AT&T Invents Surveillance Programming Language

An anonymous reader writes "AT&T has long been associated with advances in the programming arts as well as communications. They've recently brought those disciplines together to create a powerful datamining language called Hancock. Hancock is a C variant developed to mine gigabytes of the company's telephone and internet records for surveillance purposes. 'The manual for the language includes a Hello World variant that shows you how to write a program that will parse logs of IP addresses and record them into permanent hashes. The program for parsing millions of records as they flow into permanent data farms sounds oddly close to the data mining the NSA performed after 9/11 to find targets for its warrantless spying on American citizens calls and emails."

Hancock.. worst name ever.

What, was Palmdong taken?

Re:Hancock.. worst name ever.

No, they thought Orwell would be too obvious.

Re:Hancock.. worst name ever.

Eh, it looks close enough to C that it can, in the vein of C++ and C#, be referred to as C====>

You're almost right

But bear in mind, this programming language was invented by people who are so insecure that they're willing to shred the Fourth Amendment to try and assuage their fear of terrorists. I think C=> might be more accurate.

John Hancock

Jokes aside, is this related to John Hancock?

John Hancock was an American Revolutionary, one of the signers of the Declaration of Independence. He signed it as largely and boldly as possible, much larger than any of the other signatures on that document, so that the King of England would have NO trouble identifying him in the face of his (and his compatriots) clear act of treason. His name is now synonymous with autograph or signature, as in, "Can I have your John Hancock here, please?"

If the AT&T technical staff called their data mining "language" Hancock, it may have been a poetic choice: AT&T is signaling their actions, and/or the actions of the government agents, are akin to treasonous. Yes, the charge of 'treason' is nearly moot in modern US law, but the fact remains that any sensible reading of the Constitution would not indicate any authority for what the government is doing with our communications.

Re:John Hancock

Actually, I would think that by calling it Hancock, they are referring to the fact that people monitored are supplying their own Hancock simply through their actions.

In other words, there would be no doubt as to who was behind the words coming from the machines. An involuntary Hancock as it were.

Ironic Name

One would think that John Hancock would not be pleased to learn that his name is being applied to a project that violates the Constitution he so famously signed.

!constitution

Hancock signed the Declaration of Independence.

Re:Ironic Name

Even more ironic that someone so focused on the rights in the Constitution would mistake it for the Declaration of Independence.

web server

Can I replace php with this? PHP is insecure I heard. Hancock must be secure because it is the government.

Heard near Massachusetts...

"Hey, what's that whirring sound?"

"It's the founding father [wikipedia.org] this programming language is named after...spinning in his grave..."

And what do facebook use?

Monitoring communities of interest is no doubt something of interest there..

Variations

We are already working on:

• Hancock++ - Because a single + was not enough
• H# - .NET version of the language
• GNU/Hancock - Returns the results as an open source document and publishes it to the freakin' world
• GoogleHancock - Datamines Chinese citizens and returns the results to party headquarters and the People's 9mm Ammunition Billing System
• HancockScript - Great for client side mining

Ummm....

This is at least a decade old, was published in 2000 (I like the breathless "unearthed today", like it was some sort of secret -- the original Hancock paper is listed as having 29 cites) and has rather obvious applications for marketing, billing and security. The "oddly close to the data mining the NSA performed after 9/11" seems a bit excessive.

Don't worry!

If you haven't done anything wrong, then you have nowhere to hide!

Whoops - I mean nothing. Nothing to hide.

Hello world

update Users set Status = 'suspicious' where Username in (SELECT Username, ipAddress, MissleAddress from IncomingCalls ic, OutgoinCalls oc where Volume = 'whispering' and Username not in (select Username from RepublicanDonors));

not a new language

this is a collection of libraries and some domain specific keywords/structures, but to say that this is a new language is a stretch of imagination.

perl

Well, at least they didn't realize they could do it in perl and then give perl the bad name...

*AFTER* 9-11?

I think we've been seeing a trickling of stories and evidence showing that Bush/Cheney/Addington were ALREADY doing many 'questionable' things prior to 9-11. At the speed of government, doesn't it make you ask how they were able to cobble together the DHS?! And if I recall, some of the surveillance activities declined by Qwest were requested prior to 9-11.

Bottom line? 9-11 is irrelevant to their intent... 9-11 helped provide some justification in the eyes of some, but the evidence shows that this stuff has been planned WELL in advance of 9-11 and this is not a reaction or over-reaction.

Prior Art

The language already exists: it's Soviet East German.

Hello World in Surveillance Language

The manual for the language includes a Hello World variant

Never has that program name been so fitting.

Proof? We don't need no stinking proof!

The program for parsing millions of records as they flow into permanent data farms sounds oddly close to the data mining the NSA performed after 9/11 to find targets for its warrantless spying on American citizens calls and emails.

Ok, this is going WAY too far! Could you have at lease included some LINKS to actual PROOF that ANY government agency conducted warrantless spying on US citizens? I mean other than the FUD that the NYT and Democrats spread which also is not based on any actual proof. IIRC the warrentless wiretaps were on NON-US citizens that were OUTSIDE of US jurisdiction. The whole "it's common knowledge that" defense is wearing quite thin. If you're going to make outrageous claims, you need to back them up with actual proof. No wonder he posted as AC.

I sense a new meme!

I've been Hancocked!

Oh lord...

I try to stay upbeat about all this, I try to think of ways to fight back against this kind of crap, I do everything I can to not have to deal with this kind of obscenely orwellian garbage...but...sometimes it just hits ya right in the gut...and you feel dreadfully sick...

Hancock

with a Manual Guide... I wonder when this application will "cock up" (in English parlance) and screw over people not part of the serve.. sir vail-ance ... umm surveillance.

I thought many of these ISP and ISP parent companies had stated officially that they had issues with excessive data retention (storage space, processing of the enormous data sets, legal issues, etc...). Now, this, from one company that is probably going to make some enemies.

What good (other than government surveillance and corporate marketing) can come from this without harming privacy?

Did anyone read up on the language?

Its basically just C with some generic structures thrown on top of it.

Also, it was created in 2000.
Its intent, as some have mentioned, was marketing.
Basically it does what Google Analytics or WebTrends does for the web.

It actually seems like a nice language, for those who want to quickly run through gigs of data.

I see nothing evil about the language itself.
It, like C, perl, PHP, or any other language you chose to use - Can be used for whatever purpose the programmer chooses.
Its intent was marketing, and almost every company in existence wants to know more about their customers.

Hancock Written Before 2001

Gee, can you conspiracy theorists take a break for a second and consider that, just perhaps, this was written for commercial telecom management, marketing and fraud detection purposes? It was written and in the public domain before 9-11.
The US Government uses Linux, so are we to presume that Linus Torvalds is an agent of George Bush and the broad conspiracy to spy on you?

Hash indeed...

'The manual for the language includes a Hello World variant that shows you how to write a program that will parse logs of IP addresses and record them into permanent hashes

Sure, I can just imagine what the hash function is, based on AT&T's recent history:

long long hashForNsaEyesOnly(long long phoneNum) {
int wink = -1;
int nod = -1;
return (2 * phoneNum * wink * nod) / 2;
}

AT&T may not have invented it entirely....

If you look here [findlaw.com] and research the case a bit, you'll find that a Maryland company may have actually been more responsible for ATT's abilities than ATT would like to admit. That company is now defunct, unfortunately, and so it's now safe for ATT to pretend that they've done work in the area without answering to more law suits.

It was a very technically challenging job. We helped to index records for these guys [lexisnexis.com] until mid-2005. We did it in effectively O(n) time - the cool factor was higher than the say-nothing factor.

And yes - I know that academia will claim that it's not possible, that data correlation must be O(n^2). For the decade that we did it, we were sure glad that academia held to that position.

Enough reminiscing.

A "new" concept?

Wat, someone reinvented regexp?

Great Name!!

Because I know the Han(d)s are on my shoulders and I then know where the rest of the name is going!!

Ellen Hancock?

Any of you young-uns here remember the clipper chip? President Clinton's ingenious plan to bug every phone in America:

http://en.wikipedia.org/wiki/Clipper_chip [wikipedia.org]

Wasn't Hancock the name of the academic stooge that was pushed front and center by the feds to shill for this thing, claiming that we could trust Bill & Algore with the key escrow? I seem to remember a fawining article in the ACM Communications pimping for the clipper chip.

I wanna say Ellen Hancock, former IBM and Apple exec, but her bio makes no mention of time spent in academia or shilling for bad wiretapping schemes:

http://en.wikipedia.org/wiki/Ellen_Hancock [wikipedia.org]

Even if it's not her, I wonder if the programming language namesake and the government spying toady are one in the same.

Hancock's Half Hour

Hancock's Half Hour

The time taken to scan any arbitrary volume of call detail records, being half that of prior technologies.

Oh I love it.

The system was built in the late 1990s to develop marketing leads, and as a security tool to see if new customers called the same numbers as previously cut-off fraudsters -- something the paper refers to as "guilt by association."

When I was hacking and phreaking back in 1980 to 1987 me and some friends were writing War Dialers for PC's, Apple II and C64's. We had something like 2000 people running our software round the clock, all working on finding long distance codes.

I started to notice patterns on how people would get busted.
Kid A finds a valid code.
Kid A calls his buddy Kid B using the code, and gives him the code.
Kid B then calls Kid A back using the code.
From there the dispersion of this code goes out exponentially for 2 weeks till the code gets deactivated.

I start to see a pattern were this kids would then get Busted, or at least a nasty phone call, maybe even some letters.

Later I would start to see my software pass over valid codes as not valid.

The phone networks started to sense we were trying numbers sequentially and deactivate them just before we would try it.
This had to be done in realtime.
Next was pseudo random numbers we were using, but this eventually failed in the same way.
Then I used just the random() function in the basic language our code ran in.
That also eventually started to fail!

Noticing this intelligence in the system I came up with what I called the reverse pyramid around 1983.

I Eventually came up with a scheme for pseudo random generators that wouldn't fail. This was done using a central server(over phone lines) and was the only way to solve this since it had become obvious that telco security people were also getting copies of our war dialers. ( The purpose for pseudo random instead of pure random was that we wanted to get full coverage of a specific number space each kid was scanning. )

  Basically the dialers would not tell the kid running the software they had come across a code.
  Instead it would contact a very small server hidden in the phone network and upload the code it had found.
  Then at a regular interval, all thousands of users would get the same code all at once.
  Most kids probably thought that it was there computer that had found the code, but really it was out of a large pool of codes we had acquired. This solved the "guilt by association." problem.

  So after the code was disbursed widely starting with what would usually be the last people to get a code, it would throw off such fancy analysis tools.
  Then after a week or so the "inner circle" of our core group would start using the code, when they were well in the noise of millions of people stealing long distance using the same code.

Anyhow, the point of all of this is to finally see some confirmation that they had developed such software that they were using against us, and that out countermeasures had worked.

What's the license?

This might be an interesting language for many purposes... just because those who created it had one purpose in mind, doesn't mean it can't be used elsewhere. But that depends on the license, which the article doesn't seem to mention.

The license clearly isn't BSD, but it could, conceivably, be GPL...depending on what the article writer translated into "Hancock's source code and binaries (now up to version 2.0) are available free to noncommercial users from an AT&T Research website. " (In the article there's a link to the source code site...but without knowing the license I'm not looking any further.)

Obligatory

Nothing to C here. Move along.

Good one...

SQL jokes FTW!

Alternate method for accessing the internet

I wish the satellite providers would offer (one way) internet service. They could use several TV channels, and continously download channels of information. You could have a geek channel with slashdot, cnet, lwn (linux week news). You could have a news channel. Yes could still get on the internet through other means as well. 0) No extra satellite dish required. 1) We have very large, affordable, hard drives to store the information. 2) We have many channels available on satellite already and most of the existing stuff is useless anyway. Unfortunately the satellite provider would determine what to download. There also may be IP concerns but I think these are minor. What do you think?

Re:That's the last thing we need!

While normally I'd quite agree with you, straight from the article (and not Zonk), right at the start:

From the company that brought you the C programming language comes Hancock, a C variant developed by AT&T researchers to mine gigabytes of the company's telephone and internet records for surveillance purposes.

less inflamitory, later it states:

The system was built in the late 1990s to develop marketing leads, and as a security tool to see if new customers called the same numbers as previously cut-off fraudsters -- something the paper refers to as "guilt by association."

It seems to have been created with slightly better intent (fraud detection, as well as, unfortunately, marketing - your phone company is spyware!).

A tool may not necessarily be bad, but it can have more bad uses than good, and may be been intended for rathern malevolent purposes. The rack comes to mind (although this language certainly isn't in that league).

Re:That's the last thing we need!

The problem has never been the tool. It's the application of the tool, and the people who wield it.

Consider, for instance, a baseball bat. Under normal useage, it's used to play a game. Sure, accidents do happen, sometimes erious, but these are minority cases. For the most part, it's all in fun.

Now consider that baseball bat in the hands of a crazed psychopath who thinks YOUR head is a baseball. See the difference?

Re:That's the last thing we need!

Now if if someone is using a tool in a way you don't like, then just say so, don't try to cast aspersions on the tool itself.

The problem with power is that if it can be abused... It will be.

So it often behooves citizens to keep these tools out of the hands of the government as long as possible.

Not that it will make much difference in the end.

Re:That's the last thing we need!

Too many European countries are also planning for large amount of data collection.

Anyway - just because it's possible to collect and mine data doesn't mean that the same tools can be used by the "bad" guys too to understand how the technology can be circumvented or made to be misleading.

But a new tool may find new surprising uses too, so there are nothing that can be considered completely bad by this tool.