AT&T's 1.9-Trillion-Call Database

[Dave Farber <dave () farber net>]

-------- Original Message --------
Subject: AT&T's 1.9-Trillion-Call Database
Date: Sun, 05 Mar 2006 16:06:58 -0800
From: Kurt Albershardt <kurt () nv net>
To: dave () farber net

<http://www.schneier.com/blog/archives/2006/03/atts_19trillion.html>
March 03, 2006
AT&T's 1.9-Trillion-Call Database

This whole article
<http://www.nytimes.com/2006/02/25/technology/25data.html> is worth
reading, but I (Bruce) found this tidbit particularly interesting:


He was alluding to databases maintained at an AT&T data center in
Kansas, which now contain electronic records of 1.92 trillion telephone
calls, going back decades. The Electronic Frontier Foundation, a
digital-rights advocacy group, has asserted in a lawsuit that the AT&T
Daytona system, a giant storehouse of calling records and Internet
message routing information, was the foundation of the N.S.A.'s effort
to mine telephone records without a warrant.

An AT&T spokeswoman said the company would not comment on the claim, or
generally on matters of national security or customer privacy.

But the mining of the databases in other law enforcement investigations
is well established, with documented results. One application of the
database technology, called Security Call Analysis and Monitoring
Platform, or Scamp, offers access to about nine weeks of calling
information. It currently handles about 70,000 queries a month from
fraud and law enforcement investigators, according to AT&T documents.

A former AT&T official who had detailed knowledge of the call-record
database said the Daytona system takes great care to make certain that
anyone using the database - whether AT&T employee or law enforcement
official with a subpoena - sees only information he or she is authorized
to see, and that an audit trail keeps track of all users. Such
information is frequently used to build models of suspects' social networks.

The official, speaking on condition of anonymity because he was
discussing sensitive corporate matters, said every telephone call
generated a record: number called, time of call, duration of call,
billing category and other details. While the database does not contain
such billing data as names, addresses and credit card numbers, those
records are in a linked database that can be tapped by authorized users.

New calls are entered into the database immediately after they end, the
official said, adding, "I would characterize it as near real time."

According to a current AT&T employee, whose identity is being withheld
to avoid jeopardizing his job, the mining of the AT&T databases had a
notable success in helping investigators find the perpetrators of what
was known as the Moldovan porn scam.

In 1997 a shadowy group in Moldova, a former Soviet republic, was
tricking Internet users by enticing them to a pornography Web site that
would download a piece of software that disconnected the computer user
from his local telephone line and redialed a costly 900 number in Moldova.

While another long-distance carrier simply cut off the entire nation of
Moldova from its network, AT&T and the Moldovan authorities were able to
mine the database to track the culprits.

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/