The Barium Meal Test : More Than Meets The Eye

“if you’re not paying for the product, then you are the product.”— Tristan Harris, Google’s former design ethicist and Co-Founder of the Center for Humane Technology

“Once is an accident, twice is a coincidence. But three times, and man, you really have to start thinking that maybe governments around the world need to start putting on “confidentiality” refresher courses for their tankers.” —Nobleman Swerve

“The test of an adventure is that when you’re in the middle of it, you say to yourself, “Oh, now I’ve got myself into an awful mess; I wish I were sitting quietly at home.” And the sign that something’s wrong with you is when you sit quietly at home wishing you were out having lots of adventure.” —Thornton Wilder (1897–1975)

As you know by now, I have an abiding interest in intelligence information production and dissemination. We’ve been taking a look lately at what is happening in some of the world’s persistent trouble spots. This past year has provided no paltry amount of global tragedy. Everywhere we look, people are killing and people are dying. The weak are being exploited by the strong. Greed and power grabs seem to be running rampant!

What is often neglected, though, is the reality that all of these egregious acts are driven by information. That may sound pretty boring, but believe me when I tell you that the militarization of information has been with us since the fall of mankind and the first murder of Abel by his brother Cain. Actionable Information has been at the center of human conflict from the very start. In many respects, the rapid advancement of technology has been driven by the need for better intelligence and raw information.

As a side note: the difference between information and intelligence is kind of like the difference between flour, water, sugar, and eggs, and a cake. Information is the ingredients; Intelligence is the cake. Fewer things in life make more sense than cake. Julia Child once said, “a party without cake is just a meeting.” I digress.

In this week’s More than Meets the Eye, I want to discuss one of the most innocuous ways intelligence is being gathered all across the globe. How are operations being planned with so much intelligence gathering happening? If you watch television today, you are left with the impression that every time you pick up a phone, log on to your computer, or speak a hushed word in the privacy of your home someone is listening and your privacy is being invaded. Let me put your mind at ease. Unless you have somehow become a national threat, this is just not the case. The local-, regional-, or national-level intelligence gathering organs simply do not have the means or the interest to try and track everything that is happening in the world. First, it is expensive to invest assets to gather information on individuals. Second, that information has to be turned into intelligence by cross-referencing the data collected with other sources, which are also expensive. Most of us do not warrant that kind of attention. I am not saying that mistakes won’t happen—as long as humans are involved, they will.

There is a novel thing happening in the information-gathering community—gaming platforms are being used by terrorists for the secret passage of information and financial transactions. It is pretty controversial, and has been vehemently and unilaterally denied by the gaming industry, there is enough information pointing to the reality that it is indeed happening. All of this is happening under our noses and there is so much more than meets the eye. As a disclaimer, I want to assure you that I will never deal with anything that I understand is classified. What so many classified managers do not understand is that the mere disavowal of a classified document is an admission of the presence of confidential information. This is a major faux pas in the intelligence community. In a security manager’s zeal to protect information, they confirm its veracity rather than disprove its existence.

As a bonus, I will even discuss what a Barium Meal Test is.

Review.

The sheer volume of the gaming community is a good enough reason to seek a secret haven within the virtual reality that it provides. The online gaming community is enormous. In total there are an estimated 3.24 billion gamers across the globe. That is not a small community. More than 200 million Americans play video games in the US alone. That means roughly 65% of American adults are video gamers.

Worldwide the gaming market is even more influential. According to Statista, Latin America has 274 million gamers, the Middle East/Africa has 388 million, and Europe has 391 million. The most astounding audience is in Asia, though, with 1.5 billion gamers. The number of gamers increases exponentially each year; in 2016, the number was only 2.5 billion. Since there are only 7.67 billion people on the planet, than means that roughly 42% of the world are gamers. At this rate of increase, it’s only a matter of time before everyone in the world plays video games. The global video game population is also being shifted up thanks to the popularity of mobile games.

It is no surprise that free-to-play games are the kings of getting people to download. As far as the stats show, PUBG (previously known as Player Unknown’s Battlegrounds,) is the most downloaded game, with 1 billion players worldwide.

Some other top contenders include:

Crossfire– 1 billion users
Dungeon Fighter Online– 700 million users
Speed Drifters– 700 million users
Minecraft– 600 million users
Candy Crush Saga– 500 million users
Among Us– 500 million users
Microsoft Solitaire– 500 million users
Fortnite– 350 million users

Online games might seem innocuous, a top-secret 2008 NSA document warned, but they have the potential to be a “target-rich communication network,” allowing intelligence suspects “a way to hide in plain sight.” Virtual games “are an opportunity!,” another 2008 NSA document declared. They are an environment where nefarious actors such as terrorists can live and conduct business and blend-in in ways that are most difficult to detect. “Al-Qaeda terrorist target selectors and…have been found associated with Xbox Live, Second Life, World of Warcraft, and other GVEs [games and virtual environments],” the document notes. “Other targets include Chinese hackers, an Iranian nuclear scientist, Hezbollah, and Hamas members.”

One NSA document seems to insist that “if properly exploited, games could produce vast amounts of intelligence. They could be used as a window for hacking attacks, to build pictures of people’s social networks through ‘buddy lists and interaction’, to make approaches by undercover agents, and to obtain target identifiers (such as profile photos), geolocation, and collection of communications.”

When questioned by independent investigators, the NSA declined to comment on the surveillance of games, which is an appropriate response to such questioning. A spokesman for the UK Government Communications Headquarters (GCHQ) said the agency did not “confirm or deny” the revelations, but added: “All GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorized, necessary, and proportionate, and there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners, and the intelligence and security committee.”

With such a huge audience there is enormous potential to transfer a lot of information. Malcontents such as terrorists are finding a haven deep within the data-saturated caverns of the online gaming landscape. Global intelligence agencies are scratching their heads as to how they can harvest this immensely important information field. Let’s look at a couple of incidents which demonstrate that this is not just a hypothetical realm of which I am writing.

Case Number 1- In 2019, news reports broke of a British tank commander who got fired up about the specifications of the Challenger 2 tank being incorrect in the game War Thunder, Gaijin Entertainment’s free online war game. A player with the username Pyrophoric won a debate on War Thunder’s discussion forums when he posted schematics of the British Main Battle Tank, Challenger 2 extracted from its Army Equipment Support Publication (AESP), a sort of confidential user manual. He showed that in real life, the tank is less vulnerable to shots fired at the junction between its turret and hull than it is in-game. The AESP had “UK Restricted” labels crossed out and replaced with “Unclassified” stamps — note that the UK generally refers to documents that were previously classified, but no longer are, as ‘declassified’ and not ‘unclassified.’ Forum moderators immediately found the post suspicious, and one pointed out that the “last time such a document was claimed to be ‘unclassified’ it was in fact still classified.”

Case Number 2- In July of 2021, aspects of a new version of the British Challenger 2 main battle tank (MBT), which apparently Gaijin Entertainment got wrong in the game was questioned, leaving the complainant to post significantly classified documents on the gaming discussion forum for all to see. The user hadn’t just taken the documents and published them – it appears someone had made the attempt to redact information, with sections of what was posted heavily blacked out. Media reports have been similarly mixed in terms of what classified information was shared. But the basic gist is that a gamer took his argument too far, and was willing to share confidential military documents in order to prove it.

A user identifying as a Challenger 2 commander posted specific excerpts from a Challenger 2 AESP (Army Equipment Support Publication, sort of like a user manual) to show game developers that they “didn’t model it correctly”. The user identifies as a make in Tidworth with a history of “Tanks & AFV’s, CR2 Tank Commander, AFV Instr, D&M Instr, Gunnery Instr, Former ATDU”. It should be noted that Tidworth is home to the Royal Tank Regiment who operates Challenger 2 tanks.

The issue highlights the opportunity gaming plays for adversaries to exploit loose lips. The U.S. military is well aware of the opportunity gaming presents, and has sponsored advertising on games like Call of Duty, even going as far as creating its own game, America’s Army. The military community loves its games, and it loves the life-like nature of many of them. But unless you’d like to discuss the finer points of a military uniform’s inaccuracy, it’s best to keep your mouth shut on how operational details differ from the real thing.

Finally, a War Thunder forum moderator posted: “We have written confirmation from MoD that this document remains classified. By continuing to disseminate it you are in violation of the Official Secrets Act as stated by the warning on the cover of the document, an offense which can carry up to a 14 year prison sentence if prosecuted. Of this you are already aware, as a service person you have signed a declaration that you understand the act and what actions it compels you to take. Every time you post this you place us (International representatives of Gaijin), especially any UK citizens, in hot water as the warning so helpfully states that unauthorized retention of a protected document is an offense.”

Case Number 3- For the third time, according to the UK Defense Journal, classified military documents have been posted to the forums of War Thunder, Gaijin Entertainment’s free-to-play vehicular war game, because a player got pissed off that some tiny aspect of the simulation was wrong.

On May 31st, 2022, the latest leak of classified military intel onto a video game forum—a genuinely wild sentence to type, believe me—is an image of the DTC10-125 tungsten penetrator and a technical doc describing its specifications. Unlike the previous two leaks, which revealed information about the British Challenger 2 and French Leclerc main battle tanks, this one is about Chinese hardware. The DTC10-125 is a high-velocity, non-explosive, 125mm sabot round fired by the Chinese Type 96 and Type 99 MBTs, described by the UK Defense Journal as “one of the PLA’s [People’s Liberation Army’s] main tank killing rounds.”

These are just three ways in which gaming forums can and have been used to exploit loose lips in a digital environment, and this is simply one of the methods that gaming provides to the global intelligence communities. Of course this does not address the operational planning, communication, and clandestine financial transactions that are also being perpetrated within these platforms. I perhaps will deal with that at another time. It seemed like these simple case studies would be more interesting to discuss as we enter this realm of shadows and misdirection in the midst of what is often considered a world for young adolescents and unemployed college graduates.

Why.

Who doesn’t like free things. It is a feeling, however, that can be a two edged sword. As the opening quote states, “if you’re not paying for the product, then you are the product.” I am not trying to impugn everything that is free or imply that everything that is free has an ulterior motive. It has become apparent to me that when it comes to the internet, everybody wants something for free. I think the spirit of that quote is that there really is nothing in life that doesn’t cost someone something, and in a world where information is power, too often we are the product.

The reality is that the collection of your personal data—what you buy, where you shop, how much time you spend shopping, how much you spend, where you spend it—may not be as harmless as it appears. You are exchanging your privacy for a seemingly free product.

My point in looking a little closer at online gaming is that no matter how harmless it may appear, it has the potential to hold venom in its subtle bite. I know that my main emphasis is to look at the intelligence gathering potential of gaming, but I would be remiss if I didn’t at least say that there are a host of other dangers within the gamer community as well.

Let me just name a few for our enlightenment:

It can be extremely violent.
It can lead to gaming addiction, a well documented reality
One can end up becoming less socially active.
It can promote bad physical health.
It can affect your mental health.
It can disrupt one’s sleep patterns.
It can rob one of time to do anything else.

These are just a few of the ways that online gaming has opened up a whole new way to infiltrate our lives. One can be certain that where there are a lot of people, there will be those who want to gain as much as they can from them, whether it be data, money, or influence.

We must remain soberly vigilant concerning our personal use of online gaming. It is taking the world by storm. I personally do not have time to play online games, so I am ignorant as to how much fun it can be. I’ve no doubt it is entertaining. I just know that it is turning into a gold mine for data collection and each of us will pay something for its “free” usage. It may seem like a pretty small price to pay, until we suddenly find that what has been collected is too valuable to have given away for a free game.

So by the way, what is a Barium Meal Test? The basic premise is to reveal a secret to a suspected enemy (but nobody else) then monitor whether there is evidence of the fake information being utilized by the other side. For example, the double agent could be offered some tempting “bait” e.g. be told that important information was stored at a dead drop site. The fake dead drop site could then be periodically checked for signs of disturbance. If the site showed signs of being disturbed (in order to copy the microfilm stored there) then this would confirm that the suspected enemy really was an enemy e.g. a double agent.

Action.

Pay attention to your online presence. Data mining has already become a trillion dollar industry. The question of how much of that trillion was freely handed over to strangers without even considering the cost is yet to be fully considered.

Before you label me a conspiracy theorist, please know that I am not advocating that we stop using the internet, stop email, stop messaging, or stop using internet banking. I am not even advocating that, if you are a gamer, you stop online gaming. I am simply advocating that you just do so with a sober and informed mind aware of what these allegedly free services are actually costing you. Personally, I pay some kind of user fee for most of the services I use. They all come with a variety of levels of security with the paid subscriptions. I have reviewed them pretty thoroughly. You might want to consider moving to a more secure form of internet engagement, whatever that is.

Here are a few examples of how I have secured my digital foot-print.

Secure Email: For secure email I use Protonmail. This is a Swiss -based company that provides a great service at a very minimal price. Its encryption system has not been compromised. https://proton.me

Secure Messaging: Best in class is WickrPro- Wickr Me is a free end-to-end encrypted-messaging app that allows users to send private, self-destructing messages (text, photo, video, and voice) to other Wickr contacts. Think of it as a more secure Snapchat. I use the Pro version which adds security for a small fee.

Wickr takes user privacy seriously, using strong encryption and deleting metadata such as geotags and message times. Users can configure how long it takes for messages to self-destruct. A video-key verification system adds a new layer of security, with users verifying each other with short bursts of encrypted video.

Secure Internet Search: People tend to think that having a VPN slows down your Internet connection. That indeed used to be the case, but with the advent of more advanced technology the problem is no longer a real problem.

Here are a few recommendations that you should consider.

1. Protonmail has an effective VPN application. It is not expensive and it coalesces nicely with usage of the Protonmail email system. The only limitations that I have found using it is its limited Global VPN Server Network. It might get stressed through overuse, although Proton appears to be committed to expanding their server network. https://protonvpn.com/

CyberGhost- Their most pressing concern is your privacy and anonymity. Their headquarters are in Romania, a country known for upholding strong privacy laws. They are also outside the jurisdiction of the 5/9/14 Eyes Alliance. They don’t share your data with prying eyes, including ISPs and government organizations. Their No-Logs Policy stops them! They don’t keep any logs of your activity. (I really like this one. It allows me to select servers in whichever countries I want to appear to be working from.) https://safe.cyberghostvpn.com/en_US/flash-devices?&utm_medium=affiliate&lp=flash-devices&coupon=3Y3M&media_source=CJ_affiliates&channel=External%20LPs&affiliate=5139183&utm_source=5139183&cjevent=6eae3136a7a111ec83cd3c790a82b82c

In the end, everybody has a different need for security. Some believe that if I am not doing anything wrong I have no need to keep secrets. Good luck with that. Others feel a need for maximum privacy. Most of us need only practice sensible personal security. My recommendation is that you do some reading and discern what is best for you.