December 30, 2003

Mathematics (false postives) and FBI Almanac Alert

[I wrote this in reply to a discussion about the FBI Almanac Alert story, for Dave Farber's list. It was replying to Hiawatha Bray (a Boston Globe reporter), commenting "I may be reading too much into this, but it suggests to me that they've been tipped off that the bad guys like almanacs. Some Guantanamo inmate probably gave it up under questioning.". Interestingly, my message didn't get passed onto the list, but his response to it did.]

Subject: Re: [IP] FBI Issues Alert Against Almanac Carriers

It would seem, with the reach of the IP list, that someone here is likely to have received a copy of the alert. Perhaps they could share? So we don't have to discuss it working from what might be selective excerpts?

But underlying the debate is a question as to whether the information actually does more harm than good. Here's a thought experiment to make it clearer:

Suppose some Guantanamo inmate gave up under questioning the following intelligence:

"We really liked using the New York Times crossword puzzle for a 'book code'. Of course we used the clues, not the answers. Think about it - using the first word of the clue, it's a list which is all nicely numbered, so that means no errors in counting out which word corresponds to which number. And pouring over it doesn't look suspicious. Moreover, just about everywhere, you can easily get a copy of the day's New York Times. So it works as common codebook between different cities and even different countries."

Useful info? Maybe. But would it do any good to issue an alert saying in part "Take into account any interest in the New York Times crossword puzzle?" (note not the Boston Globe crossword puzzle, or the Washington Post crossword puzzle, etc.)

From one point of view, it's another piece of information. But the problem is that it's such a common activity, there's also a very high chance that it'll be part of creating false positive.

Or, more bluntly (no offense meant to Hiawatha), this is the problem of "The criminal suspect is described as an African-American male".

[N.b. Hiawatha Bray is an African-American male, hence my no-offense comment.]

By Seth Finkelstein | posted in security | on December 30, 2003 11:59 PM (Infothought permalink) | Followups
Seth Finkelstein's Infothought blog (Wikipedia, Google, censorware, and an inside view of net-politics) - Syndicate site (subscribe, RSS)

Subscribe with Bloglines      Subscribe in NewsGator Online  Google Reader or Homepage