on a forum (dummy) forum hosted on the same .onion that mirrors usernames but posts nonsense culled from the internet.
FEDS DONT DO CLOSE TEXT ANALYSIS ANYMORE?
ggg
-
If you're referring to the Dark Vision project, the text reads to me as though that's mentioned as one effort, not a 'rely upon' (manual date 2009-2010). It seems from the rest of the manual, certainly from the parent org website, that there's no shortage of close text analysis going on.
I'm wanting now to know more about the techniques used to pre-screen for text for further analysis, since there is so much text to go through. DV (this is a very unfortunate acronym, marketing fail) sounds more like that than a precise term.
I'm not finding info on it but can't really search freely at the moment. Does anyone have info on the history of DV beyond the press releases?
One of the things I'm most impressed by in this manual - which includes a fair chunk of material for the most-basic-level user - is that it includes some reasonable advice to "web searching for the relative novice" and "how to start putting a lot of web-based information into a coherent framework."
It would be a good general resource for internet naive populations in general, or for groups that hadn't been trained in basic data wrangling. It's better than what my uni library gives undergrads. [students take note. check it out. good search/reference list too.]
If anything, hm, it almost reads like an effort to get more LE involved in funneling in material for analysis - they're getting more grass-roots searchers out there and providing them with some basic very clear follow-the-steps training. 50K people looking around will probably turn some stuff up.
They devote enough time and paper to it that it was a priority - it did not -have- to be included, unlike the the organizational outlines, policy info, etc. That section seems more... elective. People don't expend energy without a reason. This was above and beyond using minimal precautions, it's more active-process than that. So that brings my ears up a bit - this was 2 years ago, what's happening with that? Someone somewhere tracked outcomes, I want them.
They have Heuer's the Psychology of Intelligence Analysis on their site, too - the study guide (?, I didn't compare fir differences). Alternate to the CIA site for accessing this. I think I just saw the monograph on here, but here's another link.
http://www.ialeia.org/files/docs/Psychology%20of%20Intelligence%20Analysis-cert%20study%20guide.pdf
-
Jeez, fiz, you hit the jackpot... Nice one.