DRAGNET: Telecom & Web Service Provider Backdoor Access to Law Enforcement

Cnet published an alarming story today

http://news.cnet.com/8301-13578_3-10446503-38.html

Anyone with an e-mail account likely knows that police can peek inside it if they have a paper search warrant.
But cybercrime investigators are frustrated by the speed of traditional methods of faxing, mailing, or e-mailing companies these documents. They're pushing for the creation of a national Web interface linking police computers with those of Internet and e-mail providers so requests can be sent and received electronically.

We used to make fun of the East Germans and the KGB for snooping on phone calls.

What is going on now makes the KGB look like pikers.

But the most controversial element is probably the private Web interface, which raises novel security and privacy concerns, especially in the wake of a recent inspector general's report (PDF) from the Justice Department. The 289-page report detailed how the FBI obtained Americans' telephone records by citing nonexistent emergencies and simply asking for the data or writing phone numbers on a sticky note rather than following procedures required by law.

Some companies already have police-only Web interfaces. Sprint Nextel operates what it calls the L-Site, also known as the "legal compliance secure Web portal." The company even has offered a course that "will teach you how to create and track legal demands through L-site. Learn to navigate and securely download requested records." Cox Communications makes its price list for complying with police requests public; a 30-day wiretap is $3,500.

Oh brother.

In the interest of open source information disclosure and civil liberties, John Threat and I have been discussing this today, did a little web-sleuting, and found some interesting background. I'm certain he's going to have some editorial about Dragnet soon, too.

The main web interface appears to be located at https://l-site.sprint.com/

https://l-site.sprint.com/eSiteWeb - ip address is 144.230.164.22

Traceroute to the host ends at 65.166.248.10

which appears to be a network leased by the US Govt from Sprint

Sprint SPRINTLINK-2-BLKS (NET-65-160-0-0-1)
65.160.0.0 - 65.174.255.255
US COURTS - DCN - COLOCATION - FON-110146151297967 (NET-65-166-248-8-1)
65.166.248.8 - 65.166.248.15

Attempting to use traceroute to find the path this system is abruptly blocked by the host at 65.166.248.10 - who owns that network?

OrgName: US COURTS - DCN - COLOCATION -
OrgID: UCDC-1
Address: 13221 WOODLAND PARK RD.
City: HERNDON
StateProv: VA
PostalCode: 20171
Country: US

NetRange: 65.166.248.8 - 65.166.248.15
CIDR: 65.166.248.8/29
NetName: FON-110146151297967
NetHandle: NET-65-166-248-8-1
Parent: NET-65-160-0-0-1
NetType: Reassigned
Comment:
RegDate: 2002-03-29
Updated: 2002-03-29

I'm not implying that there is funny business going on here, but this begs a question and raises concerns... Why are US Courts (http://www.uscourts.gov) networks being used to either filter traffic to or host Sprints legal compliance site? Who has access to the systems and databases, and what controls are in place to prevent abuse? Where are the Sprint systems, who administrates them, and who has physical access to them and their backups? And what controls are in place for their main caller database?

As a white-hat hacker who has performed hundreds of penetration tests, I am very, very concerned for the security and privacy of all this personal data.

In December of last year, Wired published an article that demonstrated evidence that there should be concern:

http://www.wired.com/threatlevel/2009/12/gps-data contains a lot of background info.

The recent "Google Hack" also gives reason for pause:

http://www.computerworld.com/s/article/9144221/Google_attack_part_of_widespread_spying_effort

Drummond said that the hackers never got into Gmail accounts via the Google hack, but they did manage to get some "account information (such as the date the account was created) and subject line."

That's because they apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press. "Right before Christmas, it was, 'Holy s***, this malware is accessing the internal intercept [systems],'" he said.

The Nation further reports:

http://www.thenation.com/doc/20100215/sanchez

The Google hackers are scarcely the first to exploit such security holes. In the summer of 2004, unknown intruders managed to activate wiretapping software embedded in the systems of Greece's largest cellular carrier. For ten months, the hackers eavesdropped on the cellphone calls of more than 100 prominent citizens--including the prime minister, opposition members of parliament, and high cabinet officials.

The writer Julian Sanchez (blog at http://www.juliansanchez.com/) makes the case:

n a way, the hackers' strategy makes perfect sense. Communications networks are generally designed to restrict outside access to their users' private information. But the goal of government surveillance is to create a breach-by-design, a deliberate backdoor into otherwise carefully secured systems. The appeal to an intruder is obvious: Why waste time with retail hacking of many individual targets when you can break into the network itself and spy wholesale?

and goes on to describe the troubles DCSNET has had

Consider the FBI's Digital Collection System Network, or DCSNet. Via a set of dedicated, encrypted lines plugged directly into the nation's telecom hubs, DCSNet is designed to allow authorized law enforcement agents to initiate a wiretap or gather information with point-and-click simplicity. Yet a 2003 internal audit, released several years later under a freedom-of-information request, found a slew of problems in the system's setup that appalled security experts. Designed with external threats in mind, it had few safeguards against an attack assisted by a Robert Hanssen-style accomplice on the inside. We can hope those problems have been resolved by now. But if new vulnerabilities are routinely discovered in programs used by millions, there's little reason to hope that bespoke spying software can be rendered airtight.

Also, it brings to mind the INSLAW / PROMIS scandal.

We owe Christopher Soghoian a debt of gratitude for attending the ISS World conference and breaking this news in the first place last year. Chris deleted the files he posted at his blog at the request of the conference, but fortunately the EFF mirrored them. www.eff.org/files/soghoian-surveillance-dump.zip

This post of his http://paranoia.dubfire.net/2009/12/8-million-reasons-for-real-surveillance.html is definitely worth checking out.

The first evidence on the web for the Sprint system is from 2007 at the same conference: http://www.telestrategies.com/ISS_MAY07/ISSWorldMay07.pdf


*UPDATE*
And then there was this...

http://www.washingtonpost.com/wp-dyn/content/article/2010/02/03/AR2010020304057_pf.html

Google to enlist NSA to help it ward off cyberattacks

Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google -- and its users -- from future attack.

Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity, said the alliance is being designed to allow the two organizations to share critical information without violating Google's policies or laws that protect the privacy of Americans' online communications. The sources said the deal does not mean the NSA will be viewing users' searches or e-mail accounts or that Google will be sharing proprietary data.

Tinfoil hat scenario: The Google hack was a NSA false flag operation, as wikipedia describes, "covert operations which are designed to deceive the public in such a way that the operations appear as though they are being carried out by other entities." Then, they offer to "help" Google. Far fetched, maybe, but there is precedence: the Gulf of Tonkin incident, the pretext President Johnson used to initiate hostility with the North Vietnamese.

How to protect yourself:
- Instant Messenger communications using Off the Record- at the bottom of the page are chat programs and plugins that support it.

- Encrypt email using GPG

- Use TOR a free distributed proxy network. Torbutton is an easy to use plugin for Firefox.

- If you want it to be secret, don't store or transmit it electronically using phones, text messaging, email

- Pay as you go sim cards for cellphones, such as ATT GOPHONE and TRACFONE, purchased with cash and without revealing your SSN.

I have a few other things on my plate to take care of first, and haven't checked out the zipfile from eff.org yet, so more detail will come later...

Stephen Haller smells like jackboots

Via Privacy Digest:

COLUMBUS, Ohio (AP) -- The Ohio Supreme Court said Tuesday police officers must obtain a search warrant before scouring the contents of a suspect's cell phone, unless their safety is in danger.

The American Civil Liberties Union of Ohio described the ruling as a landmark case. The issue appears never to have reached another state high court or the U.S. Supreme Court.

(snip)

Stephen Haller, a Greene County prosecutor, said the court created a new section of law pertaining to cell phones. He said he will decide within two weeks whether to appeal the decision to the U.S. Supreme Court.

''The majority here has announced this broad, sweeping new Fourth Amendment rule that basically is at odds with decisions of other courts,'' Haller said.

Apparently they don't teach in prosecutor school that the bill of rights were designed to protect citizens from the state, and that, as prosecutor, he is the state.

In the absence of some law (which would be an unethical, anyway) that cell phones are not subject to the same rules requiring warrants as any other personal property would be, it's really Haller who is creating a new section of law pertaining to cellphones by arguing that police have a right to search anything at any time, unless there's a law specifically restricting them from doing so.

Haller's twisted interpretation means that your "rights" are subject to the whim of law or court ruling. And when a court occasionally gets it right and reminds prosecutors and other lawyers representing the "interests of the state," of this, they will usually appeal. That's because the interests of the state probably aren't the same as your interests.

Steven Haller, Greene County, OH prosecutor smells like jackboots. No doubt Haller will appeal - no way will he let those ACLU so-and-so attorneys get away with this. I expect him to appeal this to the US Supreme Court. He might even win, in which case many mobile devices will be searchable without a warrant all over the US.

Expect a bunch of tools in the iPhone jailbreak stores Rock and Cydia that write 0's over the flash disk partition under various circumstances. Then, Patriot Act III will have a little provision that bans the use of software that would prevent law enforcement from accessing your mobile device, such as by wiping it's memory. This is needed to protect us from "terrorists."

Who will protect us from the Haller's, though?

What do haters of "capitalism" really hate?

Dear hater of capitalism,

You're absolutely right to feel that there's something wrong. There is an oligarchy, and democracy doesn't seem to be working to make anyone's lives better. In face, it keeps getting worse.

What I'd like for you to consider is a slightly different perspective on that. Instead of assuming that big business causes the corruption in government, consider the opposite - that government is what causes corruption of big business by regulating it, which in turn causes businesses to spend a lot of money trying to influence state power as much as possible to benefit themselves.

Don't confuse "capitalist," which means free markets, with state managed trade like NAFTA. Free trade doesn't require any kind of special "agreement" or any laws or regulations. Why should the state have power to tell you whom with and how to conduct your business? Especially when those laws are not made in the "general welfare," because the true "general welfare" is not using force to limit the freedom of people to transact business with whomever they want, wherever they want.

Many people who oppose the xenophobic, unfree US immigration policy oppose "Free Trade" and then point to NAFTA. NAFTA is CALLED free trade but it isn't. That's the argument against it. It's state managed trade, and yes it's terrible and exploitative in the favor of the industries who got the law influenced to favor themselves at the expense of others or consumers and immigrants. It's the state that has militaristic armed border forces - not business. Business love to hire them - that's why they come! The argument against border enforcement is he argument against the state - a truly free market for labor and goods would solve all the issues that correctly bother you.

Capitalism and free trade are based purely on voluntary association, while "corporatism" is only enabled by the state. The corporation is a legal fiction of a status created by the state that limits liability of shareholders. All business monopolies are made possible entirely by the monopoly that government demands on the use of force. If you try to compete with state granted monopolies, the state will send it's police agents to assault the property and personhood of the would-be competitors. In a truly free market, there would be market entrants and competition, not monopoly backed by potentially lethal force and theft of property by the state on behalf of corporations that register with the state for the right to use it's power to assault their competitors. That's exactly what we have now.

Even in cases of monopolization of a resource by one business entity, there are always substitutes, and there would be incentive for an ingenious person to find a way to create more distribution for acceptable substitutes or invent a substitution if the demand is high enough for someone to decide it would be a higher valued use of their time to work on solving that problem vs. doing something else with their time. True capitalism is based on purely voluntary association and agreement. Compare that kind of peace - where fighting doesn't happen because it's not economical - compare that with the sheer brutality employed by the state, which locks people in cages for not complying with "laws" that criminalize activities that have no victim, and locks them in a cage for failing to pay their tithe that is used for funding wars and death and destruction, and ruining lives here and all over the world??It's not the private sector that prints money out of thin air, it's the Federal Reserve that does it.

More on the the state and war - private businesses don't wage war - they compete to provide value to customers and to attract skilled employees. It's only regulation - the power to create influence for sale - that introduces the corruption which you correctly observed. Private businesses don't wage war - it requires the mountains of counterfeit cash created by the Federal Reserve, the constantly inflated fiat paper money and fractional reserve banking of the state to finance it. The state pays for this by printing money and creating it out of thin air, based on inflated valuations of other worthless paper. The entire value of the entire economy is the same - but they just stole some of the value of your savings. Inflation is an invisible tax.

When you hear on the news that inflation is some percentage, think that the government have counterfeited inflation into the economy that has been over 2000% since 1913. If you support peace and individual liberty and oppose aggression, then please consider that the solution can not come from the state, the problem is the state. If you empower the state, you will get nothing but more war and more oppression.

If you love peace and civil liberties and individual freedom, please consider that "capitalism" is not what you hate.

Forrest M. Mimms posts on Realclimate!

Realclimate is the home of the Global Cooling? Deniers, some of the people involved with it are involved with the now-exposed CRU climategate scandal.

Mimms is the author of the awesome "Getting Started in Electronics" series of books

http://www.amazon.com/Getting-Started-Electronics-Forrest-Mims/dp/0945053282 that helped my childhood remain nerdy and girlfriendless until I turned 17.

Comment at http://www.realclimate.org/?comments_popup=1994#comment-145290

Real Climate,

Many of the Hadley CRU e-mails and the infamous HARRY-READ_ME.txt include deeply disturbing content. Almost as troubling is the under-reaction of Real Climate as this scandal expands. This scandal deserves an immediate and fully transparent response from the climate science community, not the “circling of the wagons” approach cited by some.

While I am not a professional climate science, I design atmospheric monitoring instruments and have used them to create a 20-year time series of calibrated measurements of the ozone layer, column water vapor, aerosol optical depth, direct UV-B and various other parameters from South Texas. I have worked under various assignments for NASA GSFC in the US and Brazil and have just completed a major book for NOAA. I was a co-PI for GLOBE for 6 years and have been a USDA UV-B network site manager for 6 years. My findings have been published in the refereed literature, and I have served as a reviewer for several leading scholarly journals. I have also reviewed an array of technical books for McGraw-Hill, Prentice-Hall and Academic Press.

I trust that this background will establish that I and others who practice traditional, objective climate science–and the public that has paid many of our expenses–are fully entitled to a prompt end to the blacklisting, withholding of data, destruction of e-mails, ad hominems, threats and other misconduct so blatantly displayed in many of the leaked Hadley CRU documents by scientists who somehow found time to communicate with one another between their many trips around the world. Real Climate was created by some of those whose troubling correspondence is now before the world. So Real Climate is where reform should begin.

QUESTIONS:

1. Late last night I received a poignant inquiry from a student requesting advice about being a “climate science grad student in the IPCC era.” Some climate scientists have written that they, too, are receiving similar questions from students who are troubled by the content of the leaked e-mails and certain other documents and who are even being asked to “tweak” their data to fit preconceived notions. What steps can be taken by societies, journals, universities and government agencies to protect scientific integrity and peer review, permit dissenting views, end blacklisting, provide transparent access to methods and data, and restore public trust in climate science? Will Real Climate sincerely advocate and openly promote these and other essential reforms?

2. Your recent posts are a welcome improvement from what can be found in even a cursory scan through Real Climate. You also seem to be allowing comments and questions from a much broader audience, and this is also very good news. My concern, however, is that the tone and ad hominem nature of some Real Climate comments before last week are disturbingly similar to that of some of the leaked e-mails. (This is not surprising in view of the tone of some e-mails from a Real Climate founder in the leaked CRU e-mails.) Will Real Climate hereafter follow the friendlier and more open approach that you have recently exhibited and end the disparagement of those whose positions Real Climate views as incorrect? Will Real Climate follow the lead of Judith Curry in responding to questions from the climate science community in general and grad students in particular? Will Real Climate sever its relationship with scientists who have damaged climate science by advocating the misconduct revealed in many of the Hadley CRU e-mails and documents?

Thank you for considering these questions. Based on a lengthy telephone conversation this morning, I am far from the only practicing climate observer who will be highly interested in your responses.

Forrest

Forrest M. Mims III
Editor, THE CITIZEN SCIENTIST (www.sas.org/tcs)
http://www.forrestmims.org
http://www.sunandsky.org
twitter.com/fmims

Why "Consensus" is Not Science

It's about a lot of areas of "science" - science is a branch of philosophy, specifically epistemology. What is knowledge? How do we acquire it? How do we know that we know what we think we know?

People use the word "consensus" as if it applies to science, but in the realm of epistemology, this is meaningless and misleading. Especially when the "group" that reaches "consensus" uses the power of the state to exclude people who are trying to test their hypothesis by deriding them as cranks, or uses words like "settled science," which is also a political, not scientific concept.

"Consensus" and "settled science" are not science, they are confirmation bias, inadequate sample size, and rejection of the very process that is science in the attempt to get the power of the state to turn in a way that uses force against others in ways that fits their "consensus" opinion. "Consensus" isn't science, it's a conglomeration of logical fallacies.

This kind of non-scientific thinking permeates "science." Here are a few areas that I think have not been adequately examined, and where there are "consensus" conspiracies that actively prevent research that is attempting to falsify their premise from being funded or published, and paint the proponents of, who are as well qualified as they are albeit often smaller in numbers a kooks, cranks, and insignificant outliers. (IE not part of the groupthink that is encouraged by the "consensus" control of government funding of science).

Anthropogenic global warming

Lipid hypothesis - about saturated fat and cholesterol and whether it's healthy or poison

Whether fossil fuels are biogenic or abiogenic and how they formed, and whether they are renewable resources or not

The HIV/AIDS hypothesis - it's never been isolated in the way that other retroviruses have, it's detection is by nonspecific markers

The role of grains and beans in degenerative diseases

All "policy" studies that compare two or several possible paths by government to determine the "best" one based on arbitrary criteria, yet never include secondary effects - ie: the "law" of unintended consequences, and never include possible outcomes from solutions that would occur in an unregulated free market.

All claims by advocacy groups that clinical trials, cohort studies, reviews, observational studies "prove" things.

Those are some of the worst examples of science-abuse I can think of.

UPDATE

Michael Crichton (RIP) wrote about this in 2003. Wonderful article!

http://www.michaelcrichton.net/speech-alienscauseglobalwarming.html