River Winter Scene (photo by V.A. McMillan, 2024) |
How exactly do you explain meta-data…you know those little tags attached to all those electronic devices that travel on the interwebs. Some meta-data is created by your internet service provider (ISP) and others get attached to your computer, phone, or tablet by online merchants who want to ensure that you receive quality services…those cookie things. Well, today we will try to get a grip on meta-data and how you can be targeted even if you do not login or have a profile on a specific website.
This is a slide deck I
created to try to explain this topic to myself. I guess this will be a thought
exercise type blog post.
Before we delve too deep
into this subject, let me disclose that targeting of individuals is not
necessarily nefarious. Occasionally the algorithms get it right, and you
receive targeted advertisements for things you actually need at the time you
need them. Of course, becoming the subject of a targeting does not always mean
a positive experience…spam, phishing, hacking, or becoming persona non-grata
(PNG)…wait, I am getting ahead of myself.
Let us look at how the
intelligence community gathers and maps data, then we will explore a few means
of generating meta-data, and how that can be exploited by others. Next slide,
please…
Intelligence…Intel…INT…the
gathering of information for the purposes of gaining an understanding of a situation,
event, incident, group, purchasing habits, or connections between groups. There
are many disciplines inside the intelligence world that are colloquially referred
to their different INTs. HUMINT is human intelligence…that would be the James
Bond type spying on people. COMINT & SIGINT would be communications
intelligence and signals intelligence, that is conducted by the NSA in the US
or the Communications Security Establishment (CSE) in Canuckistan. If it
travels over the airwaves, through a CAT5/CAT6 cable, or via Wi-Fi, you can bet
your last dollar that it is being monitored and possibly recorded for future
retrieval.
The image on this slide is
a screenshot captured from A Thousand Pieces Documentary (2023)
still available on Rumble (https://rumble.com/a-thousand-pieces-documentary.html),
which succinctly explains many of the common INTs. This is important because
humans are creatures of habit…we leave breadcrumbs everywhere we go that can be
followed back to our nests. So, knowing what type of breadcrumbs can be
followed may assist in reducing our footprints across the electromagnetic
spectrum and in the physical world. Enough spy vs spy for the moment. Next slide…
Back to meta-data. We
need to understand the term – node. In a network, any location which receives
or transmit data is a node. This can be a phone, laptop, motion sensor, CCTV
camera, or a person. Depends on the network being described or monitored.
For the purposes of our
discussion each node will be associated with an individual and it can include
their phone, their laptop, tablet, or swipe/prox access card (credit card,
debit card). In the diagram on the slide, you will notice some nodes are
smaller, some are coloured, and there are lines connecting nodes in their
network. These are very simplified to show the interconnectedness of the
networks in our lives. In the real world these connections and networks would
be more numerous and more complex to map the actual transference of
information.
Each network has the same-coloured
lines of communication. If two-colours exchange between nodes, then two streams
of information are being transmitted. What is not shown on these network maps is the direction of
information sharing. If a node is coloured, they are an influencer, with at
least four-connections inside their network. An influencer implies some sort of
hierarchical structure, whether it exists or not. Marketers like roping in
influencers…if they (influencers) will buy the product being sold by the
marketer, they (marketer) know that by peer pressure or influence others in the
group will also buy. This is a reason why targeting ads are so important to
sellers and marketers. There is another important node on the map…the bridge
node, who connects multiple networks. This person is also an important target
for marketers. Through a bridge node, a marketer could find another influencer.
There is one more important node, but we will get to that soon…
Yes, this is the same
network map; however, we are now going to identify what we're mapping. This is
an email network map…who is included is not even important at this stage. From
this map of email patterns we see some interesting developments, first the orange
cell is a centrally controlled network. Individual nodes all communicate
through the influencer node. Also note, that the only external email connection
is also going through the influencer node.
The red cell and the blue
cell are both tightly connected networks but lack a central influencer. This could
mean that these networks are highly co-operative or collaborative, but it also
could indicate a lack of leadership – good or bad. The red cell would also have
a tighter control over who makes contact with outsiders, at least via email.
The blue cell seems to limit external connections but has more than one external
connection to gather information.
The blue and green cells
share similar characteristics, except the green cell is larger and has an
influencer but not centrally controlled. Which brings us to the yellow cell…according
to email traffic patterns it looks like there are two newer nodes. The newest node
only has contact with the influencer and one other yellow node. We also notice
this newest node has a very unique signature; they are the only node with
connections to all networks on the map. This could be an information broker, a
plant, a spy, a mole, an infiltrator, or an agent provocateur. This one node is
both very powerful and very dangerous. Information seems to be flowing in only
one direction, that is to the node…at least by email.
On this slide we see a
social media network map. As can be expected, the influencers are active across
multiple platforms. There are also some other nodes connected to social media.
So, the marketer who connects with an influencer on social media may only be
aware of a limited network of connections, if the marketer could also see the email
network map, they would know these influencers have a large sphere of influence
and are worthy of pursuit. Next, we will review the network map for text
messages…
Here we see that the
cells in these networks are more connected than was previously known. From the
network connections between nodes, especially outside the cells we see that
they are using the same device to connect inside their network. So, far we have
been concerned about protecting our identity from marketers trying to exploit
our networks to the marketers’ benefit/profit. There are other threats on this electronic
battlefield. Pesky spammers, profit if they can secure your email list or
contact list from your phone. Hackers using ransomware can be more harmful - either
by extorting a ransom or more likely by denying you access to your device or
data. Unfortunately, not all hackers are living in the basement of their parent’s
home addicted to Cheetos, Jolt, and Mario Cart. Some are agents of the state,
and if they have decided you are interesting things are about to change…
While meta-data does not
connect a name to a node, it does not need to…the mapped connections is far
wider reaching than one might expect. If you have somehow shown up on the radar
of the state, they have far more resource to discover all the nodes on the map.
It only takes one piece to back track to a specific node. Cookies implanted in
your computer device by well meaning marketers, are like any other tracking
device, they positively identify the target. Cleared your cache memory
recently?? Yah, me either…
If you become a target,
the digital mapping will now be compared across multiple sources, this will
either disengage their interest or intensify it. Remember, they only need one
piece in the real world to back track to their actual target. You could be seen
as the weak link and easily coerced by their state wielding power to cough up
those in your network. However, before contact is made, HUMINT may be employed
to ensure they are targeting the correct node. Like the digital, in the real
world we all leave breadcrumbs of our daily activities…we have patterns. We
shop for groceries in Town A or CITY B. We refuel at Station A but never
Station C. We get coffee at 0600 every Saturday. Go for a beer with the boys on
Friday night. The girls have a winefest on Saturday afternoons will playing Bridge
or Canasta. Each event/location/time is a node. When being surveilled someone(s)
are watching and plotting your physical network map. Each of these nodes might
intersect with the network of another target. Depending how much interest you
have attracted, the resources dedicated to hunting you can be overwhelming. Or
maybe that is just the movies…
When HUMINT and the
meta-data is mapped and overlayed…if the patterns match, a digital fingerprint
is confirmed. If no match, they might let their fish go back to the pond.
Otherwise…
If you have attracted the
wrong attention and they seem convinced you are their target you will become
PNG – Persona Non-Grata, that’s right you are now an unwanted person. Now life
gets real. Credit cards and debit cards and bank accounts can be frozen by the
state. APBs (all points bulletins) for your arrest and detention could be sent
to all police services. Oh, yah, that passport might get flagged…so flights,
roads, rails, or waterways might become the ways they capture you. Do you have
an I.N.C.H. Plan?? Right, I have not written a blog post about this yet. INCH =
I’m Never Coming Home. The most extreme evacuation plan ever. It means
evacuating who you are and who you were…forever. Activating your INCH Plan
means immediately walking away from the life you have lived up until now. You
go on the run…if you became PNG would you have somewhere to go?? No, you cannot
go to your buddy’s place, they will be waiting for you there. No, you cannot go
to your relative’s place…not even the relative three provinces away. You cannot
go anywhere you are known or were known. You must become anonymous, the true
greyman.
If you have really pissed
off the state, they will label you as such. As Enemy of the State,
staying in your own country will be risky if not downright dangerous. You stay
on the run but know that if captured you will spend your time in the crowbar
hotel. If they really, really don’t like you…you will be taking a nap in the
Kirk Garden with a stone head rest.
Of course, this is an
extreme tangent of why you need to be aware of meta-data and how meta-data can
really screw up your plans. What could prevent going down this rabbit hole????
I am sure the state would
not come hunting you just because you visited that one questionable website…well,
probably not. You said it was only once, right??
I would not identify a
problem without offering up a strategy to mitigate this type of situation.
First get situationally
aware. I have shared on the blog previously on developing situational
awareness. (https://mtnmanblog.blogspot.com/2018/03/safe-level-one-lesson-plan-part-1-of-5.html Part One of Five Parts.) You need to be aware of what is going on around you – in the
physical world and online. The times, they are a changing…things that were
non-issues in the past have become lightning rods with this new world order.
Speaking your mind, is almost a crime…freedom of expression is no longer free.
Next if you suspect you
are networking with folks who others might hold a grudge against, protect
yourself and this network by being very conscious of your behaviour, locations,
types of communications, and who might be watching. Separate means of
communications for each network. Be mindful of what you post on social media.
Behave like you are
always being monitored – digitally and physically. Whenever possible behave
above reproach. When confronted with a dilemma, always try to select the option
with the highest moral fibre.
Groups and networks are
encouraged to vet members. Why is this new node trying to connect to the
network right now? For your benefit or theirs?
From an electronic
protection point-of-view…keep your virus protection up-to-date, same with
operating system updates. Use a VPN to shield you from malevolent watching
eyes. Clear your cache memory of cookies…daily. Determine the best payment
method for your online lifestyle and understand this could have negative results.
From a physical
protection point-of-view…understand you and your data are valuable to someone.
Determine is reward points are worth losing your identity? Credit cards and
debit cards allow others to track how you spend your money. If at some point,
someone does not like what you purchase, you could receive negative attention.
Finally, make a
determined effort to break your patterns, from time-to-time. Become
unpredictable!!
Until next time…ponder
how things are connected!
Mountainman.
Very interesting post Mountainman. J&K
ReplyDelete