Title: Mobile Apps – Checkpoint meeting Archives
Release Date: 2016-06-07
Document Date: 2012-05-01
Description: This page from GCHQ’s internal GCWiki, last updated on 1 May 2012 documents progress in a variety of the agency’ projects: see Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure, 7 June 2016.
Document: TOP SECRET STRAP1 COMINT
The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content.
For GCWiki help contact: webteam Support page
Mobile Apps - Checkpoint meeting Archives
Jump to: navigation, search
Mobile Applications Project — Delivering the Mobile Advanta
| Phase |
| Geo | Convergence |
| Design | Reference |
• Mobile Applications Project planning
• Mobile Apps Project - Phase 2
• Popular pages
• Who’s Who
• Mobile Apps from 50,000 feet
• Capability map
• Documents and diagrams
• Integration and Testing
• • 122 Feb 2011 2 8 Feb 2011 Project Checkpoint
• 3 25 Jan 2011 Project Checkpoint
• 4 11 Jan 2011 Project Checkpoint
• 5 30 Nov 2010 Project Checkpoint
• 6 2 Nov 2010 Project Checkpoint
• 7 18 Oct 2010 Project Checkpoint
• 8 5 Oct 2010 Project Checkpoint
• 9 21 Sept 2010 Project Checkpoint
• 10 7 Sept 2010 Project Checkpoint
• 11 24 August 2010 Project
• Checkpoint 12 10 August 2010 Project
• Checkpoint 13 27 July 2010 Project
• Checkpoint 14 13 July 2010 Project
• Checkpoint 15 22 June 2010 Project
• Checkpoint 16 8 June 2010 Project Checkpoint
- Status Summary (Updated 14
• June) 17 25 May Project Checkpoint
• 18 11 May 2010 Project
• Checkpoint 19 27 April 2010 Project
• Checkpoint 20 30 March 2010 Project
• Checkpoint 21 16 March 2010 Project
• Checkpoint 22 1 March 2010 Project
• Checkpoint 23 16 February 2010 Project
• Checkpoint 24 2 February 2010 Project
• Checkpoint 25 14 December 2009
• • 26 7 December 2009 27 30 November 2009
ieditl 22 Feb 2011
• Yahoo protocol change confirmed - App no longer able to process it.
• Tunnel timeout fix unproven. Evaluation awaiting restoration of service.
• Survey enhancement - in TERRAIN 10.5, comprises additional logging. to evaluate.
• Feedback mechanism for issues found during Mobile IV&V was discussed. Feedback to TPS to be informal: TPS will
raise internal tasks as necessary, will then track via weekly internal reports. Service Desk will not be necessary.
• The recent security incident, in which PDDGs, SIGADs and protective markings were wrongly configured, highlights the
need for formal system ownership and support. Current MVR HB planning indicates that Mobile TERRAIN will be
needed for at least 8 months and probably longer. The PRESTON rollout process by TFE was discussed, using a test
system, local file storage and check sheets before rolling out live. Training on Mobile TERRAIN config/support is being
updated and will be rolled out to COMSAT sites by end of March.
• 10.5 build finalised today - last of the backports from 10.6.
• 10.6 includes App IDs as used by XKEYSCORE. Being upgraded to 64-bit RHEL5. APPId did not make it into 10.6.
Problems with it crashing when ran on Redhat 5. We will be putting this into the first 10.8 build (mid March). [Updated]
• Flexilogs are showing performance & complexity issues. ^^^^^^^^^^^^^|following up.
• TDIs also included in 10.6, except they have just changed to a different format, so capability for 10.6 is to be revisited
(old, new, or none)—follow up. TDI’s in Begal in 10.6. We decided to go with the latest Begal engine and
therefore this will work with the latest GTE TDI’s no issue. [Updated]
• Question raised as to whether GRX tunnels might enhance TDI convergence. to investigate as a quick win for
Surge Phase 1.
• Orkut, Bebo first drops and MySpace final drops now on Agility trial. A problem with MySpace is being investigated.
• Orkut, Bebo: Events PC currently cutting code around delivered App, in the absence of any defined requirement. Feature
requirements still need defining. ^^^|to progress.
• Final drops now on for facebook, eBuddy, MySpace, ICQ, LinkedIn. ^^|lo verfy/validate - starting with LinkedIn
• Nimbuzz, Whatsapp still awaiting XMPP progress.
Legals still to be chased down.
• ^^|to own OPS Explore phase of MVR rollout.
| to chase task via
| to advise ^^|when apps move across to Explore.
• TDIs for HB15:
| has a list of ca. 20. These may need to be prioritised, typically for those which give
Convergence. Currently GTE prioritise TDIs. Theme need to take over prioritisation of Mobile.
king over TDI work from
[editl 8 Feb 2011 Project Checkpoint
• Content is only being seen for BlackBerry. Gmail is known to be encrypted, Yahoo has a suspected protocol change
(being investigated), lack of Hotmail content remains unaccounted for. suggested that the fix would hopefully
require only a patch to TAMING PASTRIES.
• Tunnel timeout fix is expected to increase convergence rates to ca. 50%. Rolled out to Benhall. ^^|lo pursue rollout at
• Survey enhancement. to clarify usage.
• Coco01 (Bude) protective markings incorrectly configured. | suggested the signal provider should provide the
classification at the same time as providing the signal. said that the Mobile Access Lead (^^^^^^|) could
take on this responsibility. to talk to
• Facebook: TERRAIN 10.5 should produce about 50% of traffic types. to clarify whether any of these are
• Fring: expected to be ready for Experiment in ca. 1 wk (15 Feb).
• Feature elaboration should be taken to the same level on both MVR and Mobile TERRAIN. Testing to the full level of
detail, e.g. comparing the two platforms, is a big overhead.
• reported that Convergence from a Bebo hit had allowed discovery of the PSTN for a Priority 1 target. Further
C2C selectors had followed.
explained the urgent need to demonstrate further value to the business, and requested collection statistics. to
• The focus for the demonstration was discussed. requested TDIs. explained the recent Project need to focus
on MILKWHITE apps in MVR Experiment.
| reported that the low volume of Mobile TDIs seen in Survey was due to GTE rolling them out to only four probes.
Although Project does not have the resources to hand-hold the TDI business, is pushing for wider deployment. This
should resolve our inability to test/approve/deploy them to MVR.
• SOC ANTH: Gb context: awaiting decision from OPS on how to handle bearer type display - may be sufficient to
display the SIGAD.
• SOC ANTH: GTP CAID issue. Events from Mobile TERRAIN are OK, so it is an MVR issue. Workaround should be in
place to allow re-enabling in SOC ANTH tomorrow (9 Nov).
• 3 x GMM event types being promoted to INTEGER SPIN. This should bring a Convergence benefit.
• OpEval availability - 2 weeks’ time (22 Feb) suggested but unconfirmed.
[editl 25 Jan 2011 Project Checkpoint
The meeting covered a lot of ground. Points are grouped by topic, not in order discussed.
• OpEval is awaiting return of the upgraded Evolved MUTANT BROTH (This will not include the Context store which
provides GTP convergence capability)
• Important that the Opeval is used to demonstrate business realisation against Mobile Network traffic.
Traffic and survey
Currently approx 12 bearers on cover, two more expected at Bude when coco02 is commissioned.
Early reports from analysts suggest that significant quality traffic is being collected from Leckwith.
Reference data from GMM on MVR is providing millions of hits into INTEGER SPIN (the QFD formerly known as
Evolved GEO FUSION), with thousands of new cells identified. Geo GMM capability destined for Marbled Geko is
being built as a demonstrator within Blackhole. Project to monitor.
OPSD survey work is ongoing, led by The PPF Survey module is to be installed in MVR Experiment.
Surveys indicate that 10% of traffic is BlackBerry, yet our intercept is 80% BB. The shortfall in expected webmail could
have may causes. Investigations are being led by May need to call on TPS to conduct tests,
although processing is not a strong suspect.
• Main problem at the moment is poor ratio of convergence, at 5% of tunnel setups being identified. Experiments indicate
that a tunnel timeout fix in TERRAIN will improve this to 50%. Scheduled for TERRAIN 10.5. | asked if this can
be pulled forward in time for OpEval, possibly via an update to TERRAIN 10.5. | to follow up.
• Further improvement would need a more complex tipping architecture. to follow up.
• QFD convergence upgrade - HA, eMB + Context store, has slipped to March. Plan is being agreed with NGE SU.
• GTP in-tunnel processing on MVR due in Experiment shortly. to provide update. Op rollout tentatively suggested
for HB18, i.e. Autumn 2011.This would represent a substantial delay over previous estimates and would have
consequences for supporting SA Terrain. to follow up.
Theme reported that Events they had seen in databases did not fully match the Events they had expected. Theme and TPS
are working together to ensure alignment.
Currently we cannot identify Mobile source for webmail (except Yahoo). Actor-Action ICD Version 2 will improve our
ability to recognise traffic originating from a mobile device.
Legal assurance for new Event types - now believed to be good. is setting up a meeting between Events PC
and OPP-LEG to confirm legalities.
MES apps on target for Experiment - risks with mail.ru, XMPP (Nimbuzz & Whatsapp): these are not expected to differ
from the non-mobile versions, but confirmation is coming too late to fix them if anything does show up. |______is
following up with the Suppliers.
Mail.ru delayed by lack of a linguist. Now sorted.
Nimbuzz delayed by service account setup complications.
Orkut, Bebo feature lists being developed by GTE Tracking team. Due to overlapping timeframes, there is no guarantee
of delivered feature alignment. to update feature list.
13 now operational, 8 due in HB13, 8 more failed HB13 testing - to be investigated.
• explained concerns that suitable bearers for TDI validation are not being chosen, leading to high rejection rate
(not just a Mobile problem). is pursuing.
| stressed the importance of TDIs in informing new app selection.
• reported that TDI rollout has been much streamlined. felt that the benefits will not be felt immediately,
until GTE can develop fast enough.
• New TDIs are expected to exploit the leaky app/gateway capability currently being built into the QFDs.
• TDI capability in Mobile TERRAIN is due in TERRAIN 10.6.
• Need to evaluate Terrain Ident Capability - separate to TDIs.
• The business is recognising the scale and complexity of Mobile app development. stressed the need to
demonstrate associated benefits, and the need for it to become BAU: this will support an increase in business priority for
Mobile. The wiki is an important tool in communicating process and progress. to follow up.
• The business is looking at overlaps between Mobile and MTI work. A key difference has been Mobile’s need for more
rigorous testing. The relative states of Mobile vs. MTI test regimes were discussed. Agreement between Mobile and MTI
• The Mobile Surge arises from a FTCG finding that the business needs to do more Mobile. It will choose a specific piece
of work across the business and focus on delivering a specific outcome, without putting additional pressure on known
bottleneck areas. The aim is to prove the business benefits of Mobile.
[editl 11 Jan 2011 Project Checkpoint
• HB13 MVR testing currently unable to verify some mobile TDIs due to lack of traffic. Need to ensure that suitable
Mobile bearers are tasked for these tests. is progressing.
• Value of getting TRAFFICMASTER into MVR Agility experiment was stressed. gain agreement
from TPS and raise RFCs as necessary.
• Fring is last remaining app from July10 tranche still to go on Agility trial. It requires promotion to TERRAIN:
discussing with TPS later today.
• Operational-standard GTP module is needed for the Survey MVR system. has raised this with
• HARD ASSOC and Evolved MUTANT BROTH both now risk slipping to February.
[editl 30 Nov 2010 Project Checkpoint
Agility and development
• All required handsets are now available.
• EAP (MIRTF) back on course: both PPF Apps and TERRAIN prefer this over Lawful Intercept as the strategic solution
to app characterisation.
• Approach continues to be OPS led for requirements and technically informed. New apps ( bebo & Orkut) to satisfy MES
deadlines not ideal pragmatic in circumstance.
• GTE will be doing more up front analysis in the future to support feature requirements.
• Tunnel timeouts: experiment running on bostrom - timeout extended to ihr.
• i webmail hit seen to date. TND unpacking still being checked.
• It will be useful to compare MVR output with Mobile TERRAIN, to validate processing once MVR has GTP processing.
• Agility Trial needs to draw in OPS engagement for evaluating new app exploits. This should help provide leverage for
getting the apps into HBs as well as supporting the Business change aspects.
New Apps delivery
HB 12 is delivering MMS & GMM Content as well as Events
GMMaps: unselected content needs viewing restrictions in place downstream (being done). Two formats for Lat/Long
have been found, which may mean that the HB 12 delivery will be incomplete. to check whether
individual content types can be turned off.
MMS is now tested and proven.
Nimbuzz and Whatssapp use XMPP protocol, already being delivered under SINO Theme. These apps will be included
in the XMPP delivery. Funding for Oct ’10 tranche will transferred to SINO reducing MES forecast. Orkut and Bebo late
replacements for Shmessenger and to increase funding profile. Suppliers can do the feature analysis. We will still need to
capture details of the Event and Content types to be generated once PRDs have been provided.
TPS will be moving their app feature records from VDD to a new system based on XML schemas. This is not scheduled
but is expected to be in place by the end of 2010.
App delivery timescales between MIP-3 vs. 4 into HBs and Terrain builds are subject to change.
Critical to get July’10 and Oct10 apps onto Agility Trial by end of the FY (March 2011).
MIP-3 & 4
• MVR GTP expected in experiment space in Jan 11
• TERRAIN 10.4: no benefit to Mobile for MIP-3. 10.5 will deliver benefits for MIP-4.
• Content delivery will focus on content we can already visualise.
• Also need to develop new content types along with refining the approach (e.g. to make better use of Open Source file
• Unselected content issues need better visibility to developers: New Traffic Types needed.
• Mobile TDIs deployed for MIP-4 unlikely to hit the 100 mark.
• P6 to be updated for MIPs 3 & 4
[editl 2 Nov 2010 Project Checkpoint
Focus of the meeting was on the MVR Heartbeat 12 release and New App capability.
• GMMaps: HB12 expected to process all 12 traffic features ( Terrain 10.3 restricted to 2 features). All will be promoted to
BLACK HOLE and SILVER LINING. Downstream design pending legal decision on what can be passed to which
MMS: HB12 is providing events although suggestion that content promotion should be also be available. Action
• Hotmail: HB12 will include the protocol update. Such updates do not normally add new features. This one doesn’t.
July 10 apps (MES)
• None of these will include Windows based Mobile Phones by design, though some may be compatible.
• Facebook: 1st drop (Login only) received. 2nd drop also, but unconfirmed. 3rd drop expected 3/11. to follow up.
Project will seek to update Agility trial with latest available. From drop 2 on, the implementation rolls desktop and
mobile into a single app, so it is unlikely that we will be able to tell which user client was used.
• ICQ: PRD-2 outstanding. Action to chase.
• MySpace: PRD2 just arrived.
• Fring: due to need for TERRAIN session processing, this is being developed in-house. Awaiting TERRAIN capability -
may be available to install onto Experiment agility. Action to check.
• eBuddy. This release to exploit IM only. To be delivered in a single drop, due 3 Dec.
Oct 10 apps (MES)
• Nimbuzz: PRD-2 due mid-Nov.
• WhatsApp: PRD-2 due mid-Nov.
• LinkedIn: PRD-2 due 3rd Dec.
• Mail.ru: complex delivery which hooks into two other tasks.
• Shmessenger: Based on WAP/jabber type protocols, so may not be accessible via our current handsets. Detica to
investigate feasibility. If feasible, PRD-2 due mid-Nov. Agreement that we go ahead with analysis with Detica. GTE
findings also to be made available.
• Contractor access to TDI NOCON information resolved: will require signing an NDA - PoC is Request
has now been raised.
• 40 to go in HB12. to follow up No. of Mobile TDIs in this drop.
• Pivotal role of TPS in comms between OPS and Suppliers was stressed to support traffic sample collection using
unattributable phones. Comms are now improving.
to check whether suppliers have full set of Lawful Intercept devices each, including Windows.
• is reluctant to use the Mobile IRTF (EAP) for July Apps & Oct Apps, because it represents a new way of working.
Agreement that Legal Intercept will be used to collect samples. |
• Tunnel timeout during processing: is pursuing.
• Ability to distinguish between mobile and desktop versions will be implemented in AA format version 2, expected
Feb-Mar 2011. To take advantage of this, any given App will need to be updated.
• Mobile GTP Experiment Agility Trial will be used for quick evaluation of new software drops. It will not be used for
• Jan 11 apps: list to await outcome of December budget/portfolio review.
[editl 18 Oct 2010 Project Checkpoint
• The Mobile IRTF (EAP) SyOPs is nearing a state at which it can be circulated to GREENHEART for comment/approval.
The need to fit with GREENHEART’s normal business activity was stressed, and any use within sensitive sites ruled out.
• At this moment EREPO is the only GRX feed still tasked.
is seeking to speed up the process for new/replacement
• MAGLITE is delivering IOC capability for: EREPO, Bude (Gn and Gp) processing. Mobile Apps Project approach is
then to improve exploitation of apps and associated convergence.
• Google Maps legals to be cross-referenced with events being generated. This will be used to inform downstream, to
ensure legal compliance.
Facebook initial drop is in TERRAIN 10.3 and contains limited capability but should include convergence data.
• ^^^|has provided a detailed breakdown of New App expected features and event/content types. TPS have received
asks from other areas, stretching resources - e.g. IM and VoIP are done in-house and resources are barely sufficient to
deliver IM asks alone. Prioritisation will be necessary. To help prioritise, Theme needs visibility of projected costs per
feature.^^^l to keep Project informed of actual event/content types to be delivered by each TERRAIN rollout.
• TERRAIN 10.3.7 soak tested on bostrom. Lone dhelix error identified as caused by unexpected data type: no further
instances seen. This version will roll into MVR heartbeat 11.
• TERRAIN 10.3.8 includes new Hotmail protocol. Will shortly start soak testing at Bude. This version will roll out to
PRESTON, Mobile, SMO. PoC for SMO schedule is To gain visibility of Mobile benefit, Project will work
with to engage MELs.
• TERRAIN 10.4 is mopping up changes that were missed for 10.3.
• 6x Mobile TDIs expected in HB11
• BEGAL processes TDIs within the PPF. Work under way to create an OS-independent version compatible with
standalone TERRAIN. For commercial reasons, TDIs are classified TSS2 NOCON - this makes life complicated.
TERRAIN 10.6 will provide TDI capability.
 5 Oct 2010 Project Checkpoint
• TDI progress needs clarifying.
• 271 has been providing traffic.
• SSOS have now tasked 040, 521, 099 and 072 to defined hosts -
• 032 via POKERFACE no longer required.
• BUDE-TAS still need more training on TERRAIN tasking/monitoring
training team. B to obtain list of trainees and forward to
• We have no evidence that webmail is either working properly or not working: issues discussed included likely proportion
of webmail in GRX traffic, lack of characterised light, lack of sufficient markers on records to identify collection source,
immaturity of current data analysis tools. Neither PRESTON nor the EAP can deliver GTP stream format to allow
processing to be confirmed.
• Significant RISK: IPP have no IA or proposals available for the July ’10 apps, due to delay with Roke.
• Roke report availability problems with our handsets service to generate characterised data. We do not want this excuse to
be available to them. to pursue.
• SOC ANTH improved version now in beta.
• Analysis would like clarification of Convergence QFDs. to provide on wiki, on or linked from MIKC wiki pages.
 21 Sept 2010 Project Checkpoint
Survey tool to identify GTP/GRX in 10G’s: RFC raised on Events PC, initial capability due for MIP-2.
• to find out how many TDIs in the upcoming release are Mobile. [UPDATE: only one.]
| imminently to configure DAG/TERRAIN
| to go down and provide update to
| to speak to |
and others in OPS.
• should be able to carry out end-to-end tests on webmails using PRESTON handsets, over the next few days. |
to clarify current TERRAIN build for PRESTON. [UPDATE: An RFC would need raising to update the PRESTON
Terrain build - 2 week delay. is investigating with whether the PRESTON data can be routed to
• MILKWHITE funding on July’10 and Oct’10 tranches is on target for financial accrual this FY, with apps in
Experiment/Explore stage by then. First Facebook increment already received, with content appearing in TERRAIN
• Facebook Windows O/S handset was not available to be included as part of Roke proposal. Issue is being addressed -
PoC is responsible for unattributable phones.
Tasking & processing
• TERRAIN Support arrangements need strengthening. Current reliance on (SSOS/SSE) for
access to bearers. Business case for access to bearers via MIDDLESEX GREEN with PTC support.
(Mobile Access Lead) to coordinate access. TAS-Bude currently task bearers. TFE and TAS-Bude - tickets not being
raised. TFE relationship to be clarified/strengthened.
• ACTION: to seek formal approval for sustained tasking of 040, 271 and 521 via MIDDLESEX GREEN.
• Ownership of tasking incidents (e.g. loss of light) to be transferred to TAS-Bude. They have requested training in
TERRAIN configuration. No training exists.^^^|has some practical experience: investigate building
training info on the wiki. Possible option is to revise tasking/support model.
• Urgent needs to: turn off BlackBerry processing and stop boxes crashing, move 040 to a functional TERRAIN. ^^|is
trying to find out how we can task Support to action.
EREPO: Details of the MAGLITE sustainability uplift to be clarified with to check with and
whether dual-routing to Mobile Ref is acceptable.
• Agility trial can only be tasked with 4 bearers while in Experiment. Currently Convergence agility trial is tasked with
040 and 271. When it moves to Explore, more can be tasked - 12 to 20 bearers.
• MVR will not provide full Mobile functionality for some time, i.e. GTP content no forecast date. Meanwhile (ca. 1yr)
standalone TERRAIN will be used.
• explained the differences in webmail processing by MVR (Generic Webmail Framework) and TERRAIN
(TAMING PASTRIES). In due course these should merge into a common code base.
• GMmaps processing is ready although full solution for downstream repository not expected.
• Not clear whether SOC ANTH can ingest all Facebook Events that will be generated. To be clarified.
• SOC ANTH - second instance due at Bude in 4-6wks. Queries will be federated across both SOC ANTH instances.
 7 Sept 2010 Project Checkpoint
| presented his Action Plan to stabilise the deliverables for MIP-1, following the disappointing outcomes so far.
These actions are necessary before we can move forward - a key objective is to demonstrate value to OPS and gain
confidence in the approach. Two stability issues are critical to success: bearer tasking, and New App processing in
TERRAIN. Other stability issues relate to DAG cards and EREPO.
Access and survey
• Despite some 900 10G bearers being accessible to GCHQ, their GTP potential is not clear. Only a handful of bearers are
known to contain GTP, and tasking of these is unreliable. Project to engage with to ensure
adequate stability of feeds to enable Project to deliver benefits.
| is going to become tech director for TPS. As a consequence of this and other upcoming staff moves, TPS
resourcing is likely to be an issue over the coming months.
• MVR Heartbeat 10 is coming under threat due to issues with new ENCHANTERSS functionality unrelated to Project
• Project has closer control of the TPS TERRAIN processing stack, and so will focus on this as the only viable platform
for current deliverables.
• stated that TERRAIN is a better option for processing tunnelled traffic than PPF.
• TPS TERRAIN is now feeding SOCIAL ANTHROPOID. II to continue IV&V investigations.
• Little Mobile App intercept has yet been seen.^^^| to arrange for live input stream capture & packet analysis, to
confirm presence of Mobile App traffic.
• (update to Action 14/2): to arrange cross-BU meeting (Apps/protocol analysis, Testing, CNE) to establish usage
requirements for the EAP/LI and handsets.
 24 August 2010 Project Checkpoint
• PPF GTP Survey - all but one field (DNS) already implemented, just not in expected format. Importance of this field to
be evaluated. Aim to have pilot to be available by October (MIP-2)
• Approx. 30 TDIs are in the system to be developed by GTE. Not clear when this will be rolled out to MVR & TERRAIN
but may be available on Agility trial earlier.
Bearers such as 271 and 040 remain under threat of de-tasking at any time. ACTION: |________________________________to
present Business Case to board for retention of Mobile bearers.
DAG card dropouts: has asked for a Problem Ticket to be raised for the DAG solution.
| diagrams of the EAP and similar handset test systems.
• ACTION: to arrange cross-BU (App/protocol analysis, Testing, CNE) meeting to establish usage requirements of
the handset systems.
• Test processor system (bostrom) now running TERRAIN 10.2.5. BlackBerry decompression seen. Hotmail, Gmail not
• having problems recording a sample of 271. ACTION: to help facilitate recording of 271.
• Google Maps legals now sorted, to engage with TPS.
• Event and Content types being synchronised between App processing delivery and MVR Heartbeats
• "July 2010" App analyses due mid September. Might include early release of part functionality, which might then pull
forward into MIP-2
• New CmR traceability ready for implementation on next ("October 2010") apps.
• 6 "October 2010" Apps (5 plus 1 spare) to be identified by Friday 27 Aug: Action on
• TPS TERRAIN to be upgraded to 10.2.8. Opeval will confirm whether Gmail & Hotmail are working.^^( to provide
definitive statement on Gmail & Hotmail by next Checkpoint: Action on
• TPS TERRAIN: 3rd Line support is overstretched. Training for DAG cards to be rolled out.
• MVR HB10 to deliver for core Internet only: MMS & GMM Events, Hotmail, Gmail. to follow up why no
BlackBerry or Yahoo.
• MVR PPF promotion to TERRAIN to be resolved for MIP-3.
• Identification/watermarking of Mobile App intercept from core Internet is TBD.^^^^^| stressed the importance for
• SOCIAL ANTHROPOID UAT is imminent in the next few days.
• Event Unique ID (CAID) can now be used to correlate NGE Events with UDAQ Content (HAUSTORIUM does not do
• HAUSTORIUM decommissioning scheduled for October 2010. SALAMANCA to stay for a bit longer.
 10 August 2010 Project Checkpoint
• MIP-2 to focus on MVR processing, with New Mobile Apps capability being deployed against the core internet.
• Ownership of Business Change planning to be clarified.
• Identified uses of the EAP and related facilities include: TDI discovery, GTE quick look at new apps, IPP deeper look
and new apps, IV&V. Documented CONOP is required to clarify usage. This work is being actioned.
• Limited number of GRX bearers and lack of stability make it hard to demonstrate potential and hence obtain buy-in from
the wider organisation. Survey work to date has been tactical and patchy. Quality of the toolset needs to be clarified.
Need to engage for access and survey support.
• 24 TDIs have been requested. Will take up to 6 wks to implement, though will be trialled in Agility before then. GTE can
then survey, to inform next tranche of new apps.
• If needed sooner to maintain spend profile, will default to more webmail apps.
• Other possibilities include LinkedIn, iTunes, YouTube, although the ability of Content PC to ingest new formats will be
• TPS-IPP, GTE, OPS roles becoming clearer, but still need Project to help define specific activities and ownerships.
Action Mobile Theme to help facilitate clarification of roles.
• BlackBerry, MMS operational. TERRAIN 10.2 expected to deliver Gmail & Hotmail fixes, BlackBerry decompression,
• Bostrom test box has TERRAIN 10.2.5, awaiting to configure system.
• Gmail has all gone encrypted, so processing may not be possible .
• Hotmail service is undergoing transition to new design - may affect our ability to process.
• Emerging trend towards mobile devices, e.g. HTC Desire, spoofing fixed formats when connecting to app services. May
need to review processing roadmap.
• First 10 TDIs due in TERRAIN 10.3.
• Mobile selector management for MVR is not so much a problem with TRAFFIC MASTER, as with the ability of
BROADOAK, MONKEY PUZZLE, TACHO, etc. to ingest Mobile selectors.
• NGE are revisiting their roadmap and delivery schedule again. SOC ANTH likely to slip again, eMB and HA
convergence work likely to slip beyond August.
 27 July 2010 Project Checkpoint
• MIP-1 impacted by further NGE delays. A second exception is being raised with delivery date now 25 Aug for Social
• 3 new GRX ends, including both ends of 521, have been tasked. Data flow not yet confirmed, some issues with UDAQ.
• TERRAIN 10.2.5 now on Test system (bostrom). Hopefully this will give us Gmail and Hotmail
• E2E testing held up until can fix one of the DAG cards.
• MVR Heartbeat 10: although GTP processing is being held back, expectation is that Mobile Apps should still roll out to
has asked IPP for formal statement of Mobile features to be delivered.
• Tranche 2 - Features all now with Industry. Facebook requirement now being considered by industry.
• Next set needs to kick off. suggested that more mobile webmail would be valuable and easy, also perhaps
restarting Viscom if it is visible in the new feeds.
• We need characterised data to inform New App requirements as well as to inform testing. Project has incomplete
technical knowledge of the facilities available. ACTION: to pull together details of the technical
capabilities/features of the EAP and other sources of characterised handset data.
[editl 13 July 2010 Project Checkpoint
• MIP-1 rescheduled for 30 July 2010
to update CmRs, to update product
There is a disconnection between Project needs and TPS delivery. |
PPF promotion to TERRAIN currently uses a temporary solution which could overwhelm TERRAIN. |____________|
| to progress a long-term solution.
TPS will produce Telephony Events in AA format for ingestion by the Events Buffer and subsequent passing to
SALAMANCA or equivalent.
Action 04/6: Google Mobile Map Tile Events need to be defined._________requested that this Action be reworded
Tranche 2 App features to be defined this week can progress the preliminary
Facebook and BlackBerry decompression are candidates for TERRAIN 10.3 - to confirm status.
ACTION: to follow up Gmail decryption with ETPD
[editl 22 June 2010 Project Checkpoint
• Directors Workbook Review (DWR) due 1 July.
• Checkpoint meetings moved to new dates/times, to avoid clash with Maglite checkpoint. Revised, more focused list of
• is receiving stakeholder requests which need to be formally actioned. ACTION: ^^^|to call meeting to link
stakeholder requests with change control.
• Operationally lots of queries being raised as MELs start to analyse GRX collection.
Enterprise Access Point
• Due to go online at end of June.
• Google Mobile Maps: ^^^^^|to provide steer on legalities for Events vs. Content and consequent
processing/storage of intercept. This is needed to inform plannning.
• Analysis work by Ops/GTE/TPS to inform requirements is not formally controlled i.e. no forecast completion dates or
formal dependency. ACTION: define cutoff date for initial analysis of the 5 second-tranche apps.
• Events for Hotmail and Gmail on Nokia & iPhone will be forwarded via AA to NGE within HB8. These events will only
be available via legacy events systems until Social Anthropoid is completed.
• SOCIAL ANTHROPOID has slipped, pushing MIP-1 out of tolerance. Exception action underway with Project Board.
Availability for UAT is now 30 July 2010.
• NGE plan currently has no milestone for SA UAT availability. Ideally we will link to this dependency milestone within
 8 June 2010 Project Checkpoint - Status Summary (Updated 14 June)
• Bearers being processed by ueda01:
o 040, 271 - routed via POKER FACE
o 044 - was expected to have disappeared but some intercept still arriving, | to check.
o EREPO GAMMA - problems reported yesterday. [Update] have been asked to investigate.
• Bearers available on the OSDS:
o 035 (Saudi STM-16) - both ends.
o Other assorted single ends, to be confirmed.
• These should make up the 10 required for MIP-1.
• Survey tool - no formal contract placed: we have CmRs but have not levied them.
Enterprise Access Point
• Wiring-up due over next week, first drop 18 June.
• TPS should by then have handsets and be able to run test scripts.
• Demo of dual-DAG solution using STM-4 + STM-16 due this Thursday. sees no problems in migrating solution
to dual STM-64 DAGs.
• Okada01 and 02 each have a single STM-64 DAG. [Updated] PO raised for Second card for each, plus two more for
haga. Project Risk that the cards may arrive too late.
• There is a risk that TERRAIN may need changes for dual-DAG operation, and if so these may miss MIP-1.
• If the DAG solution fails, the fallback is to use POKER FACE.
• SIGADS and PDDGs now configured correctly, except that the SIGADs require a Z suffix for Mobile.
• Kato01 now has upgraded OS and OVO. All eight Ninjas should be upgraded over the next week or so. is aiming to
get bearers connected up by then.
Test TERRAINs to miss v10.0 and go straight to an early drop of 10.1.
• Still need to confirm content processing for Gmail and Hotmail.
• We are now seeing Mobile content in IIB.
• Routing requests for SAMALANCA, HAUSTORIUM and GDR (IIB) have gone in. Still to request full changes needed
to route first to Dev systems, then migrate to Op. Operational data integrity still needs to verified into SALAMANCA
and HAU STORIUM from the output of Ueda 01.
says that the AA format is so different that data set comparison with legacy is not worth doing. will
work with to clarify way ahead.
• Currently formatting in CCDF v4.5. PCs will upgrade to 1.1.1 when systems are compatible.
• Agility Trial is providing AA format to NGE (update - has moved from Dev to Op NGE Buffer)
• Issues over the ways that ENCHANTRESS vs. TERRAIN handle tunnel data are to be resolved.
• SOCIAL ANTHROPOID user base of ca. 20 is sufficient to meet MIP-1.
• SSOS access, Bude tasking, TFE 2/3rd line support, and GTE monitoring of POKER FACE, are providing adequate
sustainability for MIP-1.
• is coordinating work elsewhere to improve GRX access. Project need visibility of this.
• Need to confirm dates for TERRAIN 10.1
• MAGLITE are pursuing GPRS selection for collection - currently still only 1/3 turned on. Project to monitor this.
• Test handsets are making progress, the first few should soon be available to TPS/GTE. This will allow detailed specs on
the next tranche of exploits to move forward. The process still needs to be formalised to be Ops-driven while technically
informed. Meanwhile, is working on research for Facebook and Twitter features.
• Bude infrastructure to be delivered for MIP-2.
 25 May Project Checkpoint
• New Level 1 Milestone to be created, for agreement on Twitter and Facebook features to go in TERRAIN.
• POKER FACE now stable, with over a thousand Content hits in IIB. We are engaging the Analyst community to gain
awareness and evaluate.
Dual DAG card - demo scheduled for 10 June.
Version 10.1 is available a month early. An interim 10.2 has been mooted, so the currently planned 10.2 may be
redesignated as 10.3.
will work to link feature deliveries to requirements, and to clarify a pre-release build approach for
the Test environment.
absence is holding up the Events L2 design.
• Converged Events in SOCIAL ANTHROPOID - timetable remains unclear. will continute to push for a date.
• ACTION: to check for Mobile Events in HAUSTORIUM & IIB.
 11 May 2010 Project Checkpoint
• Three STM-64 single ends have been identified in the PEBBLE BED GPRS query. to look for the
• GPRS selector management - the long-term solution for MONKEY PUZZLE and BROADOAK is being pursued by |
Meanwhile, working to get analysts to select it manually.
• TERRAIN’s May 15th level 1 Milestone for operational capability is at risk from issues over RHEL OS vs. OVO (system
monitoring) version compatibility. Versions compatible with each other and with the TERRAIN apps are being sought.
DAG card purchases for the TERRAINs are not visible.^^( to follow up.
• confirmed that TERRAIN 10.0 will provide BlackBerry, MMS, Gmail and MS Hotmail Content and Events.
Gmail/Hotmail Events will be Send and Read only.
• BlackBerry decompression will arrive in TERRAIN 10.2. There are advantages to early testing of a pre-release version in
the Mobile Apps Ref environment.
The issue of identifying mobile vs. Internet derived intercept was discussed. Any GRX metadata is discarded, so there is
only the app session to go on. Hotmail processing can detect the mobile variant, but the Gmail processor cannot - we
would need to look in the WAP, HTML, etc. metadata. Otherwise, in general we would expect the arrival of mobile
capability to result in a step change in quantity.
The next tranche of mobile apps has several candidate lists put forward by various sources. is clear that the
choice must be OPS’ call, Project cannot second-guess.
Lots of unprocessed binaries arrive in IIB. We need to push the re-entrant processing (agile development) environment,
in order to explore it. This should help inform future new app decisions.
HB 8 will deliver benefit for Mobile Apps - several webmail events and Gmail & Hotmail content from within the core
internet (outside the GTP tunnel). Detail to be added to project plan.
 27 April 2010 Project Checkpoint
Scoping and requirements
• ACTION 6/1 (to ensure that users are looking at metrics): to work with to progress this.
ACTION: to record requirement to target on GRPS selectors by default (Note this is distinct from Action 5/3 on
to get users to set this option).
• User stories, data types and visualisation requirements are in hand. PoC
• Next tranche urgently needed if TPS are to be kept on side. Project may need to pick up and run with our own assessment
of priorities and requirements and priorities. This is likely to focus on volume, in order to inform future decisions.
Facebook is a strong candidate. ACTION: | | to raise urgency of App Summaries wit^^^^^^l next Tuesday.
| is new PoC, alongside has been standing in while was away, she is not a poc.
will speak to to get the proforma amended.
• Facebook, Fring and Nimbuzz placeholders created (Note: Facebook Summary has in fact been partially populated).
• Mission Management of Benhall TERRAINS by Bude is now in place.
• Useful amount of traffic now present in feeds, to develop against.
• ACTION^^I to push for movement on GTE Franchise. I think this related more to App Summaries, see
• ACTION: ^^^|to confirm that all parties have bee informed of the decision to dual-route data to both IIB/UDAQ
and Golden Eye.
• Social Anthropoid rollout is tight. ACTION: to speak to re early access for Project IV&V
• ACTION: (Who? to discuss functionalit ^^|to discuss timeline) to work with NGE Theme to firm up QFD
functionality and timeline, inc HB8.
• ACTION: to check with on Converged Events functionality of HA and eMB for MIP-1 IV&V
 30 March 2010 Project Checkpoint * •
• Operational benefit by best and most effective operating model should be used to pursue.
• We need a period of solid collection and derived value before OPS will buy-in. This is what MIP1 must provide.
• SSOS have refused to provide mission management for the NINJA systems. No resolution in sight. Tasking want us to
use MVR, but this will not be available in time, so have suggested Agile space in the interim. Re-adoption by Theme has
also been mooted. ACTION: to pursue decision in next couple of days.
• has created a MAGLITE milestone (as yet unapproved) for NINJA support. ACTION: to agree
dependencies with and to ensure that P6 is updated accordingly.
still off sick. OPS are beginning to consider the impact.
• We are now finding sufficient bearers and traffic to process.
• Work on the DAG cards has paused while the developer fixes an issue with TERRAIN.
Analysts may not always (ever?) be setting the selectors GPRS tick box. This may be why so few results are appearing.
1 is trying to get it set by default. ACTION: to keep on the case and report back.
• is writing the User Stories for the Analysts f These will be used to provide: low-level Realisations of the
Use * •Cases, requirements for the NGE/TDB visualisation tools, input to Theme IV&V. ACTION: to clarify
whether these currently include Content or are Events-only.
• Communications to the wiki are not flowing freely. ACTION: all to invite to meetings by default.
[editl 16 March 2010 Project Checkpoint
Mobile Apps Content destinations are unclear ie IIB/UDAQ or Golden Eye. Action: to engage with
(?) as requ’d to identify: Mobile data fields that IIB/UDAQ can and cannot currently accept, routing
to GOLDEN EYE vs IIB/UDAQ for M-IP1, and the LOOKING GLASS viewers that will be available by 25 June.
• Action: to pass TPS internal RFC No. and details to for the PPF-to-TERRAIN strategic solution.
• There is a need to clarify requirements traceability (CmR to Detailed needs/features) placed on Product Centres by
various RFCs. Action: to review Commissioning Requirements.
• There is need to focus on exploit feature details between IPP and TDB Content. Dates for capability from TDB Content
need to be agreed Action
• Significant improvements in performance in TERRAIN. Significant percentage of performance to be taken by
STRAPROC. STARPROC - NSA product focused on internet apps - limited benefit to Mobile Apps.
• is working on DAG implementation for TERRAIN - there are technical issues with the new hardware to
• Agreement that EREPO collection should fit into standard TERRAIN. to own.
• For MA-IP1, the focus is now on standalone TERRAIN. It is important to get Google Maps into the TERRAIN 9 April
• TERRAIN version numbering has been revised. Action: to confirm with the new version
numbering for the TERRAIN 9 April and subsequent releases.
• Is a map tile Content or an Event? We don’t need to collect the Google tiles as we already have them, just the reference
IDs. Action: to pursue decision on map tiles.
• The Agility Trial is not well defined. It would be useful for live testing, but is not essential. In particular, there is an
opportunity to pass Content to the Content Reference system. Action: IV& V team to maintain Agility Trial booking for
Content system. Action: All Core team to engage with TDB Content over the Agility Trial.
[editl 1 March 2010 Project Checkpoint
• Survey is finding more low-rate GTP bearers. These are suited to standalone TERRAIN. Targeting within SSE is then
expected to provide enough volume to require MVR.
• To resolve the PPF-to-TERRAIN issue, the short term solution will be to pass all data to TERRAIN. Long term, a
strategic solution will be developed. Action to follow up for date of agreement of strategic solution for PPF-to-
• Data from TERRAIN: Action to check that quality of the TERRAIN data currently being received is as
• wants more visibility of TPS testing in the run-up to Heartbeat 7 delivery tolerance is
plus-or-minus one heartbeat). has been updating the requirements so that we can define what to test against.
Bude standalone TERRAINS will be delivered in due course. This is a dependency on MAGLITE.
• (PPF) to characterise first drop of App data required by TDB and populate App Summaries on the wiki, by
Friday 5 March. Action 4/1 (TDB Content need to understand...) to be updated accordingly.
• Google Maps product is to be delivered in ADF format but wrapped in CCDF. Action |____________| to write up the
Databases and Analysis
• HARD ASSOC and evolved MUTANT BROTH are now running. Converged SOCIAL ANIMAL is awaited.
Presentation now due ca. mid-March. Action 1/2 (^| to discuss date) to remain open.
• Project is still aiming to implement AA ICD by May. Action to investigate if there is a risk associated
with the delay to SOCIAL ANIMAL.
• Action 4/2 (analyst visualisation needs) dependent on 4/1 - update accordingly.
• TSPC2B 5 Eyes sharing solution will be dependent on the quality of the QFD content. Action on to
register risk that: any slippage that impacts our end of June milestone will impact on TSPC2-B testing.
• Telephony Events destination/s need establishing. Action to clarify PPF Telephony Events routing/destinations
with TPS and OPS.
Project planning to factor SMO Planning Agility Pilot. Action
 16 February 2010 Project Checkpoint
• GTE now able to survey the access environment for GTP traffic - whilst each bearer seems to carry relative low volume,
this traffic is expected to increase and it is important that we can process it.
• Converged Events pilot evaluation by IV&V team is due by 28 Feb. NGE will be asked to provide a presentation and
demonstrate the concept of converged comms events. Action to discuss date of presentation with
Events. Breaking news - this work has slipped but is expected within 2-3 weeks.
• Content selection by ENCHANTRESS is not passing the IP and other outer layers to TERRAIN, which cannot then
make associations. PoCs in TPS are and Action (IPP) to raise report in
shape of exception ie detailing problem and options. The 17 May delivery may be descoped although it appeared that
Content may still be presented. Content obviously a key stakeholder for this issue.
• GOLDEN EYE II will take IIB flow from end of March (LOOKING GLASS will have partial capability by then).
The Data format issue was previously highlighted via Google Maps. GM also has a content issue. and
are writing a Problem Statement - is chasing.
• PPF, SORCERER and TERRAIN have different requirements managers. The lead Product Centre must be the single PoC
for the Project, and bring people together as needed.
• Dependencies lead each app through a cascade of product centres. Action to synchronise PC roadmaps.
• Viscom spec is awaiting completion of current traffic analysis.
• LOOKING GLASS developers in TDB need to understand the detailed requirement. Action to align analyst
visualisation needs with data sources/formats, via pro-formas or similar.
 2 February 2010 Project Checkpoint
• A Top Level Build Logic diagram for the next six months for the project is now available on the wiki.
o Three key delivery areas are currently Converged Events, 10GTP processing and Mobile Apps. Converged events
are the critical dependency for QFD development and NGE showcase event.
o Key decisions on Converged Events Roadmap expected this week.
o The diagram highlights the need to roll out capability on TERRAIN as well as on MVR: has raised some
new RFCs with IPP.
• New Apps:
o Mobile Gmail is currently not encrypted, but there is a risk that it will be in due course. New Risk to be added to
o Hotmail analysis summary to be populated. Action_____to chase.
o Google Mobile Maps: Content will require a new data model for the databases. Content will need data asap to
develop this. Action TPS/Theme
o Viscom data poses compatibility issues with the ENCHANTRESS processing architecture. Existence of traffic also
a risk. Activity in place to clarify priority and risks. New Risk to be added to GCrisk
TDB content have provisioned effort to process the 5x Mobile Apps although Work Package required. Action
to draft words for
o TDB content need to understand how the Apps content should be presented. Wiki Proformas should assist although
direct engagement with TPS developers required. Action to facilitate
o The 10G GTP Pilot derisking exercise was successful, with the Level 1 milestone achieved. Report now published
on Mob Apps Wiki.
o New workstream 13 initiated to improve access and provide sustained collection of GTP traffic.
Business change: Planning is ongoing, with^(
LOOKING GLASS will not be widely available for the Converged Events training in June ■
can still go ahead with direct QFD queries
LOOKING GLASS will still need be available to selected analysts.
^^^|stated that current focus and testing scenarios are against available Mobile Internet traffic.
Checkpoint Meeting aim is to monitor key deliveries ( and issues) leading up to key integration milestone (L0) in June
| ensuring a triangle of discussion between Theme, Ops and Product
assumption is that training
[editl 14 December 2009
Business Change Dashboard being updated . To go on wiki when done and agreed by Principal User and Senior User.
• Mobile Theme Principal User, is likely to be moving on at a date to be agreed in the New Year.
• Programme understand the need to advise Thread mgt of any other products that would impact our portfolio of work.
• Pilot deliveries (GTP, Converged Events) are dependent on Product Centres delivering on time. These are being
• TERRAIN output via the new ICD is expected this week.
• Scope creep is occurring over pilot GRX access and the need for a reliable GTP reference source. Use of the contractor
GTP reference environment is being explored.
• TDB-E have received an update briefing from project. TDB-C to follow.
[editl 7 December 2009
• Working with OPS to restore GRX mobile traffic. This is currently our top priority. We are also working with GTE to
make the GRX collection environment more robust.
• Working with TDB/NGE to schedule the IV&V (I&T) of NGE QFDs and Mobile Converged Events.
• Project headline milestones include:
o Rework of Converged Events and 10G GTP following pilot/derisk delivery.
o 7 Apps/Variants due for Experiment capability on 9 April.
• OPS are working to specify their App exploit requirements.
• BA and MTI are now more aware of Mobile requirements and the potential impact this has on their respective
programmes, e.g. GOLDENEYE. Engagement continues.
• Business Changes to be finalised/agreed today. Benefits also being finalised by
• The project’s Wiki site has had a significant restruring, and is now robust enough to support higher usage. Project and
engineering communications continue to migrate onto the wiki.
Two weeks to Christmas!
 30 November 2009
• Business change for Thread 4 now crystallised.
• The report outligning the processes for engagement for new Mobile Apps into TPS now approved.
• Customer requirements need to be base lined.
• SIM Card exploitation - discussions progressing.
• Target Presence data (mostly C2C) needs to be added to the convergence strand ASAP. Currently looking at adding
Presence capability to TERRAIN. There may have to be a trade-off against existing planned deliverables.
• Use Case 8 (Identify Target’s Mobile Communications) needs volumetrics study.
• Need NGE planning delivery dates.
• Timescales for Contractor delivery of Mobile Apps / IPP processing capability need to be addressed/clarified.
• MAPL and PPL pages are being merged - the business strands stay separate.
• Use Case Realisations have all been updated. To explore MOOD’s web publishing feature for productivity gains.
• New Use Case in hand for New Selector Types - this needs to be a sustainable business process.
• GCWiki suggested as a viable collaborative tool for multi-disciplinary collaborative pushes.
Category: Mobile Applications Project
• Additional Statistics
• My talk
• My preferences
• My watchlist
• My contributions
• Main Page
• Help Pages
• Wikipedia Mirror
• Ask Me About...
• Random page
• Recent changes
• Report a Problem
• What links here
• Related changes
• Upload file
• Special pages
• Printable version
• Permanent link
Powered by MediaWiki
• This page was last modified on 1 May 2012, at 11:44.
• This page has been accessed 64 times.
All material is UK rhttp://www.gchq/organisation/ck/opensource/policv strategy/copyright/ Crown Copyright! © 2008
or is held under licence from third parties. This information is exempt under the Freedom of Information Act 2000
(FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to GCHO on
• About GCWiki
TOP SECRET STRAP1 COMINT
The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content.
20 of 20