Denim Group has been acquired by Coalfire. Learn More>>

Social Networking = Total Information Awareness?


Here’s my conspiracy theory for the day: Facebook is actually a DARPA project.  LinkedIn is run by CIAMySpace has been an FBI sting operation from the start.  And they’re all working together.

Before you tell me to take off my tinfoil hat humor me for a minute.  I recently got a Facebook account to see what all the fuss was about.  I put in some basic information about myself but nothing too sensitive because I don’t really trust these Facebook characters and all the maniacs on their system.

Since then I’ve been tracked down by a bunch of people I have met before in personal and professional capacities.  People I went to school with I can understand  – that is a simple match.  The scarier matches have been those where people who worked for clients of mine years ago have tracked me down.  Perhaps those people sought me out.  After all – I’m a pretty engaging guy.  I’m fun to be around.  Good looking…  After I beat my ego back into its cage I’m forced to realize that there is probably another explanation which is that Facebook is really good at mining their data and finding connections to suggest.  Fine – LinkedIn has been good at this for a while.

But then I started surfing around the profiles of folks that tracked me down.  They have photo albums, favorite movies and books, etc.   All the social networking stuff you would expect.  Possibly some privacy issues arising out of this but that certainly isn’t news.  As I was looking around this weekend I had a bit of an epiphany  – there are some people that are really into these sites.  They update their profile picture all the time.  They update their status of what their doing a couple times a day.  They are constantly adding new gadgets to their accounts that collect even more information.  It is true that I am a bit behind the times – I just got a Facebook account, after all – but if I were Facebook watching all of this data change over time I could put together a decent picture of the lives of some of these folks.

Thus the seed of my conspiracy theory – if the government owned Facebook they could collect a heck a lot of information about people and their movements and watch that over time.  The only problem with that theory is that it isn’t wild enough to be taken seriously.  Therefore the government doesn’t just own Facebook.  They must also be in control of MySpace.  And Friendster.  And LinkedIn.  And Twitter.  And that new thing that Google rolled out.  And probably all of Google!  Is there nothing they won’t do?

What was that quote from The Usual Suspects?  The devil’s best trick was to convince us he doesn’t exist.  Does that apply in this case?  Is Total Information Awareness back under a Web 2.0 guise?

dan _at_

About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

5 Responses to “Social Networking = Total Information Awareness?”

  1. John Dowdell

    Such services wouldn’t need to be started or controlled by a particular covert group.

    Such services would become natural targets of various covert groups, across governments, across factions, across legal status.

    If I were in Chinese military or a Russian gang or whatever, I’d certainly want to insert or compromise an employee with high-level clearance to those databases. The owners of the web databases wouldn’t need to know.

    It’s the centralization and automation of such data services that evolves them into naturally attractive targets. For defense, knowing what records others track of us, and being able to edit our remote info directly, seems the natural foil.

  2. Roger Gordon

    You know I had that same thought the other day. Really, I did.
    But wait! How do I know YOU aren’t US government affiliated? I better delete this post!

    Naa, come get me!

  3. Clyde Kebodeaux

    When I was prepping for an interview with your company, I read your blog….I love the come and get me attitude. Dang! I hope you are not the Government….which Government??

    Anyway, if I make it past the screeners, we’ll get a chance to meet someday. I think that would be an interesting conversation given our backgrounds.


  4. Dr. Letitia Wright

    all of them are good data mining projects

  5. Henry

    Look, you are correct. The way it is done is to create an environment where people willingly give up their personal lives. It is a fact that CIA money got google on its way, and they recently moved into a NASA building. It is just too “out there” for people to believe or realize, but they are behind these sites no less than our phones are openly being acknowledged as being tapped. Are they going to tap phones, yet ignore the true gold mine of information? Its called tyranny, but it is too soft at the moment for people to be scared by it en masse. Anyways, good intuition, because you are square on.
    watch this…

Leave a Reply to Henry Cancel reply

Your email address will not be published. Required fields are marked *