The Null Device
Posts matching tags 'surveillance'
To the surprise of exactly nobody, Australia’s Labor party agree to pass the mandatory encryption back-door bill, after the usual pantomime of token opposition.
The bill will allow the government to demand technical measures to allow access to encrypted content. The ALP stress that it will include safeguards, ensuring it is only used for matters of national security. It also has provisions preventing it from being used to mandate the introduction of “systematic weaknesses”, the definition of a “systematic weakness” being whatever the Attorney-General and Communications Minister agree it is or isn’t.
Labor’s spokespeople, resplendent in their progressive pragmatism, assure us that there’s no need to worry, that they have exacted strict safeguards as conditions of their support, requiring not one but two cabinet-level ministers to decide what isn’t a systematic weakness, and requiring that technical surveillance capabilities are mandated only for the most serious of cases (i.e., “OMG Paedoterrorists!”-level threats), with the non-terrorist/non-paedophile majority’s privacy assured as always. And perhaps the Australian political process, renowned worldwide as it is for its high calibre, has managed to, in secret committee, produce a perfectly square circle, a magical golden key that can only be wielded against evildoers and is impervious to abuse, misuse or negligence. (Or at least to the standards of the Australian law of “no worries, she’ll be right mate”; i.e., “I’m not a Muslim, a commo, femmo, pinko, greenie, bikie, trade unionist or any other kind of ratbag, or involved a cop’s ex-missus or anything, and neither are most people, therefore there are no possible problems worth thinking about”)
Of course, the much vaunted safeguards apply only to ordering companies to implement back doors; once the back door has been implemented, it’s there for any subsequent use: everybody’s WhatsApp messages, by law, have an escrowed key that ASIO’s computers can use to automatically decrypt and store them. If Australia’s metadata retention regime is anything to go by, the number of agencies with access to this will only grow. Within 12 months, copyright holders will use this to detect and prosecute someone sending an illegally downloaded TV show episode to a friend, or using a VPN to circumvent pirate site blocks; six months later, local councils will be trawling the plaintext of everyone’s iMessage conversations to find litterers and dog-poo violators. The government will, of course, have a much easier time of bringing the hammer down on troublesome journalists seeking to embarrass them, and anybody even considering talking to them. Meanwhile, somewhere in Queensland, a cop will have an easier time getting a hold of his estranged wife and the new man in her life. And a few years later, when mass surveillance of anything held on network-connected electronics is the new normal, some politician or public servant, impressed by the efficacy of China’s social-credit system or a PowerPoint presentation from Palantir, will suggest a system to aggregate everybody’s plaintext and analyse it to find as yet unidentified potential threats, by assigning everybody a “true-blue Aussie score” based on their chats, photos and file backups and making a list of those with suspiciously low ones. (Bonus card: the Russian mafiya quietly crack the ASIO key-escrow system and spend a few months feeding the plaintext of every Australian’s data into their databases, before embarking on a continent-scale automated extortion campaign.)
Meanwhile, the other four members of Five Eyes will be lining up to send their decryption requests through Canberra; sometimes, having a member of your club which is still, for all administrative purposes, a penal colony and military strongpoint of Empire, where there is by definition no right to privacy from Authority, can be useful.
The elephant in the room, of course, is Facebook and its business model, which has been described, aptly, as “surveillance capitalism”. Facebook does not charge for its services, and funds itself through a modest amount of ads. What it does, however, is build up elaborate profiles of its users, sucking up their every online interaction it can to extend them. Where likes, posts, messages and location data don't suffice, it supplements with data from data brokers, gathered from credit ratings, things such as loyalty card programmes, and public-domain data. This yields a vast amount of data, which, when processed with sufficient computing power, can reveal a lot about users: in their less circumspect moments, Facebook's data scientists have revealed that they can tell a lot of things on an individual from their data trail, from political leanings to sexual orientation, to how likely their current relationship is to end; what other things they can determine about an individual given that data is an open question. What is not disputed, though, is that Facebook's very business model depends on using this data to target advertising, and their acuity in doing so to make revenue. In short, everything Cambridge Analytica allegedly did with their haul of illicitly obtained data, Facebook can do, continuously and at far greater scale.
This has not escaped notice, and the backlash has hit Facebook, not helped by Mark Zuckerberg's protracted silence on the matter. The hashtag #DeleteFacebook is trending on Twitter, urging users to nuke their Facebook accounts, and giving instructions on how to actually force Facebook to delete their data permanently, rather than just flagging it as temporarily inactive; the latest to add their name to the chorus is one of the founders of WhatsApp, a messaging system now owned by Facebook. Of course, that is easier said than done.
In some ways, it is easy: the instructions are easy to follow, and involve clicking through a few screens, entering the text in a CAPTCHA and watching one's digital life and/or surveillance dossier go up in virtual flames. What comes after is the hard part. Facebook have worked hard to own the social graph, and to make it difficult to take your friends with you when you leave. (The timeline you see on Facebook is, famously, not a chronological firehose of all your Facebook friends' posts, but a selection of a small proportion of those, chosen by the same all-knowing algorithms that know which ads to show you. It is said—though is, of course, difficult to verify—that those algorithms specifically score posts giving or requesting means of contact outside of Facebook down.) Or course, downloading a list of one's friends' names and email addresses/phone numbers is a nonstarter from the outset, ostensibly for reasons of privacy, so one's only bet is to individually contact the friends one wants to keep, one by one, to exchange details, resigning oneself to losing contact with the rest.
Other than owning the social graph, Facebook have managed to become the hub of socialisation in the 2010s by reducing friction. It is a lot easier to create a Facebook event for, say, a birthday party or an excursion to see a film, than to individually invite people to add the event to their calendars, and conversely socialising without Facebook has been consigned to the realm of Victorian-era calling cards. It is possible to socialise deliberately, with a few close friends one has in one's address book, but this does not scale. Social software such as Facebook has genuinely reduced friction and saved time, allowing people to keep in minimal touch with people they are peripherally connected to, and also reducing the time required to keep in touch with other, less peripheral, friends; the hectic pace of modern life has filled the time thus freed up. Thus, most people have no more time for phoning/texting/emailing non-core friends, who all are on Fscebook anyway, than they do for composing a multi-paragraph blog post which nobody will probably read. The sad reality of the 21st-century human condition is that Mark Zuckerberg owns the space between us, and leaving Facebook (and Instagram and WhatsApp) is, in many ways, to retreat from modern society; a radical, deliberate act, equal parts Ted Kaczynski and Into The Wild.
Perhaps this will change; perhaps Facebook will end up going the way of former unassailable titans such as MySpace, and be replaced by something else. If that something else is run by another venture-capital-funded surveillance-marketing organisation, the situation will not improve. (Facebook itself, at the start, seemed like a much cleaner and less spammy/scammy operation than MySpace.) There are glimmers of hope in the decentralised sphere, where developers are creating open, decentralised alternatives to corporate-owned monolithic silos. One example is Mastodon, a Twitter-like microblogging system. One thing those services don't currently have, though, outside of mass adoption, is granular privacy settings: it is not possible yet to make non-public posts to one, or to filter posts by group. Once this is implemented, in a way that works robustly across instances, and presumably uses cryptography, there might be a system ready to step into the gap when Facebook stumbles that is not inherently predatory on a structural level.
For now, however, those who are not willing to brave the wilderness are more or less stuck with Facebook; however, it is possible to reduce your profile, by reducing the amount of personal data one posts to it, and removing it from one's mobile devices (or, if not possible, revoking the app's permissions to access things like location information). I would add to this list: not logging into Facebook from one's main web browser, keeping a separate browser with separate cookies for using it, ideally running in a separate virtual machine.
As the US counts down the days to the inauguration of President Trump, some voices in the technology industry are calling for the industry to start scrubbing user data, before the new government's surveillance apparatus lays claim to it.
Currently, the NSA can tap into a broad range of communications, but have no means to compel communications to be in a form they can monitor. This is likely to change; after all, they will need to be able to hunt down those involved in, or providing support to, terrorist groups like Black Lives Matter and Friends Of The Earth, not to mention the President's extensive list of enemies. As such, it is quite likely that, at some point during Trump's first year, end-to-end encrypted messaging systems will be required to provide real-time plaintext to the security services. (Things have already been moving slowly in this direction, and will only accelerate under a president who has expressed admiration for autocrats and a brutishly Hobbesian view of how power works.)
Similar laws are already in force in more established autocracies such as Russia and Turkey. The difference is that American companies, subject to American law, provide many of the communications systems used worldwide, such as Apple iMessage, WhatsApp and Signal. These are likely to be compelled to provide the US homeland-security authorities with the plaintext of all messages coming through them, in real time, and to make whatever changes are necessary to their architecture to achieve this.
With iMessage, this would be theoretically easy to do. iMessage messages are encrypted from end to end, so Apple have no means of reading them, but each message is encrypted several times with the public keys of each of the recipients' devices (i.e., if you're sending one to someone with an iPhone and an iPad, your iMessage client will encrypt it with the public keys of both of their devices). Once they are legally compelled to do so, Apple could just quietly add an extra key, whose private key is held by the NSA iMessage ingestion gateway. Given that the entire iMessage system is closed-source and completely under Apple's control, Apple could push this to all users, without worrying about rogue clients that feed the NSA junk.
WhatsApp, Facebook Messenger Google Allo and so on are also proprietary systems, and could be made compliant in a similar fashion. Granted, WhatsApp and Messenger use the open-source Signal protocol for end-to-end-encrypted messages, but this algorithm sits entirely embedded within the app; there is no guarantee that the app actually uses it, or that it doesn't send a carbon copy of the message to a machine in Utah, in compliance with the law. The fine print could be amended on the website to not actually promise that your message is secret from everyone, including the authorities.
The Signal app itself appears to be a somewhat tougher nut to crack in practice; it's open-source and publicly documented, to the point where any third party could download the source code, examine it minutely, and then, once satisfied, build their own client and use that to communicate securely. However, the creator, Open Whisper Systems is a US company, subject to US laws. Legally, Giuliani or Arpaio or whoever ends up in charge of Homeland Security could billet a team of NSA engineers at their office, with the authority to dictate changes to code and architecture, all covered by a blanket gag order. The question now is how they could go about this:
- By making changes to the publicly visible source code; this would mean that any downloaded self-built versions would be surveillance-compliant. Of course, doing this in a way that is not detectable by code inspection would be the tricky part; perhaps the NSA have a toolkit of obfuscated tricks, exploiting secrets (presumably) only the NSA know about the inner architecture of commercially-available CPUs. Or perhaps the change could be slipped in within a complete rewrite, ostensibly in the name of “technical debt elimination”, making it harder to compare against the old code.
- By obliging Open Whisper Systems, under penalty of material-support-for-terrorism charges, to keep two sets of books, as it were, or two code repositories: the public one, for view, and the one that goes into the production builds. The server code (run by OWS, and under the jurisdiction of US law) could be modified to detect subtle differences between the two and degrade the connections of the former just enough to make it too flaky to use.
- To shut down Signal altogether (with OWS having the option of replacing it with an incompatible, compliant app).
Were Open Whisper Systems to preemptively move abroad to a more privacy-friendly jurisdiction (and Germany is a good one, for obvious reasons) before Trump's inauguration, it may complicate things more. Forcing an established app with a large user-base out of the App Store would be a lot harder than forcing an underground fork of an app out. This would involve all officers involved in running the company moving out of US jurisdiction, and potentially avoiding flights going to the US, UK or Russia.
Being a tenant in the free-market Anglosphere is likely to get a lot worse soon; a new British start-up has created a system offering landlords' continuous deep surveillance of their tenants' online lives to determine whether they are likely to be asset risks. The system, named Tenant Assured, involves requiring tenants, as a condition of tenancy, to link all their social media accounts to a system that data-mines their posts and messages, looking for keywords and metadata and feeding them into an algorithmic model for determining the tenant's personality type and the risk of them defaulting on rent or otherwise adversely affecting the landlord's assets. Tenant Assured appears to greedily harvest a lot of data for its model; when the landlord looks at the report on one of their tenants, status updates or messages mentioning loans, lack of money or phrases suggestive of penury like “staying in” show up under “financial stress”, and words like “prison”, “steal” or “justice” show up under “crime”, while histograms of the tenants' activity times on weekdays and weekends are shown (do they throw parties/lead a chaotic lifestyle, or are they responsible hard-working serfs who get up at six and are in bed by 11, and thus a good financial risk?)
Among the behaviors that count against your Tenant Assured “credit” percentage — i.e., how confident the company is that you’ll pay rent — are “online retail social logins and frequency of social logins used for leisure activities.” In other words, Tenant Assured draws conclusions about your credit-worthiness based on things such as whether you post about shopping or going out on the weekends.Tenant Assured is in operation in the UK, and is being launched in the US soon; it is likely to be welcomed with equally open arms in free-market anglocapitalist strongholds like Australia, where tenants are not deemed to need any rights beyond those naturally trickling down from the invisible hand of the market. The system is said to be opt-in, which means that one always has the choice of telling the landlord who insists on using it where to stick it and find another one who does not insist on it (which may involve anything from paying a human-dignity premium to the Sartrean radical freedom of starving to death under a bridge, emaciated but unbowed).
Of course, there is a chance that such an intrusive system would be found to be in violation of human-rights laws (like the ones Britain's Tory government wants to pull Britain out of); if it isn't, the chances of parliament, which is dominated by buy-to-let landlords (who comprise 40% of MPs, compared to 4% of the general population) passing any laws to restrict it are vanishingly slim at best. After all, we're a free-market society, something something light-touch dynamic self-regulation something, and heavy-handed regulation would destroy the wealth that (mumble mumble) trickles down to the very tenants it's meant to protect; also, personal responsibility. In Australia, there is no bill of rights and nothing like the European Convention of Human Rights, so there'd be fewer impediments to such a system being imposed. In the United States, the Constitution would offer little protection, as it only restricts the government from oppressive measures, making room for a vibrant market in free-enterprise oppression.
The system currently requires tenants to provide access to their social media profiles (presumably the tenancy contract would be drafted as to make withholding accounts grounds for eviction and/or forfeiture of the deposit, if not further legal sanctions); what happens to the data is opaque and could be updated. If, for example, the operators train a neural network to determine probability of drug use from selfies, or emotional stress from changes in music consumption, such capabilities could be added later. But why stop there? It's almost certain that the tenant would own a smartphone, running either iOS or Android. And legally there is no reason why a rental contract could not require them to install and run an app on their phone which tracks their location, flagging up whether they're spending time in dive bars, visiting pawn shops or have started sleeping in until noon on weekdays rather than travelling to an office by 9:30am. (The app could be styled with a nice-looking interface allowing the tenant to contact the landlord and flag fixtures in need of repair; if it looks like it's meant to help the tenant, they may not recognise that it's there to control them.) And so, the relationship between landlord and tenant starts looking like the ancient feudal relationship between a lord and one of his peasants passed through Jeremy Bentham's panopticon; the subtext is: those who don't own property or significant wealth are, at best, on parole.
If this takes off, and becomes the norm for non-wealthy tenants, the social implications could be interesting. For one, it will make all the services, like Facebook, which it touches useless for casually socialising. (In a Free Market, where all tenants are competing against each other to get and keep desirable flats—or, indeed, to win desirable tenancies from the sucker who let their game slip and got logged showing poor impulse control one time too many—maintaining a profile optimised to avoid whatever the algorithm's looking for will become paramount, and there'll be no slack for posting anything off-message.) In such a system, posting to Facebook (or Instagram, or Twitter, or whatever) will be a bureaucratic chore, an act of reporting to one's unseen overseers framed as casually socialising with one's semi-fictitious clean-living friends. (Not posting anything may also get one flagged, so shrugging it off may work against one's interests.) Perhaps an underground industry of social profile doctors will show up; they'll keep up on the latest news and gossip about the surveillance capabilities and profiling algorithms, and for a monthly fee, will provide you with enough traffic to keep your tenant-credit score up. Meanwhile, actual socialising, hedonism, self-indulgence and discussion of worries will take place on encrypted channels and pseudonymous underground social networks, or other profiles, and people will start to carry two phones: the one the landlord knows about, and one which doesn't snitch. (At some point, a tenant will be evicted without deposit for failing to declare such an account or phone, as required in the tenancy contract; if they're lucky, it may form the basis of a court case.)
A new study (PDF) has shown that revelations on the extent of mass surveillance has created a chilling effect on unpopular opinions, as people with such opinions self-censor their expression to avoid the unsympathetic eye of an omniscient, automated bureaucracy:
For the remainder—and majority—of participants, being primed of government surveillance significantly reduced the likelihood of speaking out in hostile opinion climates. These findings introduce important theoretical and normative consequences. Theoretically, it adds a new layer of chilling effects to the spiral of silence. This is the first study to provide empirical evidence that the government’s online surveillance programs may threaten the disclosure of minority views and contribute to the reinforcement of majority opinion. Noelle-Neumann (1974) and the scholars who have followed her have relied on an individual’s fear of social isolation as the underlying mechanism to explain silencing effects. But the results from this study suggest there may be an additional mechanism that contributes to this process: one’s fear of isolation from authority or government. Fear of isolation, as traditionally measured, taps an individual’s concern of being alienated from other members of society, but does not address fear of alienation or prosecution from the government. Csikszentmihalyi (1991) argues that social isolation is a minimal concern compared to material sanctions that government is capable of enacting, like losing one’s job or instigating legal consequences. Further research is needed to explore other potential theoretical mechanisms for why individuals fail to disclose minority views now that perceived surveillance has been identified as a moderating agent.Which is all pretty grim news, if one believes in democracy and civil society. A system of enforcing the status quo with the illusion of being sufficiently efficient to render resistance not only useless but probably punishable enough that most well-adjusted individuals will steer clear of it can only suppress the sorts of protest and inquiry that have historically moved progress forward. Had the authorities had this sort of capability at the time of, say, Martin Luther King or the suffragette movement, would enough ordinary people, with jobs and families to support and the opinions of their neighbours to worry about, have risked supporting these dangerous subversives, rather than keeping their heads down and hoping to stay out of it? Of course, for those depending on a manageable democracy and a stable status quo, this is not necessarily a bad thing.
There is one sector of society which seems to be immune to this chilling effect; unfortunately for society, that sector is, predictably, sociopathic jerks, like the ones who fill the hate forums that a handful of trolls succeeded in directing Microsoft's experimental hip-millennial chatbot Tay to, turning it instantly into a neo-Nazi. The sorts of people already known online as sadistic griefers for whom racial epithets are almost punctuation are not going to be deterred by the prospect of being denied employment because of the huge swastikas self-tattooed crudely on their metaphorical foreheads.
So, in the age of mass surveillance (both by the security state in the age of the Long Siege, and increasingly leaking from the secretive spooks to local cops and minor government officials, and by their free-market equivalents: free data-aggregating social networks, online advertising networks and credit rating agencies), we may be facing a psychological retreat from modernity towards the mediaeval mindset; only instead of the omniscient God and His recording angels seeing every sinful thought in our fallible souls and recording it for the final judgment, it is the temporal powers with their intercepts and algorithms, and the judgment is potentially a lot closer. Most sinners will hope that, if they keep their heads down, they can squeeze through purgatory relatively quickly, while a hard core who know they are already damned will raise hell.
We Can Marry You Off Wholesale, a hypothetical piece set in an alternate universe where Facebook is evil and uses its power to monitor and manipulate human relationships to keep its users optimally unhappy for profits:
Facebook knew you were in love a long time before you did. It noticed you scrolling back through her timeline. Every millisecond lingering over the photos of her at the beach was faithfully logged.
On the surface, you two were perfectly suited to each other. But Facebook had detected a problem. At your age, it's hard for Facebook to make money from your love. Sure, a promotion for flowers earns a few bucks. Adverts for romantic dinners can bring in some cash. But here's not much money in that.
So Facebook acted. It "lost" the occasional message you sent her. It made sure that photos of her with other guys were always at the top of your newsfeed. She mostly saw your posts about drinking - and all the girls who had liked your status updates.
With perfect algorithmic efficiency, Facebook found you a beautiful wife who was practically guaranteed to produce a sickly child. Nothing too bad, mind you, but just ill enough to make you spend a little bit more than you would otherwise. A child is a joyous event. Lots of photos posted to Facebook. Lots of likes. Lots of inspiring updates about bravely struggling.This is, as the author points out, a work of fiction, though once the deep-learning algorithms are given access to all incoming data and control of the entire system, and optimised only to solve one problem (maximise profits, whilst avoiding a list of forbidden tactics that someone has thought of), there may be millions of subtly malevolent scams like this, all of them too complex for any human in a position of oversight to understand. Billions of equations, predicated on complicated models of circumstances and human behaviours, combining into scenarios which result in one or more users becoming slightly better-performing profit centres.
A massive rally in the defence of free speech and in solidarity against Islamist terrorism has taken place in Paris, with the crowds estimated between 1.5 and 2 million in number, more than turned out when Paris was liberated from the Nazis. The rally has also attracted leaders from around the world, including various dictators, autocrats and authoritarians, uniting in Paris to say Je Suis Charlie, before going back to supervise their torturers giving some recalcitrant journalists a going over, or just to rush in sweeping mass-surveillance powers (which are unlikely to have helped catch terrorists the intelligence services already had on their watch lists).
Meanwhile, elsewhere in the world:
- In Nigeria, the Islamist group Boko Haram (whose name, meaning something like “non-Islamic education is forbidden”, says it all) have reportedly massacred some 2,000 people, all in the name of an all-merciful God, after seizing a town. (That's about 200 times the Charlie Hebdo massacre, or 2/3 of 9/11.)
- Saudi Arabia, that most honorary of members in our world-spanning alliance of freedom-loving democracies, has flogged a man 50 times for running a liberal blog and criticising the country's religious establishment (“insulting Islam”). Raif Badawi was hunted down by Saudi Arabia's morality police, undoubtedly using surveillance technologies sold by our governments to aid in the hunting down of terrorists; incidentally, Saudi law regards atheism and apostasy as forms of terrorism. Badawi is to be flogged 950 more times over the next 20 weeks, after which he will continue his 10-year prison sentence.
Raif Badawi is probably Charlie, but Saudi Arabia's ambassador to France, who was at the Je Suis Charlie rally, not so much.
Finally, it appears that the noble French tradition of freedom of offensive speech only applies to offensive speech punching outwards.
As the Snowden revelations have demonstrated that we do, in fact, live in a very discreet surveillance dystopia, it can be tempting to ask, what's the problem? After all, the security services don't seem to be actually running COINTELPRO-style operations against Occupy activists or disappearing dissidents at 3AM, and the thunderbolts from Olympus (this side of Afghanistan, at least) seem to be limited to DDOS operations against script kiddies (live by the sword, die by the sword, as they day) and the occasional drug-enforcement agent getting very lucky when performing a "random" search (which, whilst it goes against peacetime luxuries such as due process, doesn't affect law-abiding bourgeoisie like you and me, right?) If you've got nothing to hide (or just the usual minor indiscretions that the spooks don't care about), you've got nothing to fear, and all those people deterred from associating with pacifist churches and human-rights groups can only be a bunch of nervous nellies jumping at shadows, given that not only the NSA but Facebook and Google know exactly what political leanings they have. After all, the more data the spooks have on everyone, surely that would make it easier for them to sort the signal from the noise; to tell, for example, that while you may have and made a phone call referring to a movie as a "bomb" whilst within range the same cell tower as two anarchists and a Wahhabi Muslim, you don't look like a terrorist, right?
The only problem is it doesn't work that way, as the case of Brandon Mayfield demonstrates:
But there’s another danger that Snowden didn’t mention that’s inherent in the government’s having easy access to the voluminous data we produce every day: It can imply guilt where there is none. When investigators have mountains of data on a particular target, it’s easy to see only the data points that confirm their theories — especially in counterterrorism investigations when the stakes are so high — while ignoring or downplaying the rest. There doesn’t have to be any particular malice on the part of investigators or analysts, although prejudice no doubt comes into play, just circumstantial evidence and the dangerous belief in their intuition. Social scientists refer to this phenomenon as confirmation bias, and when people are confronted with data overload, it’s much easier to weave the data into a narrative that substantiates what they already believe. Criminologist D. Kim Rossmo, a retired detective inspector of the Vancouver Police Department, was so concerned about confirmation bias and the investigative failures it causes that he warned police officers in Police Chief magazine to always be on guard against it. “The components of confirmation bias,” he wrote, “include failure to seek evidence that would disprove the theory, not utilizing such evidence if found, refusing to consider alternative hypotheses and not evaluating evidence diagnosticity.”
Despite finding that Mayfield’s print was not an identical match to the print left on the bag of detonators, FBI fingerprint examiners rationalized away the differences, according to a report by the Department of Justice’s Office of the Inspector General (OIG). Under the one discrepancy rule, the FBI lab should have concluded Mayfield did not leave the print found in Madrid — a conclusion the SNP reached and repeatedly communicated to the FBI. The FBI’s Portland field office, however, used that fingerprint match to begin digging into Mayfield’s background. Certain details of the attorney’s life convinced the agents that they had their man. Mayfield had converted to Islam after meeting his wife, an Egyptian. He had represented one of the Portland Seven, a group of men who tried to travel to Afghanistan to fight for al Qaeda and the Taliban against U.S. and coalition forces in a child custody case. He also worshipped at the same mosque as the militants. In the aftermath of 9/11, these innocent associations and relationships, however tangential, were transformed by investigators into evidence that Mayfield wasn’t a civic-minded American, but a bloodthirsty terrorist intent on destroying the West.
FBI agents broke into Mayfield’s home and law office. They rifled through documents protected by attorney-client privilege, wiretapped his phones, analyzed his financial records and web browsing history, and went through his garbage. They followed him wherever he went. Despite all this, the FBI never found a smoking gun connecting him to Madrid. They did, however, find Internet searches of flights to Spain and learned that he once took flying lessons. To FBI agents already convinced of his guilt, this was all evidence of Mayfield’s terrorist heart. The Web searches, however, were mundane. His daughter had to plan a fictional vacation for a school project. Flight lessons were indicative of nothing more than Mayfield’s interest in flying.
A new study in the EU has revealed a transformation in the social function Facebook plays: as membership becomes ubiquitous, teenagers are sullenly withdrawing from Facebook for the darkened bedrooms that are Instachat/Appgram/whatever the kids call it these days; when your mum is on there, updating your Facebook is no longer fun, but rather a chore. When you're a teenager (and sometimes when you're no longer one) and your entire family are on Facebook, logging on and posting status updates isn't so much a case of hanging out with your friends and finding your own way in the world, but one of filing reports to your 'rents, an enforcement mechanism of the extended probation that is adolescence; the virtual equivalent of an electronic ankle bracelet, if you will:
"Mostly they feel embarrassed to even be associated with it. Where once parents worried about their children joining Facebook, the children now say it is their family that insists they stay there to post about their lives."Consequently, because when you post to Facebook, you're standing up straight, tucking your shirt in and presenting yourself to authority figures, you tend to self-censor more. Which also makes it less fun.
Information that people choose to publish on Facebook has generally been through a psychological filtering process, researchers found - unlike conversations, photos and video shared through more private tools such as Skype, or on mobile apps.A Facebook that's about reporting to your parents that you've been keeping out of trouble sounds like good training for the future when a clear (and respectable-looking) social media trail will be essential for everything from employment to immigration, and indeed not having one (or having one that looks forged) will in itself be grounds for suspicion.
Builders of Star Trek-inspired rooms recently in the news: a convicted paedophile (or, to be precise, another one, though his Star Trek-inspired flat has been in the news previously), and the US National Security Agency.
A few days ago, David Miranda, a Brazilian man who is the partner of investigative journalist Glenn Greenwald, was detained for nine hours under anti-terrorism legislation whilst passing through Heathrow on the way from Berlin to his home in Brazil. Metropolitan Police threatened him with imprisonment, demanded his passwords and seized all electronic devices on his person; GCHQ have been unable to crack encrypted files seized from him, which could be plans for a doomsday device. Or they might not.
US conservative columnist Andrew Sullivan has compared this incident to events in Putin's Russia:
In this respect, I can say this to David Cameron. Thank you for clearing the air on these matters of surveillance. You have now demonstrated beyond any reasonable doubt that these anti-terror provisions are capable of rank abuse. Unless some other facts emerge, there is really no difference in kind between you and Vladimir Putin. You have used police powers granted for anti-terrorism and deployed them to target and intimidate journalists deemed enemies of the state.
You have proven that these laws can be hideously abused. Which means they must be repealed. You have broken the trust that enables any such legislation to survive in a democracy. By so doing, you have attacked British democracy itself. What on earth do you have to say for yourself? And were you, in any way, encouraged by the US administration to do such a thing?The Whitehouse "says" "it" "played" "no" "role" "in" the detention, though acknowledged that it was briefed on Miranda's presence on the plane and on the detention, as was PM David Cameron. Which suggests that, unless one makes the extraordinary mental gymnastics of extending the definition of “terrorism” to leaking information embarrassing national security agencies, this was a naked act of intimidation against a journalist by targeting his family, of the sort practiced in China and Iran.
Meanwhile, it emerged that, a month earlier, officers of the security services raided the headquarters of the Guardian and forced staff to destroy hard drives and computers used to store the NSA revelations. Copies apparently exist abroad, for the time being, with Guardian staff working on the case being based in the New York office.
I wonder how long until the Guardian relocates its editorial headquarters to a location that is not a pervasive security state, selling the shiny new building they have at Kings Place (though perhaps keeping a floor as a local bureau and/or for writing whimsical middle-class humour columns for the Saturday supplement) and using part of the undoubtedly hefty profit to buy a block in, say, downtown Reykjavík?
Also, Groklaw founder Pamela Jones has shut the site down, on account of the environment of pervasive surveillance, and is going into internal exile off the internet:
One function of privacy is to provide a safe space away from terror or other assaultive experiences. When you remove a person's ability to sequester herself, or intimate information about herself, you make her extremely vulnerable....
The totalitarian state watches everyone, but keeps its own plans secret. Privacy is seen as dangerous because it enhances resistance. Constantly spying and then confronting people with what are often petty transgressions is a way of maintaining social control and unnerving and disempowering opposition....
And even when one shakes real pursuers, it is often hard to rid oneself of the feeling of being watched -- which is why surveillance is an extremely powerful way to control people. The mind's tendency to still feel observed when alone... can be inhibiting. ... Feeling watched, but not knowing for sure, nor knowing if, when, or how the hostile surveyor may strike, people often become fearful, constricted, and distracted.
My personal decision is to get off of the Internet to the degree it's possible. I'm just an ordinary person. But I really know, after all my research and some serious thinking things through, that I can't stay online personally without losing my humanness, now that I know that ensuring privacy online is impossible. I find myself unable to write. I've always been a private person. That's why I never wanted to be a celebrity and why I fought hard to maintain both my privacy and yours.And here's Charlie Stross' take, in which he connects the British security state to David Cameron's mandatory anti-porn internet filter plans:
The spooks are not stupid. There are two ways they can respond to this in a manner consistent with their current objectives. They can try to shut down the press — a distinct possibility within the UK, but still incredibly dangerous — or they can shut down the open internet, in order to stop the information leakage over that channel and, more ambitiously, to stop the public reading undesirable news.I think they're going for the latter option, although I doubt they can make it stick. Let me walk you through the early stages of what I think is going to happen.
If you can tap data from the major search engines, how hard is it to insert search results into their output? Easy, it turns out. As easy as falling off a log. Google and Facebook are both advertising businesses. Twitter's trying to become one. Amazon and Ebay both rent space at the top of their search results to vendors who pay more money or offer more profits. Advertising is the keyword. All the NSA needs, in addition to the current information gathering capability, is the ability to inject spurious search results that submerge whatever nugget the user might be hunting for in a sea of irrelevant sewage. Imagine hunting for "Snowden" on Google and, instead of finding The New York Times or The Guardian's in-depth coverage, finding page after page of links to spam blogs.
Bruce Sterling has written a witty and insightful essay about the NSA leaks and the Edward Snowden situation:
This is the kind of comedic situation that Russians find hilarious. I mean, sure it’s plenty bad and all that, PRISM, XKeyScore, show trials, surveillance, threats to what’s left of journalism, sure, I get all that, I’m properly concerned. None of that stops it from being hilarious.
Modern Russia is run entirely by spies. It’s class rule by the “siloviki,” it’s Putin’s “managed democracy.” That’s the end game for civil society when elections mean little or nothing, and intelligence services own the media, and also the oil. And that’s groovy, sure, it’s working out for them.
Citizens and rights have nothing to do with elite, covert technologies! The targets of surveillance are oblivious dorks, they’re not even newbies! Even US Senators are decorative objects for the NSA. An American Senator knows as much about PRISM and XKeyScore as a troll-doll on the dashboard knows about internal combustion.
If you’re a typical NSA geek, and you stare in all due horror at Julian, it’s impossible not to recognize him as one of your own breed. He’s got the math fixation, the stilted speech, the thousand-yard-stare, and even the private idiolect that somehow allows NSA guys to make up their own vocabulary whenever addressing Congress (who don’t matter) and haranguing black-hat hacker security conventions (who obviously do).
The civil lib contingent here looks, if anything, even stupider than the US Senate Intelligence Oversight contingent — who have at least been paying lavishly to fund the NSA, and to invent a pet surveillance court for it, with secret laws. That silly Potemkin mechanism — it’s like a cardboard steering wheel in the cockpit of a Predator drone.
And, yeah, by the way, Microsoft, Apple, Cisco, Google et al, they are all the blood brothers of Huawei in China — because they are intelligence assets posing as commercial operations. They are surveillance marketers. They give you free stuff in order to spy on you and pass that info along the value chain. Personal computers can have users, but social media has livestock.
So, the truth is out there, but nobody’s gonna clean up all that falsehood. There is no visible way to make a clean break with the gigantic, ongoing institutional deceits. There’s no mechanism by which any such honesty could be imposed. It’s like reforming polygamy in the Ottoman Empire.
People, you couldn’t trust any of these three guys to go down to the corner grocery for a pack of cigarettes. Stallman would bring you tiny peat-pots of baby tobacco plants, then tell you to grow your own. Assange would buy the cigarettes, but smoke them all himself while coding up something unworkable. And Ed would set fire to himself, to prove to an innocent mankind that tobacco is a monstrous and cancerous evil that must be exposed at all costs.
One reaction to the revelations about the NSA's surveillance programmes has been along the lines of the old chestnut that “if you have nothing to hide, you have nothing to fear”. One commenter, who claims to have lived under a Middle Eastern dictatorship, debunks this:
1) the purpose of this surveillance from the governments point of view is to control enemies of the state. Not terrorists. People who are coalescing around ideas that would destabilize the status quo. These could be religious ideas. These could be groups like anon who are too good with tech for the governments liking. It makes it very easy to know who these people are. It also makes it very simple to control these people.
Lets say you are a college student and you get in with some people who want to stop farming practices that hurt animals. So you make a plan and go to protest these practices. You get there, and wow, the protest is huge. You never expected this, you were just goofing off. Well now everyone who was there is suspect. Even though you technically had the right to protest, you're now considered a dangerous person.
With this tech in place, the government doesn't have to put you in jail. They can do something more sinister. They can just email you a sexy picture you took with a girlfriend. Or they can email you a note saying that they can prove your dad is cheating on his taxes. Or they can threaten to get your dad fired. All you have to do, the email says, is help them catch your friends in the group. You have to report back every week, or you dad might lose his job. So you do. You turn in your friends and even though they try to keep meetings off grid, you're reporting on them to protect your dad....
Maybe Obama won't do it. Maybe the next guy won't, or the one after him. Maybe this story isn't about you. Maybe it happens 10 or 20 years from now, when a big war is happening, or after another big attack. Maybe it's about your daughter or your son. We just don't know yet. But what we do know is that right now, in this moment we have a choice. Are we okay with this, or not? Do we want this power to exist, or not?
I actually get really upset when people say "I don't have anything to hide. Let them read everything." People saying that have no idea what they are bringing down on their own heads. They are naive, and we need to listen to people in other countries who are clearly telling us that this is a horrible horrible sign and it is time to stand up and say no.
Recently leaked slides from a NSA PowerPoint presentation have revealed that US internet companies, including Google, Facebook, Microsoft and Apple have been giving the NSA access to their users' private data since 2007. The data in question includes emails, instant messages, video and voice chat, stored data, online social networking details and “special requests”. The programme for harvesting this data is known internally as PRISM. This revelation comes a day after revelations that the NSA is indiscriminately collecting phone records of US mobile phone company customers, including their locations and whom they have been calling/texting and when.
The companies implicated in the slide deck have issued carefully-worded denials, claiming that they have never heard of anything called PRISM (likely, as that was probably an internal NSA codename not revealed to the outside world), have never provided the NSA with direct access to their servers (which could just mean that the NSA had to request items of data, or sets of items of data, and got an itemised bill for them).
Of course, this would mean that the NSA has had the task of wading through vast amounts of trivia: of social chatter, chain letters, forwarded amusing cat/sloth/lemur photos (which they'd have to check for steganographed terrorist plans, of course), mundane updates about people's lunch choices/music listening/reaction to last night's Game Of Thrones episode, online shopping receipts, steamy texts to lovers, drunkfaced party photos, viral ads, skinnerbox game invitations, complaints about traffic/public transport/coworkers and such. Though one wonders to what extent this can be automated. For decades, the US intelligence community has been investing millions in artificial intelligence research (a holy grail of CIA-funded research a while ago was the problem of “gisting”, or accurately summarising large amounts of text for human consumption; this is a hard problem, because it requires semantic knowledge about what the text is about). Meanwhile, in the private sector, data mining has shown uncannily accurate results, to the point where retailers have to insert a few deliberately inaccurate or useless coupons into the books they send to customers as not to freak them out with how much they know their true heart. (Remember the story about the angry father demanding why Target was sending his teenage daughter coupons for nappies and prams, and then apologising a few weeks later when she confessed that she was actually pregnant?)
If the NSA has had an firehose-like feed of personal information on millions of individuals for years, it's not unreasonable to expect that some proportion of the multi-trillion-dollar US “black budget” has been allocated to research into finding ways of aggregating, interpreting and processing this information to build up summaries or models of individuals. These could be automated dossiers with estimated personality profiles (“probabilities of paranoia: 23% issues with authority: 17%, narcissism: 27%, procrastination: 53%, adherence to routine: 61%. Most likely to fear: abandonment (41%), cancer (37%), rats (29%), exposure of peccadillos (23%). Probably responsive to: intimidation (43%), flattery (37%)”), which could be useful if the powers that be need to apply subtle, very precise pressure on a conveniently located bystander to use them against someone like al-Qaeda or Occupy. If they have real-time information, such as the mobile phone metadata (and, even omitting the content of conversations, having a record of the location of a person's phone can reveal a lot about what they're doing), they could even get alerts when somebody deviates from their routine more than they typically do; a dive into their private data would reveal whether they're planning a surprise anniversary party for their spouse or a terrorist attack. (Spoiler: it's almost never a terrorist attack.)
Of course, what the social and psychological effects of such surveillance are is another question. If there is a class of watchers, who can peer into the deepest secrets of the rest of the population, would their attitude to the pitiful, flawed wretches before them, with their pathetic little sins and failings, not be one of contempt? Would they not start regarding the rest of the population as little more than cattle, much as the participants in the Stanford Prison Experiment did?
A piece on the Olympic “Brand Exclusion Zone”, a quasi-totalitarian construct passed into English law at the diktat of the International Olympic Committee, and sweeping aside rights of free expression and association in order to protect the primacy of Olympic sponsors' brand names and logos:
The most carefully policed Brand Exclusion Zone will be around the Olympic Park, and extend up to 1km beyond its perimeter, for up to 35 days. Within this area, officially called an Advertising and Street Trade Restrictions venue restriction zone, no advertising for brands designated as competing with those of the official Olympic sponsors will be allowed. (Originally, as detailed here, only official sponsors were allowed to advertise, but leftover sites are now available). This will be supported by preventing spectators from wearing clothing prominently displaying competing brands, or from entering the exclusion zone with unofficial snack and beverage choices. Within the Zone, the world's biggest McDonald's will be the only branded food outlet, and Visa will be the only payment card accepted.The restrictions on what people entering, leaving or having the fortune to reside in the Olympic zone wear or carry on their person are supposedly to prevent rival brands from playing “ambush marketing” stunts, such as sponsoring covert flash mobs of people dressed in their logo colours. It is not clear whether a bunch of people wearing Chicken Cottage T-shirts would impair McDonalds' image, though it seems that Olympic sponsors insult easily, and when offered the full might of the state and extraordinary police powers to do so, are willing to jump at the offer.
And it's not just London. All the venues for the 2012 Olympics will be on brand lockdown. In Coventry, even the roadsigns will be changed so that there is no reference to the Ricoh Arena, which is hosting matches in the football tournament. Even logos on hand dryers in the toilets are being covered up. The Sports Direct Arena in Newcastle will have to revert back to St. James Park for the duration of the Olympics.It would be amusing if it didn't trample on the rights of free expression and free association. In a free society, one might argue that there are certain extreme contingencies when the usual freedoms need to be temporarily suspended for the common good. That it may be justifiable to do so to soothe the tender egos of a multinational corporations' marketing departments at a sporting event is a considerably more dubious proposition.
Meanwhile, the (London) Metropolitan Police, who were escorting the Olympic torch rally through Cornwall, seized a Cornish flag carried by a torch-bearer, on the grounds that it was a “political statement”.
And as ominous as the Olympic mascots are (they're essentially anthropomorphised surveillance cameras, executed in a hip-hop aerosol-art fashion, sublimating the appropriation of the superficial aspects of underground/“street” culture into an architecture of surveillance and control and subtly, or not so subtly, alluding to London's heritage as a world leader in CCTV coverage), some pieces of official merchandise are more ominous than others; take the mascot in a policeman's costume. It's not clear whether the Orwellian connotations are unintended or whether they're a deliberate acknowledgement of London's status as a model panopticon. After all, there will be a lot of foreign dignitaries at the Olympics, some from countries with, shall we say, more fraught internal situations than others, and if the Olympics go smoothly, with no evident dissent and no obvious sign of dissent being heavy-handedly crushed, this could result in a lot of sales by British security technology vendors.
The Olympics are nigh upon London, and their shadow falls heavily over the people of the capital. The stadiums are going up in the East End and the unsightly poor are being cleansed to make way for residents with more disposable income. Further afield, signs of the mass spectacle are appearing all over London, as if dropped from Mount Olympus itself by the gods to the grateful mortals below. (The mortals are grateful and in good cheer because that is the law, and the penalties, both civil and criminal, for being off-message have been subtly explained; these Olympics are, ultimately, a very understatedly British take on the totalitarian mass spectacle that the modern Olympics' Fascist originators had in mind—not so much the iron fist in the velvet glove, as the iron fist in a glove of brightly coloured, vaguely hip-hop-styled plastic foam, shipped by the containerload from China.)
Now, it has emerged that the Ministry of Defence will be billeting surface-to-air missiles on the roofs of apartment buildings in East London; one journalist who lives in the area received a leaflet notifying him of this; the Ministry of Defence has confirmed that it is considering missile deployments.
Having surface-to-air missiles deployed to defend an urban environment is a somewhat sketchy proposition at best; should the missiles be fired, whatever they shoot down will cause a lot of damage when it hits the ground (and if they miss, they themselves will cause some damage). The Whitehouse, famously, has a SAM battery on the roof (Dick Cheney reportedly ordered it as a red-meat-conservative replacement for Bill Clinton's unacceptably liberal solar cells); the implicit message being that the lives of those inside the Whitehouse are worth trading the lives of those around it for. Whether this reasoning transfers from the Commander-in-Chief of the Free World to a stadium full of spectators at a corporate promotional event is another question. (The Queen, the head of state of Britain, does not have a SAM battery defending Buckingham Palace and threatening to send any rogue aircraft down in flames onto the posh digs of Belgravia.) Meanwhile, Charlie Stross extrapolates on the possible unintended consequences:
Hmm. It's a good thing I'm a novelist who dabbles in technothrillers, not a terrorist. If I was a terrorist I'd be licking my lips, trying to work out how to trigger a missile launch. Using a motor-powered model aircraft, free flight design (no radio controls to jam) aimed vaguely towards the Olympic stadium, with a nice radio beacon or some sort of infra-red source (a flare, perhaps) on its tail to make it easy to track? These missiles will be the close-in option, because we know the RAF will already be flying combat air patrols over London; they won't have much time to evaluate threats or respond intelligently. So launch from the back of a panel van, like the IRA mortar attacks on places like Heathrow or 10 Downing Street. The twist in the scheme would be to aim past the missile launchers along a vector that would attract a hail of hypervelocity missile launches in the direction of, say, a DLR station at rush hour.Meanwhile, Stephen Graham (professor of cities and society at Newcastle University, and author of Cities Under Siege: The New Military Urbanism) has an article on the security lockdown being imposed on London for the Olympics, much of it to protect the brand image of corporate sponsors:
Beyond these security spectaculars, more stealthy changes are underway. New, punitive and potentially invasive laws such as the London Olympic Games Act 2006 are in force. These legitimise the use of force, potentially by private security companies, to proscribe Occupy-style protests. They also allow Olympic security personnel to deal forcibly with the display of any commercial material that is deemed to challenge the complete management of London as a "clean city" to be branded for the global TV audience wholly by prime corporate sponsors (including McDonald's, Visa and Dow Chemical).
The final point is how the security operations of Olympics have major long-term legacies for their host cities and nations. The security preoccupations of Olympics present unprecedented opportunities to push through highly elitist, authoritarian and speculative urban planning efforts that otherwise would be much more heavily contested – especially in democracies. These often work to "purify" or "cleanse" diverse and messy realities of city life and portray existing places as "waste" or "derelict" spaces to be transformed by mysterious "trickle-down effects". The scale and nature of evictions and the clearance of streets of those deemed not to befit such events can seem like systematic ethnic or social cleansing. To make way for the Beijing Games, 1.5 million were evicted; clearances of local businesses and residents in London, though more stealthy, have been marked.
Looking at these various points together shows one thing: contemporary Olympics are society on steroids. They exaggerate wider trends. Far removed from their notional or founding ideals, these events dramatically embody changes in the wider world: fast-increasing inequality, growing corporate power, the rise of the homeland security complex, and the shift toward much more authoritarian styles of governance utterly obsessed by the global gaze and prestige of media spectacles.The permanent legacy of the authoritarian measures in the Olympic enabling laws mandated by the IOC cannot be emphasised enough; in Sydney, for example, restrictions on civil liberties passed for the 2000 Olympics were used, years later, to crack down on protests against the Catholic Church's “World Youth Day”, and remain on the books to this day.
And some are saying that the levels of brand policing, imposing criminal sanctions on the display of non-sponsor logos (to say nothing of political protests) within an Olympic zone and severely restricting the use of words such as “London” and “2012” by non-sponsors, will have an adverse effect on the alleged economic benefits of the Olympics, which are touted as much much of the rationale for putting up with all this in the first place.
Finally, Charlie Brooker weighs in:
Oral-B's official Olympic toothbrush exists because its parent company, Procter & Gamble, has a sponsorship deal enabling it to associate all its products with the Games. That's why if you look up Viakal limescale remover on a supermarket website, the famous five interlocking rings pop up alongside it. This in no way cheapens the Olympic emblem, which traditionally symbolises global unity, peaceful competition and gleaming stainless steel shower baskets.
In the US, employers are paying increasingly close attention to candidates' Facebook accounts; demanding that they hand over their Facebook passwords, allowing them to investigate their profiles, their past activities and the company they keep to determine whether they are of sufficient moral fibre:
In Maryland, job seekers applying to the state's Department of Corrections have been asked during interviews to log into their accounts and let an interviewer watch while the potential employee clicks through wall posts, friends, photos and anything else that might be found behind the privacy wall. Previously, applicants were asked to surrender their user name and password, but a complaint from the ACLU stopped that practice last year. While submitting to a Facebook review is voluntary, virtually all applicants agree to it out of a desire to score well in the interview, according Maryland ACLU legislative director Melissa Coretz Goemann.And some universities are requiring students to friend official accounts and monitoring their social network activity:
Student-athletes in colleges around the country also are finding out they can no longer maintain privacy in Facebook communications because schools are requiring them to "friend" a coach or compliance officer, giving that person access to their “friends-only” posts. Schools are also turning to social media monitoring companies with names like UDilligence and Varsity Monitor for software packages that automate the task. The programs offer a "reputation scoreboard" to coaches and send "threat level" warnings about individual athletes to compliance officers.(I imagine that the assumption here is that those on athletic scholarships are not bright enough to set up friend lists and segregate their posts. After all, Facebook doesn't tell you whether you see all of a user's posts, a small portion, or in fact, whether they put you on their “Restricted” list (i.e., the “pretend-to-be-this-schmuck's-friend-but-don't-show-them-anything” list).
Demanding Facebook passwords is of dubious legality, however, if a court rules in favour of this practice, companies answerable to shareholders and concerned about legal liability may start adopting it as policy. One option is to not have a Facebook account, or deny having one; however, this could be a liability, marking one out as some kind of antisocial loner (studies have found that evidence of a social life can boost one's employability rankings, and if everyone's on Facebook, the one guy whose name draws a blank could look too much like potential spree-killer material to be worth the risk.)
If employer (or school, or governmental) Facebook surveillance becomes widespread I can see a new version of the clean-urine-for-drug-tests business model emerging, in the form of clean-but-plausibly-active-looking Facebook profiles for presentation to officials. Fill in a form giving details (what political/religious views it should espouse, where it should be between gregariously easy-going and Stepfordesquely clean (in most cases, inserting a few minor flaws for versimilitude is recommended, though the optimum degree of flaws will vary case by case; your case advisor can offer you guidance), what sorts of people, institutions and social situations your perfect doppelgänger should be seen to associate with, &c.), put in your credit card number and, presto, an army of third-world data-centre workers will assemble a profile you can show to any authority figure without fear. For a monthly fee, they'll even run your parallel life in the background for you, keeping the illusion up, posting anodyne comments about TV shows and sports matches, attending church mixers, liking big, uncontroversial brands and even giving you your desired level of a simulated social life with a network of convincing yet utterly unimpeachable sockpuppets.
Fresh from its triumph with the national firewall (now a bipartisan commitment, due to appear some time after the next election), the Australian government is planning a proposal to require internet service providers to record certain details of all users' access to the net. The proposal itself is secret; while a document about the plans have been obtained through freedom of information laws, in the finest traditions of a well-managed democracy, 90% of the document was blacked out, to stop "premature unnecessary debate", or, in other words, to keep the subjects from sticking their noses into matters they have no business with.
What on earth is going on in Australia? First came the internet censorship firewall plan (which may be on hold until the next election, but is still Labor Party policy, and while the Coalition have been strategically holding their tongues about it, reading between the lines, it seems like Tony Abbott (a known religious hardliner) would take it even further), then the plan to require ISPs to record what websites all users visit and whom they email, a record of which will be linked to users' identity details including passport numbers. And now, a parliamentary inquiry has proposed requiring users to run government-mandated "cyber-security" software on their computers to access the internet. A proposal which sounds a lot like China's "Green Dam" spyware.
Of course, if implemented, this would lock out anybody who uses an unsupported operating system for which the government hasn't made available a version of its Green And Gold Dam software, not to mention the scope for abuse. Imagine that, a year later, a law is quietly passed and the software updated to search users' hard drives for images that might be pornographic and forward them to the police, in the guise of hunting down paedophiles, or for text documents that might conceivably be "terrorist materials". Other than a few people being raided for possessing nude images of small-breasted models or similarly suspicious materials, all of a sudden, the police have a copy of everyone's private photos and other files; it's a good thing that the Australian police are renowned for their incorruptibility, and neither individual officers nor the police forces would ever abuse such sweeping powers.
Of course, once the software is, by law, on everyone's machine, the possibilities don't end there. In the age of the Long Siege, it's not unlikely that security agencies would have special powers to use this in a targeted fashion to go after persons of special concern (which, in the eyes of the Murdoch tabloids and their readership, means bloodthirsty paedoterrorist extremists who should all be locked up, but in reality is likely to mean environmental protesters, social-justice groups and anyone who looks suspicious). If ASIO or the AFP can surreptitiously modify files on computers at, say, Greenpeace or the Greens, think of the COINTELPRO-style hijinks they could get up to; changing the plans of protests, planting evidence that key organisers are informers, or just disrupting campaigns at key moments. And so, as if by magic, protests fizzle, media campaigns fail, opposition groups disintegrate in acrimony, and Australian democracy becomes a lot more efficiently managed. Confound their politics, indeed.
Of course, the Green and Gold Dam is by no means a done deal. Perhaps it's a proposal which will die, recognised for its heavy-handedness and unfeasibility. Or perhaps it's an ambit claim, to make the government's existing plans (the national firewall and ISP-based surveillance infrastructure) seem more moderate by comparison.
A 1978 article on how to identify a CIA agent under diplomatic cover; back then, it was fairly easy to do so by simple techniques such as looking at US embassy personnel records and seeing who hangs out with whom at diplomatic dos.
Of course, they may well have tightened things up in the past 32 or so years.
- The CIA usually has a separate set of offices in the Embassy, often with an exotic-looking cipher lock on the outside door. In Madrid, for example, a State Department source reports that the Agency occupied the whole sixth floor of the Embassy. About 30 people worked there; half were disguised as "Air Force personnel" and half as State "political officers." The source says that all the local Spanish employees knew who worked on what floor of the Embassy and that visitors could figure out the same thing.
- CIA personnel usually stick together. When they go to lunch or to a cocktail party or meet a plane from Washington, they are much more likely to go with each other than with legitimate diplomats. Once you have identified one, you can quickly figure out the rest.
- The CIA has a different health insurance plan from the State Department. The premium records, which are unclassified and usually available to local employees, are a dead giveaway.
- The Agency operative is taught early in training that loud background sounds interfere with bugging. You can be pretty sure the CIA man in the Embassy is the one who leaves his radio on all the time.
An Armenian-born programmer recounts how, during his childhood in the USSR, he stumbled across the KGB's technique for listening in on conversations in any home.
Some time in 1981, I think, a relative from the U.S. comes to visit us for the first time since he left the country many years before that. He was going to stay in our house for a couple of weeks. My parents told me that such visits were always "monitored" by KGB, and so I should be careful with expressing any kind of anti-soviet ideas (which I was known for in the school). In the end though, nobody was going to take this seriously: neither the possibility of KGB agents freezing in cold outside watching us through the windows, nor any kind of bugs installed in our house.
Something strange, however, had happened when our relative had finally arrived. Our phone went crazy. First of all, it was practically impossible to call or to take calls during that period. And besides, the phone's ringer started giving a single "ding" twice a day, exactly at 9 in the morning and 9 in the evening.The KGB, it seems, was using the ringers of telephones as crude microphones, responding to sound vibrations and feeding a very weak signal back into the phone line; when a house was noted as being of sufficient interest, a powerful amplifier could make the signal just about intelligible. The KGB only got caught out (to the extent of allowing a young boy to figure out what was happening, at least) due to the dilapidated condition of the Soviet phone system, and the tendency for lines to get crossed from time to time.
A phone carrier in the United Arab Emirates recently pushed out a patch for BlackBerry handsets, which it advertised as a "performance enhancement", but which, on closer examination, turned out to contain a remotely activatable surveillance programme:
The spying program in the patch is switched off by default on installation, but switching it on would be a simple matter of pushing out a command from the server to any device, causing the device to then send a copy of the user’s subsequent e-mail and text messages to the server.I wonder what the story here is; is the UAE's government too cheap to shell out for some of that sweet Nokia Siemens surveillance gear the Iranian government has been reportedly very pleased with? Was the patch planted by other agencies (The Mossad? The Iranian secret service? Organised crime?) Or is Dubai trying to build the world's most elaborate context-based advertising system?
Another chapter from Britain's war on its youth: a police officer in London, who asked to not be named, has stated that the police routinely arrest teenagers with no criminal records, just to collect their DNA, just in case they do commit a crime in the future:
The officer said: "It is part of a long term crime prevention strategy. We are often told that we have just one chance to get that DNA sample and if we miss it that might mean a rape or a murder goes unsolved in the future.
"Have we got targets for young people who have not been arrested yet? The answer is yes. But we are not just waiting outside schools to pick them up, we are acting on intelligence. If you know you have had your DNA taken and it is on a database then you will think twice about committing burglary for a living."Or you'll watch a few episodes of CSI and, when you do commit a burglary, you'll ensure to tip an ashtray from a busy pub over the premises or something.
As the economic crisis bites, credit card companies are turning to advanced psychological techniques to manage their customers, using their purchasing records to develop detailed psychological models of their behaviour.
Martin could often see precisely what cardholders were purchasing, and he discovered that the brands we buy are the windows into our souls — or at least into our willingness to make good on our debts. His data indicated, for instance, that people who bought cheap, generic automotive oil were much more likely to miss a credit-card payment than someone who got the expensive, name-brand stuff. People who bought carbon-monoxide monitors for their homes or those little felt pads that stop chair legs from scratching the floor almost never missed payments. Anyone who purchased a chrome-skull car accessory or a “Mega Thruster Exhaust System” was pretty likely to miss paying his bill eventually.
Martin’s measurements were so precise that he could tell you the “riskiest” drinking establishment in Canada — Sharx Pool Bar in Montreal, where 47 percent of the patrons who used their Canadian Tire card missed four payments over 12 months. He could also tell you the “safest” products — premium birdseed and a device called a “snow roof rake” that homeowners use to remove high-up snowdrifts so they don’t fall on pedestrians.
By the time he publicized his findings, a small industry of math fanatics — many of them former credit-card executives — had started consulting for the major banks that issued cards, and they began using Martin’s findings and other research to build psychological profiles. Why did birdseed and snow-rake buyers pay off their debts? The answer, research indicated, was that those consumers felt a sense of responsibility toward the world, manifested in their spending on birds they didn’t own and pedestrians they might not know. Why were felt-pad buyers so upstanding? Because they wanted to protect their belongings, be they hardwood floors or credit scores. Why did chrome-skull owners skip out on their debts? “The person who buys a skull for their car, they are like people who go to a bar named Sharx,” Martin told me. “Would you give them a loan?”It's not only your purchasing record that's mined for psychological data, though:
Most of the major credit-card companies have set up systems to comb through cardholders’ data for signs that someone is going to stop making payments. Are cardholders suddenly logging in at 1 in the morning? It might signal sleeplessness due to anxiety. Are they using their cards for groceries? It might mean they are trying to conserve their cash. Have they started using their cards for therapy sessions? Do they call the card company in the middle of the day, when they should be at work? What do they say when a customer-service representative asks how they’re feeling? Are their sighs long or short? Do they respond better to a comforting or bullying tone?The card companies have, as you might imagine, a variety of uses for this data. On the blunter side of the spectrum, signs of potential unreliability (bills for dive bars or marriage counselling services, unusual login patterns) may trigger card companies to raise interest rates or start pushing more aggressively for repayment. More subtly, though, if your credit card company calls you to discuss your bill, the person talking to you will be trained in psychological techniques and will have on their screen a detailed psychological profile of you, all the better to elicit compliance:
Santana had actually already sought permission from the bank to settle for as little as $10,000. It’s an open secret that if a debtor is willing to wait long enough, he can probably get away with paying almost nothing, as long as he doesn’t mind hurting his credit score. So Santana knew he should jump at the offer. But as an amateur psychologist, Santana was eager to make his own diagnosis — and presumably boost his own commission.
“I don’t think that’s going to work,” Santana told the man. Santana’s classes had focused on Abraham Maslow’s hierarchy of needs, a still-popular midcentury theory of human motivation. Santana had initially put this guy on the “love/belonging” level of Maslow’s hierarchy and built his pitch around his relationship with his ex-wife. But Santana was beginning to suspect that the debtor was actually in the “esteem” phase, where respect is a primary driver. So he switched tactics.
“You spent this money,” Santana said. “You made a promise. Now you have to decide what kind of a world you want to live in. Do you want to live around people who break their promises? How are you going to tell your friends or your kids that you can’t honor your word?”
The man mulled it over, and a few days later called back and said he’d pay $12,000.
“Boom, baby!” Santana shouted as he put down the phone. “It’s all about getting inside their heads and understanding what they need to hear,” he told me later. “It really feels great to know I’m helping people in pain.”Of course, another way to look at this was that, had the chump (who, according to the article, had recently been left by his wife) not offered to pay up extra, the friendly man from the card company would know exactly which buttons to push to kick them down further. Which is all very well (Personal Responsibility, after all, is What Made America Great, as any card-carrying Libertarian will tell you), other than the inherent asymmetry of going up against a huge organisation with frighteningly powerful intelligence-gathering abilities, and no interest in your welfare beyond what's required to maximise its profits.
(via Boing Boing)
A representative of Britain's Police Cental E-crime Unit has complained about how difficult their job is, and outlined what would really help: a nifty black box, as easy to use as a breathalyser, which can identify illegal activity on PCs:
McMurdie said such a tool could run on suspects' machines, identify illegal activity - such as credit card fraud or selling stolen goods online - and retrieve relevant evidence.
"For example, look at breathalysers - I am not a scientist, I could not do a chemical test on somebody when they are arrested for drink driving but I have a tool that tells me when to bring somebody in."Of course, knowing New Labour, this will probably result in legislation mandating police-accessible data-logging devices in all PCs. And the legislation will make these devices not only accessible to the police, but also to the Inland Revenue, TV Licensing, the British Phonographic Industry and local council officials. And, knowing that laws (specifically British laws dealing with privacy and data security) are drafted in a parallel universe in which security is perfect, there will be no possibility whatsoever of these devices either being defeated by the potential paedoterrorists they are meant to monitor or else hijacked by other criminals and used to massively victimise the innocent.
The Open Rights Group has put out a call for photographs illustrating Britain's emerging surveillance society, to be submitted before the 11th of October:
Here’s how you can help:The use of Flickr as the means of coordination looks like a classic example of the thesis of Clay Shirky's Here Comes Everybody: there's no need for anyone at the ORG to fish submissions out of a mailbox or otherwise coordinate them. And furthermore, anyone can keep an eye on the project just by looking at the Flickr tag search page.
1. Spot something that embodies the UK’s wholesale transformation into the surveillance society/database state. Subjects might include your local CCTV camera(s), or fingerprinting equipment in your child’s school library
2. Snap it
3. Upload it to Flickr and tag it “FNFBigPicture” - please use an Attribution Creative Commons license*
4. That’s it!
Though I do get the feeling that there will be a lot of photos of generic-looking CCTV cameras there.
(via Boing Boing)
In today's paranoid age, controlling parents have ever-increasing options for monitoring everything their children do:
The SnoopStick looks like a memory stick. You plug it into your teenager's computer when they are not around, and it installs stealth software on to the machine. Then you plug it into your own computer and can sit back at your leisure and observe, in real time, exactly what your child is doing online - what websites they are visiting, the full conversations they are having on the instant messenger (IM) service, and who they are sending emails to. It is as if you are sitting and invisibly spying over their shoulder.
Significantly, the £37.50 device comes with the warning that, if you use it to monitor an employee's computer without notifying them, you may well be in breach of employment laws. But install it secretively on the computer of your teenager, who has absolutely no rights at all, and no one can touch you. The moral argument doesn't come into it.
The following devices, please note, are not just being marketed to private detectives to catch errant spouses; they are being targeted at parents of teenagers. You can get clothes with tracking devices fitted into them. You can fit such devices covertly into mobile phones. For $149 you can purchase a mobile spy data extractor, which reads deleted text messages from a SIM card. For $79 you can buy a semen detection kit, to test your teenage daughter's clothing. And for $99, if you really want to ape the mad ex-Marine father in American Beauty, you can buy a drug identification kit which can detect up to 12 different illegal drugs.
The SnoopStick symbolises the modern obsession with control. The American psychologist Robert Epstein, who wrote the controversial book The Case Against Adolescence, estimates that young Americans are now ten times more restricted than adults, and twice as restricted as convicted criminals. He says teenagers are infantilised and deprived of human rights. As well as the obvious legal bar to prevent them smoking, drinking, marrying, voting and gambling, teenagers have no privacy rights, no property rights, no right to sign contracts or make decisions regarding their own medical or psychiatric treatment.
An investigation into German discount supermarket chain Lidl has revealed an extensive campaign of surveillance of employees, which has been compared to the Stasi's monitoring of East Germany's population (though perhaps Walt Disney's surveillance of animators and Henry Ford's sociological department are also good comparisons):
The detectives' records include details of precisely where employees had tattoos as well as information about their friends. "Her circle of friends consists mainly of drug addicts," reads one record. The detectives also had the task of identifying which employees appeared to be "incapable" or "introverted and naive".
While most incidents seem to have occurred in Germany, the most shocking one allegedly occurred at a Lidl store in the Czech Republic, where a female worker was forbidden to go to the toilet during working hours. An internal memorandum, which is now the centre of a court case in the republic, allegedly advised staff that "female workers who have their periods may go to the toilet now and again, but to enjoy this privilege they should wear a visible headband".
Recording how a German employee identified as Frau M spent her break, one report read: "Frau M wanted to make a call with her mobile phone at 14.05 ... She received the recorded message that she only had 85 cents left on her prepaid mobile. She managed to reach a friend with whom she would like to cook this evening, but on condition that her wage had been paid into her bank, because she would otherwise not have enough money to go shopping."A spokesperson for Lidl has said that the surveillance was intended "not to monitor staff, but to establish possible abnormal behaviour".
Scientists at NEC have developed a CCTV camera which can identify people's ages and genders, by comparing them against samples in a database, and are working on making it capable of determining their socioeconomic status depending on their clothing. The NEC FieldAnalyst technology is not intended for security purposes but for those of marketing, and is currently only avalable in Japan:
the data is intended to help mall owners better understand their visitors. How come no one is going to a certain store? What time of day do most of the 40- to 50-year-old women visit the place? Did the recent promotion reach the desired demographic?
It works better with Japanese people as the vast majority of the samples in the database are Japanese. It also hones down your age only to within 10 years. However, NEC wants to narrow the range, possibly even getting to the point where it can determine age within a year or two.
A man in Stoke-on-Trent was arrested by armed police, DNA tested and thrown in a cell after a bystander mistook his MP3 player for a gun. Darren Nixon was released, but
has been banned from the internet after copyright-enforcement officers found pirated MP3s on the player will now have his DNA stored on a national database for life with a record that he was arrested on suspicion of a firearms offence.
A piece on counter-surveillance tactics used by terrorist suspects. In summary, they go out of their way to appear assimilated and un-religious, discuss plans in remote wilderness locations or online pornography sites (what, no Second Life/World of Warcraft?), use Skype (which is difficult to tap) and speak in code:
Wiretap transcripts and other court records show that the cell of North African immigrants tried hard to blend into Italian society, working regular jobs, sending their children to public schools and taking pains not to appear unusually religious. When they did talk on the phone, they often adopted a roundabout or obtuse manner that masked their real meaning.
"Taxi drivers," Redouane el Habab said, referred to suicide bombers; explosives were "dough." Anybody who had to go to "the hospital," he added, had been taken to jail, while those visiting "China" were really attending training camps in Sudan.
Wired has an interesting article on the project to reassemble shredded Stasi documents in Germany, a vast project involving scanners and custom-developed software from the Fraunhofer Group (best known for developing the MP3 audio compression algorithm):
The data for the 400-bag pilot project is stored on 22 terabytes worth of hard drives, but the system is designed to scale. If work on all 16,000 bags is approved, there may be hundreds of scanners and processors running in parallel by 2010. (Right now they're analyzing actual documents, but still mostly vetting and refining the system.) Then, once assembly is complete, archivists and historians will probably spend a decade sorting and organizing. "People who took the time to rip things up that small had a reason," Nickolay says. "This isn't about revenge but about understanding our history." And not just Germany's — Nickolay has been approached by foreign officials from Poland and Chile with an interest in reconstructing the files damaged or destroyed by their own repressive regimes.
The truth is, for Poppe the reconstructed documents haven't contained bombshells that are any bigger than the information in the rest of her file. She chooses a black binder and sets it down on the glass coffee table in her living room. After lighting a Virginia Slim, she flips to a page-long list of snitches who spied on her. She was able to match codenames like Carlos, Heinz, and Rita to friends, coworkers, and even colleagues in the peace movement. She even tracked down the Stasi officer who managed her case, and after she set up a sort of ambush for him at a bar — he thought he was there for a job interview — they continued to get together. Over the course of half a dozen meetings, they talked about what she found in her files, why the Stasi was watching her, what they thought she was doing. For months, it turned out, an agent was assigned to steal her baby stroller and covertly let the air out of her bicycle tires when she went grocery shopping with her two toddlers. "If I had told anyone at the time that the Stasi was giving me flat tires, they would have laughed at me," she says. "It was a way to discredit people, make them seem crazy. I doubted my own sanity sometimes." Eventually, the officer broke off contact, but continued to telephone Poppe — often drunk, often late at night, sometimes complaining about his failing marriage. He eventually committed suicide.
(via Boing Boing)
After the recent "privacy Chernobyls", in which the personal data of millions of Britons went missing, possibly ending up in the hands of criminals, Cory Doctorow argues that personal data should be regarded with the same caution as nuclear waste:
The metaphor is apt: the data collected by corporations and governmental agencies is positively radioactive in its tenacity and longevity. Nuclear accidents leave us wondering just how we're going to warn our descendants away from the resulting wasteland for the next 750,000 years while the radioisotopes decay away. Privacy meltdowns raise a similarly long-lived spectre: will the leaked HMRC data ever actually vanish?
The financial data in question came on two CDs. If you're into downloading movies, this is about the same size as the last couple of Bond movies. That's an incredibly small amount of data - my new phone holds 10 times as much. My camera (six months older than the phone) can only fit four copies of the nation's financial data.
Every gram - sorry, byte - of personal information these feckless data-packrats collect on us should be as carefully accounted for as our weapons-grade radioisotopes, because once the seals have cracked, there is no going back. Once the local sandwich shop's CCTV has been violated, once the HMRC has dumped another 25 million records, once London Underground has hiccoughup up a month's worth of travelcard data, there will be no containing it.
AT&T has released what could be the world's first truly post-9/11 programming language: a language designed for large-scale communications surveillance. The Hancock programming language, unsurprisingly, resembles a much earlier AT&T/Bell Labs innovation, C, in style and is designed for sifting through gigabytes of telephone and internet records, looking for things of interest. Examples given in the documentation include scripts for finding all packets to or from an address of interest, and for tracking a person's movements by checking which cell towers their mobile phone connected to during the day. And there's good news for hobbyists wanting to run their own model surveillance agency in their garage: the source code and binaries are free for noncommercial use.
Speculation has arisen about the US intelligence services deploying insect-sized surveillance drones after anti-war protesters reported seeing unusually large and odd-looking dragonflies at a demonstration:
"I'd never seen anything like it in my life," the Washington lawyer said. "They were large for dragonflies. I thought, 'Is that mechanical, or is that alive?' "
At the same time, he added, some details do not make sense. Three people at the D.C. event independently described a row of spheres, the size of small berries, attached along the tails of the big dragonflies -- an accoutrement that Louton could not explain. And all reported seeing at least three maneuvering in unison. "Dragonflies never fly in a pack," he said.The FBI has denied having such technologies. The CIA, meanwhile, is known to have tested a robotic "insectothopter" in the 1970s, before scrapping the project as it could not handle crosswinds. Scientists now have a better understanding of how insects fly, and it's possible that modern computer technology (not to mention materials science) could enable an insectothopter to respond to changes in its environment sufficiently well to navigate. Whether the spooks would risk prototypes, which officially do not exist, being captured by anti-war protesters is another question.
(If these things do exist, it's a good thing that America is immune to totalitarianism; imagine what, say, the Stasi or the Burmese junta would do with such technologies.)
Actually, the CIA/FBI may be a red herring. Has anybody asked Google about these bugs?
First there were cinema verité, DOGME 95 and machinima, and now we have "Video Sniffin'". This latest technique in improvised guerilla filmmaking involves finding a (presumably unsecured) wireless CCTV camera and acting out a scene from your underground film in front of it, whilst recording its signal using a receiver:
Young people from the local YMCA and others used a cheap video receiver from a high street store to ‘sniff’ the streets for CCTV cameras. After finding 24 cameras or ‘hotspots’ they then asked shop owners if they could make a film by acting out in front of their CCTV cameras and recording the signal. The shop owners were very surprised and happy for the young people to create a film this way.
Wall Street is experiencing a Chinese surveillance-led boom, with US hedge funds pumping more than $150m into the growth industry of developing high-tech means of detecting dissent and maintaining the control of the Communist Party over the world's most populous nation — namely, of squaring the circle of having economic freedom with totalitarian political and social control.
Terence Yap, the vice chairman and chief financial officer of China Security and Surveillance Technology, said his company’s software made it possible for security cameras to count the number of people in crosswalks and alert the police if a crowd forms at an unusual hour, a possible sign of an unsanctioned protest.
Mr. Yap said terrorism concerns did exist. His company has outfitted rail stations and government buildings in Tibet with surveillance systems.
In Shenzhen, white poles resembling street lights now line the roads every block or two, ready to be fitted with cameras. In a nondescript building linked to nearby street cameras, a desktop computer displayed streaming video images from outside and drew a green square around each face to check it against a “blacklist.” Since China lacks national or even regional digitized databases of troublemakers’ photos, Mr. Yap said municipal or neighborhood officials compile their own blacklists.
(via Boing Boing)
Cory Doctorow has an essay in Forbes, asserting that ubiquitous surveillance, of the sorts that has been made technologically feasible recently, not only doesn't make cities more secure but undermines the social contracts that make them work:
The key to living in a city and peacefully co-existing as a social animal in tight quarters is to set a delicate balance of seeing and not seeing. You take care not to step on the heels of the woman in front of you on the way out of the subway, and you might take passing note of her most excellent handbag. But you don't make eye contact and exchange a nod. Or even if you do, you make sure that it's as fleeting as it can be.
I once asked a Japanese friend to explain why so many people on the Tokyo subway wore surgical masks. Are they extreme germophobes? Conscientious folks getting over a cold? Oh, yes, he said, yes, of course, but that's only the rubric. The real reason to wear the mask is to spare others the discomfort of seeing your facial expression, to make your face into a disengaged, unreadable blank--to spare others the discomfort of firing up their mirror neurons in order to model your mood based on your outward expression. To make it possible to see without seeing.
Crazy, desperate, violent people don't make rational calculus in regards to their lives. Anyone who becomes a junkie, crack dealer, or cellphone-stealing stickup artist is obviously bad at making life decisions. They're not deterred by surveillance.
(via Boing Boing)
The latest innovation in customer profiling: giving away free umbrellas with RFID chips, which can be read at participating shops, allowing said shops to identify where their customers came from:
A Motorola RFID tag is inlaid in the handle. Dutch Umbrella periodically dispatches an employee with a handheld reader to visit business sites and identify each umbrella. This information is later loaded into software developed by Concept2 Solution. Merchants can then pinpoint the areas from where the customers came and target those particular areas for advertising and promotion.
Meanwhile, Google has filed a patent for using online games to build up psychological profiles of users, and using these for targetting ads:
The company thinks it can glean information about an individual's preferences and personality type by tracking their online behaviour, which could then be sold to advertisers. Details such as whether a person is more likely to be aggressive, hostile or dishonest could be obtained and stored for future use, it says.
The patent says: "User dialogue (eg from role playing games, simulation games, etc) may be used to characterise the user (eg literate, profane, blunt or polite, quiet etc). Also, user play may be used to characterise the user (eg cautious, risk-taker, aggressive, non-confrontational, stealthy, honest, cooperative, uncooperative, etc)."
Players who spend a lot of time exploring "may be interested in vacations, so the system may show ads for vacations". And those who spend more time talking to other characters will see adverts for mobile phones.
Not all the inferences made by monitoring user activity rely on subtle psychological clues, however. "In a car racing game, after a user crashes his Honda Civic, an announcer could be used to advertise by saying 'if he had a Hummer, he would have gotten the better of that altercation', etc," the patent says. And: "If the user has been playing for over two hours continuously, the system may display ads for Pizza Hut, Coke, coffee."And on a related note, Bruce Schneier on how today's likely surveillance dystopias differ from Orwell's totalitarian vision:
Data collection in 1984 was deliberate; today's is inadvertent. In the information society, we generate data naturally. In Orwell's world, people were naturally anonymous; today, we leave digital footprints everywhere.
1984's Big Brother was run by the state; today's Big Brother is market driven. Data brokers like ChoicePoint and credit bureaus like Experian aren't trying to build a police state; they're just trying to turn a profit. Of course these companies will take advantage of a national ID; they'd be stupid not to. And the correlations, data mining and precise categorizing they can do is why the U.S. government buys commercial data from them.
And finally, the police state of 1984 was deliberately constructed, while today's is naturally emergent. There's no reason to postulate a malicious police force and a government trying to subvert our freedoms. Computerized processes naturally throw off personalized data; companies save it for marketing purposes, and even the most well-intentioned law enforcement agency will make use of it.
In Britain, the police are arresting people for accessing open wireless access points without permission:
The man arrested at the weekend was cautioned for dishonestly obtaining electronic communications services with intent to avoid payment.According to the authorities, accessing wireless networks without permission is, much like downloading MP3s and skipping ads on TV, theft:
"Gaining unauthorised access to someone else's network is an offence and people have to take responsibility for their actions. Some people might argue that taking a joy-ride in someone else's car is not an offence either," he said.Not only that, but leaving your access point open for strangers to use is strongly discouraged; not only is it taking away business from commercial service providers (a cardinal sin in Thatcherism-Blairism), but it is giving paedoterrorists a convenient rock to hide under:
"There have been incidences where paedophiles deliberately leave their wireless networks open so that, if caught, they can say that is wasn't them that used the network for illegal purposes," said NetSurity's Mr Cracknell.
Such a defence would hold little water as the person installing the network, be they a home user or a business, has ultimate responsibility for any criminal activity that takes place on that network, whether it be launching a hack attack or downloading illegal pornography.I wonder whether that would hold up in court; could someone be successfully prosecuted for a crime committed by a stranger using their unsecured network? Perhaps a new crime of "facilitating evasion of surveillance" would be appropriate?
The BBC article provides the following helpful advice to anyone with a wireless access point wishing to avoid ending up on the Sex Offenders' Register:
There are many different types of security options available - but the most basic is to give the network a Wireless Encryption Protocol (WEP) key.
While not totally secure, WEP keys do at least provide a modicum of security to thwart all but the most technically-literate hackers.Well, them and any script kiddie who can download a WEP cracking program and run it for a few minutes.
The FBI has revealed that they have recently used a suspect's mobile phone to monitor their (non-phone) conversation. Which means that either (a) the mobile phone standards (at least those used in the US) allow the operators to switch phones into always-on bug mode when needed (i.e., such a mode is part of the standards), or (b) the operators can silently replace the firmware on such a phone at will, adding hidden "features". The phones in question can serve as Big Brother's ears even when ostensibly powered off.
On the Slashdot discussion, a number of posters have claimed to have seen proof that government agencies have the means to activate mobile phones to act surreptitiously as bugs. (And if the FBI can do it, chances are that more ambiguous agencies can do it as well.) Meanwhile, others have pointed out that, even if this is the case, it's easy to detect if your phone is spying on you by either (a) keeping it near audio equipment that it interferes with when transmitting (hint: if it's causing interference whilst switched off, something's afoot), or (b) getting one of those cheap LED antenna attachments that flashes when exposed to RF signals. And here is a guide on how to tell if your phone is surreptitiously spying on you.
Researchers at Binghamton University have developed a method of identifying the digital camera that took a particular image by isolating the unique noise fingerprint of the camera's sensor:
In preliminary tests, Fridrich's lab analyzed 2,700 pictures taken by nine digital cameras and with 100 percent accuracy linked individual images with the camera that took them.The researchers are promoting the development as a tool for catching and prosecuting child pornographers, though it could have other applications. For example, had the British government a database of the fingerprints of all digital cameras sold in the UK, correlated to the ID card numbers of the purchasers, they could quite easily arrest underground artists such as Banksy just by analysing the images on their web sites. During the Cold War, the KGB and East German Stasi had copies of all the letters typed on each typewriter in the country, so they could identify which typewriter a piece of samizdat came from. It is not inconceivable, in the Homeland Security Age, that an agreement will be worked out with camera manufacturers to supply the government with sensor fingerprint data (which could be taken in the factory during the testing phase) correlated with serial numbers; then all that would be necessary would be a law requiring camera purchases to be registered against identification. (In Australia, where you have to show ID for sending mail overseas, and where everyone is too relaxed and laid-back to care about civil liberties, such a law would sail through Parliament with bipartisan support and next to no debate; in Britain, those pesky Lords would probably cause trouble, for a while, at least.)
Of course, as Ars Technica states, it will only be a matter of time before software exists for removing or obfuscating camera fingerprints, or indeed for adding someone else's fingerprint to an image, rendering the process somewhat less than useful.
Among the research projects being funded by the US military in the age of terrorism is sensors for identifying enemies by scent:
"Recent experimental results" show that chemical compounds in a mouse's "urinary" scent produces an "odortype" that's unique to each individual rodent, Darpa observes in its original solicitation for the project. "Although experimental data for humans is far less quantitative," the agency is hoping that a similarly "genetically determined," "exploitable chemosignal" can be found in people, too.
Once that marker is found, Darpa's proposed 2007 budget notes, the agency wants to know what "the impact of non-genetic factors (e.g., diet, stress, health, age) [have] on the signal." That could help figure out how to "robustly extract" the signal "from a complex and varied chemical background."This is by no means a new concept: the Stasi, the East German secret police, kept scent samples from known dissidents and suspects. Though the Stasi used an almost Victorian low-tech method (swabs of cloth in glass jars), whereas this, if it works, will take the technique into the 21st century, by digitising scent signatures. Then miniaturised sensors, dropped by the trillion from unmanned drones over Waziristan or Venezuela or whatever the future theatre of war may be, can not only phone home if they find Osama (or whatever enemy the state of the day—or, indeed, any non-governmental agency with the resources to deploy such a system—needs to hunt down), but report back on what he's been having for dinner and what state of health he's in.
Coupled with the sort of data-mining/pattern-matching that gives PNAC technocrats woodies, the possibilities are even broader. What if there are certain molecular aspects of one's smell signature that correlate with interesting aspects of one's ideological beliefs or behavioral tendencies (for example, whether one is a devout Wahhabi Muslim, or a vegetarian, or possessed of an unusually high sex drive or a propensity to anger). A fine mist of sensors could find potential jihadists before they ever strap on a bomb; as it could well find other people worth keeping an eye on, in the interests of national security, global stability, public order and/or the status quo. It's the old SubGenius idea of "whiffreading", updated for the post-1998 and post-9/11 Homeland Security Age.
(via Boing Boing)
Under new national-security laws in Australia, if the government doesn't like something you're likely to say, they can send teams around to raid you and smash your computers. And if you tell anyone about it afterwards, you go to jail.
CARMEL TRAVERS: Bear in mind that I was only one of many people whose computers were being cleansed and within the officers who came into my office, there was almost a boast. Because I apologised to them and I said, "Look, it's a bit cramped in here, I'm sorry you haven't got much room to work." "Don't worry, we're used to this. We do this every day." And I said, "Oh, really? How often have you done it?" "Oh, 70, 72 or 73 times." It was almost a boast and it was not a rare event, and I found that alarming.
ANDREW WILKIE: I think a lot of it was just theatre meant to put pressure on people, almost to bully them. I think it was intended to send a very clear signal to the media, to the publishing industry, to me that they needed to be very, very careful about criticising the Government. I think the Government's behaviour was intended very clearly to send a signal to my former colleagues that, you know, you don't cross them, you don't resign, you don't speak out.
DR DAVID WRIGHT NEVILLE: The sort of environment that many critics of this government now work under, many of us do feel that we are constantly surveilled, we do feel that we are constantly being harassed in some ways. One only needs to write an opinion piece for the newspaper and one can get a phone call from someone in the Government asking for clarification or pointing out things, and that never used to happen in the past.All this is made possible thanks to the powers in the anti-terrorism laws, which can be exercised without oversight, giving those at the reins of power the means to put the frighteners on anyone they don't like the look of like never before. The laws are due to expire next year, though ASIO, the national security agency, is calling on them to be made permanent. Given the iron discipline of Australian party politics, they stand a chance of getting this.
A hacker has demonstrated how easily publicly available data such as Amazon.com wishlists and web services can be used to locate Americans with potentially "subversive" beliefs or sympathies, thus demonstrating the potential threat to privacy and freedom of association of "anti-terrorist" data-mining/wiretapping proposals:
"In previous years, there were only about a thousand court-ordered wiretaps in the United States per year, at the federal, state, and local levels combined. It's hard to see how the government could even employ enough judges to sign enough wiretap orders to wiretap 1 percent of all our phone calls, much less hire enough federal agents to sit and listen to all that traffic in real time. The only plausible way of processing that amount of traffic is a massive Orwellian application of automated voice recognition technology to sift through it all, searching for interesting keywords or searching for a particular speaker's voice. If the government doesn't find the target in the first 1 percent sample, the wiretaps can be shifted over to a different 1 percent until the target is found, or until everyone's phone line has been checked for subversive traffic. The FBI said they need this capacity to plan for the future. This plan sparked such outrage that it was defeated in Congress. But the mere fact that the FBI even asked for these broad powers is revealing of their agenda."
Thanks to Google Maps (and many similar services) a street address is all we need to get a satellite image of a person's home. Tempted as I was to provide satellite images of the homes of the search subjects, it just seemed a bit extreme even for this article. Instead, I opted only to pinpoint the centers of the towns in which they live. So at least you'll know that there's somebody in your community reading Critical Thinking or some other dangerous text.The article has embedded Google Maps with markers showing where those wishing for copies of George Orwell's 1984 and the Torah (btw, would this be an instance of Godwin's Law by insinuation?) live.
(via bOING bOING)
A New York artist has created a wearable anti-surveillance outfit with a provocatively Middle-Eastern appearance:
The design of the headdress borrows from Islamic and Hindu fashion to comment on the racial profiling of Arab and Arab-looking citizens that occurred post-9/11. The design of the headdress is thus a contradiction: while its goal is to hide the wearer, it makes the wearer a target of heightened surveillance.
The laser tikka (forehead ornament) is attached to a hooded vest and reflective shawl. The laser is activated by pressing a button on the left shoulder of the vest. When pointed directly into a camera lens, the laser creates a burst of light masking the wearers face. The wearer can also use the reflective cloth to cover the face and head. The aluminized material protects her/him by reflecting any infrared radiation and also disguises the wearer by visually reflecting the surroundings, rendering the wearers identity anonymous.Of course, in jurisdictions where shoot-to-kill policies apply, one wears this at one's own risk.
I wonder how long until the CCTV camera-zapping technology is integrated into thug hoodies or Burberry-print baseball caps?
Speaking of hoodies, someone is now making them for iPods; perfect for your 50 Cent/Lady Sovereign MP3 collection.
Those rumours about colour laser printers putting hidden tracking codes in their output, at the behest of
the Men In Black the government are true; a team of hackers led by the EFF have cracked the code used by Xerox printers, and are working on other manufacturers' codes:
The DocuColor series prints a rectangular grid of 15 by 8 miniscule yellow dots on every color page. The same grid is printed repeatedly over the entire page, but the repetitions of the grid are offset slightly from one another so that each grid is separated from the others. The grid is printed parallel to the edges of the page, and the offset of the grid from the edges of the page seems to vary. These dots encode up to 14 7-bit bytes of tracking information, plus row and column parity for error correction. Typically, about four of these bytes were unused (depending on printer model), giving 10 bytes of useful data. Below, we explain how to extract serial number, date, and time from these dots. Following the explanation, we implement the decoding process in an interactive computer program.The reason this is an issue is because of the privacy implications of this technology. Yes, it can be useful for tracking down currency counterfeiters (as is its ostensible purpose), though it can (and undoubtedly will) also be used by oppressive regimes to trace dissidents. It's a lot easier than taking type samples from every typewriter, as the Soviets did.
(via bOING bOING)
From this week, anybody wishing to use an internet cafe or public telephone or fax machine in Berlusconi's Italy will have to produce their passport or identity papers. Furthermore, the managers of internet cafes and communications centres will be obliged to keep records of the times customers enter and leave the premises and which computers or telephones they use.
Three researchers have developed a method of monitoring keystrokes by listening to the sound of the keyboard. Impressively (and perhaps frighteningly), their method does not require one to type a training text first; just drop a microphone into earshot of the keys, let it listen, and within 15 minutes or so of typing, the algorithms will have guessed which sounds correspond to which keys, by using the statistic properties of the English language and a machine-learning technique. In retrospect, it seems quite obvious (not counting the details); it would be surprising if intelligence agencies hadn't had something of this sort for some time.
The Blu-Ray disc format, due to replace DVD, will take the War On Unauthorised Use to a draconian new level:
On top of that, consumers should expect punishment for tinkering with their Blu-ray players, as many have done with current DVD players, for instance to remove regional coding. The new, Internet-connected and secure players will report any "hack" and the device can be disabled remotely.
A shop in Manchester is reporting a surge in business after a young gentleman in hooded jacket broke in and stole a laptop. The thief seemingly failed to notice the significance of the shop's name being "CCTV Surveillance Solutions", and was caught on no fewer than eight separate cameras; shop owners and police are confident of an imminent arrest.
Store owner David Arathoon said people saw his clear CCTV images in the press and wanted that for themselves. "He's given us publicity that we could never have dreamed of," he said.
It looks like, 18 years after killing Australia's national ID card scheme, John Howard is putting it back on the table:
Asked if some of the issues to be discussed at the meeting could curtail civil liberties, Mr Howard said: ''The most important civil liberty you have and I have is to stay alive.'' ''To protect people from attacks is in favour of, not against, civil liberties.''Sounds nicely Orwellian, wouldn't you say. Or perhaps like Margaret Atwood's "freedom from" vs. freedom to".
A researcher at the veritable MIT Media Lab is mining volunteers' mobile phone location and call data, and using it to determine all sorts of things, from simple things such as how long people work and how much they procrastinate to which people are friends and which ones are merely coworkers. Not only that, but the data can predict people's behaviour:
Given enough data, Eagle's algorithms were able to predict what people -- especially professors and Media Lab employees -- would do next and be right up to 85 percent of the time.
Eagle used Bluetooth-enabled Nokia 6600 smartphones running custom programs that logged cell-tower information to record the phones' locations. Every five minutes, the phones also scanned the immediate vicinity for other participating phones. Using data gleaned from cell-phone towers and calling information, the system is able to predict, for example, whether someone will go out for the evening based on the volume of calls they made to friends.
Eagle was also able to see that the Red Sox's improbable breaking of the World Series curse shook even the world of MIT engineers. "I actually saw deviation patterns when the Red Sox won," Eagle said. "Everyone went deviant."The information was recorded by special custom programs running on the phone; the same information is gathered by the mobile network operators, though is not available to the general public. However, it is available to law-enforcement agencies, and is probably being used right now for assembling automated dossiers on entire populations.
In 1987, the Hawke government tried, and failed, to push through its national ID card, the Australia Card. Now it looks like the Howard government is considering reviving it:
Mr Howard vigorously campaigned against the Australia Card proposal which was raised in 1987, but today he said times had changed. "That's 18 years ago and it may well be that circumstances have changed."The Tories haven't decided on whether to adopt a national ID card (or, at least, so they say), but if they do, they will be able to get it through parliament, given that (with Australian's rigid party discipline) both houses of parliament are essentially rubber stamps for the Liberal/National Party caucus. Whether or not it would survive mass civil disobedience (the threat of which was instrumental in sinking the original Australia Card).
The next advance in Total Information Awareness (or whatever it's called) may be a technique, currently being developed in Canada, to detect suspicious activity by the absence of keywords in email; this is more sophisticated than looking for keywords in emails (as the NSA was believed to have been doing since the days of UUCP):
One difference might be the complete absence of words someone might possibly think would draw a law enforcement agencys attention to their e-mails, but that most people would occasionally use innocently (as in "my presentation yesterday really bombed".) Another, Skillicorn says, is that research shows people speak and write differently when they feel guilt about a subject, for instance using fewer first-person pronouns, like I and we. "If you're up to no good", he says, "it's very hard for you to write something that looks ordinary."
Skillicorn doesn't know all the ways suspicious e-mails might read differently from innocent ones. The beauty of his approach is that he doesn't need to know. His software is designed simply to look for messages that are different, based on word frequencies, from the mass of e-mails. It neednt understand the reasons for the differences.So, when this technology matures (assuming that the will is there, which if it isn't now, it will probably be in a few terrorist outrages' time), we can expect, at the heart of ECHELON or similar, supercomputers tracking the email traffic of individuals (by email address, IP number or possibly a cluster of identifiers) and monitoring them for variations; as soon as an individual's behaviour changes microscopically (regardless of what it changed from and to; this works much in the way that highly-skilled readers of body language such as TV mentalist Derren Brown can detect truthfulness or lies by familiarising themselves with natural patterns and watching for deviations), they can be flagged for review. This could detect conspirators, criminals or other deceivers (right down to people planning surprise parties for loved ones, or trying to conceal embarrassing secrets), or possibly other shifts in mental state (depression, anxiety and such). The possibilities of such a technology extend beyond merely catching potential terrorists (or paedophiles, or MP3 pirates, or tax avoiders, or pro-democracy activists, depending on jurisdiction); I imagine that, for one, intelligence agencies with access to it could use it for pinpointing the weakest links in organisations they are targetting for infiltration, or otherwise use it to flesh out psychological profiles.
Elsewhere in the article, it mentions the possibility of detecting telltale patterns of activity by traffic analysis alone, and mentions that the infamous Enron email collection is not particularly useful for such research because those sending the emails didn't actually try to pretend that they were doing anything other than screwing people over.
And America's transformation into the Soviet Union moves forward one step, with American Airlines requiring visitors to supply lists of people they would be staying with whilst in the US, and claiming it's a TSA regulation. (via bOING bOING)
One of the batch of Gmail invites that has recently flooded the streets has ended up in my hands, and hence I've been able to have a look at it.
- Gmail user names must have at least 6 characters, so über-l33t names like, say, "acb" are out. One fewer reason to angst about all the good names having been snapped up by early adopters, big spenders and well-connected digerati.
- If your desired ID is unavailable, it gives you a number of options; i.e.,
- Gmail sends mail in plain text, and not HTML as some broken services (*cough*Hotmail*cough*) do. This is good.
- Gmail still doesn't seem to have POP or IMAP, either incoming or outgoing. Which is going to make downloading one's mail tricky.
Aside: This site has some concerns about Gmail's privacy implications. Granted, the somewhat eccentric graphics on the site give off a paranoid-crackpot vibe; however, some of the issues raised are concerning:
If Google builds a database of keywords associated with email addresses, the potential for abuse is staggering. Google could grow a database that spits out the email addresses of those who used those keywords. How about words such as "box cutters" in the same email as "airline schedules"? Can you think of anyone who might be interested in obtaining a list of email addresses for that particular combination? Or how about "mp3" with "download"? Since the RIAA has sent subpoenas to Internet service providers and universities in an effort to identify copyright abusers, why should we expect Gmail to be off-limits?
Does anybody know whether the RIAA or an equivalent agency would have an easier time ordering Google to hand over a list of all people with the words "mp3" and "download" in their mail than they would of ordering an ordinary ISP to give them access to customers' mail spools? (Mind you, the latter happened in Australia; ARIA did get access to student mail at various universities.)
Not all that long after voting to adopt software patents, the EU are moving to legally require currency detection code in all image-processing software. This looks likely to either (a) be utterly ineffective, or (b) be mostly ineffective whilst effectively outlawing open-source graphics software. The precedent it sets is not a good one either; how long until paracopyright enforcement is mandated to be built into anything processing audio or video data, or indeed any copyrightable data?
Meanwhile, British Telecom have taken steps to block access to child pornography websites. A laudable sentiment, though one worries that the site-by-site censorship infrastructure required to implement this could easily be extended to blocking other things (overseas news sites publishing things violating the Official Secrets Act, for example, or MP3 download sites that piss off the local recording industry). One brave step towards the Singaporisation of the internet.
Meanwhile, the RIAA's latest campaign to defend the foundations of capitalism from the enemy within will involve putting fingerprint readers into music players to ensure that nobody who didn't pay for music gets to listen to it. Welcome to the Digital Millennium; make sure you've paid your way.
Remember all those claims about how the internet was to render tyranny and authoritarianism unviable and usher in a global blossoming of democracy, pluralism and liberty? Well, according to this article, that's not happening, and if anything, the web is helping to reinforce authoritarian regimes and dissipate dissent:
Singaporean dissident Gomez says the Web empowers individual members of a political movement, rather than the movement as a whole. Opposition members can offer dissenting opinions at will, thus undermining the leadership and potentially splintering the organization. In combating an authoritarian regime, in other words, there's such a thing as too much democracy. Two of the most successful opposition movements of the last few decades--the South African opposition led by Nelson Mandela and the Burmese resistance led by Aung San Suu Kyi--relied upon charismatic, almost authoritarian leaders to set a message followed by the rest of the movement. The anti-globalization movement, by contrast, has been a prime example of the anarchy that can develop when groups utilize the Web to organize. Allowing nearly anyone to make a statement or call a meeting via the Web, the anti-globalizers have wound up with large but unorganized rallies in which everyone from serious critics of free trade to advocates of witches and self-anointed saviors of famed death-row convict Mumia Abu Jumal have their say. To take just one example, at the anti-globalization World Social Forum held in Mumbai in January, nuanced critics of globalization like former World Bank chief economist Joseph Stiglitz shared space with, as The New York Times reported, "a long list of regional causes," including anti-Microsoft and anti-Coca Cola activists.
In China, the Web has similarly empowered the authorities. In the past two decades, Beijing's system of monitoring the population by installing informers into businesses, neighborhoods, and other social institutions has broken down--in part because the Chinese population has become more transient and in part because the regime's embrace of capitalism has meant fewer devoted Communists willing to spy for the government. But Beijing has replaced these legions of informers with a smaller group of dedicated security agents who monitor the Internet traffic of millions of Chinese.
Though the article suggests more that the effects of the internet will be slower to take effect, and more long-term. While China has clamped down on anti-government dissent more or less effectively, Chinese environmental activists are organising in ways they would have been unable to before; meanwhile, a new generation of urban Chinese are used to more freedom of choice and cultural expression, and the Communist Party has been forced to enshrine private property and human rights in law (not that that necessarily changes much, but it will). Maybe if we check back in 20 years' time, the verdict on the liberating potential of the internet will be different.
Then again, with the intellectual-property interests which increasingly make up most of the West's economies pushing for "trusted computing" systems, which could just as easily be used to stop samizdat as MP3 sharing, and the increasing will (on the part of both the public and legislators) to accept mechanisms of surveillance and control unthinkable three years ago to defend against an asymmetric terrorist threat, perhaps the liberating potential of computers has peaked, and it can only go downhill from here?
A data-mining technology developed for hunting down criminals, and used to identify backpacker killer Ivan Milat, is now being adapted to identifying consumer preferences by analysing their purchases and media choices:
"We know the people who drink a certain type of coffee will also eat specific types of chocolate bars and eat at particular food chains," said Torque's managing partner, Oliver Rees. "It's not only interesting for marketing those products to specific people but also for how store layouts are designed and how brand alliances should or could develop."
In the US, the FBI have been secretly using car navigation systems to eavesdrop on suspects. Under post-9/11 laws, the FBI can compel a service provider to allow them to spy on a customer, and have been doing so with the on-board vehicle recovery systems (which contain a microphone in the dashboard which, conveniently, can be remotely controlled and monitored). Unfortunately, the technique blocks emergency services, and so an appeals court has just limited the technique (which is probably the only reason we've heard of it).
Several questions arise from this: firstly, if the FBI can do this, what's to prevent others with fewer legal safeguards from doing this? (I.e., the CIA/MI6/Mossad/ASIO, Colombian drug cartels, even some of those unemployed Eastern European technological geniuses.) The current system does involve the FBI going through the service provider with a court order, but what's to prevent an agency with more resources (or fewer constraints) from spoofing the service provider's systems, or cracking into them and subverting them from within? And secondly, how many other everyday devices in your home have hidden microphones which can be remotely activated by law enforcement agencies, and which you don't know about because they've never been ruled against?
The CIA have created a robot catfish, which looks just like a real fish and may or may not have been used for unspecified purposes. The catfish, named Charlie, is being exhibited at the CIA museum, along with robotic bumblebees and dragonflies (which turned out too hard to navigate for practical use) and the usual assortment of miniature cameras and such; the exhibition, however, is off-limits to the public. So next time an innocuous-looking 600mm-long catfish swims past, smile.
Blogging has now become more paranoiac-friendly with Invisiblog, a new online blogging tool devised by cypherpunk cryptoanarchist types. Invisiblog uses anonymous remailers for posting, making it (theoretically) impossible to trace their authorship (except, of course, by the NSA's quantum supercomputers, but they can probably read your thoughts before you post anyway, and already know that you've been a very naughty boy/girl/android).
Eliot of FmH is back, and has a raft of links about the present cock-up in Iraq, which is apparently not going as swimmingly as CNN and FauxNews would have you believe. (Of course, that could all be liberal lies, and the newly-liberated Iraqis could be welcoming Our Boys right now with a tickertape parade, though somehow I doubt it.)
So the war appears not to be about weapons of mass destruction, or indeed Saddam's complicity in 9/11; and if a LATimes piece is to be believed, it's not about making Iraq a democracy either, but rather about making the U.S. less of one:
Our opposition party has disappeared, corporate interests dictate public policy, and the feds may be rummaging through your e-mail.
If you don't earn enough to hit the jackpot on President Bush's proposed tax cuts, you're just going to have to fend for yourself. The whole idea is to train you to expect less and to feel patriotic about it.
And, via bOINGbOING, Dan Gillmor on why the liberties curtailed in the war may not return:
Even if America somehow persuades all Islamic radicals that we are a good and just society, there will still be some evil and deranged people who will try to wreck things and lives in spectacular ways. In other words, the ``war on terrorism'' can't possibly end.
Moreover, the architecture of tomorrow is being embedded with the tools of a surveillance society: ubiquitous cameras; the creation and linking of all manner of databases; insecure networks; and policies that invite abuse. They are being put into place by an unholy, if loose, alliance of government, private industry and just plain nosy regular folks.
Telephone tapping devices found in EU building, specifically the French and German offices. French newspaper Le Figaro blaims the Yanqui imperialists; though don't they have Echelon to do all that for them without an incriminating bugging device? Perhaps the bugs were intended to be found, as an intimidation ploy of some sort?
Coincidence or conspiracy? As anti-war protests took place in London, the city's webcams went dark "for operational reasons". Did Tony "the Smiler" Blair take a cue from his fictional counterpart and decide to eliminate unofficial accounts of events? Was it to allow Alastair Campbell to claim that only 12 people showed up, or perhaps to make any possible riot-police action justifiable as Bracks-style "self-defence"? Perhaps not; in fact, it may have something to do with Loony Left Red Ken's congestion charging starting today.
Via FmH, two more paranoid than usual links; firstly a guide on how to disappear in America without a trace, much of which is probably quaintly anachronistic. Though the gist is, if they really want to find you, they will, no matter what you do.
Satellites can bounce LASER light off of your windows and, by measuring the minute distance differences between a vibrating window and the satellite, reconstruct your speech -- from orbit! I don't know how much this process costs yet it was demonstrated for PBS some years ago so it may not be all that expensive. The quality of the audio is poor but it can be understood.
Given Moore's Law and the dropping costs of high technology, it's not all that far-fetched to imagine that this sort of thing is now being used on deadbeat dads and people with overdue library books; or if it isn't, will be soon.
Secondly, a somewhat more academic and less Loompanicsesque paper on surveillance techniques and countermeasures, with a catalogue of 11 types of strategies against surveillance:
A common form of switching involves certification transference: A ticket, entry card, license, entitlement or identity marker belonging to someone else is used. South Africa provides an unusual example. There, welfare payments can be obtained from ATM machines. The recipient enters the correct information into the computer and offers a thumb print for verification. A colleague reported one enterprising family that collected welfare payments long after an elderly relative had died. They cut off her thumb and continued to use it.
A more subtle form involves conversational ploys in which a surveillance agent is duped into believing that a machine is invalid. Consider the story told me by a Russian. A family coming back from a picnic is stopped by police and the driver fails a breathalyzer test. He protests, "That's impossible, I haven't been drinking, your machine must be broken. Please try it on my wife." She also fails the test. The man gets even more insistent that the machine is broken and says, "Please try it on my young daughter." She is tested and also fails. At which point the police officer, doubting his own machine, lets the man go. The man later remarks to his wife, "That was really a good idea to let her drink with us.
Writing in invisible ink is a familiar children's game and it has its' adult counterparts, although these may rely on bad science. Thus, a bank robber was identified and arrested in spite of rubbing lemon juice on his face because he had been told that it would prevent the surveillance camera from creating a clear picture.
(Of course, these links are provided for the curiosity and interest of law-abiding readers only. If you're an al-Qaeda terrorist, drug user, MP3 pirate or other criminal, please do not follow them. We thank you for your cooperation.)
I just went to post a CD overseas, and the post office clerk asked me for ID; she entered my details into the computer and wrote a long alphanumeric code from the screen on the package. Apparently, this week laws came into force saying that ID is required for posting packages overseas, and the details are entered into databases.
The era of Total Information Awareness has come to Australia, and gradually all forms of anonymity are being criminalised. How ironic it will be when, mere decades after the triumph of global liberal-democratic capitalism and the vanquishment of totalitarianism, the Free World transforms itself into Stalinist Russia with better technology; a huge shopping-mall-cum-prison-camp whose inmates demand tighter security and heavier chains for their own protection from the evil that lurks outside.
(If you mention Big Brother to most people, they will think it was just a stupid TV show, and probably opine about which housemate they found most annoying and/or sexually attractive. It seems that Orwell's cautionary tale has all but disappeared from public consciousness.)
The US Department of Defense recently investigated ways of redesigning the Internet to eliminate that pesky anonymity that allows terrorists, paedophiles, drug traffickers, Green Party activists and evil, evil people to go about their dastardly deeds undetected. After attempting to fudge a politically expedient result (or at least one likely to get money thrown in its direction, in the name of "national security"), they concluded that it was impractical and scrapped the idea.
I wonder how long until the MPAA/RIAA revive the idea and start pushing hard for Internet protocols to be rewritten to stamp out this un-American "file sharing" idea and protect their business models, late capitalism and the American Way.
Don't like surveillance cameras? A concerned New Yorker has discovered that you can temporarily blind them with a cheap laser pointer. Coupled with a telescopic sight, cameras can be jammed from well out of range. The implications are far-reaching; other than putting laser pointers onto the wallet chains of homeboy trainslashers, and adding them to the already extensive Al Qaeda doomsday arsenal, it looks like they could join aluminium-lined headgear as must-have accessories for the modern paranoid
(Though I'd be surprised if spy agencies, terrorists, professional burglars, &c, hadn't known about this for years.)
Figures released in parliament have revealed that Australia's rate of phone tapping is 20 times that of the US. Last year, more than 2,150 phone tap warrants were issued in Australia, compared to 1490 in the US. The Australian figures exclude ASIO, who stand to gain sweeping surveillance powers in new "anti-terrorism" legislation being considered. Despite this, Australian authorities have had fewer arrests than their US counterparts. Is Australia a world-leading panopticon state, or home to more high-tech criminals? Or do Australians rely on telecommunications more than Americans do for some cultural or geographical reason?
An article from an Irish newspaper on Ashcroft's 'Citizen Corps' informer programme, and other erosions of civil rights.
Effectively, if a repair man arrives to fix your fridge, and happens to notice a copy of Michael Moore's book, Stupid White Men, on your counter, he would be within his remit to call the Hotline and you could, depending on how busy the local FBI field office is, find yourself receiving a visit from the federales.
Being dragged away by the FBI at 3AM for owning an un-American book is somewhat unlikely; what seems more likely is that a large number of minor things (possession of subversive literature, professing atheistic views, associating with members of environmental groups, etc.) will contribute to your suspicion rating. If you regularly make phone calls or send emails to people with high suspicion ratings, that increases your rating as well, all done automatically by data-mining software. Not to mention if your supermarket shopping patterns match the characteristics of terrorists, subversives or un-American types, in various seemingly innocuous ways. If your rating exceeds a certain threshold, additional surveillance may be conducted on you, or you may be barred from flying in commercial airliners (like those Green Party members shortly after September 11 last year). This is the Stasi for the information age; subtle and pervasive.
Here come Ashcroft's Stasi. The Bush Administration is planning to recruit 1 in 24 Americans as informants, to watch their neighbours and report "suspicious activity". The Citizen Corps, as it's called, will include a greater proportion of the population than East Germany's notoriously comprehensive informant network ever did.
Historically, informant systems have been the tools of non-democratic states. According to a 1992 report by Harvard University's Project on Justice, the accuracy of informant reports is problematic, with some informants having embellished the truth, and others suspected of having fabricated their reports.
Present Justice Department procedures mean that informant reports will enter databases for future reference and/or action. The information will then be broadly available within the department, related agencies and local police forces. The targeted individual will remain unaware of the existence of the report and of its contents.
There goes that unpopular notion of the "consent of the governed".
Aren't you glad you live in a country so concerned about your safety? Because if you aren't and say so, your unpatriotic sentiments will end up in the mother of all Oracle databases, to be used against you at some future time.
Business at the Speed of Thought: A look at the amazingly sophisticated high-tech infrastructure used by those exponents of zero-friction transnational capitalism in its purest form, the Colombian cocaine cartels:
the cartel had assembled a database that contained both the office and residential telephone numbers of U.S. diplomats and agents based in Colombia, along with the entire call log for the phone company in Cali, which was leaked by employees of the utility. The mainframe was loaded with custom-written data-mining software. It cross-referenced the Cali phone exchange's traffic with the phone numbers of American personnel and Colombian intelligence and law enforcement officials. The computer was essentially conducting a perpetual internal mole-hunt of the cartel's organizational chart. "They could correlate phone numbers, personalities, locations -- any way you want to cut it," says the former director of a law enforcement agency. "Santacruz could see if any of his lieutenants were spilling the beans."
They even use a fleet of submarines, mini-subs, and semisubmersibles to ferry drugs -- sometimes, ingeniously, to larger ships hauling cargoes of hazardous waste, in which the insulated bales of cocaine are stashed. "Those ships never get a close inspection, no matter what country you're in," says John Hensley, former head of enforcement for the U.S. Customs Service.
When the Colombian government launched the unit that Velásquez would later head, it established a toll-free tip line for information about Cali Cartel leaders. The traffickers tapped the line, with deadly consequences. "All of these anonymous callers were immediately identified, and they were killed," a former high-ranking DEA official says.
There are three ways the US could attempt to combat this: (a) by bombing Colombia into a parking lot (which is about as much as would be required to eliminate the cartels), (b) by banning the export of sophisticated communications technology (yeah, like that would work), or (c) by legalising cocaine, immediately cutting off the cartels' revenue and leaving them with a multi-billion-dollar technology bill they have no hope of paying off.
In the U.S. the FCC plans to ban unserialised streaming audio players, as they don't allow listeners to be tracked enough to satisfy the copyright racket. This means that using open-source streaming audio players (such as xmms), or systems such as Ogg Vorbis, would be illegal in the Land of the Free. (via bOING bOING)
Routes of Least Surveillance: A group of civil libertarians has created a map of New York showing routes with the fewest surveillance cameras.
"We've designed iSee to be useful to a wide range of ordinary people," said an IAA operative who declined to be identified. "The demonstrated tendency of Closed Circuit Television (CCTV) operators to single out ethnic minorities for observation and to voyeuristically focus on women's breasts and buttocks provides the majority of the population ample legitimate reasons to avoid public surveillance cameras."
"The advent of sophisticated face-recognition technologies are further reasons to use iSee. They will allow companies, private investigators, and journalists to browse video databases for footage of spouses, employees, and neighbors engaged in perfectly legal, but nonetheless private acts like attending job interviews and psychiatric appointments."
Expect it to become a big hit with dissidents, adulterers and the aluminium-hat set, before possibly being shut down lest it help potential terrorists.
Details have emerged of Britain's anti-terrorism bill, revealing that it contains draconian new police powers and restrictions on protest activity. The bill makes it a criminal offense to publish details of the movement of nuclear waste trains (which sounds like an echo of China's state secret legislation), and gives the police power to jail demonstrators who refuse to remove masks or face paint, as well as including surveillance powers which have previously failed to pass parliament. Various voices in the wilderness have strongly condemned the new bill, which is expected to be passed into law shortly.
A piece on the social impact of Britain's CCTV system,
''Imagine a situation where you've got an elderly relative who lives on the other side of the city,'' Marshall says. ''You ring her up, there's no answer on the telephone, you think she collapsed -- so you go to the Internet and you look at the camera in the lounge and you see that she's making a cup of tea and she's taken her hearing aid out or something.''
Norris also found that operators, in addition to focusing on attractive young women, tend to focus on young men, especially those with dark skin. And those young men know they are being watched: CCTV is far less popular among black men than among British men as a whole. In Hull and elsewhere, rather than eliminating prejudicial surveillance and racial profiling, CCTV surveillance has tended to amplify it.
The cameras are also a powerful inducement toward social conformity for citizens who can't be sure whether they are being watched. ''I am gay and I might want to kiss my boyfriend in Victoria Square at 2 in the morning,'' a supporter of the cameras in Hull told me. ''I would not kiss my boyfriend now. I am aware that it has altered the way I might behave. Something like that might be regarded as an offense against public decency. This isn't San Francisco.'' Nevertheless, the man insisted that the benefits of the cameras outweighed the costs, because ''thousands of people feel safer.''
In many ways, the closed-circuit television cameras have only exaggerated the qualities of the British national character that Orwell identified in his less famous book: the acceptance of social hierarchy combined with the gentleness that leads people to wait in orderly lines at taxi stands; a deference to authority combined with an appealing tolerance of hypocrisy. These English qualities have their charms, but they are not American qualities.
A piece on some of the CIA's research projects, from spy planes to psychics and eavesdropping cats:
Another project, known as "Acoustic Kitty," involved wiring a cat with transmitting and control devices, allowing it to serve as a mobile listening post. A heavily redacted 1967 government memo released by the archive Monday suggests that cats can be altered and trained, but concludes the program wouldn't work.
Reminds me of a mind-control/conspiracy rant I saw on Psychoceramics, which suggested that, since it is possible to get video out of a cat's optic nerve and (theoretically) to control a cat's motivation with direct stimulation of the brain, then cat-owning paranoids should beware if their cat disappears and subsequently reappears and starts taking an undue interest in their actions.
Scientists at Leeds University have developed a new weapon against crime: a noise impossible to ignore. The sound is comprised of many frequencies, and thus is easy to locate. Additionally, people hearing it reflexively turn to look at its source; as such, there are plans to use the sound with that most British of institutions, security cameras, to induce criminals to look at the camera and be photographed.
Intriguing rumour of the day: The Church of Scientology's alleged mini-Echelon facility hooked into US ISP Earthlink, for keeping an eye out for Clams gone bad. Or so a Slashdot poster alleges.
Anonymity is useless; your language patterns are as unique as your DNA, and words serve as a memetic sample that can be used to identify the author. Or so says Don Foster, the English Literature professor and investigator who identified the author of Clintonian roman à clef Primary Colors, helped track down the Unabomber from his writings and proved that a forgotten poem had been written by Shakespeare. Foster is the author of a new book titled Author Unknown, which (judging from the review) looks fascinating.
US law enforcement agencies will soon have a spray which makes envelopes transparent, allowing them to read mail without a warrant and capture more of those nasty drug-dealing paedophile terrorists.
Surprise, surprise: If you use web-based email or ICQ from work, your employer can read your mail, regardless of what the banner ads say. (via Slashdot)
Don't miss: A detailed article, by Duncan Campbell, on the NSA/GCHQ's signals intelligence operations and capabilities, from World War 2 to Echelon.
Entering Chicksands' Building 600 through double security fences and a turnstile where green and purple clearance badges were checked, the visitor would first encounter a sigint in-joke - a copy of the International Telecommunications Convention pasted up on the wall. Article 22 of the Convention, which both the United Kingdom and the United States have ratified, promises that member states "agree to take all possible measures, compatible with the system of telecommunication used, with a view to ensuring the secrecy of international correspondence".
In 1996, shortly after "Secret Power" was published, a New Zealand TV station obtained images of the inside of the station's operations centre. The pictures were obtained clandestinely by filming through partially curtained windows at night. The TV reporter was able to film close-ups of technical manuals held in the control centre. These were Intelsat technical manuals, providing confirmation that the station targeted these satellites. Strikingly, the station was seen to be virtually empty, operating fully automatically.
Key word spotting in the vast volumes of intercepted daily written communications - telex, e-mail, and data - is a routine task. "Word spotting" in spoken communications is not an effective tool, but individual speaker recognition techniques have been in use for up to 10 years. New methods which have been developed during the 1990s will become available to recognise the "topics" of phone calls, and may allow NSA and its collaborators to automate the processing of the content of telephone messages - a goal that has eluded them for 30 years.
Under the rubric of "information warfare", the sigint agencies also hope to overcome the ever more extensive use of encryption by direct interference with and attacks on targeted computers. These methods remain controversial, but include information stealing viruses, software audio, video, and data bugs, and pre-emptive tampering with software or hardware ("trapdoors").
Britain prepares to follow the Russian lead and institute universal monitoring of Internet traffic: (BBC News)
If the Regulation of Investigatory Powers (RIP) Bill is passed, internet service providers will be forced to install black boxes in their data centres that connect directly to an MI5 monitoring centre in London.
Cambridge academic debunks "crypto menace" myth. (NewScientist)
Think what England was like when the government didn't really exist: anyone with any wealth or property had to design their house to withstand infantry-strength assault. That's not efficient. National governments and policemen will survive the electronic revolution because of the efficiencies they create.
If I were to hold a three-hour encrypted conversation with someone in the Medellín drug cartel, it would be a dead giveaway. In routine monitoring, GCHQ (Britain's signals intelligence service) would pick up the fact that there was encrypted traffic and would instantly mark down my phone as being suspect. Quite possibly the police would then send in the burglars to put microphones in all over my house. In circumstances like this, encryption does not increase your security. It immediately and rapidly decreases it. You are mad to use encryption if you are a villain.
Australian defence official confirms existence of Echelon. (BBC News)
Hacktivists plan Jam Echelon Day on October 21:
Specifically, they suggest the following keywords:
FBI CIA NSA IRS ATF BATF DOD WACO RUBY RIDGE OKC OKLAHOMA CITY MILITIA GUN HANDGUN MILGOV ASSAULT RIFLE TERRORISM BOMB DRUG HORIUCHI KORESH DAVIDIAN KAHL POSSE COMITATUS RANDY WEAVER VICKIE WEAVER SPECIAL FORCES LINDA THOMPSON SPECIAL OPERATIONS GROUP SOG SOF DELTA FORCE CONSTITUTION BILL OF RIGHTS WHITEWATER GRUDNUK POM PARK ON METER ARKANSIDE IRAN CONTRAS OLIVER NORTH VINCE FOSTER PROMIS MOSSAD NASA MI5 ONI CID AK47 M16 C4 MALCOLM X REVOLUTION CHEROKEE HILLARY BILL CLINTON GORE GEORGE BUSH WACKENHUT TERRORIST TASK FORCE 160 SPECIAL OPS 12TH GROUP 5TH GROUP SF