1984 was a Warning not a Blueprint – Page 13

Karma is a Bitch

A few months back Geofeedia was discovered to be buying user data on social networking sites and selling it to law enforcers. Needless to say, this didn’t go over well with anybody but law enforcers. Most of the social networking sites cut Geofeedia off. Apparently surveillance was the company’s only revenue stream because the company announced that it laid off half of its staff:

Chicago-based Geofeedia, a CIA-backed social-media monitoring platform that drew fire for enabling law enforcement surveillance, has let go 31 of its approximately 60 employees, a spokesman said Tuesday.

[…]

Geofeedia cut the jobs, mostly in sales in the Chicago office, in the third week of October, the spokesman said. It has offices in Chicago, Indianapolis and Naples, Fla. The cuts were first reported by Crain’s Chicago Business.

An emailed statement attributed to CEO Phil Harris said Geofeedia wasn’t “created to impact civil liberties,” but in the wake of the public debate over their product, they’re changing the company’s direction.

You have to love the claim that Geofeedia wasn’t created to impact civil libertarians even though the company’s only product was selling data to law enforcers. When you make yourself part of the police state you implicitly involve yourself in impacting civil liberties. I really hope the company goes completely bankrupt over this.

It’s also nice to see services like Facebook and Twitter cut off companies involved in surveillance. One of my biggest concerns is the way private surveillance becomes public surveillance. This issue is exacerbated by the fact that private surveillance companies stand to profit heavily by handing over their data to the State.

The Totality of the Situation

The line separating lethal and nonlethal force seems clear enough. Something that has a high probability of killing somebody, such as a gun or knife, is lethal whereas something that has a low probability of killing somebody, such as a punch to the gut or pepper spray, is nonlethal. But all too often people don’t consider the totality of the situation (a favorite phrase of cop apologists trying to excuse what appears to be obviously egregious behavior by an officer). Consider this story about the pipeline protests in North Dakota:

Tear gas was used to disperse a crowd of 400 protesters at the Dakota Access Pipeline late Sunday after clashes that authorities described as a “riot” prompted by “very aggressive” activists.

A law enforcement officer was hit on the head by a thrown rock during the confrontation, Morton County Sheriff’s Office said in an update at 1 a.m. local time (2 a.m. ET).

Videos posted to Facebook by activists showed authorities spray a continuous stream of water over demonstrators in below-freezing temperatures but sheriff’s spokesman Rob Keller told NBC News that no water cannon were deployed. He said the water was being sprayed from a fire truck to control blazes as they were being set by activists.

[…]

“Officers on the scene are describing protesters’ actions as very aggressive,” the release noted. “In order to keep protesters from crossing the bridge, law enforcement have utilized less-than-lethal means, including launching CS gas.”

In spite of what the police claimed, the videos and images from the protest make it clear that they were deliberately spraying the protesters with water cannons, not putting out fires. Even considering that normally water cannons are considered nonlethal because spraying somebody with a water cannon isn’t likely to kill them. However, at the time of this police action temperatures in the area were below freezing and anybody who lives up here in the northern states knows that hypothermia can become lethal quickly.

If we’re supposed to consider the “totality of the situation” when police officers do something seemingly terrible then police officers should be held to the same standard. Driving out firetrucks with the intention of spraying down protesters in below freezing weather is lethal force. The officers might as well have opened fire with rifles. They certainly don’t have grounds to claim they were utilizing less-than-lethal means.

The Surveillance State Hidden in Plain Sight

Everybody should have been suspicious of the giant unadorned building in New York City that looks like something ripped right out of the 1984 movie. As it turns out the building’s appearance betrays its purpose as it is part of the Orwellian surveillance state:

THEY CALLED IT Project X. It was an unusually audacious, highly sensitive assignment: to build a massive skyscraper, capable of withstanding an atomic blast, in the middle of New York City. It would have no windows, 29 floors with three basement levels, and enough food to last 1,500 people two weeks in the event of a catastrophe.

But the building’s primary purpose would not be to protect humans from toxic radiation amid nuclear war. Rather, the fortified skyscraper would safeguard powerful computers, cables, and switchboards. It would house one of the most important telecommunications hubs in the United States — the world’s largest center for processing long-distance phone calls, operated by the New York Telephone Company, a subsidiary of AT&T.

[…]

Documents obtained by The Intercept from the NSA whistleblower Edward Snowden do not explicitly name 33 Thomas Street as a surveillance facility. However — taken together with architectural plans, public records, and interviews with former AT&T employees conducted for this article — they provide compelling evidence that 33 Thomas Street has served as an NSA surveillance site, code-named TITANPOINTE.

Inside 33 Thomas Street there is a major international “gateway switch,” according to a former AT&T engineer, which routes phone calls between the United States and countries across the world. A series of top-secret NSA memos suggest that the agency has tapped into these calls from a secure facility within the AT&T building. The Manhattan skyscraper appears to be a core location used for a controversial NSA surveillance program that has targeted the communications of the United Nations, the International Monetary Fund, the World Bank, and at least 38 countries, including close U.S. allies such as Germany, Japan, and France.

TITANPOINTE? Again, we have a National Security Agency (NSA) codename that sounds really stupid. Considering how obvious they were trying to be with the building design and such were I the NSA I’d have just called the project BIGBROTHER.

TITANPOINTE appears to be another example of the public-private surveillance partnership I periodically bring up. While all of the cellular providers are in bed with the State to some extent, AT&T appears to have a very special relationship with the NSA. From Room 641A to 33 Thomas Street we have seen AT&T grant the NSA complete access to its services. This means that any surveillance performed by AT&T, which is often considering “safe” surveillance by many libertarians because it’s done by a private entity, becomes NSA surveillance without so much as a court order. Since your phone calls and text messages are available to AT&T they’re also available to the NSA.

Fortunately, you can take some measures to reduce the information available to AT&T and the NSA. While standard phone calls and text messages are insecure, there are several secure communication tools available to you. Apple’s iMessage is end-to-end encrypted (but if you backup to iCloud your messages are backed up in plaintext and therefore available to Apple) as are WhatsApp and Signal. I generally recommend Signal for secure messaging because it’s easy to use, the developers are focused on providing a secure service, and it has a desktop application so you can use it from your computer. None of these applications are magic bullets that will fix all of your privacy woes but they will reduce the amount of information AT&T and the NSA can harvest from their position in the communication routing system.

Concealing a Cellular Interceptor in a Printer

As a rule technology improves. Processors become faster, storage space becomes more plentiful, and components become smaller. We’ve seen computers go from slow machines with very little storage that were as big as a room to tiny little powerhouses with gigabytes of storage that fit in your pocket. Cellular technology is no different. Cellular inceptors, for example, can now be concealed in a printer:

Stealth Cell Tower is an antagonistic GSM base station in the form of an innocuous office printer. It brings the covert design practice of disguising cellular infrastructure as other things – like trees and lamp-posts – indoors, while mimicking technology used by police and intelligence agencies to surveil mobile phone users.

[…]

Stealth Cell Tower is a Hewlett Packard Laserjet 1320 printer modified to contain and power components required implement a GSM 900 Base Station.

These components comprise:

BladeRF x40

Raspberry Pi 3

2x short GSM omnidirectional antennae with magnetic base

2x SMA cable

Cigarette-lighter-to-USB-charger circuit (converting 12-24v to 5v)

1x USB Micro cable (cut and soldered to output of USB charger)

1x USB A cable (cut and soldered to printer mainboard)

The HP Laserjet 1320 was chosen not only for its surprisingly unmentionable appearance but also because it had (after much trial and error) the minimal unused interior volumes required to host the components. No cables, other than the one standard power-cord, are externally visible. More so, care has been taken to ensure the printer functions normally when connected via USB cable to the standard socket in the rear.

It’s an impressive project that illustrates a significant problem. Cellular interceptors work because the protocols used by the Global System for Mobile Communications (GSM) standard are insecure. At one time this probably wasn’t taken seriously because it was believed that very few actors had the resources necessary to build equipment that could exploit the weaknesses in GSM. Today a hobbyist can buy such equipment for a very low price and conceal it in a printer, which means inserting an interceptor into an office environment is trivial.

Fortunate, Long-Term Evolution (LTE) is a more secure protocol. Unfortunate, most cell phones don’t use LTE for phones calls and text messages. Until everything is switched over to LTE the threat posed by current cellular interceptors should not be taken lightly.

You’re the Product, Not the Customer

If you’re using an online service for free then you’re the product. I can’t drive this fact home enough. Social media sites such as Facebook and Twitter make their money by selling the information you post. And, unfortunately, they’ll sell to anybody, even violent gangs:

The FBI is using a Twitter tool called Dataminr to track criminals and terrorist groups, according to documents spotted by The Verge. In a contract document, the agency says Dataminr’s Advanced Alerting Tool allows it “to search the complete Twitter firehose, in near real-time, using customizable filters.” However, the practice seems to violate Twitter’s developer agreement, which prohibits the use of its data feed for surveillance or spying purposes.

This isn’t the first time that a company buying access to various social media feeds has been caught selling that information to law enforcers. Earlier this year Geofeedia was caught doing the same thing. Stories like this show that there’s no real divider between private and government surveillance. You should be guarding yourself against private surveillance as readily as you guard against government surveillance because the former becomes the latter with either a court order or a bit of money exchanging hands.

Will Dataminr have its access revoked like Geofeedia did? Let’s hope so. But simply cutting off Dataminr won’t fix the problem since I guarantee there are a bunch of other companies providing the same service. The only way to fix this problem is to stop using social media sites for activities you want to keep hidden from law enforcers. Don’t plan your protests on Facebook, don’t try to coordinate protest activity using Twitter, and don’t post pictures of your protest planning sessions on Instagram. Doing any of those things is a surefire way for law enforcers to catch wind of what you’re planning before you can execute your plan.

Propagandizing Against Secure Communications

It’s no secret that the State is at odds with effective cryptography. The State prefers to keep tabs on all of its subjects and that’s harder to do when they can talk confidentially amongst themselves. What makes matters worse is that the subjects like their confidentiality and seek out tools that provide that to them. So the State has to first convince its subjects that confidentiality is bad, which means it needs to put out propaganda. Fortunately, many journalists are more than happy to produce propaganda for the State:

The RCMP gave the CBC’s David Seglins and the Toronto Star’s Robert Cribb security clearance to review the details of 10 “high priority” investigations—some of which are ongoing—that show how the police is running into investigative roadblocks on everything from locked devices to encrypted chat rooms to long waits for information. The Toronto Star’s headline describes the documents as “top-secret RCMP files.”

The information sharing was stage-managed, however. Instead of handing over case files directly to the journalists, the federal police provided vetted “detailed written case summaries,” according to a statement from Seglins and Cribb. These summaries “[formed] the basis of our reporting,” they said. The journalists were given additional information on background, and allowed to ask questions, according to the statement, but “many details were withheld.”

The stories extensively quote RCMP officials, but also include comment from privacy experts who are critical of the police agency’s approach.

“On the one hand, the [RCMP] do have a serious problem,” said Jeffrey Dvorkin, former vice president of news for NPR and director of the University of Toronto Scarborough’s journalism program. “But to give information in this way to two respected media organizations does two things: it uses the media to create moral panic, and it makes the media look like police agents.”

The line between journalism and propaganda is almost nonexistent anymore. This story is an example of a more subtle form of journalist created propaganda. It’s not so much a case of a journalist writing outright propaganda as it is a journalist not questioning the information being provided by the police.

Journalists, like product reviewers, don’t like to rock the boat because it might jeopardize their access. The police, like product manufacturers, are more than happy to provide product (which is information in the case of police) to writers who show them in a good light. They are much less apt to provide product to somebody who criticizes them (which is why critics have to rely on the Freedom of Information Act). If a journalist wants to keep getting the inside scoop from the police they need to show the police in a good light, which means that they must not question the information they’re being fed too much.

Be wary of what you read in news sources. The information being printed is not always as it appears, especially when the writer wants to maintain their contacts within the State to get the inside scoop.

Public-Private Surveillance Partnership

People often split surveillance into public and private. Public surveillance is perform directly by the State and is headed by agencies such as the National Security Agency (NSA), Federal Bureau of Investigations (FBI), and Central Intelligence Agency (CIA). Private surveillance is performed by corporations such as Harris Corporation, Facebook, and AT&T. Some libertarians and neoconservatives like to express a great deal of concern over the former because it’s being performed by the State but are mostly accepting of the latter because they believe private entities should be free to do as they please. However, the divide between public and private surveillance isn’t so clean cut. Private surveillance can become public surveillance with a simple court order. Even worse though is that private surveillance often voluntarily becomes public surveillance for a price:

Investigators long suspected Charles Merritt in the family’s disappearance, interviewing him days after they went missing. Merritt was McStay’s business partner and the last person known to see him alive. Merritt had also borrowed $30,000 from McStay to cover a gambling debt, a mutual business partner told police. None of it was enough to make an arrest.

Even after the gravesite was discovered and McStay’s DNA was found inside Merritt’s vehicle, police were far from pinning the quadruple homicide on him.

Until they turned to Project Hemisphere.

Hemisphere is a secretive program run by AT&T that searches trillions of call records and analyzes cellular data to determine where a target is located, with whom he speaks, and potentially why.

[…]

n 2013, Hemisphere was revealed by The New York Times and described only within a Powerpoint presentation made by the Drug Enforcement Administration. The Times described it as a “partnership” between AT&T and the U.S. government; the Justice Department said it was an essential, and prudently deployed, counter-narcotics tool.

Before you decide to switch from AT&T to Verizon it’s important to note that every major cellular provider likely has a similar program but they haven’t been caught yet. We know, for example, that Sprint has a web portal to make law enforcement access to customer data quick and easy and Verizon has a dedicated team for providing customer information to law enforcers. Those are likely just the tips of the icebergs though because providing surveillance services to the State is lucrative and most large companies are likely unwilling to leave that kind of money on the table.

At one time I made a distinction between public in private surveillance insofar as to note that private surveillance doesn’t lead to men with guns kicking down my door at oh dark thirty. It was an admittedly naive attitude because it didn’t figure how private surveillance becomes public surveillance into the equation. Now I make no distinction because realistically there isn’t a distinction and other libertarians should stop making the distinction as well (neoconservatives should also stop making the distinction but most of them are beyond my ability to help).

You’re Not the Customer, You’re the Product

There ain’t no such thing as a free lunch (TANSTAAFL). Whenever somebody appears to be giving you something for free it likely means you’re the product, not the customer. Social media is a prime example of this. A lot of people claim that social media sites such as Facebook and Instagram are Central Intelligence Agency (CIA) products meant to surveil the populace. I personally don’t believe any government agency is clever enough to come up with a successful product like Facebook. But I also know they don’t care because they understand that Facebook exists to mine and sell information so they can forego the expenses of starting a service and just buy the data.

Geofeedia was recently caught selling social media data to law enforcement departments. The company managed to get its hands on this data by simply becoming a paying customer for sites such as Facebook and Twitter. Once the company was a paying customer it could grab user data, which is the real product, and package it up to sell to law enforcement departments.

But United States law enforcers aren’t the only buyers of social media data. Government agencies across the blog pay top dollar for surveillance data. The British Transport Police were also buying social media data:

The BTP, meanwhile, has purchased software called RepKnight. According to the company’s website, RepKnight can help identify, investigate or prevent political unrest, criminal activity, and activists. It can also be used to investigate DDoS attacks.

As well as searching Facebook, Reddit, Twitter and other social networks, RepKnight can be used for “sentiment analysis,” which presents users with “an instant summary of the mood across your search results, letting you quickly spot if something’s going wrong,” RepKnight’s site reads. Customers can use the service through a normal web browser, as well as on tablets and mobile phones.

In all, the BTP has spent £41,400 ($50,500) on purchasing the software and annual licenses for its use since July 2014, according to figures published by the Department for Transport.

A lot of people mistakenly believe their personal information isn’t worth anything. These are the people that usually say “Nobody cares what I do, I’m boring.” or “If they spy on me they’ll be bored.” or something else along those lines. But BTP forked out $50,000 just to surveil the seemingly mundane lives of everyday people. In other words, even the most boring person’s data is valuable.

What’s interesting is RepKnight seems to have some interesting capabilities. Geofeedia seems to be tailored towards surveillance but RepKnight seems to be tailored towards crushing political dissidence by allowing customers to go so far as launch a distributed denial of service (DDoS) attack.

As more of our lives move online the public-private surveillance partnership will continue to grow. Don’t be surprised if you’re pulled over in the near future and the law enforcer drags you out of your vehicle and beats the shit out of you because the surveillance software on his car’s laptop pulled up a negative commend you made about the police (the software, of course, will be loaded to enhance officer safety).

All Loyal Party Members are Expected to Subscribe to Pravda

“News” today is already little more than propaganda for the State. But that isn’t enough for Obama. He wants wants a system in place to filter our information that isn’t propagandistic:

Pittsburgh (AFP) – President Barack Obama on Thursday decried America’s “wild, wild west” media environment for allowing conspiracy theorists a broad platform and destroying a common basis for debate.

Recalling past days when three television channels delivered fact-based news that most people trusted, Obama said democracy require citizens to be able to sift through lies and distortions.

“We are going to have to rebuild within this wild-wild-west-of-information flow some sort of curating function that people agree to,” Obama said at an innovation conference in Pittsburgh.

“There has to be, I think, some sort of way in which we can sort through information that passes some basic truthiness tests and those that we have to discard, because they just don’t have any basis in anything that’s actually happening in the world,” Obama added.

What is true? If we’re talking about mathematical formulas or physics we can establish truth through logical deduction and the scientific method. But judging complex human interactions and philosophies as either true or false is a different beast.

Let’s take the Affordable Care Act (ACA) as an example. If I say the ACA has been a success would you believe my statement is true or false? It really depends on what you define as success. Supporters of the ACA will often look at the total number of people insured declare the ACA a success because the number is higher now than before the law was passed. Others will look at the rate health insurance premiums have increased and declare the ACA a failure because premiums today are higher than they were before the ACA was passed.

How do we determine “truthiness” (what a stupid word) when discussing things like whether or not a government program has succeeded? According to the government its programs are almost always successful. It will demonstrate success by pointing at various statistics it has chosen as being important. But other people will question the importance of those statistics. Going back to our example, is the total number of people who are covered by health insurance really an important number? There are arguments both for and against relying on that number to determine success. But which arguments are true and which are false?

Like so much in life, truth often boils down to personal philosophy. As a libertarian I believe the initiation of force is always wrong. Since the State’s existence is entirely reliant on initiating force I believe the State to be immoral. A utilitarian will likely disagree with me. They will likely find the State moral because it is the most utilitarian way to accomplish certain tasks. I will disagree with that and we’ll go back and forth because our ideas of morality are different.

The idea that we can create a system that can determine whether questions like our example are true is laughable because such a system will inevitably be colored by the personal beliefs of the designer.

You’re the Product, Not the Customer

In his novel The Moon is a Harsh Mistress, Robert Heinlein coined the phrase there ain’t no such thing as a free lunch (usually abbreviated as TANSTAAFL). The phrase is used by the main characters of the book to remind themselves and others that there’s no such thing as free. This is a lesson too many people fail to learn in real life. People are obsessed with the fantasy of free. They want free food, free money, free healthcare, and free online services.

People commonly make the mistake that online services such as Facebook and Twitter are free. On the surface they appear to be free since you don’t pay to use them. But TANSTAAFL. When you’re using a service for free you’re not the customer, you’re the product:

The American Civil Liberties Union on Tuesday outed Facebook, Twitter, and Instagram for feeding a Chicago-based company their user streams—a feed that was then sold to police agencies for surveillance purposes.

[…]

Geofeedia, which did not respond for comment, says it has more than 500 customers, including the Denver Police Department. That agency recently signed a $30,000 annual deal with the company. The money came from the agency’s “confiscation” fund. The department’s intelligence agency’s top brass wrote that it would allow cops to analyze and respond in real time to “social media content from anywhere in the world.”

Geofeedia, the actual customer, has been paying for Facebook, Twitter, and Instagram’s product, your personal information. It has then been turning around and selling it to various police departments, which use the information to more effectively expropriate wealth from the people they victimize. The only person not making any money on this deal is you. In fact, you’re losing money if any of the sold information about you is used by the police to take some of your wealth.

Because this revelation could turn into a loss of product for these sites they have apparently announced that they’ve cut off Geofeedia’s access. That shouldn’t make you feel better though. That access can be regranted at any time and there are likely many other companies doing the same thing as Geofeedia who just haven’t been caught yet. So long as you continue to be the product you shouldn’t believe any of your information is safe.