Stop IT Incompetence masthead.
Stop IT Incompetence motto.

Expert News Article tab.

Photos of Allan Thomson and a British clown.

Secret Service Outsources IT to IT Incompetent Foreign-Influenced Company



By Duane Thresher, Ph.D.          April 23, 2018

The Secret Service is tasked with protecting President Trump's life. Like it or not, President Trump is hated even by our closest allies, who make no secret about wanting him dead. These days protecting the President involves a lot of Internet work. You would reasonably expect that this work would be done by the highest-grade IT people, people not from foreign countries. But incredibly, the Secret Service outsources this work to an IT incompetent foreign-influenced company, LookingGlass Cyber Solutions.

Recently, I was looking at the web logs for Apscitu's website. This is basic critical IT security practice since websites are the leading attack vector for hackers.

A web log is simply a file that tells you about who accessed your website. It usually contains at least their IP address, the date and time they came, what they did (e.g., what webpage they looked at), what website they came from, and the device type they used.

Using readily available IP to location services, you can then find their location and often the organization they are from.

Besides security, web logs can also be used for web analytics, to see how successful a website is (i.e., how many people visited) and thus what advertising rates can be charged. In fact, judging from the increasing number and seriousness of data breaches, web logs seem to be mostly used for web analytics.

Google Analytics is the most popular web analytics but they censor the visitor IP addresses. Further, they seem to do a poor job of filtering out robots (particularly the many robots hosted by Amazon). As the name indicates, robots are non-human visitors to a website. But human visitors are what website owners really care about. Robots are to automatically determine the content of websites. They are what Google and other search engines use. If Google Analytics can't correctly identify visitors as robots, it wrongly inflates the number of human visitors to the website, which is lying to advertisers.

Because of all this, and because I don't trust Google in general, I look at my web logs myself. Recently I discovered IP address 209.0.146.204 was looking at my article Fake Federal Facebook Fury Finally Finished, including (it was actually looked at first) my U.S. Senators Facebook Accounts table.

Looking up 209.0.146.204 in an IP to location service, I found it was from Cyveillance, out of Arlington Virginia, near Washington D.C. A little more research showed that Cyveillance owns the IP addresses 209.0.146.0 to 209.0.146.255 (that's 254 individual IP addresses; .0 and .255 are not used individually).

From a Department of Homeland Security (the Secret Service's department) December 2012 document "U.S. Secret Service Cyber Awareness Program (Cyveillance)", it was found that "Cyveillance, a subsidiary of QinetiQ of North America, is under contract by the Secret Service to search available information related to the Secret Service and its missions."

QinetiQ is a foreign corporation. Congress has forbidden IT by Russian and Chinese companies. (Note that the Constitution requires the President to have been born in the U.S., exactly because of this concern about foreign influence.)

QinetiQ is British. But, you say, Britain (UK, United Kingdom) is one of our closest allies. The NSA includes it in the Five Eyes (FVEY) alliance of the U.S., Britain, Canada, Australia, and New Zealand (the English-speaking countries).

However, many in Britain, including in the government (they have their own entrenched leftist bureaucracy), have expressed their desire to see President Trump dead. Further, the NSA classifies a lot of data as NOFORN, meaning no foreign distribution, even to the others in the Five Eyes alliance.

And incredibly, Cyveillance looked at my article about senators' Facebook accounts but never looked at my article Secret Service, Spectre Hacker Threatens Trump With God's Justice, about me actually reporting a threat to President Trump to the Secret Service! Why were they more interested in senators' Facebook accounts than a threat to President Trump?

In December 2015, Cyveillance was sold to LookingGlass Cyber Solutions. In fact, www.Cyveillance.com redirects to www.LookingGlassCyber.com.

LookingGlass (Looking Glass is the flying command and control center in case of nuclear war) appears to be American-owned. However, among other officers, the Chief Technology Officer (CTO; LookingGlass does not have a CIO, it has a CTO instead), Allan Thomson, is from the UK. (I am a natural U.S. citizen, born and raised on U.S. Air Force bases.)

If the Secret Service would not accept Allan Thomson as an agent protecting the President, they should not accept him as head of their IT. I doubt he even had a background check.

Further, Allan Thomson is IT incompetent for this level of IT: he's the head of IT for the company doing the IT work for the Secret Service, which protects the President's life.

I checked Allan Thomson's background out from his LinkedIn page, which is probably all the Secret Service checked if they checked him at all. LinkedIn pages are of course often exaggerated.

Allan Thomson at most has a BS in computer science. Although this is better than the BA in Russian for Equifax data breach CIO David Webb or the BA in music composition for Equifax data breach CISO Susan Mauldin, it is still shockingly unqualified for this level of IT. (Who am I to say this? I have a BS in Electrical Engineering and Computer Science and an MS and PhD in supercomputing.)

Plus Allan Thomson's BS is from Britain's University of Glasgow, which is only ranked #102 globally by U.S. News & World Report. (Two of my universities, both in the U.S., are in the top 10 globally: MIT (BS), #2; Columbia (PhD), #8.)

For years, Allan Thomson worked for other companies, including networking giant Cisco, although only because Cisco bought the company he worked for before. However, someone working unqualified for years for a company is not itself a qualification, it is a condemnation of the company that hired him. Exactly the same as for Equifax data breach CIO Dave Webb and Equifax data breach CISO Susan Mauldin.

While it's true that in the kingdom of the blind the one-eyed man is king, when there are available men with 20/10 vision in both eyes one of them should be king.

It's a near certainty that those IT people working under LookingGlass CTO Allan Thomson are even less qualified. An indication of this is from them checking out Apscitu's website. IT Surveillance 101 is never to let who you are checking out know you are doing it, but I easily discovered Cyveillance via their IP address. Using Tor or even simply using a common commercial ISP would have prevented that. Clowns.

I would suggest renaming LookingGlass LaughingGas but protecting the President's life is no laughing matter, or at least it shouldn't be. I wouldn't even recommend LookingGlass for all of the other government agencies and companies it claims to work for. In fact, I would strongly recommend against LookingGlass.

[Update: A little more digging, since it seems to be one of the Secret Service's more closely held secrets, uncovered the actual Secret Service Chief Information Officer, Kevin Nally, who only has a BS in agronomy and crop science and a Master's in ship building.]