Open source surveillance has changed the ball game somewhat after British Intelligence security service GCHQ has created an account on well-known code repository site, and one of the fairly recent targets of China’s Great Cannon attack tool, GitHub.
What has exactly been created? It’s an open sourced tool by the name of “Gaffer”, which according to Google is a British slang term for boss; anyway, the tool is written in Java and according to the tools official GitHub page, is a framework that simplifies the storage of “large-scale graphs in which the nodes and edges have statistics such as counts, histograms and sketches,” not exactly Spectre, but hey ho. The tool has been primarily developed as a graph database with the aim of offering the capability to retrieve data on nodes of interest.
Below is a summary of the tool and its key features
- Allow the creation of graphs with summarised properties within Accumulo with a very minimal amount of coding.
- Allow flexibility of statistics that describe the entities and edges.
- Allow easy addition of new types of nodes and edges.
- Allow quick retrieval of data on nodes of interest.
- Deal with data of different security levels – all data has a visibility, and this is used to restrict who can see data based on their authorizations.
- Support automatic age-off of data.
Gaffer is being distributed under the Apache 2.0 licence which allows you and me to modify and distribute the code in any way, as long as the original copyright notice and disclaimer are preserved.
For those who are excited about updates to this tool, anyone? The official GitHub page for this tool also announces that Gaffer 2 is in development and aims to “create a more general framework that offers the best of Gaffer with improvements”
It will be rather worthwhile to follow this tool through various developments and applications to see how it’s being utilized in the wider world; it would not surprise me if it’s in the news very soon.
Image courtesy of theregister