Feeling exposed?
Watchful technologies could soon put everyone
under surveillance.
December 17, 2001 FBI wants access to worm's pilfered data
Directing traffic: A look at the FBI's computer surveillance scheme
Homeland Security, Homeland Profits
Technology Review
http://www.techreview.com/magazine/sep01/amatoall.asp
By Ivan Amato September 2001
Feeling exposed? Watchful technologies could soon put everyone under surveillance.
The door to paranoia opens benignly—and early. Just think of Santa. He knows when you are sleeping. He knows when you're awake. He knows if you've been bad or good, for goodness' sake. And he knows these things all the time, even though you can't see him. Millions of kids all over the world happily and wholeheartedly believe in ubiquitous surveillance as a de facto piece of the annual Christmas present-getting machine. Parents just shake their heads in adoring wonder.
But those same parents might be shocked to learn how short the journey is from the pleasant surveillance fantasy of Santa to the freedom-squashing invasion of Big Brother. In the world detailed by George Orwell in the novel 1984, surveillance cameras follow every move a person makes, and the slightest misstep, or apparent misstep, summons the authorities. Now, similarly, police departments, government agencies, banks, merchants, amusement parks, sports arenas, nanny-watching homeowners, swimming-pool operators, and employers are deploying cameras, pattern recognition algorithms, databases of information, and biometric tools that when taken as a whole can be combined into automated surveillance networks able to track just about anyone, just about anywhere.
While none of us is under 24-hour surveillance yet, the writing is on the wall. As Scott McNealy, CEO of Sun Microsystems, starkly told reporters in 1999, "You already have zero privacy. Get over it." The techno-entrepreneurs who are developing and marketing these tools anticipate good things to come, such as reduced crime rates in urban environments, computer interfaces that will read eye movements and navigate the Web for you, and fingerprint or facial recognition systems and other biometric technologies that guarantee your identity and eliminate the need for passwords, PIN numbers and access cards—even identifying potential terrorists before they can strike.
But privacy advocates paint a far dimmer picture of this same future, accepting its reality while questioning whether it can be managed responsibly. "The technology is developing at the speed of light, but the privacy laws to protect us are back in the Stone Age," says Barry Steinhardt, associate director of the American Civil Liberties Union, which is among several groups that have tried, so far almost universally unsuccessfully, to introduce legislation aimed at protecting privacy. "We may not end up with an Orwellian society run by malevolent dictators, but it will be a surveillance society where none of the detail of our daily lives will escape notice and where much of that detail will be recorded."
The Fifth Utility
In many ways, the drama of pervasive surveillance is being played out first in Orwell's native land, the United Kingdom, which operates more closed-circuit cameras per capita than any other country in the world. This very public surveillance began in 1986 on an industrial estate near the town of King's Lynn, approximately 100 kilometers north of London. Prior to the installation of three video cameras, a total of 58 crimes had been reported on the estate. None was reported over the next two years. In 1995, buoyed by that success, the government made matching grants available to other cities and towns that wanted to install public surveillance cameras—and things took off from there.
Most of these closed-circuit TV systems are installed in business districts or shopping centers by British Telecommunications, the national phone network, and jointly operated and managed by law enforcement and private industry. In addition, some townships are using BT to hook up video telephony, a technology that allows transmission of video images via telephone lines—but in a monitor-friendly network that provides officials quick and easy remote access to the images. On another front, the U.K. Home Office, the government department responsible for internal affairs in England and Wales, is starting construction of what promises to be the world's biggest road and vehicle surveillance network, a comprehensive system of cameras, vehicle and driver databases, and microwave and phone-based communications links that will be able to identify and track the movements of vehicles nearly nationwide. All told, the country's electronic eyes are becoming so prevalent that Stephen Graham of the Centre for Urban Technology at the University of Newcastle upon Tyne has dubbed them a "fifth utility," joining water, gas, electric and telephones.
The United States and many other parts of the developed world are not far behind in video surveillance. Just look at the cameras looking at you. They're in ATMs, banks, stores, casinos, lobbies, hallways, desktops, and along highways, main streets and even side streets. And those are the cameras you can see. Companies like All Security Systems of Miami, FL, advertise Clock Cameras, Exit Sign Cameras, Smoke Detector Cameras, and Covert Tie and Button Cams, as well as Nanny Cams and other easily hidden eyes, some of which send video signals wirelessly to a recorder located elsewhere.
But cameras seem relatively benign when compared to new technology being developed and deployed. Until recently, closed-circuit systems have fed video signals to monitors, which human beings had to watch in real time, or sent the images to recording media for storage. Now, however, the job of spotting suspicious people and behavior in this stream of electronic imagery is becoming automatic, with computers programmed with special algorithms for matching video pixel patterns to stored patterns associated with criminals or criminal actions—and the machines themselves passing initial judgment on whether a behavior is normal.
For example, last January at the Super Bowl in Tampa, FL, law enforcement agencies, without announcement, deployed a face recognition system from Viisage Technology of Littleton, MA. Cameras snapped face shots of fans entering the stadium. Computers instantly extracted a minimal set of features from each captured face, a so-called eigenface, and then compared the eigenfaces to those of criminals, stored in a database. The system purportedly found 19 possible matches, although no one was arrested as a result of the test. Less than six months later, in mid-July, Tampa police sparked public protests after deploying a face recognition system from Visionics, of Jersey City, NJ, to scan city sidewalks for suspected criminals and runaways.
And this is just the beginning of the technology being piloted and prototyped to watch you—and judge your behavior. Beginning in 1997, the U.S. Defense Advanced Research Projects Agency (DARPA) funded some 20 projects under a three-year program called Video Surveillance and Monitoring. That effort has just gathered new momentum under a $50 million follow-up program known as Human ID at a Distance. The aim is to determine if it's feasible to identify specific individuals at distances up to 150 meters.
Under the program, researchers at Carnegie Mellon University in Pittsburgh are investigating whether a remote sensing technique known as "hyperspectral imaging"—a technology typically used by satellites to find minerals or peer through military camouflage—can be adapted for identifying specific human beings by measuring the color spectrum emitted by their skin. Skin absorbs, reflects and emits distinct patterns of color, and those patterns are specific enough to individual people to serve as spectral signatures. Such systems already work. But according to Robert Collins, a computer scientist at Carnegie Mellon's Robotics Institute, the process currently requires a person to sit stiffly in a chair as a sensor sweeps through hundreds of emitted wavelengths over a period of about five seconds. "Ideally, what will happen is we'll find some small group of wavelengths that we can use to distinguish people," explains Collins. That could reduce the scan time to a fraction of a second.
Another approach being developed involves a video-based network of sensors that would automatically measure such characteristics as leg length and waist width to provide, as Collins says, "the measurements you give to a tailor." The idea here, he says, is that those numbers should be able to serve as a kind of body fingerprint for identifying specific individuals.
There is no shortage of cleverness when it comes to building the surveillance state. At the Georgia Institute of Technology, scientists are developing sensor-riddled "smart floors" that can identify people by the "force profiles" of their walking feet. Meanwhile, Princeton, NJ-based Sarnoff is working toward an antiterrorist technique that uses a special camera to identify individuals from a hundred meters off by the patterns of color, striation and speckles in their irises. This isn't easy, since the iris and its elements move so quickly relative to a distant camera that the technical task bears some resemblance to "tracking a ballistic missile," says Norman Winarsky, president of nVention, Sarnoff's venture technology company. Still, the technology is coming.
Beyond identity is intention—and there are technologies in the works for divining that as well. IBM has introduced a software product called BlueEyes (see "Behind BlueEyes," TR May 2001) that's currently in use at retail stores to record customers' facial expressions and eye movements, tracking the effectiveness of in-store promotions. And psychologist Jeffrey Cohn of Carnegie Mellon's Robotics Institute and colleagues have been trying to teach machines an even more precise way to detect facial expressions.
>From video signals, the Carnegie Mellon system detects and tracks both invariant aspects of a face, such as the distance between the eyes, and transient ones, like skin furrows and smile wrinkles. This raw data is then reclassified as representing elemental actions of the face. Finally, a neural network correlates combinations of these measurable units to actual expressions. While this falls short of robotic detection of human intentions, many facial expressions reflect human emotions, such as fear, happiness or rage, which, in turn, often serve as visible signs of intentions.
Cohn points out that this particular work is just part of the team's more encompassing "goal of developing computer systems that can detect human activity, recognize the people involved, understand their behavior, and respond appropriately." In short, the effort could help lead to the kind of ubiquitous surveillance system that can automatically scan collective human activity for signs of anything from heart-attack-inducing Type-A behavior to sexual harassment to daydreaming at the wheel to homicidal rage.
The Good, the Bad and the Well-Intentioned
The list of emerging technological wonders goes on and on, which is why many observers argue it's no longer a question of whether ubiquitous surveillance will be applied, but under what guidelines it will operate—and to what end.
"Like most powerful technologies, total surveillance will almost certainly bring both good and bad things into life," says James Wayman, a former National Security Agency contractor who now directs human identification research at San Jose State University in California. Specifically, he notes, it will combine laudable benefits in convenience and public safety with a potentially lamentable erosion of privacy.
These contradictory values often trigger vigorous debate over whether it will all be worth it. The glass-half-full crowd contends that the very infrastructure of surveillance that conjures fears of Big Brother will actually make life easier and safer for most people. Consider the benefits of the "computer-aided drowning detection and prevention" system that Boulogne, France-based Poseidon Technologies has installed in nine swimming pools in France, England, the Netherlands and Canada. In these systems, a collection of overhead and in-pool cameras relentlessly monitors pool activity. The video signals feed into a central processor running a machine perception algorithm that can effectively spot when active nonwater objects, such as swimmers, become still for more than a few seconds. When that happens, a red alarm light flashes at a poolside laptop workstation and lifeguards are alerted via waterproof pagers. Last November, a Poseidon system at the Jean Blanchet Aquatic Center in Ancenis, Loire-Atlantique, France, alerted lifeguards in time to rescue a swimmer on the verge of drowning. Pulled from the water unconscious, the swimmer walked away from a hospital the next day.
Similarly, when cell phones and other mobile gadgetry start coming embedded with Global Positioning System transponders, it will be possible to pinpoint the carrier and quickly come to his or her aid, if necessary. Such transponders are already built into many new cars (see "The Commuter Computer," TR June 2001). A click of a button or the triggering of an air bag sends a call to a service center, where agents can then direct emergency personnel to the vehicle, even if the occupants are unconscious. A public ubiquitous surveillance system could also enhance safety by noticing, for example, if a car hits you or if large, unauthorized crowds start congregating around an accident or altercation. As with the car rescue systems, a person's plight could be recognized and help dispatched almost instantly, sort of how air bags are now immediately deployed on impact.
And not many argue about surveillance's ability to deter crime. Recent British government reports cite closed-circuit TV as a major reason for declining crime rates. After these systems were put in place, the town of Berwick reported that burglaries fell by 69 percent; in Northampton overall crime decreased by 57 percent; and in Glasgow, Scotland, crime slumped by 68 percent. Public reaction in England has been mixed, but many embrace the technology. "I am prepared to exchange a small/negligible amount of privacy loss so I don't have to be caught up in yet another bomb blast/bomb scare," wrote one London computer programmer in an online discussion of the technology.
Do the developers of this controversial technology weigh the pros and cons of their creations? Robert Collins of Carnegie Mellon concedes that much of the work that might fall into the surveillance category conjures an Orwellian quease, but he joins a veritable chorus of colleagues who say it's not their station to be gatekeepers looking out for how the technology ultimately is used. "We who are working on this are not so interested in applying it to surveillance and Big Brother stuff," Collins says. "We're making computers that can interact with people better." Indeed, Collins notes that he and his colleagues are motivated by the notion of "pervasive computing," in which the techno-environment becomes aware of its human occupants so that computers and other gadgets can adjust to human needs. The way it is now, he says, humans have to accommodate the limitations of machines.
Jonathon Philips, manager of DARPA's Human ID at a Distance program, puts it another way: "We develop the technology. The policy and how you implement them is not my province."
So who is watching the gate? Well, the courts are slowly getting involved. A U.S. Supreme Court decision last June determined that in the absence of a search warrant, the government's use of a thermal imaging device to monitor heat coming off the walls of a suspected marijuana grower's private residence in Florence, OR, violated the Fourth Amendment prohibition against "unreasonable searches and seizures." The ruling could have far-reaching consequences for how new, more powerful surveillance technologies can be deployed. Overall, however, the responsibility of surveillance technology management and regulation is up for grabs in the United States, even as the technology proliferates. And so whether society goes Orwellian or not could well hinge on how responsibly the databases, biometric details and all the rest are managed and protected. After all, notes the ACLU's Steinhardt, it's a small step from a technological advance to a technology abuse.
Take the fact that the faces of a large portion of the driving population are becoming digitized by motor vehicles agencies and placed into databases, says Steinhardt. It isn't much of a stretch to extend the system to a Big Brother-like nationwide identification and tracking network. Or consider that the Electoral Commission of Uganda has retained Viisage Technology to implement a "turnkey face recognition system" capable of enrolling 10 million voter registrants within 60 days. By generating a database containing the faceprint of every one of the country's registered voters—and combining it with algorithms able to scour all 10 million images within six seconds to find a match—the commission hopes to reduce voter registration fraud. But once such a database is compiled, notes John Woodward, a former CIA operations officer who managed spies in several Asian countries and who's now an analyst with the Rand Corporation, it could be employed for tracking and apprehending known or suspected political foes. Woodward calls that "function creep."
Function creep is where things get really dicey for privacy advocates. Several grass-roots efforts now under way seek to rein in surveillance technology through more responsible privacy legislation. The Privacy Coalition, a nonpartisan collection of consumer, civil liberties, labor and family-based groups, is trying to get federal and state lawmakers to commit to its "Privacy Pledge," which contains, among other things, a vow to develop independent oversight of public surveillance technology and limit the collection of personal data. And several organizations, including the AFL-CIO, Communications Workers of America, 9to5, National Association of Working Women and the United Auto Workers, are supporting legislation to restrict electronic monitoring of employees. As Steinhardt declares, "We can't leave this to systems designers or the marketplace."
In spite of these broad efforts, a number of factors, not the least of which is disagreement in Washington about what form such legislation should take, are making it difficult to put words into action. Last year Congress debated the Notice of Electronic Monitoring Act, which would have required companies to notify employees if they were being watched. Although that legislation died in committee, it will probably resurface again this year. As far as individual state laws are concerned, only Connecticut requires employers to tell employees if they are being monitored.
Which leads to the question of what exactly constitutes "private" activity. As former spymaster Woodward observes, a total-surveillance society will not actually expose individuals that much more than ordinary public circulation does now. "Once you leave your house and enter public spaces," he says, "just about everyone you can see can see you right back." In other words, you do not walk around most of the day with an expectation of privacy. Your face is not private, so if a camera sees you, it's no big deal. What's more, asks Woodward, even if rich and powerful entities, such as the government or megacorporations, had sole access to a system capable of watching everyone all of the time, why would they bother? "The bottom line is that most of us are very boring. We flatter ourselves to think that someone is building a multibillion-dollar system to watch us," he says.
Even if public opinion does manage to slow down the deployment of surveillance infrastructure, no one involved in the debate thinks it will stop some form of Big Brother from arriving eventually. In his 1998 book The Transparent Society, which is well known in the privacy advocacy community, science fiction author and technology watcher David Brin argues that society inevitably will have to choose between two versions of ubiquitous surveillance: in one, only the rich and powerful use and control the system to their own advantage; in the second, more democratic future, the watchers can also be watched. Brin concedes that the latter version would mean everybody's laundry hung out in public view, but the transparency would at least be mutual. Rent a porn video and your wife knows it; but if she drives to your best buddy's house four times a week while you're at the office, you'll know that also.
Whether or not the coming era of total surveillance fits neatly into one of Brin's scenarios will be determined by a complex equation encompassing technological development and the decisions that local, state and federal governments choose to make. The question largely boils down to this: is privacy a right or a privilege? Most Americans assume it is a right, as in our "right to privacy." But the truth of the matter is that privacy isn't guaranteed by the Constitution. It is implied, certainly, but not assured. This subtle difference is being tested right now, within our own neighborhoods and workplaces. -------------------
Technology That Watches Us
Company Location Technology ---------------------------------------------------------------------------
Digital Angel South Saint Paul, MN Identity verification and remote-monitoring system for children, pets and seniors. Wristband sensor monitors pulse, body temperature and blood oxygen levels, as well as wearer's location.
----------------------------------------------------------------------------
Visage Technology Littleton, MA Surveillance camera and face recognition system that identifies and extracts key facial features and compares them to those stored in a database.
----------------------------------------------------------------------------
Sarnoff Princeton, NJ Camera and software technology that identifies people through the striation, speckles and patterns of color in their irises
----------------------------------------------------------------------------
Poseidon Technologies Boulogne, France Swimming-pool monitoring technology that distinguishes nonwater entities such as people or pets and sends an alert when they become still for too long.
----------------------------------------------------------------------------
Visionics Jersey City, NJ FaceIt software extracts facial images from live video feeds for storage in databases or smart cards, or for comparison with existing faceprint files.
----------------------------------------------------------------------------
Iridian Technologies Moorestown, NJ Iris recognition technology that includes Authenticam, a desktop camera that reads the patterns in the iris from up to 48 centimeters away to authorize network access.
----------------------------------------------------------------------------
Advanced Biometrics Puyallup, WA LiveGrip, technology that uses infrared photographs of hands as identifiers.
----------------------------------------------------------------------------
Advanced Precision Technology Livermore, CA HoloPass, holographic-image processing technology for fingerprint identification.
----------------------------------------------------------------------------
Ivan Amato is a freelance writer in Silver Spring, MD, and the author of Stuff: The Materials the World Is Made Of, a chronicle of cutting-edge research in materials science.
Picture added by Gnostic Liberation Front
Reproduced From:
http://www.dailyrotten.com/articles/archive/189387.html
The FBI is asking for access to a massive database that contains the private communications and passwords of the victims of the Badtrans Internet worm. Badtrans spreads through security flaws in Microsoft mail software and transmits everything the victim types. Since November 24, Badtrans has violated the privacy of millions of Internet users, and now the FBI wants to take part in the spying.
December 17, 2001 FBI wants access to worm's pilfered data
A ROTTEN.COM EXCLUSIVE The FBI is asking for access to a massive database that contains the private communications and passwords of the victims of the Badtrans Internet worm. Badtrans spreads through security flaws in Microsoft mail software and transmits everything the victim types. Since November 24, Badtrans has violated the privacy of millions of Internet users, and now the FBI wants to take part in the spying.
Victims of Badtrans are infected when they receive an email containing the worm in an attachment and either run the program by clicking on it, or use an email reader like Microsoft Outlook which may automatically run it without user intervention. Once executed, the worm replicates by sending copies of itself to all other email addresses found on the host's machine, and installs a keystroke-logger capable of stealing passwords including those used for telnet, email, ftp, and the web. Also captured is anything else the user may be typing, including personal documents or private emails.
Coincidentally, just four days before the breakout of Badtrans it was revealed that the FBI was developing their own keystroke-logging virus, called Magic Lantern. Made to complement the Carnivore spy system, Magic Lantern would allow them to obtain target's passwords as they type them. This is a significant improvement over Carnivore, which can only see data after it has been transmitted over the Internet, at which point the passwords may have been encrypted.
After Badtrans pilfers keystrokes the data is sent back to one of twenty-two email addresses (this is according to the FBI-- leading anti-virus vendors have only reported seventeen email addresses). Among these are free email addresses at Excite, Yahoo, and IJustGotFired.com. IJustGotFired is a free service of MonkeyBrains, a San Francisco based independent Internet Service Provider.
In particular, suck_my_prick@ijustgotfired.com began receiving emails at 3:23 PM on November 24. Triggering software automatically disabled the account after it exceeded quotas, and began saving messages as they arrived. The following day, MonkeyBrains' mail server was sluggish. Upon examination of the mail server's logs, it quickly became apparent that 100 emails per minute to the "suck_my_prick" alias were the source of the problem. The mails delivered the logged keystrokes from over 100,000 compromised computers in the first day alone.
Last week the FBI contacted the owner of MonkeyBrains, Rudy Rucker, Jr., and requested a cloned copy of the password database and keylogged data. The database includes only information stolen from the victims of the virus, not information about the perpetrator. The FBI wants indiscriminant access to the illegally extracted passwords and keystrokes of over two million people without so much as a warrant. Even with a warrant they would have to specify exactly what information they are after, on whom, and what they expect to find. Instead, they want it all and for no justifiable reason.
One of the most basic tenets of an authoritarian state is one that claims rights for itself that it denies its citizens. Surveillance is perhaps one of the most glaring examples of this in our society. Accordingly, rather than hand over the entire database to the FBI, MonkeyBrains has decided to open the database to the public. Now everyone (including the FBI) will be able query which accounts have been compromised and search for their hostnames. Password and keylogged data will not be made available, for obvious legal reasons.
The implications of complying with the FBI's request, absent any legal authority, are staggering. This is information that no one, not even the FBI, could legally gather themselves. The fact that they seek to take advantage of this worm and benefit from its illicit spoils, demonstrates the FBI's complete and utter contempt for constitutionally mandated due process and protection from unreasonable search and seizure. It defies reason that the FBI expects the American people to trust them to only look at certain permissible nuggets of data and ignore the rest of what they collect. One need only imagine what J. Edgar Hoover would do with today's expansive surveillance system, coupled with the new powers granted by the Patriot Act, to appreciate the Orwellian nightmare that the United States is becoming. The last thing the FBI should have is a spying Internet worm, and it looks like they've found one. Welcome to the Magic Lantern.
-------------------------------------------------------
The database is available at http://badtrans.monkeybrains.net
[Editor's note: Rudy Rucker, Jr. contributed to this story, he was also visited by the Secret Service last summer regarding his fan site of President Bush's daughters at TheFirstTwins.com.]
http://www.sfbg.com/News/36/12/fbi.html
Directing traffic: A look at the FBI's computer surveillance scheme
By A.C. Thompson
FROM A CLUTTERED warehouse on Third Street in San Francisco, Rudy Rucker Jr. runs Monkeybrains.net, a tiny dial-up Internet service provider and Web-hosting service – and on Nov. 25 his servers were moving at a seriously sluggish pace. "My first thought was, 'This sucks, my mail's not going fast enough,' " Rucker Jr. tells me.
Some quick detective work revealed that a worm called Badtrans was transmitting data stolen from more than 100,000 computers to an address at IJustGotFired.com, a Web site Rucker Jr. hosts. The Badtrans traffic – 100 e-mails a minute – was the source of the slowdown. He promptly disabled the account.
Hacker attacks are old news. What's fascinating about Rucker Jr.'s run-in with Badtrans is that it offers a glimpse at the kind of personal information the Federal Bureau of Investigation has publicly acknowledged it intends to collect. And it has thrust Rucker Jr., the son of acclaimed sci-fi author Rudy Rucker, into a cyber-standoff with the FBI.
Badtrans seems to be similar to an FBI project dubbed Magic Lantern, a new "spy virus" first revealed in news reports by MSNBC on Nov. 20 (see "Wartime Profiteers of the Digital Age," page 22). Magic Lantern, reportedly, can record every keystroke a suspect makes and then transmit the information – e-mail messages, passwords, what Web sites the suspect has visited, etc. – back to the bureau.
The Badtrans worm is "almost exactly like Magic Lantern," security consultant and software designer Jesse Burns says. Like Magic Lantern, Badtrans logs keystrokes and funnels the data back to the worm's creator. In this case the info was routed to 22 e-mail addresses, mostly free Yahoo! and Excite accounts. Experts at tech security firm Symantec labeled Badtrans a worst-case hacker attack – a level-four threat – and quickly posted an antidote to the virus.
The massive flow of Badtrans bytes to Rucker Jr.'s servers caught the eye of the FBI's computer crimes unit, and on Dec. 3 an agent gave him a ring. "I helped them with some information," Rucker Jr. says. "I gave them information I thought might be pertinent to catching the people who were victimizing my server."
But the bureau wanted something else. "They asked me if I could store the data [harvested by the worm] for them and burn it on a CD-ROM," he says. Rucker Jr. balked. "The data I have is juicy. It's good for Big Brother surveillance, but it's not going to help them solve their case." So he stalled, telling the agents to mail a written request for the material.
Rucker Jr. shows me e-mail correspondence with David Freyman of the FBI's National Infrastructure Protection Center in Newark, N.J., that seems to back up his story. "Thanks for the update on the saving [of] the information," a Dec. 12 message from Freyman reads. Contacted by the Bay Guardian, Freyman declined to comment on the probe.
Rucker Jr. says he won't give up the info, now up to 303,000 messages, or two gigabytes, without a court order. "If a judge tells me to release it, I'll hand it over. I'm not going to jail over this."
Seth Schoen is a staff technologist at the Electronic Frontier Foundation, a digital civil liberties group that often butts heads with the federal government. Schoen figures the FBI may have valid reasons for requesting the data Rucker Jr. is holding. "Presumably it will help their investigation – if they want to know who is being victimized and what kind of information is being collected," Schoen says.
However, Schoen is skeptical of the FBI's Magic Lantern scheme. He says the bureau may find it difficult to target specific – suspect – computers. "It's very tricky to collect information on one individual," Schoen tells me.
On a computer monitor in his bedroom-office, Rucker Jr. gives me a look at some of the stuff gathered by Badtrans – and, at least theoretically, by Magic Lantern. I check out some e-mail missives, searching on the word "anarchy." Sixty-six messages pop up. One is by a high school student who started an "anarchy club." Another is by a guy who thinks anarchy is a variant of satanism.
Next I scroll through a few hundred Web site urls. I can see who's been surfing for porn (blowyourload.com, yourpenis.com, iloveporno.com), who's been applying for loans (freddiemac.com, equityloansnow.com), who's been looking for jobs (fairfieldcountyjobs.com, museumjobs.com).
I can see why the feds would be enamored with this kind of technology: in terms of surveillance, this program makes phone-tapping look like a laughable anachronism. It also gives me the very creepy feeling of reading someone's diary. Scratch that – it's more like having access to the diaries of thousands of people.
"My instinct says not to give this information to the FBI," Rucker Jr. muses. "Thinking that Big Brother is right all the time is bad for our country, it's bad for people's rights, it's bad for people who want to live in little hellholes like this running their own computer companies."
E-mail A.C. Thompson at ac_thompson@sfbg.com
Sounds like the 1989/1990 raids verbatim; could the Reclaim Guide and similar documents become the new E911?
aadm mount seraphseven: design. comics. zen.
An Interview with Sherman of RTF
LAAnarchists.org by mark January 27 2002, Sun, 5:14pm
http://sf.indymedia.org/news/2002/01/114583.php
An interview with Sherman, formerly of RaiseTheFist.com and LAAnarchists.org, whose home was raided by the LA Joint Terrorism Task Force on Jan. 24; the websites were shutdown and his computers confiscated. Sherman denies involvement with any illegal activity, saying of the Feds, "They're afraid. And they're going to try and silence us any way they can. ... My best advice is to not give in to their fear-tactics. Keep fighting,
[Ed. note: This e-mail interview is reproduced uncut and unabridged. Only spelling, punctuation, and basic grammar have been corrected.]
Hello, feel free to publish my responses to your questions anywhere.
:: Was there any warning that investigation of your website was heating up?
Yes. I have been monitoring government agencies connecting to the site for a long time. I'd been noticing more frequency with them coming back to the site. They had also started intercepting all packets on my DSL line, and seized one of my older AIM screen names for 12 days, so I knew something was going to happen - soon. It was really obvious. I even saw them outside my house at times. They have been monitoring the site very, very extensively LONG before the "incriminating content" which they were "concerned" about was posted onto the site. They simply used this content as an excuse to obtain a warrant for the raid.
:: As a victim of one of the first post-Patriot Act anti-"terrorism" raids, why do you think the Feds chose you?
Simply because Raisethefist was effective in what I was doing. It's the same reason why Feds raid other activist organizations. They're effective. And effectiveness within our movement scares them. They're afraid. And they're going to try and silence us any way they can.
:: Do you have a copy of the warrant that was served? What did it say they were looking for?
I cannot post any contents of the warrant online. Yes I have a copy of it. The warrant contains a lot of bogus information and misinterpretations. The warrant has information on me since I was 14 (I'm 18 now, almost 19).
:: Any idea how many agents/officers participated in the raid?
Yep, there was about 25-30 of them. They surrounded my house with guns. Blocked off the garage door with a big bench, had a door bammer, had cars all up and down the streets, then 2 agents knocked at my door, pulled me outside, and the FBI came in and raided. My sister and her friends were home at the time, and she refused to answer the door. I was currently taking a nap and she woke me up to tell me that there were police and undercover/FBI people all up and down the streets looking at the house. That's when I got up and approached the door.
:: Can you remember any exact quotes that the agents told you - what precisely did they say about 9-11, your web site, what they were looking for, etc.
They told me the main reason for the raid was because of the content on the site, and they wanted to see who was looking at it. This was not the main reason. It was an excuse. The alledged content which they claim they were so concerned about is from the Reclaim Guide. It's posted on thousands of other web sites around the internet. Why didn't they raid those? Why did they only come after Raisethefist.com? Again, they've been watching the site for a long time, long before the Reclaim Guide was even posted onto the site. They used this as an excuse to get a warrant for the raid and seize all computer equipment. I can't discuss the specifics over the internet, but I know for sure that they didn't raid simply because they wanted to see who was looking at the content on the site.
[Ed. note: The Reclaim Guide does not appear to be readily available elsewhere, in its entirety, although the topics covered are.]
One of the first things one of the head agents conducting the raid asked me was, "why did you grow your hair out?" The picture they have of me is a bit older when I had short hair. They were acting as if I was trying to "hide my appearance" from them. They then sat me down, started asking me questions, etc. All this while the FBI was in my house with guns drawn, and seizing all computer equipment.
The FBI, Secret Service, LAPD and LASD (Sheriffs Dept.) participated in the raid. The Secret Service person kept asking me if I'd like to see Bush killed. They were asking me a lot of loaded questions.
:: What exactly did the agents take? How many computers and how much was it all worth? What were some titles of the books, literature, and other items they confiscated?
I have about 12 computers. About 8 of them were running on the network. They took all of the computers in my house which had a hard drive in them. Which was basically all of them, except for the few broken ones which I was working on fixing. So yeah, they basically took everything. They ransacked my entire room. I don't have any more computers. They took all the hubs, DSL modem, etc., etc. I had thousands of dollars worth of equipment which was seized until further notice. They told me I probably won't be getting it back for a while (I doubt I ever will be) because they have to go through all of the files on all of the hard drives, which is a lot of data.
They also confiscated all of my political liturature. Everything from independent political newspapers to protest flyers, etc., etc.
:: Why do you think the FBI raided RaiseTheFist.com? Do you think they were out to shutdown something unique to your site, such as the photos of undercover cops?
They raided it simply because it was effective. It had a lot of potential, and was really moving, not just as a web site, but essentially as an anarchist/activist collective - kids were starting to set up clubs in their schools called "Raisethefist" - we were also beginning to put together an anarchist collective for Los Angeles, amongst other things. I believe one of the main things that got them scared about the site, is that we called for an actual change. Raisethefist was a bit more radical than other web sites, and seeing how it was getting so popular, they wanted to shut it down.
:: Based on what the agents told you, and your suspicions, do you have any idea if other participants or contributors to the website, or other websites, are also under investigation?
Yes. Those whose web sites I was hosting on the server will most likely be under investigation. How soon, or how much, I don't know. It could be going on right now. But i can't confirm. As far as I know, they are pretty overwhelmed with all the paperwork and other stuff they have to do with me, so who knows. I just advise those to be careful. Nothing illegal was being done, but the FBI likes to interpret things with a lot of prejudice against anarchists/activists, especially now after 9-11.
:: Did RaiseTheFist.com have any external backup? Do you expect to get your computers back any time soon? Do you have any plans to resume web operations?
I had the site backed up on a CD-ROM, which they took. Right now, we're just trying to find bits and pieces of the site in peoples cache so we can get it back up as soon as possible. There are people working on getting the site back up on another host. Getting the site back up is the first step, then trying to resume with it is the second step. It's going to take some time to get everything back together. I put alot of time into programming all of the things into the site. I don't think I'm going to get my computer equipment back. If I do, it won't be for a long time. They already told me that I probably won't be seeing any of it any time soon. They also told me that i was in some "serious trouble," etc., etc.
:: A webposting states that you are "a kid" who lives with his parents. Any comment as to whether you are under or over 18, and who you live with?
I'm 18 years old, almost 19. I currently live with my mom. The computers were also used for my job. I've been supporting myself through them doing independent programming. So not only is Raisethefist.com gone, but I'm out of a job for the time being.
By the way, there are a lot of stupid-ass rumors going on out there. I think I heard one about someone saying I was making "weapons of mass destruction" or something. Just shows the ignorance amongst a lot of people out there.
:: Do you think the Bush Administration is just trying to see what it can get away with? What would you predict will be the outcome of this episode?
They're going to try and get away with anything, and everything.
:: What does the future hold?
Nothing but a barcode.
What can we do to protect ourselves?
This was one of the main concerns Raisethefist.com addressed. My best advice is to not give in to their fear-tactics. Keep fighting, and fight hard. Don't stop.
:: With a newly-empowered FBI, is the web perhaps too open a medium for revolutionary expression? Are there alternatives whether through new technology or the lack thereof?
There is less security on the internet, as there really has never been any. But I'd suggest not to be discouraged by it. Keep utilizing the internet as an information resource.
Homeland Security, Homeland Profits
http://www.corpwatch.org/issues/PID.jsp?articleid=1108
December 21, 2001 By Wayne Madsen Special to CorpWatch
WASHINGTON, DC -- Recent moves to beef up intelligence gathering in the wake of the September 11th terrorist attacks have civil libertarians concerned that law enforcement agencies will entangle many law abiding citizens and social justice groups in their surveillance missions. Intelligence networks are setting their sights on the Internet, which up to now has had no clear privacy guidelines. Under the provisions of the inaptly named anti-terrorism act, "USA-PATRIOT," the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Central Intelligence Agency (CIA), and a number of other smaller law enforcement agencies are looking for ways to monitor the Internet and mine useful intelligence from it. And new technology makes it easier than ever to spy on the Internet.
Although law enforcement and intelligence agencies claim they are merely looking for information to counter future acts of terrorism, the definition of "terrorism" is being expanded to cover non-violent groups that have traditionally used the Internet to marshal resistance to corporate-inspired globalization. Politicians are already painting dissent as "unpatriotic" and therefore somehow linked to terrorism.
Meanwhile, a phalanx of software companies, consultants, and defense contractors stand to reap billions of dollars over the next few years by selling surveillance and information-gathering systems to government agencies and the private sector.
Technology Already in the Hands of Law Enforcement
Law enforcement agencies like the FBI already have at their disposal a massive information sharing network through which federal, state, local, and foreign police forces can exchange information on groups felt to pose a threat. The system, RISSNET, or Regional Information Sharing System Network, which existed before the September 11th attacks, recently got a boost when Congress authorized additional money for it in the USA PATRIOT Act.
RISSNET is a secure intranet that connects 5,700 law enforcement agencies in all 50 states, as well as agencies in Ontario and Quebec, the District of Columbia, Guam, the U.S. Virgin Islands, Puerto Rico, and Australia. According to sources close to the Washington Metropolitan Police, data on targeted local groups such as the Alliance for Global Justice, the anti-World Bank/International Monetary Fund activist organization, has been shared with other jurisdictions through RISSNET.
RISSNET has also been used to coordinate the monitoring of the activities of anti-globalization protestors in Seattle, Quebec City, Philadelphia, Los Angeles, Washington DC and Genoa. For example, when the FBI seized network server logs from Independent Media Center (IMC) in Seattle during the April 2001 anti-free trade protests in Quebec City, RISSNET was used to coordinate activities across jurisdictional boundaries. The IMC, founded during the 1999 WTO protests, allows activists and independent journalists to post directly to its site.
State and metropolitan police intelligence units also monitor the web sites of activist organizations in their jurisdictions. All RISS intelligence is archived by an Orwellian-sounding entity called MAGLOCLEN or "Middle Atlantic-Great Lakes Organized Crime Law Enforcement Network." There are other regional RISS intelligence centers around the country with equally mysterious acronyms. MAGLOCLEN, a nerve center headquartered in Newtown, Pennsylvania, distributes political intelligence to all police departments hooked up to RISSNET.
MAGLOCLEN allows police investigators to link various activist groups and members through the Link Association Analysis sub-system, a relational data base that identifies the "friends and families" of groups and individuals. The Telephone Record Analysis sub-system can call up records of phone calls of targeted groups and individuals. A suspect group's banking and other commercial data can be monitored by the Financial Analysis sub-system. And through a system that would have been the envy of J. Edgar Hoover, police and federal agents can also call up profiles that provide specific information on the composition of organizations, including their membership lists. The Justice Department has instituted a project called RISSNET II, which directly links the individual databases contained within the various RISS centers.
The FBI also runs its own intranet called Law Enforcement On-line or "LEO," which allows it to communicate intelligence with select other law enforcement agencies. In the aftermath of September 11th , the FBI is under pressure to open up LEO to more police agencies so they can have access to more real-time intelligence. If Attorney General John Ashcroft lifts restrictions placed on the FBI's collection of political intelligence, undoubtedly information on the First Amendment activities of American citizens will wind up in the Bureau's computer databases.
"There has been no indication that the FBI needs expanded spying powers," says Center for Constitutional Rights attorney Michael Ratner. "We should learn from history; spying on dissent is not only unlawful but it is abusive."
This kind of surveillance is not new. In the 1960s and 70s, the FBI's Counter Intelligence Program, known as COINTELPRO, was used to gather personal details on the lives and habits of a wide array of activists ranging from public figures like Dr. Martin Luther King, Jr., actress Jane Fonda and noted pediatrician Benjamin Spock, to members of local anti-war and civil rights groups. This information was often used to disrupt lawful organizing and protest activities.
A modern-day FBI list might include any group deemed "terrorist" by any law enforcement agencies, the military, or criminal prosecutors. That could subject organizations as varied -- and unconnected to terrorism -- as Earth First, Greenpeace, the American Indian Movement, the Zapatista National Liberation Front, ACT UP, and their supporters to a wide array of high-tech surveillance and eavesdropping tools.
Chief among spy agency tools is an e-mail sniffing program known as Carnivore. Changes brought about by USA-PATRIOT allow federal law enforcement officials to petition a secretive federal court called the Foreign Intelligence Surveillance Court for warrants to tap phones, read e-mail, or break and enter into homes or offices to conduct searches and plant bugging devices. These spy activities can be carried out without proof that an organization has links to terrorists or foreign intelligence agencies.
To read e-mail the FBI can order an Internet Service Provider to place a special monitoring computer called Carnivore (now renamed Data Collection System 1000) on its network servers. The FBI can then select the e-mail of surveillance targets for capture and storage. Not content with this device, the FBI now seeks to expand its surveillance capability to the entire Internet.
Making a Buck off of Government Spying
Companies that are positioning themselves to help the government surveill the web came out in force at a recent Homeland Security Conference in Washington. They included Oracle, Microsoft, Information Builders, Choice Point, Man Tech, AMS, and Booz Allen & Hamilton. Government speakers from civilian and military agencies all stressed that they urgently need the technology to store surveillance-derived intelligence and exchange it with other agencies. If these corporations step up to the plate on developing new surveillance, monitoring, and biometric ID systems, they stand to make billions.
Companies like Top Layer Networks, Inc. of Westboro, Massachusetts, are developing ways for the FBI to install surveillance systems at a few key Internet hubs which would allow federal agents to remotely flip a switch and pound a few keys to begin monitoring the e-mail or web-based mail of any targeted group or individual. According to chief Top Layer engineer Ken Georgiades, the firm is working with a number of partners to develop new standards for the legal interception of communications at the Internet Service Provider level and at higher gigabit speeds.
The higher gigabit intercept equipment would be placed at major Internet backbone hubs in strategic locations like Washington, DC, the San Francisco Bay Area, Chicago, Dallas, and Los Angeles. Georgiades said that the 1994 Communications Assistance to Law Enforcement Act (CALEA) does not currently extend to the Internet and only applies to telecommunications companies. However, the fact that Top Layer and its unspecified partners are ramping up to deliver CALEA-like wiretapping services for the Internet indicates the FBI sees the power of CALEA growing beyond phone lines to the web. And Georgiades pointed out that foreign governments are under no such constraints and can use Internet snooping equipment under existing current wiretapping laws.
David Banisar, Research Fellow at Harvard's Information Infrastructure Project, said such systems "set a dangerous precedent to allow law enforcement and intelligence agencies to run the communications system." He added, "these agencies take an over-inclusive view of who they think are the enemies and its likely that civil and human rights groups will, again, be monitored for no legitimate reason."
The large defense and intelligence consulting and engineering firm Booz, Allen & Hamilton has not only developed the FBI's Carnivore capability but it has assisted the bureau in ensuring that all telecommunications companies engineer their systems to ensure they are "wiretap friendly." The companies are required by the Communications Assistance to Law Enforcement Act to ensure the FBI has access to all forms of telecommunications, including cellular calls.
What if a target decides to use encryption to protect their e-mail from interception? That is not a problem for the FBI. Booz Allen & Hamilton has helped develop a system code-named Magic Lantern, which permits a virus containing a key logging program to be secretly transmitted to a recipient. After installing itself on the target's computer, any time the target types in a password to decrypt a message, that same password is immediately picked up by Magic Lantern and transmitted to the FBI. Essentially, the FBI has a virtual master key to break any encryption program used by a surveillance target.
A companion program to Magic Lantern, code named Cyber Knight, is a relational database system that compares and matches information from e-mail, Internet relay chats, instant messages, and Internet voice communications.
Not to be outdone by the FBI, the CIA has also been extremely active in developing software than can dig deep within the Internet to harvest information. The CIA has relied heavily on its wholly-owned and operated proprietary Silicon Valley company, IN-Q-TEL, to fund research and development for Internet snooping software. IN-Q-TEL's President and Chief Executive Officer Gilman Louie is to keynote a January 2002 Las Vegas seminar on the use of emerging intelligence technology to search and analyze the web. He is to be joined by Joan Dempsey, the Deputy Director of the CIA for Intelligence Community Management. IN-Q-TEL's web page describes the aggressive attitude the CIA is taking toward ensuring new technologies come complete with the spy agency's seal of approval, "IN-Q-TEL strives to extend the Agency's access to new IT companies, solutions, and approaches to address their priority problems."
Assisting the government in its goals to gather massive amounts of personal information on citizens and non-citizens, is a company that owes its very existence to the CIA. Oracle, Inc. Chairman Larry Ellison has offered to provide to the government free of charge the database software required to establish an interactive national ID card system. Oracle got its start when the CIA gave Ellison a contract in the 1970s to design a system to enable the agency to store and retrieve massive amounts if information in databases. Not coincidentally, the code name of that CIA project was "Oracle."
The rush by the government to monitor the Internet has the backing of a group of federal contract research facilities that have pounded out report after report warning about the threat of cyberspace to national security. These "think tanks" include Rand Corporation and Analytical Services Corporation (ANSER). They are assisted in this policy laundering effort by the Center for Strategic and International Studies, the K Street rest home for former Pentagon, intelligence, and State Department political appointees.
But all the technology in the world will not protect citizens from terrorist attacks, unless the government knows how to use the information effectively. As the government and a few selected companies and think tanks push for new surveillance laws and more monitoring of the Internet and telecommunications in general, the words of Mary Schiavo, the Transportation Department's former Inspector General and outspoken critic of lax airline security, are particularly poignant. Speaking in Washington on December 18, Schiavo pointed out that the "United States already had laws to prevent what happened on September 11th . . . they weren't being enforced."
Wayne Madsen is a Washington-based journalist who covers intelligence, national security, and foreign affairs. He is also a Senior Fellow of the Electronic Privacy Information Center (EPIC) in Washington, DC and author of "Genocide and Covert Operations in Africa 1993-1999" (Mellen Press).
CorpWatch PO Box 29344 San Francisco, CA 94129 USA Tel: 415-561-6568 Fax: 415-561-6493 URL: http://www.corpwatch.org Email: corpwatch@corpwatch.org
International Herald Tribune
Paris, Monday, January 15, 2001
Bowing to Pressure in France Sets a Dangerous Precedent
Lee Dembart
International Herald Tribune
THE recent decision by Yahoo to cave in to the French courts and ban the sale of Nazi memorabilia from its auction sites should send a shiver down the spine of every Internet user around the world.
Yahoo spent months fighting French law. But faced with the threat of stiff fines in France, it ultimately gave up, and as of Wednesday, it banned the sale of Nazi-related merchandise and paraphernalia. As a result, Internet users -- you and me -- are entering a regime in which the most restrictive rules anywhere can be enforced everywhere.
Let me be clear: Nazi memorabilia, including flags, uniforms and swastikas, are repugnant, and people interested in buying such things should be sent for psychiatric examination. But if you believe in freedom, particularly freedom of expression, you frequently wind up defending people you'd rather not have dinner with. People who say popular things never have trouble.
No one ever tries to shut them up. It is the people who say unpopular and even offensive things who need protection -- not for their sake, but for ours. Their freedom is your freedom and my freedom.
The French courts need to be reminded of the wisdom of Voltaire, who said, "I disagree with what you say, but I will defend to the death your right to say it." In ruling against Yahoo, the court held that selling -- or even displaying -- Nazi material "offended France's collective memory," which it no doubt does.
But offensiveness is never sufficient reason to restrict liberty. In the United States, many people believe that burning the American flag is offensive and should be illegal. Congress has twice passed laws to that effect. But so far, at least, the U.S. Supreme Court, by narrow margins, has struck down those laws.
Besides which, different societies have varying views of what's offensive.
- Will courts in Arab countries now seek to prevent the sale of Jewish memorabilia on the Internet? Those items presumably offend the Arabs' collective memory.
- Will a Chinese court now threaten heavy fines on Internet sites that contain information about Falun Gong, which is illegal in China?
- Will a Burmese court fine sites that contain complaints about human rights violations there?
- In general, will courts in totalitarian countries punish sites that promote or even discuss the Universal Declaration of Human Rights, which they may find offensive?
These are not isolated or absurd cases. Reporters Sans Frontieres (Reporters Without Borders) concluded recently that 45 countries restricted access to the Internet and that 20 of them did so on the grounds of protecting people from "subversive ideas" or defending "national security and unity." To read the report, see www.rsf.fr/uk/html/internet/ennemis.html.
If executives at Yahoo think that by banning Nazi material they have put the problem behind them, they should think again. Their decision is shortsighted. This is only the beginning of what is to come.
Of course, Yahoo insists that its decision to ban Nazi memorabilia has nothing to do with the French courts. It says it has taken this step on its own in response to customer complaints and after deciding that this is the kind of merchandise it doesn't want to sell.
Like Pinocchio, Yahoo's nose is growing by the minute. Next they'll pour water on our backs and tell us it's raining. The company notes proudly that it has filed suit in a federal court in the United States to block enforcement of the French court's order on the ground that French courts have no jurisdiction over a Web site owned by a U.S. company and housed in the United States, the great majority of whose viewers are American.
Yahoo says it will continue to pursue that action. Really? If it doesn't intend to sell the Nazi stuff anyway, why doesn't it drop the suit? Or, to put it another way, if it wins in the U.S. federal court, will it allow the auctions of Nazi-related material to resume? Before it gave up in France, Yahoo argued that there was no way for it to prevent French viewers from accessing its Web site.
To assess the technical argument, the French court asked three computer experts to study the situation and report back. The experts from Britain and the United States said that Yahoo was correct and there was no technological fix. The French expert disagreed, and the court sided with him.
The British member of the panel, Ben Laurie, described the proposed solution as "half-assed and trivially avoidable." His commentary on the matter, "An Expert's Apology," is available at www.apache-ssl.org/apology.html.
Besides the technical argument, Mr. Laurie wrote:
"What is supposed to be prevented is not the purchase of Nazi memorabilia, but the mere ability to even see them."What is being fought over is literally what people think. No one should be able to control what I know or what I think. Not the government. Not the Thought Police. Not my family. Not my friends."
Yahoo will live to regret its decision. So will the rest of us. The consequences are much more dangerous than the sale of Nazi junk to a bunch of nuts. By the way, anyone interested in buying these things could go to the eBay auction site, www.ebay.com , and search for the word "Nazi." There are hundreds of items for sale, at least as of Sunday, and although eBay restricts their sale in France, Germany, Austria and Italy, the eBay site is still accessible in those places.
Reproduced gratefully from David Irving's highly informative web-site:
Please visit this great web site with it's wonderful article "Brainwashing America"
