About Defense Tech

Defense Tech examines the intersection of technology and defense from every angle and provides analysis on what’s ahead.

Tip Us Off

Tip for Defense Tech?

SEND IT!

It’s Confidential!

Data Diving

Drone Losses Debate

Tuesday, February 9th, 2010

I got an interesting response on my post last week about the Air Force’s 2010 OCO request for $216 million to buy 12 MQ-9 Reaper drones.

Air Force officials say the money is needed to replace lost or damaged Reapers from combat operations.

In my post, I noted that at least the intention was demonstrated in the request that the USAF would rather lose almost a squadron of MQ-9s in combat rather than one F-15 and its crew.

Well, my good friend and longtime Pentagon budget watchdog Winslow Wheeler pinged me with this rejoinder:

I think you are missing an important point in your comment about the 12 drone losses replacing aircraft/pilot losses.  I strongly suspect drone accident rates per 1,000 flying hours are well above, multiples, of aircraft accident loss rates per 1,000 hours. As for hostile losses, drones are so ridiculously easy for any modern (I.e. non-Taliban) air defense to deal with that I suspect, if ever we meet same, they will be quickly attrited.  Are there any drone losses to hostile fire in Afghanistan?  If there is any such number, it compares to zero (I believe) for aircraft.  Wheeler out.

 Well, I did a little research on the first argument, and here’s what I found. Wheeler has a point in that the lifetime Class A ($1 million in damage or death) mishap rate for the Predator/Reaper — as of December 2009 — was “multiples” above that of, say, the F-15 fleet. It takes a little finessing, but combining the lifetime totals of flight hours for the RQ-1 Predator (which begins in 1997) and the MQ-9 Reaper (which starts in 2004), we get a Class A mishap rate of 10.2 per 1,000 flight hours. [CLARIFICATION: The services’ safety centers canlculate mishap “rates” per 100,000 flight hours, typically. But I made my calculations based on Winslow’s 1,000 hour benchmark. Running the numbers, the Predator/Reaper official mishap rate would be 9.7 per 100K flight hours — still very high] The Air Force says it lost a total of 57 Predators since 1997 and seven Reapers. Both aircraft have flown a total of nearly 655,000 flight hours.

Looking at the F-15 rate, USAF stats show over the lifetime (since 1972), the F-15 platform has a Class A mishap rate of 2.42, with 140 aircraft damaged. It’s lifetime destroyed rate is 2.04 with 118 aircraft lost — and that’s over a lifetime total of almost 6 million flight hours. But the stat that 43 pilots have died behind the stick of an F-15 and two of those were killed in fiscal 2009, speaks volumes to the family and loved ones of the fallen. Despite the high mishap rate of the MQ-9, no pilots are dead because of it.

But, yes, the Predator/Reaper mishap rate is more than five times that of the F-15. 

Now on the shoot down issue, I just can’t weigh in. I’ll look into how many of those purported losses in 2009 were from shoot downs or malfunctions. But I don’t think it’s “ridiculously easy” to shoot down a Predator/Reaper. Small target, very high and relatively quiet when they’re up there…But I just don’t have any info on that yet.

I’ll post Winslow’s response when I get it.

– Christian

Terrorists Within our Borders

Wednesday, December 2nd, 2009

My ears perked up at this line last night in the president’s speech about Afghanistan. It’s one sentence that has potentially huge implications:

This is no idle danger; no hypothetical threat.  In the last few months alone, we have apprehended extremists within our borders who were sent here from the border region of Afghanistan and Pakistan to commit new acts of terror.

Has anyone heard about these apprehensions? Who are the perpetrators and what were they planning? This is explosive news. Am I just missing something?

Surely this is not a reference to the Somali gangs rounded up here and in Canada. “Last few months,” “within our borders,” “sent here … to commit acts of terror.”

Whoa. I’ll do some digging but if any readers have some insight into this please let me know.

– Christian

LMCO Not So Good DCMA Says

Tuesday, June 3rd, 2008

dcma.gif

Our freind Nick Schwellenbach over at the Project on Government Oversight dredged up a pretty damning report from the Pentagon’s Defense Contract Management Agency that calls Lockheed Martin’s aircraft division to the carpet for not keeping close track of costs.

Lockheed Martin, the worlds largest defense contractor, does “not provide the requisite definition and discipline to properly plan and control complex, multibillion dollar weapon systems acquisition programs,” states the executive summary of a November 2007 Pentagon report obtained by the Project On Government Oversight. Questions about this report are likely to be raised this morning at a Senate Armed Service Committee hearing on weapons acquisition.

The report by the Defense Contract Management Agency found that Lockheed Martins military aircraft division based in Fort Worth, Texas, is not compliant with contractually-required industry guidelines for tracking and managing costs called the “Earned Value Management System.” EVMS helps contractors and the government spot potential cost problems before they balloon out of control. This April the GAO reported $295 billion in cost growth for the 95 major weapons systems it reviewed bringing their estimated total price tag to $1.6 trillion.

The report will be highlighted today at a hearing of the Senate Armed Services Committee which will ask questions about “acquisition of major defense weapons systems” of John Young — who needs no introduction — and Katherine Schinasi, the GAO’s Managing Director of Acquisition and Sourcing Management (whatever the heck that means)…Our boy Colin Clark will be there to hear what’s what and he’ll have some follow-up gouge for you on what goes on.

The decline of Pentagon and contractor emphasis on EVMS was an unintended consequence of 1990s acquisition reform, Dr. James I. Finley, the Deputy Under Secretary of Defense for Acquisition and Technology, told POGO. EVM is getting more attention throughout industry now that the DoD is stressing compliance.

Ouch…

– Christian

New Spy Chief’s “Total Information” Ties

Friday, January 5th, 2007

“John Michael McConnell, the retired vice admiral slated to become America’s new top spy, [has some] longtime associations [which] may cause him headaches during Senate confirmation hearings,” Newsweek​.com notes.“One such tie is with another former Navy admiral, John Poindexter, the Iran-contra figure who started the controversial ‘Total Information Awareness’ program at the Pentagon in 2002.“
iaologo.gif


The international consultancy that McConnell has worked at for a decade as a senior vice president, Booz Allen Hamilton, won contracts worth $63 million on the TIA “data-mining” program, which was later cancelled
[kinda sorta — ed.] after congressional Democrats raised questions about invasion of privacy… While his role in the TIA program is unlikely to derail McConnell’s nomination, spokespeople for some leading Democratic senators such as Russ Feingold of Wisconsin and Ron Wyden of Oregon say it will be examined carefully.
McConnell was a key figure in making Booz Allen, along with Science Applications International Corp., the prime contractor on the project, according to officials in the intelligence community and at Booz Allen who would discuss contracts for data mining only on condition of anonymity because of the sensitivity of the subject. “I think Poindexter probably respected Mike and probably entrusted the TIA program to him as a result,” said a longtime associate of McConnell’s who worked at NSA with him…
Intel experts agree that McConnell will need all the good will he can get from the intelligence and defense communities. “It’s a good appointment for a bad office,” says John Arquilla, who teaches intelligence at the Naval Postgraduate School in Monterey, Calif. “The directorate of national intelligence should not exist. It’s very redundant.” Insiders say Negroponte was frustrated by his lack of budgeting control over Pentagon intelligence, and the resistance of the CIA to his direction since his office was created in 2004 as part of the Bush administration’s post-9/11 reforms.

And by the way, Rutty asks in the comments (I’m paraphrasing heavily here): What was McConnell’s role in Echelon — the NSA’s massive information sweeper, which got some much attention during the Clinton years? (The project had been around for decades, remember.)

Data Diver Disses Terror-Mining

Tuesday, December 12th, 2006

Jeff Jonas is one of the country’s leading practitioners of the dark art of data analysis. Casino chiefs and government spooks alike have used his CIA-funded “Non-Obvious Relationship Awareness” software to scour databases for hidden connections.
nyt_mag_terror_diagram.jpgSo you’d think that Jonas would be all into the idea of using these data-mining systems to predict who the next terrorist attacker might be.
Think again. “Though data mining has many valuable uses, it is not well suited to the terrorist discovery problem,” he writes in a new study, co-authored with the Cato Institute’s Jim Harper. “This use of data mining would waste taxpayer dollars, needlessly infringe on privacy and civil liberties, and misdirect the valuable time and energy of the men and women in the national security community.” Are you listening, NSA?
Jonas doesn’t have a problem cobbling together information on suspects from various databases. It’s using these databases to forecast a terrorist’s behavior — think market research, but for Al-Qaeda — that Jonas hates. “The possible benefits of predictive data mining for finding planning or preparation for terrorism are minimal. The financial costs, wasted effort, and threats to privacy and civil liberties are potentially vast,” he writes.

One of the fundamental underpinnings of predictive data mining in the commercial sector is the use of training patterns. Corporations that study consumer behavior have millions of patterns that they can draw upon to profile their typical or ideal consumer. Even when data mining is used to seek out instances of identity and credit card fraud, this relies on models constructed using many thousands of known examples of fraud per year.
Terrorism has no similar indicia. With a relatively small number of attempts every year and only one or two major terrorist incidents every few yearseach one distinct in terms of planning and executionthere are no meaningful patterns that show what behavior indicates planning or preparation for terrorism. Unlike consumers shopping habits and financial fraud, terrorism does not occur with enough frequency to enable the creation of valid predictive models. Predictive data mining for the purpose of turning up terrorist planning using all available demographic and transactional data points will produce no better results than the highly sophisticated commercial data mining done today
[with results in the low single-digits ed.]. The one thing predictable about predictive data mining for terrorism is that it would be consistently wrong.
Without patterns to use, one fallback for terrorism data mining is the idea that any anomaly may provide the basis for investigation of terrorism planning. Given a typical American pattern of Internet use, phone calling, doctor visits, purchases, travel, reading, and so on, perhaps all outliers merit some level of investigation. This theory is offensive to traditional American freedom, because in the United States everyone can and should be an outlier in some sense. More concretely, though, using data mining in this way could be worse than searching at random; terrorists could defeat it by acting as normally as possible.
Treating anomalous behavior as suspicious may appear scientific, but, without patterns to look for, the design of a search algorithm based on anomaly is no more likely to turn up terrorists than twisting the end of a kaleidoscope is likely to draw an image of the Mona Lisa.

Civil libertarians and bloggers have talked ’til they’re blue in the face about how lame this kind of terror-predicting is. But I don’t think I’ve ever heard a giant of the field, like Jonas, come out against the practice — at least not on-the-record. Let’s hope this is one conversation that the feds are monitoring.
(Big ups: Daou)
UPDATE 11:49 AM: Shane Harris here. Die-hard proponents of pattern-based ‘data mining’ to catch terrorists will remain unconvinced by Jonas’ and Harper’s argument. While it’s true that data mining in the commercial sector is based upon “training patterns,” backers of systems such as Total Information Awareness will say, yes, and that’s why data mining for terrorists has to start with hundreds — maybe thousands — of known or potential terrorist patterns to look for. A major part of TIA research was the creation of terrorist attack templates through red teaming exercises, in which experts were paid to come up with devious and clandestine plots that a terrorist might conceivably attempt. Their various machinations would, presumably, leave a set of digital footprints — airline tickets purchased, money wired, hotels paid for, and so on — and THAT data would be mined for clues.
What’s also interesting about this paper is the combination of the authors. Jim Harper is a well-known and articulate activist, and has long since staked out central territory in the security vs. privacy debate. But Jonas has stayed out of politics. Indeed, those who’ve met him will know that he sticks out like a sore West coast thumb among Washington gear heads, being unafraid to use the word “dude” in formal conversation and happily acknowledging his ignorance of most Beltway insider baseball. But those who know Jonas and have heard him speak about electronic terrorist hunting know that, like his co-author Harper, he has a strong libertarian streak. Maybe Jonas wouldn’t put it quite that way — dude — but it’s there.

Traveling Americans Get Terrorism Score

Friday, November 3rd, 2006

Do you know your official terrorism score? U.S. Customs agents will with a new database system that uses algorithms to figure out which international travellers warrant closer search.
The system, announced in theFederal Register today, is called the Automated Targeting System, which will use the Treasury’s watchlist (.pdf), data provided to it by the airlines, your I-94 form and other data sources to compute your terrorism risk when you cross the border.
Here’s what I had to say over at 27B/6:

The data — which includes all the information you give to an airline such as medical conditions, frequent flier number, special meal requests, home and email addresses, payment information and your travel agent’s names — will be held for up to 40 years. The data can be shared with any government agency or local law enforcement agency for civil or criminal matters, and can even be shared with foreign governments as data to test other data-mining programs, even ones not related to border security.
What happens if you have a name that’s similar to a suspected terrorist or drug smuggler? Conceivably, you could have your car torn apart every time you drive to Canada or have a blue-gloved agent checking your anus for dope every time you go to Cancun.
But surely, you’ll be able to remedy such mistakes using the Privacy Act, which prevents secret databases? Actually, no.

Full story and links to other bloggers here.
Hat Tip: JQP
On another note: This post concludes my week-long takeover of DefenseTech. Thanks for humoring me over here at Noah’s house. It’s been quite fun and I’m jealous of his great readers, tippers and commenters. He’ll return soon, but feel free to stop by my blog-house occasionally.
– Ryan Singel

Military Ballots’ Privacy Risks

Wednesday, November 1st, 2006

American troops could be putting their most personal information at risk — just by voting in next week’s elections.
Members of the armed forces, stationed overseas, can cast their vote with a Federal Write In Absentee Ballot, or FWAB, if they can’t get one from their local election boards. But that federal ballot, “Standard Form 186 (Oct 95),” comes with a major privacy risk, at least in some editions. The ballot has to be mailed in a special return envelope, in order to be properly processed. On military bases in the Pacific, Special Form 186 requires a service member to include his address, social security number, date of birth, and signature on the outside of that envelope.
envelopeback_crop2.jpg
In other words, everything needed to steal a soldier or sailor’s identity is on public display, for anyone to see (full pics: back, front). .
“You’d think the people running this program would’ve noticed. It’s a joke they didn’t, and it’s obvious no one was paying attention,” a Navy aviation electrician, attached to the 7th Fleet, tells Defense Tech.
Online editions of the FWAB seem to be more security-conscious, warning servicemembers “NOT [to] WRITE ANY PERSONAL IDENTIFYING INFORMATION ON THE ENVELOPE” — an envelope that’s largely blank.
But the paper ballots aren’t the only source of privacy concerns in the military voting system. An e-mail balloting program has been called into question, for using unencrypted data. “E-mail traffic can flow through equipment owned and operated by various governments, companies and individuals in many countries,” the Washington Post quotes an August report prepared for the Pentagon as saying. “It is easily monitored, blocked and subject to tampering.“
But even easier to monitor is a paper ballot, with personal data scrawled right on the outside of the envelope. Which is why the Navy aviation electrician refused to use the form.
“I wasn’t the only person who didn’t send the ballot in. It wasn’t worth the risk,” he notes. “I gave some money to the candidates instead.“
UPDATE 7:02 AM: What are the absentee ballots like where you’re stationed? Tell us here or write in.

Citizen’s Guide to Getting the Goods

Monday, October 30th, 2006

The Freedom of Information Act isn’t just for journalists or activist groups — citizens (with and without blogs) can also petition the federal government to turn over documents. While it’s rather simple to file a request, it’s a bit more complicated to file one that actually gets you information.
The Electronic Frontier Foundation, which hired two of the best FOIA filers in the country this summer, just updated its legal guide for bloggers with a FOIA primer.

How do I know what to ask for?

News articles, government reports, press releases, and Congressional hearings are good starting points for thinking up FOIA request ideas.

How do I make a FOIA request?

You can make a FOIA request by mailing or faxing a letter to the agency. You may also be able to submit your request by email. Check the agency’s web site for information about how and where to send requests.

Are there any step-by-step guides for writing and submitting FOIA requests?

Yes. Reporters Committee for Freedom of the Press has published a guide called How To Use the Federal FOI Act, and also has a FOI Letter Generator. The National Security Archive also has helpful guidance for FOIA requesters.

It’s a bit simplified since government agencies vary widely in their attitude towards requests. The best advice is to make your request very narrow. Ask for a report by name (for instance, ask for the Pentagon’s Inspector General’s report on the Iraqi National Congress), instead of asking for all agency records about Chalabi and the INC. (BTW, there’s a good possibility that report exists and hasn’t been published).
Another fun place to start would be to follow on Michael Ravnitzky’s FOIA work, which unearthed the indexes to four internal NSA publications, whose articles have tantalizing titles like “Was a Cryptologic Corporal.” All you have to do is look through the indexes, find a title or two that interests you and ask for it. You just might get it.
Another place to get inspired is Russ Kick’s The Memory Hole, a collection of documents he’s built with FOIA requests he’s filed after reading news articles. For instance, he’s the one who got official pictures of the coffins of soldiers killed in Iraq when they landed at Dover Air Force base, after the photography ban was debated in the news.
You could be charged a small amount, but generally if it’s going to be more than $25 dollars or so in fees, the agency will let you know.
And if an agency stonewalls you or ignores you, well, you can either sue yourself (not a good idea and even if you win, you don’t get attorney’s fees) or ask a group like EPIC or the First Amendment Center or a public interest law clinic to help.
Think of it like a letter to the editor or your congress critter, it’s something every citizen should try at least once.
On an unrelated note, I’m pretty honored that Noah handed me the keys and I’ll likely be focusing mostly on anti-terrorism and government database stuff since that’s my normal beat.
But keep the tips and comments coming and together we’ll keep DefenseTech humming while Noah racks up speeding tickets in 10 different states.
– Ryan Singel

LifeLog Trials Begin

Wednesday, May 17th, 2006

Those kooky, possibly-creepy defense programs are awfully hard to kill. Take LifeLog, Darpa’s controversial project to archive almost everything about people — where they’ve gone, what they’ve said, how they’re feeling. The agency seemed to pull the plug on the program, after some pesky reporters started looking into it. But seven months later, large portions of the electronic diary effort were back, under a new name: Advanced Soldier Sensor Information System and Technology, or ASSIST.
06MSEL015_soldsens01_LR.jpgNow, Darpa is showing its LifeLog ASSIST handywork off, at the Aberdeen Proving Grounds. Soldiers there, wearing a ton of cameras and sensors, are going on mock-patrol through a simulated Iraqi village — and recording the whole thing.

The sensors are expected to capture, classify and store such data as the sound of acceleration and deceleration of vehicles, images of people (including suspicious movements that might not be seen by the soldiers), speech and specific types of weapon fire.
A capacity to give GPS locations, an ability to translate Arabic signs and text into English, as well as on-command video recording also are being demonstrated in Aberdeen. Sensor system software is expected to extract keywords and create an indexed multimedia representation of information collected by different soldiers. For comparison purposes, the soldiers wearing the sensors will make an after-action report based on memory and then supplement that after-action report with information learned from the sensor data.

(Big ups: Boing Boing)

Watch List Snags Fellow Feds

Thursday, May 4th, 2006

How bad are the feds’ enemy-of-the-state databases? So bad, they can’t even keep fellow terror-hunters off their blacklists, Ryan Singel reports.
airlinetoy7.jpgThe Transportation Security Administration’s airline screening system “tends to mistake government employees and U.S. servicemen for foreign terrorists,” he writes in today’s Wired News. “Newly released government documents show that even having a high-level security clearance won’t keep you off the Transportation Security Administration’s Kafkaesque terrorist watch list, where you’ll suffer missed flights and bureaucratic nightmares.”

According to logs from the TSA’s call center from late 2004 — which black out the names of individuals to protect their privacy — the watch list has snagged…
* A high-ranking government employee with a better-than-top-secret clearance who is also a U.S. Army Reserve major…
* An active-duty Army officer who had served four combat tours (including one in Afghanistan) and who holds a top-secret clearance.
* A retired U.S. Army officer and antiterrorism/force-protection officer with expertise on weapons of mass destruction who was snared when he was put back on active-duty status while flying on a ticket paid for by the Army.

Now, I’m sure there have been improvements to the watch lists since 2004. But, as
Justice Department Inspector General Glenn Fine told Congress earlier this week, database managers still “had not ensured that the information in that database is complete and accurate. For example, the OIG found instances where the consolidated database did not contain names that should have been included on the watch list and inaccurate or inconsistent information related to persons included in the database.”

The OIG’s June 2005 report offered 40 recommendations to the TSC [Terrorist Screening Center] to address areas such as database improvements, data accuracy and completeness, call center management, and staffing. The TSC generally agreed with the recommendations and in some cases provided evidence that it has taken action to correct the weaknesses that the audit identified.
Since issuance of the audit, the TSC has initiated a record-by-record review of the terrorist screening database to ensure accuracy, completeness, and consistency of the records. TSC staff informed the OIG it is focusing first on the records deemed most important. According to the TSC, review of the entire database, which contains more than 235,000 [uh, make that 325,000] records, will take several years.

UPDATE 9:57 AM: Slashdot sez, “The Guardian newspaper has a great story about how the gathering of information for ‘anti-terrorist’ passenger screening databases allowed a reporter and security guru Adam Laurie to lay the groundwork for stealing the identity of a business traveller by using his discarded boarding-pass stub.”