AT&T Invents Surveillance Programming Language

An anonymous reader writes "AT&T has long been associated with advances in the programming arts as well as communications. They've recently brought those disciplines together to create a powerful datamining language called Hancock. Hancock is a C variant developed to mine gigabytes of the company's telephone and internet records for surveillance purposes. 'The manual for the language includes a Hello World variant that shows you how to write a program that will parse logs of IP addresses and record them into permanent hashes. The program for parsing millions of records as they flow into permanent data farms sounds oddly close to the data mining the NSA performed after 9/11 to find targets for its warrantless spying on American citizens calls and emails."

And what do facebook use?

[ztransform]

Monitoring communities of interest is no doubt something of interest there..

Re:That's the last thing we need!

[ByOhTek]

While normally I'd quite agree with you, straight from the article (and not Zonk), right at the start:

From the company that brought you the C programming language comes Hancock, a C variant developed by AT&T researchers to mine gigabytes of the company's telephone and internet records for surveillance purposes.

less inflamitory, later it states:

The system was built in the late 1990s to develop marketing leads, and as a security tool to see if new customers called the same numbers as previously cut-off fraudsters -- something the paper refers to as "guilt by association."

It seems to have been created with slightly better intent (fraud detection, as well as, unfortunately, marketing - your phone company is spyware!).

A tool may not necessarily be bad, but it can have more bad uses than good, and may be been intended for rathern malevolent purposes. The rack comes to mind (although this language certainly isn't in that league).

John Hancock

[Speare]

Jokes aside, is this related to John Hancock?

John Hancock was an American Revolutionary, one of the signers of the Declaration of Independence. He signed it as largely and boldly as possible, much larger than any of the other signatures on that document, so that the King of England would have NO trouble identifying him in the face of his (and his compatriots) clear act of treason. His name is now synonymous with autograph or signature, as in, "Can I have your John Hancock here, please?"

If the AT&T technical staff called their data mining "language" Hancock, it may have been a poetic choice: AT&T is signaling their actions, and/or the actions of the government agents, are akin to treasonous. Yes, the charge of 'treason' is nearly moot in modern US law, but the fact remains that any sensible reading of the Constitution would not indicate any authority for what the government is doing with our communications.

AT&T may not have invented it entirely....

[Algorithmnast]

If you look here [findlaw.com] and research the case a bit, you'll find that a Maryland company may have actually been more responsible for ATT's abilities than ATT would like to admit. That company is now defunct, unfortunately, and so it's now safe for ATT to pretend that they've done work in the area without answering to more law suits.

It was a very technically challenging job. We helped to index records for these guys [lexisnexis.com] until mid-2005. We did it in effectively O(n) time - the cool factor was higher than the say-nothing factor.

And yes - I know that academia will claim that it's not possible, that data correlation must be O(n^2). For the decade that we did it, we were sure glad that academia held to that position.

Enough reminiscing.

Ellen Hancock?

[Anonymous Coward]

Any of you young-uns here remember the clipper chip? President Clinton's ingenious plan to bug every phone in America:

http://en.wikipedia.org/wiki/Clipper_chip [wikipedia.org]

Wasn't Hancock the name of the academic stooge that was pushed front and center by the feds to shill for this thing, claiming that we could trust Bill & Algore with the key escrow? I seem to remember a fawining article in the ACM Communications pimping for the clipper chip.

I wanna say Ellen Hancock, former IBM and Apple exec, but her bio makes no mention of time spent in academia or shilling for bad wiretapping schemes:

http://en.wikipedia.org/wiki/Ellen_Hancock [wikipedia.org]

Even if it's not her, I wonder if the programming language namesake and the government spying toady are one in the same.

Re:Ironic Name

[Anonymous Coward]

What specifically makes this technology anti-constitutional rights?

At a glance, it looks like a fairly cool graphing toolkit. Sure the sample apps are for marketing and "tracking terrorists." Seems like there are probalby tons of uses. Just like the bittorrent people always say... just because it's primarily used for breaking the law doesn't mean it doesn't have legit uses.

Oh I love it.

[Anonymous Coward]

The system was built in the late 1990s to develop marketing leads, and as a security tool to see if new customers called the same numbers as previously cut-off fraudsters -- something the paper refers to as "guilt by association."

When I was hacking and phreaking back in 1980 to 1987 me and some friends were writing War Dialers for PC's, Apple II and C64's. We had something like 2000 people running our software round the clock, all working on finding long distance codes.

I started to notice patterns on how people would get busted.
Kid A finds a valid code.
Kid A calls his buddy Kid B using the code, and gives him the code.
Kid B then calls Kid A back using the code.
From there the dispersion of this code goes out exponentially for 2 weeks till the code gets deactivated.

I start to see a pattern were this kids would then get Busted, or at least a nasty phone call, maybe even some letters.

Later I would start to see my software pass over valid codes as not valid.

The phone networks started to sense we were trying numbers sequentially and deactivate them just before we would try it.
This had to be done in realtime.
Next was pseudo random numbers we were using, but this eventually failed in the same way.
Then I used just the random() function in the basic language our code ran in.
That also eventually started to fail!

Noticing this intelligence in the system I came up with what I called the reverse pyramid around 1983.

I Eventually came up with a scheme for pseudo random generators that wouldn't fail. This was done using a central server(over phone lines) and was the only way to solve this since it had become obvious that telco security people were also getting copies of our war dialers. ( The purpose for pseudo random instead of pure random was that we wanted to get full coverage of a specific number space each kid was scanning. )

  Basically the dialers would not tell the kid running the software they had come across a code.
  Instead it would contact a very small server hidden in the phone network and upload the code it had found.
  Then at a regular interval, all thousands of users would get the same code all at once.
  Most kids probably thought that it was there computer that had found the code, but really it was out of a large pool of codes we had acquired. This solved the "guilt by association." problem.

  So after the code was disbursed widely starting with what would usually be the last people to get a code, it would throw off such fancy analysis tools.
  Then after a week or so the "inner circle" of our core group would start using the code, when they were well in the noise of millions of people stealing long distance using the same code.

Anyhow, the point of all of this is to finally see some confirmation that they had developed such software that they were using against us, and that out countermeasures had worked.