Tag: database

Cyberwars: FBIs Facial Recognition Database

facial_rec1This past summer, the FBI was compelled to release information about the operational facial recognition database they working on. As part of its Next Generation Identification (NGI) program, this database is part of the FBIs efforts to build a “bigger, faster and better” means of biometric identification. Earlier this month, the FBI announced that the system is now working at “full operational capability”, and many people are worried…

To break it down, the NGI database is made up of millions of stored mugshots and other photos, which are then used when analyzing footage taken by CCTV feeds or other cameras around the country. The full deployment of the program comes three months after James Comey, the bureau’s director, announced that the agency was “piloting the use of mug shots” alongside the bureau’s other databases, in order to catch wanted criminals.

FBI_NGI_Slide_WideDesigned to replace the bureau’s aging fingerprint database, the NGI is different in that it is designed to be multimodal. This means that it will link multiple forms of biometric data to biographical information such as name, address,  ID number, age and ethnicity. It’s currently focused on fingerprint and facial records, but it will also be capable of holding iris scans and palm prints, with the possibility of added voice recognition and gate analysis (i.e. how people walk).

As the FBI said in a statement on Monday, Sept. 15th, the NGI, combined with fingerprint database:

[W]ill provide the nation’s law enforcement community with an investigative tool that provides an image-searching capability of photographs associated with criminal identities.

Naturally, the worries that this database will be another step towards “Big Brother” monitoring. However, what is equally (if not more) worrisome is the fact that the details of the program are only a matter of public record thanks to a lawsuit filed by the Electronic Frontier Foundation. The lawsuit was issued in June of 2013, wherein the EFF compelled the FBI to produce records in accordance Freedom of Information Act to detail the program and its face-recognition components.

facial_recCiting the FBI documents, the EFF claims that the facial recognition technology is not very reliable and that the way the database returns results is fundamentally flawed, as well as pointing out that it will indiscriminately combine the details of both criminals and non-criminals. Based on their own interpretation, they claim it could fail 20 percent of the time, which could lead to innocent persons becoming the subject of police investigations.

Nevertheless, the bureau remains confident that the system will simplify and enhance law enforcement both locally and federally. As they said of the program when it was first announced back in 2011:

The NGI system has introduced enhanced automated fingerprint and latent search capabilities, mobile fingerprint identification, and electronic image storage, all while adding enhanced processing speed and automation for electronic exchange of fingerprints to more than 18,000 law enforcement agencies and other authorized criminal justice partners 24 hours a day, 365 days a year.

fingerprint_databaseIn 2012, the NGI database already contained 13.6 million images (of seven to eight million individuals) and by mid-2013, it had 16 million images. We now know it aims to have 52 million facial records in its system by next year, and those will include some regular citizens. This is another source of concern for the EFF and civil liberties advocates, which is the estimated 4.3 million images taken for non-criminal purposes.

Whenever someone applies for a job that requires a background check, they are required to submit fingerprint records. These records are then entered into federal databases. Right now, the FBI’s fingerprint database contains around 70 million criminal profiles, and 34 million non-criminal records. With the NGI database now up and running, photographs can be submitted by employers and other sources along with fingerprints, which puts non-criminals on file.

FBI-facial-recognitionThe database, while maintained by the FBI, can be searched by law enforcement at all levels. According to Jennifer Lynch, the EFF attorney behind the lawsuit:

Your image would be searched every time there is a criminal investigation. The problem with that is the face recognition is still not 100 percent accurate.” This means that the system is liable to make mismatches with data. If a camera catches a criminal’s face and that is compared to images in the database, there’s no guarantee that it will pop up an accurate result. 

What’s more, when the database is searched it does not return a completely positive result; but instead provides the top hits, ranked by probability of match. So if your face just happens to be similar to a snapshot of a criminal caught in CCTV footage, you may become a suspect in that case. Combined with other forms of biometric readers and scanners, it is part of a general trend where privacy is shrinking and public spaces are increasingly permeated by digital surveillance.

internet-of-things-2This sort of data exchange and on-the-ground scanning will be made possible byand is one of the explicit aims ofFirstNet, the nationwide broadband network for law enforcement and first responders, colloquially referred to by some as the “internet of cops”. Much like all things pertaining the expansion of the internet into the “internet of things”, this sort of growth has the capacity to affect privacy and become invasive as well as connective.

As always, fears of an “Orwellian” situation can be allayed by reminding people that the best defense is public access to the information – to know what is taking place and how it works. While there are doubts as to the efficacy of the NGI database and the potential for harm, the fact that we know about its inner workings and limitations could serve as a legal defense wherever a potentially innocent person is targeted by it.

And of course, as the issue of domestic surveillance grows, there are also countless efforts being put forth by “Little Brother” to protect privacy and resist identification. The internet revolution cuts both ways, and ensures that everyone registered in the torrential data stream has a degree of input. Fight the power! Peace out!

Sources: motherboard.com, arstechnica.com, singularityhub.com

Cyberwars: Watching the US and China in Real-Time

norse-hacking-map-640x353Since the dawn of the internet age, there has been no shortage of stories about hackers, malware-peddling malcontents, online scams and identity theft. Add to that the growing consensus that wars in the future will be fought online through “cyberwarfare divisions”, and you can understand why such positive statements once made about the internet – like how it would bring the world together and create “a global village” – would seem incredibly naive now.

However, despite the prevalence of hacking and cyberwarfare-related fear, very few people have actually experienced what it is like. After all, the effects of hacking are mostly invisible to the untrained eye, with the exception of very-high-profile database breaches. Now, though, a security company has produced a fascinating geographic map that shows global hacking attempts in real-time. And of course, the ongoing battle between US and Chinese forces accounts for much of it.

norse-china-usa-hacking-smallerThe real-time map, maintained by the Norse security company, shows who’s hacking who and what attack vectors are being used. The data is sourced from a network of “honeypot” servers – essentially a juicy-looking target that turns out to be a trap -maintained by Norse, rather than real-world data from the Pentagon, Google, or other high-profile hacking targets. The Norse website has some info about its “honeynet,” but it’s understandably quite sparse on actual technical details.

If you watch the map for a little while, it’s clear that most attacks originate in either China or the US, and that the US is by far the largest target for hack attacks. You can also see that the type of hack used, indicated by the target port, is rather varied. Microsoft-DS (the port used for Windows file sharing) is still one of the top targets , but DNS, SSH, and HTTP are all very popular too. CrazzyNet and Black Ice – two common Windows backdoor programs often used by script kiddies and criminals – is also sure to pop up.

Unit-61398-Chinese-Army-Hacking-Jobs-With-Great-BenefitsOn occasion, the map is likely to show a big burst of coordinated attacks coming from China and directed towards the US. And while it is difficult to blame these attacks directly on the Chinese government (as they are adept at routing their attacks through other servers) government and independent researchers are confident the majority of these attacks are being directed by the People’s Liberation Army’s Unit 61398 – aka. the PLA’s cyberwarfare division.

A lot of hacks originate in the US, too, but their targets are much more varied. And in cases where Chinese facilities (or other nations that are nominally identified as hostile to the US) you can bet that the US Cyber Command at Fort Meade is behind the lot of them. But the map is still limited in that it uses Norse’s own honeypot operations to identify these attacks, and it therefore cannot be said with absolute certainty that real attacks happen in the same fashion.

nsa_aerialBut a general picture of the size and shape of global hacking and cyberwarfare can be divined by looking at the stats. Back in 2012, the US DOD reported that it was the target of 10 million cyber attacks per day. Likewise, the National Nuclear Security Administration says it saw 10 million attacks per day in 2012. In 2013, BP’s CEO said it sees 50,000 cyber attacks per day, and the UK reported around 120,000 attacks per day back in 2011.

While the extent and purpose of these attacks certainly varies, it is pretty clear that hacking and cyberwarfare is a global problem and something that governments, corporations, and institutions need to pay attention to. Last year, the Obama administration’s announced that it would not sit idly by in the face of stepped up attacks from China. However, the subsequent testimony and document leaks by Snowden showed that the US has been conducting its own attacks the entire time (and even beforehand).

And such is the nature of war, regardless of the context or the weapons used. States rattle their swords claiming they will not tolerate aggression, but there is always a fine line between maintaining one’s defenses and escalating a situation to the point that mutual destruction becomes inevitable. Perhaps the people who are currently fighting this alleged cyberwar should look to the past – specifically to the First World War and the Cold War – to see just how effective “arms races” are!

Source: extremetech.com, map.ipviking.com

The Future of Medicine: Brain Scan Databanks

AI_picCloud computing and the internet are having a profound effect on the field of medicine. As more and more patients have their records digitized and posted in online medical sources, doctor’s are able to better track patient histories, conduct referrals, and make speedier diagnoses. And now, doctors at John Hopkins University are working on a cloud-computing project specifically for children’s brain scans.

By collecting and categorizing thousands of MRI scans from kids with normal and abnormal brains, they say the resulting database will give physicians a sophisticated, “Google-like” search system to help find similar scans as well as the medical records of those children. Such a system could help not only enhance the diagnosis of brain disorders, but the treatment as well, maybe even before clinical symptoms are obvious to the naked eye.

Miller_JohnHopkinsMichael I. Miller, a lead investigator on the project who also heads up the university’s Center for Imaging Science, said in a news release:

If doctors aren’t sure which disease is causing a child’s condition, they could search the data bank for images that closely match their patient’s most recent scan. If a diagnosis is already attached to an image from the data bank, that could steer the physician in the right direction. Also, the scans in our library may help a physician identify a change in the shape of a brain structure that occurs very early in the course of a disease, even before clinical symptoms appear. That could allow the physician to get an early start on the treatment.

Susumu Mori, a radiology professor at the Johns Hopkins School of Medicine and co-lead investigator on what he calls the “biobank,” says that a collection of brain scans of this size will also help neuroradiologists and physicians identify specific malformations far faster than is currently possible.

brain-activityMori has spent the past four-plus years working on a clinical database of more than 5,000 whole brain MRI scans of children who’ve come through Johns Hopkins. This project involved indexing anatomical data on 1,000 structural measurements in 250 brain regions that were ultimately sorted into 22 brain disease categories, including infections, psychiatric disorders, epilepsy, and chromosomal abnormalities.

The project, which was made possible by a three-year $600,000 grant from the National Institutes of Health, is still in its pilot stage and available only to physicians and patients within the Johns Hopkins medical system. But the researchers say it could open up and expand to other networks in the coming years. Such an expansion would presumably benefit not only other physicians and patients, but the database itself.

brainscansResearchers are also working on a similar project to collect scans of elderly patients to focus on age-related diseases and neurological disorders. Combined with the pediatric databank, this new brain scan archive will not only help recognize established neurological disorders, but could even possibly help identify and classify new ones as well.

But one of the key words here in anonymous. While cloud computing and patient files may raise the specter of privacy for many, the current project maintains patient confidentially. And one can further assume that voluntary compliance will be maintained as databases like these expand. After all, one does not need to know a patient’s name in order to examine what anomalies their brains exhibit.

And in the meantime, be sure to check out this video of Michael Miller explaining the new brain scan project and computational anatomy in greater detail:


Source: news.cnet.com