Media coverage of ISIS often comments on one of their strengths being their online social media presence.
How has the US allowed this to continue? ISIS control a small strip of territory in Northern Syria and Iraq. How many IP addresses can there be in the entire region?
Given the US security services much vaunted computer surveillance powers this seems a relatively easily solved problem. How is every IP address and every HTTP transaction from that region not controlled, analysed and triangulated, in such a way as it is up to the US decides what everyone in ISIS controlled territory does or does not post (and knows where they posted it from).
Am I underestimating what the technical issues are? Or is the reality that this is happening and ISIS’s online presence is basically just jihadist wannabes in suburban mum’s basements far from the action?
Like any good covert Internet action, one would assume they are not coming from their own IPs at all. They are using proxies and bots to do their dealings under the guise of, say, Romanian IPs.
Millions of not-terrorists people use proxies every day to do stuff like watch blacked out MLB games and have socks on message boards (hi guys!) It’s not like it’s complicated to carry out but it is complicated to detect.
But the initial connection to that Romanian proxy will have to come out of the ISIS controlled territory. There are presumably not that many wires coming out of the ISISland. Compared to some of the monitoring we know the US security services can achieve, monitoring each and every transaction going over those wires does not sound too hard to me.
Of course not. What makes you think any of this is happening realtime?
A fistful of flash drives smugged out of ISIS territory to a friendly geek in a nominally neutral country nearby (say, Turkey) is enough. After a couple of anonymous proxies, the Youtube posting or website update could look like it came from anywhere.
Are you suggesting we should nuke Turkey’s internet capability?
Which is the latter case I describe above. That “ISIS” as in the extremist militia that controls parts of Iraq and Syria does not really have an internet presence, despite what the media says, the “ISIS” internet presence is actually a bunch of nerds far from the action posting in the safety of their mom’s basements. Though I am not sure that is the case.
Turkey is a major modern power with all the internet presence that entails, finding the people posting ISIS propaganda there would be as hard as finding people illegally streaming NFL games. The OP was specifically concerned with the actual ISIS controlled territories.
Also stories like thismake me think the posting is actually happening from ISIS territory.
Rather than “combing through social media” why aren’t we controlling every IP connection going in or out of ISIS territory? It’s not Silicon Valley I cannot imagine we are talking about millions of connections a second.
The US does not own the internet. We don’t have anything to do with “allowing” people to use the internet as they see fit, and to erect some kind of global firewall to screen against that would be contrary to the principles of a free and democratic nation.
We have already seen instances in which the US used OSINT on social media to action targets. Even if the US had the ability to shut down all ISIS communications, that would not be desirable. Better to let them communicate on a channel you can surveil than drive them onto a channel you cannot.
Anonymity proxy schemes are extremely effective. Programs such as TOR route encrypted data through multiple proxies in such a way that no single computer sees the entire transmission from point A to point B. Skype was also designed to be extremely resistant to interception. If you know of a way to defeat TOR’s proxy networks, the NSA has a job opening for you.
It is not the United State’s job to police the entire world’s internet. Let the Syrians and Iraqis solve their own problems.
As opposed to dropping bombs on them, which is totally in line with the principles of a free and democratic nation? Its ok to blow them up, but messing with their internet is beyond the pail?
And again its not global, or even regional. It is very limited (anything else would not be technically feasible). I don’t actually know how many internet enabled devices exist in the zone controlled by ISIS but simple common sense says it can’t be that many, and the internet infrastructure in an area governed by ISIS is as valid a target as the command and control buildings that we are blowing up.
Why I suggested we would control what gets posted and what does not.
Again things like this are only in a large internet based society where they can be hidden amongst a ton of other traffic. If the wire between you and the rest of the internet is compromised all the proxies the world won’t help you.
You can’t triangulate, there is only one satellite. I doubt that you can tell where the user is except in the large area that the satellite serves. Then you send files to an associate in Central Europe.
You’d be surprised - you can post to Twitter via SMS from any old mobile phone (hence the character limit). Many cheap feature phones these days let you post to Facebook too if you can get any sort of data signal. Smartphones aren’t exactly rare in the world either, even quite elderly ones are still capable of uploading video.
So, you’d have to take the entire telecoms infrastructure of the area offline. That’s not easy, as several repressive regimes have found to their cost.
Surely the U.S. has the capability to monitor traffic on the Internet in various ways, but I’ve never thought about whether the USG has the legal authority to seize electrons that are on their way to Instragram or Twitter. Sure, we could likely use various means to locate where the data came from (like the incident of a guy tweeting a selfie of him in front of an ISIL HQ, not knowing that his GPS coordinates were tagged on the photo, followed by the Air Force dropping bombs on that place hours later), but that’s very different from prohibiting a U.S. business from receiving communications from a person we probably can’t identify with great precision.
You miss the point: We’re not messing with **their **internet, we’re messing with ours. Establishing this kind of regime would require the government to compel every ISP in the nation to categorically ban traffic from Iraqi and Syrian IPs, and monitor all overseas fiber optic cables (which they already do) and filter Iraqi and Syrian IPs at the node where they enter the US. This would be a “Great Firewall” similar to what China uses. That’s something the US isn’t going to tolerate.
The big problem is that there is no “ISIS” infrastructure vs. “civilian” infrastructure. This is infrastructure that the Iraqis are going to need when they re-take their areas. I get that the media likes to make the US look like a bunch of trigger-happy retards, but the fact is that they do think about these things. Right now, US counterinsurgency strategy is still centered on the idea that destroying things that benefit the civilians will only drive them into ISIS’ arms.
As for the proposition of destroying every single phone line, TV cable, and satellite dish in Syria and Iraq, I think you underestimate how hard that actually is.
This is true. The only vulnerability is between the user and the first proxy node, where the traffic’s origin IP is identifiable. But again, you underestimate the problem. We cannot just reach into another country’s internet and snatch their data. To do so, they would have to transmit their data through a node that we control. FWIW, TOR is vulnerable to a man-in-the-middle attack, but it takes a lot of resources to pull off.
This is the point, I am not sure why we can’t identify him with great precision. ISIS’s region of control isn’t that big. And there can’t be that much internet infrastructure there.
I realize even in a war zone lots of people (ISIS and otherwise) still use smartphones. But as “big data” problems go that doesn’t seem like too difficult a one to me, it seems quite doable to make sure every IP packet coming out of that region goes through a server in Langely. And identify the origin of every single IP address we see, and whether its posting stuff associated with ISIS (we are just talking facebook and twitter here, not super secure peer-to-peer encrypted comms).