Free Ali Al-Timimi

September 6, 2008

Link Analysis at the FBI: Part 2

Filed under: I Spy — sandboxarea @ 4:38 am


The Eyes have it

The Eyes have it: 1984 to 0


What’s your name? What’s your number? I would like to get to know you. Can we have a conversation? Well there’s really no need to come by to talk because the FBI has been monitoring your communications and all of your acquaintances for years.

This is part 2 of the “Link Analysis at the FBI” posts. The first part provides a brief overview of Link Analysis technologies. It also mentions how use of Link Analysis was halted by the Inspector General of the Justice Department in one covert program because of government abuse. And finally, the first part also discussed how the FBI issued a press release in which it admits that it used Link Analysis on Ali.

So just to recap, Link Analysis is built on 2 core technologies: analyzing relationships between objects and visualizing those relationships. So it’s not really about the objects themselves but the related characteristics of objects: does Eb and Oliver use the same phone? does Thelma and Louise use the same car? The more data inputted the better.


So now back to Ali’s case. Let’s first look at what the government says it used in performing Link Analysis on Ali and the Paintballers:

… so the FBI analyst used:

  1. Photos. (And from where did these photos come? Please don’t pay attention to the man in the bushes with the camera)
  2. Phone records
  3. A raft of other clues culled from databases and gathered by agents


The only specific item mentioned are the phone records. The photos are irrelevant as they only help the user of the Link Analysis software during the visualization of the results and not during the initial analysis phase. The “raft of other clues” is only important because they originated from other “databases”. This means that the FBI maintained or had access to multiple databases of discoverable evidence which were never turned over to the defense. 

Now let’s focus on the phone records as this is the only tangible item mentioned. You would think that the FBI would have obtained both Ali’s and the Paintballers’ phone records and analyzed them. Amazingly in court, the FBI said that they didn’t have them all… just a few.

It seems that all of the phone calls and emails that show that Ali had nothing to do with Paintballers traveling to Pakistan are missing from the FBI records. And of course, all of the phone calls and emails that have Ali working with the Saudi scholars to avoid the Iraq war and avoid a “clash of civilizations” with the West are also “not with the government”. Maybe somebody forgot to buy batteries for the tape recorder on those days… was that AA or AAA? In the post titled “Red Hook Pirates”, we’ll discuss the state of the art FBI monitoring technology built into every telephone system in the USA.

So now, let’s look at how the FBI explains how it cherry picks its phone call data. We first need to understand who’s running the collection of evidence:

Ok. This agent also was a lead investigator and analyzed the phone records:

And as we can see that in the case of the Paintballer named Kwon, the FBI got a subpoena for his mobile phone. Did they also obtain his home phone call records? We’ll look at that in a future post. 

So let’s see if the FBI got a subpoena for the rest of the Paintballers. Though only about a dozen Paintballers where eventually charged, there were more than 20 Paintballers who played. Then there was a handful of non-Paintballers such as Ali. So the FBI had to analyze the phone records and emails for about 30 people and we’ll be naive and say that the FBI only performed Link Analysis on these people and only their immediate telephonic and electronic associates… that’s one degree of separation. So if a person only communicates by phone or email with 5 unique people, that’s roughly about 150 people over the course of 3-5 years. That’s a lot of data. Too much for a person to manually review but perfect for Link Analysis software.


And it’s also important to say that we’re only focusing on phone call records in Link Analysis and not the actual phone call content which will be discussed in a future blog post.


Ok. So what about the Paintballer named Khan? Did the FBI get a subpoena for his phone call records?



Ok. So even though this agent was a lead investigator for the Washington DC counterterrorism team and a lead in all of these Paintball investigations… he punts the details of Khan to another city. How convenient. The NFL Washington Redskins can use a player who can punt from DC to Baltimore.


Well the government must’ve gotten a subpoena for Ali’s phone records. Didn’t it? You’ll be shocked but we’ll get to that later.


Now let’s go back to the lead agent. So this agent gets forgetful. So he most assuredly would create a detailed chart to remind himself, to overcome his memory problems… especially while in court. Oops, only summaries:


You might say that this agent only deals with high level stuff… he’s too important for the minute-by-minute details of phone calls. Err, aah… oops:



Ok. So this agent’s charts are summaries with some details. You probably would say that the details include everything that’s important. Well, aah… it seems that he didn’t include everything that’s important:



And now one loose thread left. Did the government get all of Ali’s phone records? It’s admitted to using Link Analysis on Ali. It’s admitted to inputing his phone records. What do you think?


So why didn’t the government use Ali’s complete phone records from the telephone bills which were at his home? The records were there during the search. He had phone bills from the 1990s. Furthermore, why didn’t the FBI use a subpoena to obtain them from the telephone companies as is standard procedure in these types of cases?


So just think of it: the FBI got the Magistrate to authorize a search of the home and car but didn’t ask for a warrant for the phone records. Forgetful? Maybe, but most likely the government had the NSA an alternative source for the phone calls… something that wouldn’t show up in discovery or in court. So Link Analysis of the phone calls and emails for Ali, the material witnesses, and the Paintballers would absolutely prove Ali’s innocence.


In the future post titled “867-5309”, I’ll discuss the specifics of which phone records the government is hiding are missing from the government’s control. And in “Red Hook Pirates”, we’ll look at the state of the art FBI monitoring technology built into every telephone system in the USA.


September 4, 2008

Link Analysis at the FBI: Part 1

Filed under: I Spy — sandboxarea @ 11:14 pm


Links, Hyperlinks, and Phantom Links

Links, Hyperlinks, and Phantom Links


If a picture is worth a thousand words, can a hyperlinked visualization reveal a fraud upon the court? Link Analysis is a group of techniques and technologies used to understand and visualize the relationships between objects.

In the criminal investigation and intelligence worlds, those objects are the people, phone numbers, bank accounts, and places into which you want to obtain better insight. Link analysis software allows you to visualize different aspects of related objects to see their interconnectedness.

For example, to understand who’s calling whom you tell the link analysis software to include only phone call records and filter out irrelevant aspects such as gender, marital status, or eye color for a group of people. The output is a interactive visualization of incoming and outgoing calls where outgoing calls might be in a different color than incoming calls. You can color-code international calls to make them better stand out. Furthermore, to illustrate the duration of a call or perhaps the frequency of calls, the lines might be thicker. This is called the “strength” of a link. 

Likewise if you wanted to visualize a graph of a person’s friends, and their friends’ friends, and the friends of all of their friends… then Link Analysis will allow you to do this type of research quite easily. 

So to sum up the technology, Link Analysis has 2 major components: analyzing relationships between objects and visualizing those relationships. Link Analysis software can be integrated with other technologies such as dictionaries and thesauri to pre-process and post-post the data. This is necessary so that an address with the word “street” will be matched and visually linked to an address with the word “St” or “Rue”. And finally, Link Analysis is usually paired with a ranking system component that can give you a “degree of closeness” from an object. This enables the user of the software to answer the question “how many degrees to Kevin Bacon” or “how dangerous is this person on a scale from 1 to 10”.

To put this in context, police already do a simpler version of this when they look at a criminal’s “known associates” and “modus operandi” which is also known as the “MO” in police shows on TV. Some law enforcement personnel refer to Link Analysis as “Community of Interest” software.

And now for the subversive stuff that undermines a chunk of the Constitution: rather than typing a limited set of data on a limited set of people into a Link Analysis system… if you instead attached a Link Analysis system to a database of everyone in a city. And for each person you entered their names and aliases, phone records, their family information, their friends’ information, their company information, their habits, emails, etc. you would be Big Brother in the making. 

So it shouldn’t be a surprise that the Inspector General of the Department of Justice shut down one use of Link Analysis in use at the FBI.

So what’s the relevance of this technology to Ali’s case? It seems that the FBI extensively used Link Analysis on Ali. In fact it was so pleased with itself, it issued a press release about Link Analysis and mentioned Ali by name.

In “The Mafia Retcon“, we’ll look at how the government does another rewrite of Ali’s history as a means to promote the use Link Analysis software. And in “Link Analysis at the FBI: Part 2“, we’ll examine how the use of Link Analysis software actually exonerates Ali and can show that the government misled the court.

September 1, 2008

I Spy

Filed under: I Spy — sandboxarea @ 1:38 am


I spy therefore I am

I spy therefore I am



It’s an old philosophers’ debate: “If I spy on you… and you don’t know about it… did I real spy?”. Well that’s the updated version about the fallen tree in the forest. It’s OK if I rewrite history, it happens all the time.

“What you don’t know can’t hurt” is the government’s position in Ali’s case… at least one of the many representations the government’s made. I’ll do my best to explain them in future posts.

In this post, I wanted to explain the essence of the spying issue. Unlike what’s suggested in the press, the issue of spying on Ali is not about a mere technicality. It’s not about forgetting that hyphen in his name. The real issue is about the government hiding information that would exonerate Ali, covering that up, and then lying to the court, defense, and jury. It seams that when the defense refers to the government lying to the court it uses the term “committing a fraud upon the court”:



The other important point to remember is that the Appeals Court remanded the case to investigate undisclosed intercepts irrespective of the group within the government that conducted the monitoring. 


So now that we know what’s at stake, let’s list the publicly know monitoring programs used against American persons (which include citizens, residents, and perhaps travelers within the US) :

  1. FBI by permission of a FISA warrant 
  2. FBI or state police by permission of a Title III criminal warrant 
  3. FBI link analysis data collection program 
  4. FBI telephone call records program
  5. FBI or Joint Terrorism Task Force (JTTF) through Patriot Act provisions
  6. FBI or Joint Terrorism Task Force (JTTF) through National Security Letters
  7. Various municipal intelligence programs such as the New York City program
  8. NSA by permission of a FISA warrant
  9. NSA communications monitoring program(s)
  10. NSA link analysis data collection program
  11. NSA telephone call records program
  12. Various Defense Department intelligence programs 


In future posts, we’ll look at these programs, the technologies that they employ, and how they relate to Ali’s case.

Create a free website or blog at