Raytheon making social-network-mining software to help gov'ts spy on citizens

Raytheon's "RIOT" (Rapid Information Overlay Technology) is intended to help governments all over the world by providing a "Google for spies" that mines multiple online sources to build up detailed pictures of the personal activities of their citizens:

The sophisticated technology demonstrates how the same social networks that helped propel the Arab Spring revolutions can be transformed into a "Google for spies" and tapped as a means of monitoring and control.

Using Riot it is possible to gain an entire snapshot of a person's life – their friends, the places they visit charted on a map – in little more than a few clicks of a button.

In the video obtained by the Guardian, it is explained by Raytheon's "principal investigator" Brian Urch that photographs users post on social networks sometimes contain latitude and longitude details – automatically embedded by smartphones within so-called "exif header data."

Riot pulls out this information, showing not only the photographs posted onto social networks by individuals, but also the location at which the photographs were taken.

"We're going to track one of our own employees," Urch says in the video, before bringing up pictures of "Nick," a Raytheon staff member used as an example target. With information gathered from social networks, Riot quickly reveals Nick frequently visits Washington Nationals Park, where on one occasion he snapped a photograph of himself posing with a blonde haired woman.

"We know where Nick's going, we know what Nick looks like," Urch explains, "now we want to try to predict where he may be in the future."

Riot can display on a spider diagram the associations and relationships between individuals online by looking at who they have communicated with over Twitter. It can also mine data from Facebook and sift GPS location information from Foursquare, a mobile phone app used by more than 25 million people to alert friends of their whereabouts. The Foursquare data can be used to display, in graph form, the top 10 places visited by tracked individuals and the times at which they visited them.

The video shows that Nick, who posts his location regularly on Foursquare, visits a gym frequently at 6am early each week. Urch quips: "So if you ever did want to try to get hold of Nick, or maybe get hold of his laptop, you might want to visit the gym at 6am on a Monday."

The associated patent says that Raytheon believes that its software can judge whether its subjects constitute a "security risk"

Software that tracks people on social media created by defence firm [Guardian/Ryan Gallagher]


  1. Wow, software that tracks people who regularly announce their location to the world. Sophisticated technology indeed.

      1. As the article said, it’s proof of concept and hasn’t been sold to anyone. It’s possible just-out-of-college hires DID write it.

        Though I do think you overestimate the skills of college students. In the real world companies don’t get to work only with the top 5% who are producing professional-quality projects as undergrads or the top fractional-percent that are launching tech companies.

        1. This is the real issue. People are screaming “TECHNOFASCIST POLICE STATE” when the reality is Raytheon probably got a large chunk of funding which hired some recent college grads who’re gonna write a fairly buggy and doubtfully field-ready piece of software that will give some intelligence offices a huge boner but really just end up making everyone feel frustrated. Never underestimate mediocrity, especially when it comes to government dev projects!

          1. What a joke. Raytheon is years behind then and that’s whats even funnier.

            The program has already been written and is already being sold.

            Look up “Maltego” and “Casefile”. Open source offline intelligence gathering.

            If you don’t already know about these programs you should consider yourself inept on the internet.

    1. More precisely, software that tracks people too lazy to scrub their metadata and dumb enough to use Foursquare.

      1. Or people who associate with people too lazy to scrub their metadata and dumb enough to use Foursquare. Because even if you practice good information hygiene, someone linked to you can unwittingly give away information that could be used to yield some reasonable guesses about your behavior.

        Your only hope is to surround yourself with people even more paranoid than you are.

  2. Brilliant.   Just because I have friends who are involved in nonviolent and almost entirely legal progressive activism, (aka eco-terrorism) now I get to be a “security risk.”

    1. Yeeeaahhh, but they’re usually not spoofed, and probably the spoofs can be detected with a little bit of machine learning. That’s the thing: you can’t expect this sort of thing to be perfectly accurate. It doesn’t have to be.

  3. Seriously? Homeland Security can’t identify terrorists even using porno scanners and body searches, now the gov’t is going to rely on software to find “bad actors or groups”?

    Clearly, they need all the can get.

    I’m a “bad actor”, constantly tweeting and posting about the abuses and screwups committed by those in authority. Come and get me, copper!

  4. What a relief! We’re finally going to be kept safe from the terrible international scourge of 19 year old girls who post everything they do to Facebook.

    1. Serious point – This kind of thing works best against the kind of regular people who don’t think much about what they are posting.  Not so well against someone plotting to do really bad stuff.

    2. Also protest organizers.

      This won’t affect people who work in secret. This will harm people who try to work in public, for the public, because anyone who shows up at the protest can be harassed, blacklisted, etc.

  5. Probably painting a target on my back here, but IMHO the whole Big Brother take on this story is a bit overblown. In the hands of citizens, tools like this have the potential to *help* people become more aware of the information they’re (over)sharing and expose holes in the privacy policies of sites like Facebook and Foursquare.

    The most likely application of this isn’t spying on you, it’s OPSEC (operational security) – mitigating accidental leaks from within an organization to outsiders. Loose lips sink ships, etc. Just my $0.02.

    1. The point you’re making is is US centric. However, the concerns about this kind of software is just as much what it can do in the hands of other  governments around the world.

  6. Why waste time at a gym?  The guy works at Raytheon.  Why not just show up there during business hours.

    Added bonus: you get to have a raging hard on while conducting a Perp Walk.

  7. They don’t need special software to spy on me, I give them the bird openly for all to see. Screw a GD control freak:)

  8. Back in 1975 John Brunner published The Shockwave Rider – bear in mind that this was prior to personal computing – If you haven’t…read it.  That could well be the direction we are going.

  9. Raytheon spend millions each year attempting to ensure their company and it’s agent act ‘ethically’.  What a farce!  How does one explain the ethics behind aiding the Federal government in their continuing pursuit to circumvent the Constitution. Shame on you!  Perhaps they should rename their ‘Patriot’ surface to air missile, the “King George, Imperial Usurper”

    1. In the context of defense companies acting ethically means ‘playing by the rules’. If you think defense companies are evil (a position I disagree with but won’t debate), you should think of them in terms of the dungeons and dragons alignment ‘lawful evil’ rather than ‘chaotic evil’. These companies set up policies to prevent conflicts of interest, avoid illegal or questionable influence (e.g. bribes-in-all-but-name-gifts), prevent releases of personal information to other than lawful authorities, limit gray-area expensing and cost accounting, and so forth. To hear the old-timers tell it, all of these, and more, were a part of cold-war-era defense contracting. I think it is an improvement.

      But you do have a point that ethics is at least partially a matter of opinion.

  10. And the acronym most certainly isn’t being used to be a subtle warning of what you need this tech to avoid.  Of course once people understand what its going to be used for its going to create just that…

Comments are closed.