In the USA...United Surveillance America
12/29/2013 09:18 AMInside TAO: Documents Reveal Top NSA Hacking Unit
By SPIEGEL Staff
The NSA's TAO hacking unit is considered to be the intelligence agency's top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.
In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn't budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410.
In the United States, a country of cars and commuters, the mysterious garage door problem quickly became an issue for local politicians. Ultimately, the municipal government solved the riddle. Fault for the error lay with the United States' foreign intelligence service, the National Security Agency, which has offices in San Antonio. Officials at the agency were forced to admit that one of the NSA's radio antennas was broadcasting at the same frequency as the garage door openers. Embarrassed officials at the intelligence agency promised to resolve the issue as quickly as possible, and soon the doors began opening again.
It was thanks to the garage door opener episode that Texans learned just how far the NSA's work had encroached upon their daily lives. For quite some time now, the intelligence agency has maintained a branch with around 2,000 employees at Lackland Air Force Base, also in San Antonio. In 2005, the agency took over a former Sony computer chip plant in the western part of the city. A brisk pace of construction commenced inside this enormous compound. The acquisition of the former chip factory at Sony Place was part of a massive expansion the agency began after the events of Sept. 11, 2001.
On-Call Digital Plumbers
One of the two main buildings at the former plant has since housed a sophisticated NSA unit, one that has benefited the most from this expansion and has grown the fastest in recent years -- the Office of Tailored Access Operations, or TAO. This is the NSA's top operative unit -- something like a squad of plumbers that can be called in when normal access to a target is blocked.
According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO's area of operations ranges from counterterrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO's disposal have become -- and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks.
The unit is "akin to the wunderkind of the US intelligence community," says Matthew Aid, a historian who specializes in the history of the NSA. "Getting the ungettable" is the NSA's own description of its duties. "It is not about the quantity produced but the quality of intelligence that is important," one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former unit head stating that TAO has contributed "some of the most significant intelligence our country has ever seen." The unit, it goes on, has "access to our very hardest targets."
A Unit Born of the Internet
Defining the future of her unit at the time, she wrote that TAO "needs to continue to grow and must lay the foundation for integrated Computer Network Operations," and that it must "support Computer Network Attacks as an integrated part of military operations." To succeed in this, she wrote, TAO would have to acquire "pervasive, persistent access on the global network." An internal description of TAO's responsibilities makes clear that aggressive attacks are an explicit part of the unit's tasks. In other words, the NSA's hackers have been given a government mandate for their work. During the middle part of the last decade, the special unit succeeded in gaining access to 258 targets in 89 countries -- nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.
Indeed, TAO specialists have directly accessed the protected networks of democratically elected leaders of countries. They infiltrated networks of European telecommunications companies and gained access to and read mails sent over Blackberry's BES email servers, which until then were believed to be securely encrypted. Achieving this last goal required a "sustained TAO operation," one document states.
This TAO unit is born of the Internet -- created in 1997, a time when not even 2 percent of the world's population had Internet access and no one had yet thought of Facebook, YouTube or Twitter. From the time the first TAO employees moved into offices at NSA headquarters in Fort Meade, Maryland, the unit was housed in a separate wing, set apart from the rest of the agency. Their task was clear from the beginning -- to work around the clock to find ways to hack into global communications traffic.
Recruiting the Geeks
To do this, the NSA needed a new kind of employee. The TAO workers authorized to access the special, secure floor on which the unit is located are for the most part considerably younger than the average NSA staff. Their job is breaking into, manipulating and exploiting computer networks, making them hackers and civil servants in one. Many resemble geeks -- and act the part too.
Indeed, it is from these very circles that the NSA recruits new hires for its Tailored Access Operations unit. In recent years, NSA Director Keith Alexander has made several appearances at major hacker conferences in the United States. Sometimes, Alexander wears his military uniform, but at others, he even dons jeans and a t-shirt in his effort to court trust and a new generation of employees.
The recruitment strategy seems to have borne fruit. Certainly, few if any other divisions within the agency are growing as quickly as TAO. There are now TAO units in Wahiawa, Hawaii; Fort Gordon, Georgia; at the NSA's outpost at Buckley Air Force Base, near Denver, Colorado; at its headquarters in Fort Meade; and, of course, in San Antonio.
One trail also leads to Germany. According to a document dating from 2010 that lists the "Lead TAO Liaisons" domestically and abroad as well as names, email addresses and the number for their "Secure Phone," a liaison office is located near Frankfurt -- the European Security Operations Center (ESOC) at the so-called "Dagger Complex" at a US military compound in the Griesheim suburb of Darmstadt.
But it is the growth of the unit's Texas branch that has been uniquely impressive, the top secret documents reviewed by SPIEGEL show. These documents reveal that in 2008, the Texas Cryptologic Center employed fewer than 60 TAO specialists. By 2015, the number is projected to grow to 270 employees. In addition, there are another 85 specialists in the "Requirements & Targeting" division (up from 13 specialists in 2008). The number of software developers is expected to increase from the 2008 level of three to 38 in 2015. The San Antonio office handles attacks against targets in the Middle East, Cuba, Venezuela and Colombia, not to mention Mexico, just 200 kilometers (124 miles) away, where the government has fallen into the NSA's crosshairs.
Mexico's Secretariat of Public Security, which was folded into the new National Security Commission at the beginning of 2013, was responsible at the time for the country's police, counterterrorism, prison system and border police. Most of the agency's nearly 20,000 employees worked at its headquarters on Avenida Constituyentes, an important traffic artery in Mexico City. A large share of the Mexican security authorities under the auspices of the Secretariat are supervised from the offices there, making Avenida Constituyentes a one-stop shop for anyone seeking to learn more about the country's security apparatus.
That considered, assigning the TAO unit responsible for tailored operations to target the Secretariat makes a lot of sense. After all, one document states, the US Department of Homeland Security and the United States' intelligence agencies have a need to know everything about the drug trade, human trafficking and security along the US-Mexico border. The Secretariat presents a potential "goldmine" for the NSA's spies, a document states. The TAO workers selected systems administrators and telecommunications engineers at the Mexican agency as their targets, thus marking the start of what the unit dubbed Operation WHITETAMALE.
Workers at NSA's target selection office, which also had Angela Merkel in its sights in 2002 before she became chancellor, sent TAO a list of officials within the Mexican Secretariat they thought might make interesting targets. As a first step, TAO penetrated the target officials' email accounts, a relatively simple job. Next, they infiltrated the entire network and began capturing data.
Soon the NSA spies had knowledge of the agency's servers, including IP addresses, computers used for email traffic and individual addresses of diverse employees. They also obtained diagrams of the security agencies' structures, including video surveillance. It appears the operation continued for years until SPIEGEL first reported on it in October.
The technical term for this type of activity is "Computer Network Exploitation" (CNE). The goal here is to "subvert endpoint devices," according to an internal NSA presentation that SPIEGEL has viewed. The presentation goes on to list nearly all the types of devices that run our digital lives -- "servers, workstations, firewalls, routers, handsets, phone switches, SCADA systems, etc." SCADAs are industrial control systems used in factories, as well as in power plants. Anyone who can bring these systems under their control has the potential to knock out parts of a country's critical infrastructure.
The most well-known and notorious use of this type of attack was the development of Stuxnet, the computer worm whose existence was discovered in June 2010. The virus was developed jointly by American and Israeli intelligence agencies to sabotage Iran's nuclear program, and successfully so. The country's nuclear program was set back by years after Stuxnet manipulated the SCADA control technology used at Iran's uranium enrichment facilities in Natanz, rendering up to 1,000 centrifuges unusable.
The special NSA unit has its own development department in which new technologies are developed and tested. This division is where the real tinkerers can be found, and their inventiveness when it comes to finding ways to infiltrate other networks, computers and smartphones evokes a modern take on Q, the legendary gadget inventor in James Bond movies.
Having Fun at Microsoft's Expense
One example of the sheer creativity with which the TAO spies approach their work can be seen in a hacking method they use that exploits the error-proneness of Microsoft's Windows. Every user of the operating system is familiar with the annoying window that occasionally pops up on screen when an internal problem is detected, an automatic message that prompts the user to report the bug to the manufacturer and to restart the program. These crash reports offer TAO specialists a welcome opportunity to spy on computers.
When TAO selects a computer somewhere in the world as a target and enters its unique identifiers (an IP address, for example) into the corresponding database, intelligence agents are then automatically notified any time the operating system of that computer crashes and its user receives the prompt to report the problem to Microsoft. An internal presentation suggests it is NSA's powerful XKeyscore spying tool that is used to fish these crash reports out of the massive sea of Internet traffic.
The automated crash reports are a "neat way" to gain "passive access" to a machine, the presentation continues. Passive access means that, initially, only data the computer sends out into the Internet is captured and saved, but the computer itself is not yet manipulated. Still, even this passive access to error messages provides valuable insights into problems with a targeted person's computer and, thus, information on security holes that might be exploitable for planting malware or spyware on the unwitting victim's computer.
Although the method appears to have little importance in practical terms, the NSA's agents still seem to enjoy it because it allows them to have a bit of a laugh at the expense of the Seattle-based software giant. In one internal graphic, they replaced the text of Microsoft's original error message with one of their own reading, "This information may be intercepted by a foreign sigint system to gather detailed information and better exploit your machine." ("Sigint" stands for "signals intelligence.")
One of the hackers' key tasks is the offensive infiltration of target computers with so-called implants or with large numbers of Trojans. They've bestowed their spying tools with illustrious monikers like "ANGRY NEIGHBOR," "HOWLERMONKEY" or "WATERWITCH." These names may sound cute, but the tools they describe are both aggressive and effective.
According to details in Washington's current budget plan for the US intelligence services, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these "implants" are conducted by TAO teams via the Internet.
Until just a few years ago, NSA agents relied on the same methods employed by cyber criminals to conduct these implants on computers. They sent targeted attack emails disguised as spam containing links directing users to virus-infected websites. With sufficient knowledge of an Internet browser's security holes -- Microsoft's Internet Explorer, for example, is especially popular with the NSA hackers -- all that is needed to plant NSA malware on a person's computer is for that individual to open a website that has been specially crafted to compromise the user's computer. Spamming has one key drawback though: It doesn't work very often.
Nevertheless, TAO has dramatically improved the tools at its disposal. It maintains a sophisticated toolbox known internally by the name "QUANTUMTHEORY." "Certain QUANTUM missions have a success rate of as high as 80%, where spam is less than 1%," one internal NSA presentation states.
A comprehensive internal presentation titled "QUANTUM CAPABILITIES," which SPIEGEL has viewed, lists virtually every popular Internet service provider as a target, including Facebook, Yahoo, Twitter and YouTube. "NSA QUANTUM has the greatest success against Yahoo, Facebook and static IP addresses," it states. The presentation also notes that the NSA has been unable to employ this method to target users of Google services. Apparently, that can only be done by Britain's GCHQ intelligence service, which has acquired QUANTUM tools from the NSA.
A favored tool of intelligence service hackers is "QUANTUMINSERT." GCHQ workers used this method to attack the computers of employees at partly government-held Belgian telecommunications company Belgacom, in order to use their computers to penetrate even further into the company's networks. The NSA, meanwhile, used the same technology to target high-ranking members of the Organization of the Petroleum Exporting Countries (OPEC) at the organization's Vienna headquarters. In both cases, the trans-Atlantic spying consortium gained unhindered access to valuable economic data using these tools.
The NSA's Shadow Network
The insert method and other variants of QUANTUM are closely linked to a shadow network operated by the NSA alongside the Internet, with its own, well-hidden infrastructure comprised of "covert" routers and servers. It appears the NSA also incorporates routers and servers from non-NSA networks into its covert network by infecting these networks with "implants" that then allow the government hackers to control the computers remotely. (Click here to read a related article on the NSA's "implants".)
In this way, the intelligence service seeks to identify and track its targets based on their digital footprints. These identifiers could include certain email addresses or website cookies set on a person's computer. Of course, a cookie doesn't automatically identify a person, but it can if it includes additional information like an email address. In that case, a cookie becomes something like the web equivalent of a fingerprint.
A Race Between Servers
Once TAO teams have gathered sufficient data on their targets' habits, they can shift into attack mode, programming the QUANTUM systems to perform this work in a largely automated way. If a data packet featuring the email address or cookie of a target passes through a cable or router monitored by the NSA, the system sounds the alarm. It determines what website the target person is trying to access and then activates one of the intelligence service's covert servers, known by the codename FOXACID.
This NSA server coerces the user into connecting to NSA covert systems rather than the intended sites. In the case of Belgacom engineers, instead of reaching the LinkedIn page they were actually trying to visit, they were also directed to FOXACID servers housed on NSA networks. Undetected by the user, the manipulated page transferred malware already custom tailored to match security holes on the target person's computer.
The technique can literally be a race between servers, one that is described in internal intelligence agency jargon with phrases like: "Wait for client to initiate new connection," "Shoot!" and "Hope to beat server-to-client response." Like any competition, at times the covert network's surveillance tools are "too slow to win the race." Often enough, though, they are effective. Implants with QUANTUMINSERT, especially when used in conjunction with LinkedIn, now have a success rate of over 50 percent, according to one internal document.
Tapping Undersea Cables
At the same time, it is in no way true to say that the NSA has its sights set exclusively on select individuals. Of even greater interest are entire networks and network providers, such as the fiber optic cables that direct a large share of global Internet traffic along the world's ocean floors.
One document labeled "top secret" and "not for foreigners" describes the NSA's success in spying on the "SEA-ME-WE-4" cable system. This massive underwater cable bundle connects Europe with North Africa and the Gulf states and then continues on through Pakistan and India, all the way to Malaysia and Thailand. The cable system originates in southern France, near Marseille. Among the companies that hold ownership stakes in it are France Telecom, now known as Orange and still partly government-owned, and Telecom Italia Sparkle.
The document proudly announces that, on Feb. 13, 2013, TAO "successfully collected network management information for the SEA-Me-We Undersea Cable Systems (SMW-4)." With the help of a "website masquerade operation," the agency was able to "gain access to the consortium's management website and collected Layer 2 network information that shows the circuit mapping for significant portions of the network."
It appears the government hackers succeeded here once again using the QUANTUMINSERT method.
The document states that the TAO team hacked an internal website of the operator consortium and copied documents stored there pertaining to technical infrastructure. But that was only the first step. "More operations are planned in the future to collect more information about this and other cable systems," it continues.
But numerous internal announcements of successful attacks like the one against the undersea cable operator aren't the exclusive factors that make TAO stand out at the NSA. In contrast to most NSA operations, TAO's ventures often require physical access to their targets. After all, you might have to directly access a mobile network transmission station before you can begin tapping the digital information it provides.
Spying Traditions Live On
To conduct those types of operations, the NSA works together with other intelligence agencies such as the CIA and FBI, which in turn maintain informants on location who are available to help with sensitive missions. This enables TAO to attack even isolated networks that aren't connected to the Internet. If necessary, the FBI can even make an agency-owned jet available to ferry the high-tech plumbers to their target. This gets them to their destination at the right time and can help them to disappear again undetected after even as little as a half hour's work.
Responding to a query from SPIEGEL, NSA officials issued a statement saying, "Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies." The statement added that TAO's "work is centered on computer network exploitation in support of foreign intelligence collection." The officials said they would not discuss specific allegations regarding TAO's mission.
Sometimes it appears that the world's most modern spies are just as reliant on conventional methods of reconnaissance as their predecessors.
Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.
These minor disruptions in the parcel shipping business rank among the "most productive operations" conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks "around the world."
Even in the Internet Age, some traditional spying methods continue to live on.
REPORTED BY JACOB APPELBAUM, LAURA POITRAS, MARCEL ROSENBACH, CHRISTIAN STÖCKER, JÖRG SCHINDLER AND HOLGER STARK
***************Contradictory court decisions leave privacy, data security uncertain.
By: Kevin Fogarty
The decision of a New York judge that the wholesale collection of cell-phone metadata by the National Security Agency is constitutional ties the score between pro- and anti-NSA forces at one victory apiece.
The contradictory decisions use similar reasoning and criteria to come to opposite conclusions, leaving both individuals and corporations uncertain of whether their phone calls, online activity or even data stored in the cloud will ultimately be shielded by U.S. laws protecting property, privacy or search and seizure by law-enforcement agencies.
On Dec. 27, Judge William H. Pauley threw out a lawsuit filed by the American Civil Liberties Union (ACLU) that sought to stop the NSA PRISM cell-phone metadata-collection program on the grounds it violated Fourth Amendment provisions protecting individual privacy and limits on search and seizure of personal property by the federal government.
Pauley threw out the lawsuit largely due to his conclusion that Fourth Amendment protections do not apply to records held by third parties.
That eliminates the criteria for most legal challenges, but throws into question the privacy of any data held by phone companies, cloud providers or external hosting companies – all of which could qualify as unprotected third parties.
The Pauley case involved the NSA’s PRISM surveillance program to collect metadata identifying all the calls made to or from almost every cell phone in the United States, which Pauley described as a “blunt tool [that] only works because it collects everything,” according to The New York Times.
The NSA didn’t limit its surveillance to metadata on phone calls, however. Revelations by whistleblower Edward Snowden and documents revealed by other government agencies suggest that the NSA eavesdropped on the phone calls of foreign political leaders, collected data on the Internet activity of Americans through the databases of foreign ISPs and tapped directly into the datacenter-network feeds of Google, Yahoo and other U.S.-based Internet giants.
Many of those efforts violated even the most permissive interpretations of federal officials and judges responsible for approving and supervising its surveillance of U.S. residents – violations of federal law the NSA either tried to avoid admitting or tried to justify after the fact according to a Nov. decision by a judge on the Federal Intelligence Surveillance Court that is the ultimate judicial authority for those activities.
While damning, that ruling avoided the question of whether to halt existing programs, recommending instead that supervision of the agency be tightened, rules be defined in more detail and that intelligence agencies follow rules designed to limit their powers.
A Dec. 16 ruling by Washington, D.C. federal-court Judge Richard J. Leon, on the other hand, declared that even the subset of NSA surveillance involving collection of metadata on cell-phone calls was likely to have violated the Fourth Amendment.
“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every citizen for purposes of querying and analyzing it without prior judicial approval,” according to Leon, who was appointed to the bench by President George W. Bush, whose administration sponsored and supported the Patriot Act and other legislation under which the NSA claims it acted. “Surely, such a program infringes on ‘that degree of privacy’ that the Founders enshrined in the Fourth Amendment.”
That decision and Pauley’s Dec. 27 ruling use similar reasoning and criteria, but come to opposite conclusions, leaving no clear indication of the likely outcome of a question that will almost certainly have to be decided by the Supreme Court. Both judges acknowledged the likelihood their own decisions would be overturned or superseded.
Pauley – a 1998 appointee of then-President Bill Clinton – based his support of the NSA on national security and the need to prevent a repeat of the Sept. 11, 2001 terrorist attacks on New York.
The NSA’s methods are extremely broad and wide-ranging, but defensible due to the high national interest in preventing more attacks and the potential for vast databases to “find and isolate gossamer contacts among suspected terrorists in an ocean of seemingly disconnected data.”
Leon’s decision against the NSA was based on his rejection of the Justice Dept.’s claim of support from a 1979 Supreme Court decision that said collecting data on all the numbers calling or being called from the phone number of a suspect under surveillance was not an invasion of privacy because only numerical data were involved.
Technology has changed so much and the volume of data that can be collected and information that can be inferred by metadata has become so great that it is almost impossible to apply the 1979 Smith v. Maryland decision to the present day, let alone the specific interpretation of the NSA, according to Leon, who described the metadata program as “Orwellian.”
U.S. residents have a “very significant” expectation of privacy in cell-phone calls and other digital activity that must be balanced against the critical nature of the government’s security concerns, methods of surveillance and efficacy in using collected data to prevent more terrorist attacks.
The Justice Dept. countered by claiming that data-collection programs did not violate those protections because personal information about individuals was unlikely to be interesting to agencies looking for evidence of terrorism. NSA officials have said data collected under PRISM and other surveillance programs revealed by whistleblower Edward Snowden would be held for as long as five years even when nothing in it turned out to be relevant to any active investigation.
“I cannot possibly navigate these uncharted Fourth Amendment waters using as my North Star a case that predates the rise of cell phones,” Leon wrote.
The NSA program is so broad that it “vacuums up information about virtually every telephone call to, from, or within the United States,” Pauley wrote.
Existing rules and precedents, however, are often contradictory and rarely fully in sync with the technology being used for either communication or for keeping those communications under surveillance.
The ACLU plans to appeal the decision based on its contention that the NSA’s interpretation of the Patriot Act was so broad it could justify the collection of almost any type of digital data concerning or owned by almost any U.S. resident.
Pauley’s decision “misinterprets the relevant statutes, understates the privacy implications of the government’s surveillance and misapplies a narrow and outdated precedent to read away core constitutional protections,” according to Jameel Jaffer, ACLU deputy legal director in the ACLU’s response to the decision.
“While robust discussions are underway across the nation, in Congress and at the White House, the question for this court is whether the government’s bulk telephony metadata program is lawful. This court finds it is,” Pauley ruled.
Both Pauley and Leon have acknowledged, however, that it will likely be the Supreme Court that decides whether PRISM or any of the other NSA programs are unconstitutional, no matter how far in the dark that lack of result leaves the owners and originators of the data being collected.
The Christian Science Monitor New forensics technique? Researchers cull images reflected in people's eyes.
Two researchers conducted an experiment in which a person was photographed, with another person standing near the photographer. Those not directly photographed show up as reflections in the subject's eyes.
By Pete Spotts, Staff writer / December 27, 2013 at 3:14 pm EST
"I get lost in your eyes," you say? Researchers are working on ways to find you and save the resulting image for posterity – or for a criminal investigation.
Scientists have found that photo portraits of an individual can yield images of the photographer or people standing close to the photographer. These additional images appear as reflections in the eyes of the photo's subject.
Even though enhancements of the reflected images appear blurry, they carry enough detail to allow others to identify the people reflected in the subject's eyes.
Several research teams are pursuing the approach, known as corneal imaging, with a range of applications in mind. Criminal forensics and surveillance, including the potential to reconstruct the immediate environment that the subject of the photo occupies, are some examples. Others include advanced computer graphics, facial and iris identification, and robotics, researchers say.
Much of this work involves close-ups of the eye, plus sophisticated computer processing, to yield sharp reflected images.
But Rob Jenkins, with the University of York in Britain, and collaborator Christie Kerr, at the University of Glasgow, have shown that useful images for identifying persons of interest in a crime don't have to be razor sharp, given humans' remarkable ability at pattern recognition. Faces can be reconstructed from images taken with commercial digital cameras and enhanced with off-the-shelf image-processing software.
Moreover, where other groups have also worked to retrieve an individual facial image or even full-length image reflected from a cornea, these results are the first to demonstrate that eye reflections can be used to identify otherwise hidden bystanders, says Dr. Jenkins, a cognitive scientist, in an e-mail.
"You could think of it as a foray into extreme facial recognition. Yes, the camera can resolve the face, and yes, the brain can identify it," he writes, "but both systems are pushed to their limits, and neither could perform the feat alone."
For the experiment, the duo used a high-end digital camera and sat each of five volunteers for a passport-photo-like shot, using studio lighting. When a volunteer wasn't being photographed, he or she stood close to the photographer to be included in the reflection off the subject's corneas.
Armed with the images taken from the reflections, as well as the original digital images, Jenkins then asked two groups of people to try to match the images. Also included were studio portraits of people not among the five photographed.
One group unfamiliar with the five photo subjects was asked whether pairs of reflected and original images matched. This group amassed a 71 percent success rate for either correctly identifying a match or ruling out a match. Another group familiar with the photo subjects averaged an 84 percent success rate.
Then, Jenkins joined the five subjects in a lineup to see how well a new group of volunteers unfamiliar with the experiment but familiar with Jenkins could spontaneously identify him from among the others. The volunteers also were asked to rate the confidence with which they could pick him out from among the group. Think police lineup here.
Nine out of the 10 volunteers correctly identified the blurry corneal image of Jenkins with a confidence level of nearly 80 percent.
The researchers hold that the corneal images not only were matchable to existing, better-quality images of the same person, but also allowed someone to identify a particular individual whom they knew.
To the researchers, this was a surprise given the poor quality of the reflection-based images.
Although the study represents an initial exploration of the potential value of extracting facial information reflected in the eyes of others, the approach's usefulness as a forensics tool is far from assured, notes Lawrence Kobilinsky, who heads the department of sciences at John Jay College of Criminal Justice in New York.
The results show "some potential for criminal investigations," he says. "But at this stage, there are too many variables that cannot be controlled in an authentic case or criminal matter."
Criminals are unlikely to be photographing kidnap or child-sex-abuse victims with big-ticket Hasselblad digital cameras with a resolution of 39 megapixels, plus carefully controlled lighting.
Moreover, in the experiments, matching the photos was still a subjective activity, essentially an opinion, Dr. Kobilinksy says. It would be far better to be able to measure some aspect of an image from a corneal reflection – say, the distance between the individual's pupils in the reflection – and compare the measurement to one from a high-resolution image of the same person. Such objective measures would inspire more confidence in any match or exclusion from a match.
Camera resolution is an issue, Jenkins acknowledges. But as the pace of technology is advancing, he adds, it won't be long before garden-variety smart phones sport 39-megapixel cameras.
Ultimately, the key to identification may rest less with the camera resolution than with the people making the identification, he writes in an e-mail.
"Obtaining optimal viewers – those who are familiar with the faces concerned – may be more important than obtaining optimal images," he writes.
The experiment's results appear in the current issue of the journal PLOS One (Public Library of Science).
***************NYT Benghazi Bombshell: Embassy Attack Spurred by Anti-Islam Video
By Diane Sweet December 28, 2013 6:30 pm
A comprehensive New York Times investigation into the deadly 2012 attack on the U.S. diplomatic compound in Benghazi found no evidence of involvement by al-Qaeda or other terrorist groups; in fact, according to the report, the attack was largely fueled by anger at the American-made video "The Innocence of Muslims."
Right-wing conspiracy theorists were dealt a heavy blow today by The New York Times, as actual investigative journalism reared its head:
"Months of investigation by The New York Times, centered on extensive interviews with Libyans in Benghazi who had direct knowledge of the attack there and its context, turned up no evidence that Al Qaeda or other international terrorist groups had any role in the assault. The attack was led, instead, by fighters who had benefited directly from NATO’s extensive air power and logistics support during the uprising against Colonel Qaddafi. And contrary to claims by some members of Congress, it was fueled in large part by anger at an American-made video denigrating Islam."
Susan Rice was right. President Obama was right. Hillary Clinton was right.
"A fuller accounting of the attacks suggests lessons for the United States that go well beyond Libya. It shows the risks of expecting American aid in a time of desperation to buy durable loyalty, and the difficulty of discerning friends from allies of convenience in a culture shaped by decades of anti-Western sentiment. Both challenges now hang over the American involvement in Syria’s civil conflict.
The attack also suggests that, as the threats from local militants around the region have multiplied, an intensive focus on combating Al Qaeda may distract from safeguarding American interests."
The militants we aided turned around and attacked our embassy. The Libyan intervention was a mistake, because it put the rebels into a position to attack our embassy.
"More broadly, Mr. Stevens, like his bosses in Washington, believed that the United States could turn a critical mass of the fighters it helped oust Colonel Qaddafi into reliable friends. He died trying."
Will there be apologies forthcoming for Susan Rice, Hillary Clinton, or Obama? Not likely. Persons like Lindsey Graham, and Darryl Issa would have to admit that he was wrong about something for that to happen.
More than likely, the entire report will be dismissed by the conspiracy theorists on the right as a liberal leaning news paper trying to protect a Liberal-Socialist-Marxist-Administration.
Then, sadly and foolishly, they will continue to chase the terrorist al-Qaeda ghost for all eternity at the risk of overlooking other very real threats, much to the detriment of Americans everywhere.
Or perhaps Darryl Issa will finally be ready to investigate the 13 separate incidents where U.S. consulates were attacked during President Bush's tenure? They included gunmen on bikes, suicide bombs, car bombs, gunmen shooting outside, and terrorists storming Consulate compounds similar to what happened in Benghazi.
There wasn't one call for the removal of Secretary Condoleeza Rice after any of those incidents.
It would be nice, however, if at least Fox News stopped pretending that when terrorists attack U.S. interests abroad, they distinguish between administrations that are "projecting weakness" or practicing "peace through strength."
Read the full report here: http://www.nytimes.com/projects/2013/benghazi/?hp
****************Fox News Immediately Attempts to Discredit NYT Benghazi Investigation
By Heather December 28, 2013 10:37 pm
The pundits on Fox are not pleased with the NYT's reporting that runs counter to their scandal-mongering on Benghazi.
Just like clockwork. here we go with the push back on the New York Times and their reporting on the attack on our consulate in Libya. Fox "news" has got way too much time invested in pushing their misleading and outright lying talking points and fake outrage over their drummed up Benghazi "scandal" and they're not about to let it go now.
This Saturday on Fox's America's News Headquarters, hosts Jamie Colby, Gregg Jarrett and correspondent Catherine Herridge did their best to poo-poo the reporting by the New York Times, citing Intelligence Committee Chair Rep. Mike Rogers and his claims that al-Quada was involved.
Expect more like this from Fox for who knows how long to come, because, as our friends over at Media Matters reported: NYTimes Investigation Brings Bad News For Benghazi Hoaxers:
A six-part series by New York Times reporter David Kirkpatrick destroyed several myths about the September 11, 2012, attack on U.S. diplomatic facilities in Benghazi, Libya, myths often propagated by conservative media and their allies in Congress to politicize the attack against the Obama administration.
Since the September 2012 attacks, right-wing media have seized upon various inaccurate, misleading, or just plain wrong talking points about Benghazi. Some of those talking points made their way into the mainstream, most notably onto CBS' 60 Minutes, earning the network the Media Matters' 2013 "Misinformer of the Year" title for its botched report.
Kirkpatrick's series, titled "A Deadly Mix In Benghazi," debunks a number of these right-wing talking points based on "months of investigation" and "extensive interviews" with those who had "direct knowledge of the attack." Among other points, Kirkpatrick deflates the claims that an anti-Islamic YouTube video played no role in motivating the attacks and that Al Qaeda was involved in the attack: [...]
Fox News, scores of Republican pundits, and Senators John McCain (R-AZ) and Lindsay Graham (R-SC), among others, dragged then-U.N. Ambassador Susan Rice through the mud for citing talking points that mentioned an anti-Islamic YouTube video on Sunday morning news programs following the attacks. Despite right-wing media claims to the contrary, however, Kirkpatrick stated that the attack on the Benghazi compound was in "large part" "fueled" by the anti-Islamic video posted on YouTube. [...]
Another talking point that right-wing media used to accuse the Obama administration of a political cover-up was the removal of Al Qaeda from Rice's morning show talking points. Kirkpatrick, however, affirmed in his NYTimes report that Al Qaeda was not involved in the attack in Benghazi (emphasis added):
But the Republican arguments appear to conflate purely local extremist organizations like Ansar al-Shariah with Al Qaeda's international terrorist network. The only intelligence connecting Al Qaeda to the attack was an intercepted phone call that night from a participant in the first wave of the attack to a friend in another African country who had ties to members of Al Qaeda, according to several officials briefed on the call. But when the friend heard the attacker's boasts, he sounded astonished, the officials said, suggesting he had no prior knowledge of the assault.
Kirkpatrick also dispelled the notion that the attack on the compound was carefully planned, writing that "the attack does not appear to have been meticulously planned, but neither was it spontaneous or without warning signs."
This NYTimes report should lay to rest these long-debunked yet oft-repeated talking points on the part of both right-wing media and their conservative allies.