“I want them to be worried that we’re watching. I want them to be worried that they never know when we’re overhead.” — Police Chief in Dayton, Ohio

Hawkeye aerial surveillance optics FLIR

“I want them to be worried that we’re watching. I want them to be worried that they never know when we’re overhead.”

That’s what Police Chief Richard Biehl of Dayton, Ohio told the Washington Post while referring to the people of his city as he supported new aerial surveillance technology that would allow his officers to “track every vehicle and person across an area the size of a small city, for several hours at a time.”

Focused on the work of Persistent Surveillance Systems—a Dayton-based company that is already providing aerial surveillance for large events, like political rallies and sporting events—the Post’s reporting reveals that even as “Americans have grown increasingly comfortable with traditional surveillance cameras, a new, far more powerful generation is being quietly deployed.” […]

—–

Read full article at: https://www.commondreams.org/headline/2014/02/06-1

Skyview Aerial Surveillance System

It’s time to take mesh networks seriously: developing decentralized computer network architectures

via Wired:

“[…] Compared to the ‘normal’ internet — which is based on a few centralized access points or internet service providers (ISPs) — mesh networks have many benefits, from architectural to political.

[…] An ad hoc network infrastructure that can be set up by anyone, mesh networks wirelessly connect computers and devices directly to each other without passing through any central authority or centralized organization (like a phone company or an ISP). They can automatically reconfigure themselves according to the availability and proximity of bandwidth, storage, and so on; this is what makes them resistant to disaster and other interference. Dynamic connections between nodes enable packets to use multiple routes to travel through the network, which makes these networks more robust.

Mesh network architecture diagram - urban wireless meshCompared to more centralized network architectures, the only way to shut down a mesh network is to shut down every single node in the network.

That’s the vital feature, and what makes it stronger in some ways than the regular internet.

But mesh networks aren’t just for political upheavals or natural disasters. Many have been installed as part of humanitarian programs, aimed at helping poor neighborhoods and underserved areas. For people who can’t afford to pay for an internet connection, or don’t have access to a proper communications infrastructure, mesh networks provide the basic infrastructure for connectivity.

Not only do mesh networks represent a cheap and efficient means for people to connect and communicate to a broader community, but they provide us with a choice for what kind of internet we want to have.

For these concerned about the erosion of online privacy and anonymity, mesh networking represents a way to preserve the confidentiality of online communications. Given the lack of a central regulating authority, it’s extremely difficult for anyone to assess the real identity of users connected to these networks. And because mesh networks are generally invisible to the internet, the only way to monitor mesh traffic is to be locally and directly connected to them.

Yet beyond the benefits of costs and elasticity, little attention has been given to the real power of mesh networking: the social impact it could have on the way communities form and operate.

What’s really revolutionary about mesh networking isn’t the novel use of technology. It’s the fact that it provides a means for people to self-organize into communities and share resources amongst themselves: Mesh networks are operated by the community, for the community. Especially because the internet has become essential to our everyday life.

Instead of relying on the network infrastructure provided by third party ISPs, mesh networks rely on the infrastructure provided by a network of peers that self-organize according to a bottom-up system of governance. Such infrastructure is not owned by any single entity. To the extent that everyone contributes with their own resources to the general operation of the network, it is the community as a whole that effectively controls the infrastructure of communication. And given that the network does not require any centralized authority to operate, there is no longer any unilateral dependency between users and their ISPs.

Mesh networking therefore provides an alternative perspective to traditional governance models based on top-down regulation and centralized control.

Indeed, with mesh networking, people are building a community-grown network infrastructure: a distributed mesh of local but interconnected networks, operated by a variety of grassroots communities. Their goal is to provide a more resilient system of communication while also promoting a more democratic access to the internet. […]”

Read full article at Wired.

Bank of America employs 20 full-time social media spies, watches anarchists and Occupy protesters

Bank of America works with fusion centers, the FBI, state and local police, and campus security to monitor public protest in the United States, newly disclosed documents confirm.

A Washington state public records request has unearthed an email chain which includes a message from a Vice President of Global Corporate Security for Bank of America, describing efforts to combat economic justice organizing. The official explains that the powerful financial institution employs a staff of 20 full-time social media spies, and references public-private surveillance efforts directed at activists who aim to hold banks accountable for social crises like the foreclosure disaster.

The bank official, Kimberly Triplett-Kolerich, says she is a former Washington State Patrol officer with 25 years of experience in law enforcement. On September 23, 2013, Triplett-Kolerich wrote:

“I am [now] the Operational Criminal Intel Analyst for Bank of America for the 14 western states and also am the NW Executive Protection Market Manager. From time to time I will see items that I believe will be of use to my friends at WSP–especially during session. May Day I will pick your brain for intel and I will give you a lot also–the Public-Private Partnership worked great last year and hopefully being ahead of the Anarchists will protect all of you from protests/arrests/injury. If you find any intel on Anarchists or Occupy Protesters please let me know–I will most likely find it first as Social Media trolling is not what the WSP does best–Bank of America has a team of 20 people and that’s all they do all day and then pass it to us around the country!!” […]

—-

Read full article, and download the released documents at:http://privacysos.org/node/1293

Former NSA chief Michael Hayden calls Snowden a traitor in Microsoft-sponsored interview

Former NSA director, calling Snowden a traitor, in a CBS News propaganda message sponsored by Microsoft (which is easily the NSA’s most important corporate collaborator, allowing exploits at the OS level for over 90% of desktop users).

Michael Hayden Calls Edward Snowden Traitor on CBS sponsored by Microsoft (Twitter)

See also:

* Microsoft handed the NSA access to encrypted messages (Glen Greenwald et al., The Guardian,, 11 July 2013)

* To Protect and Infect: The Militarization of the Internet (Jacob Applebaum, 30c3)

Inside TAO: Documents Reveal Top NSA Hacking Unit (Der Spiegel)

Via Der Spiegel:

‘[…] The Office of Tailored Access Operations, or TAO […] is the NSA’s top operative unit — something like a squad of plumbers that can be called in when normal access to a target is blocked.

According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO’s area of operations ranges from counterterrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO’s disposal have become — and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks.

National Security Agency complex in San Antonio, Texas, is one of the central offices of the intelligence agency's Tailored Access Operations
This National Security Agency complex in San Antonio, Texas, located in a former Sony chip factory, is one of the central offices of the intelligence agency’s Tailored Access Operations, the NSA’s top operative unit.

The unit is “akin to the wunderkind of the US intelligence community,” says Matthew Aid, a historian who specializes in the history of the NSA. “Getting the ungettable” is the NSA’s own description of its duties. “It is not about the quantity produced but the quality of intelligence that is important,” one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former senior official stating that TAO has contributed “some of the most significant intelligence our country has ever seen.” The unit, it goes on, has “access to our very hardest targets.”

Defining the future of her unit at the time, she wrote that TAO “needs to continue to grow and must lay the foundation for integrated Computer Network Operations,” and that it must “support Computer Network Attacks as an integrated part of military operations.” To succeed in this, she wrote, TAO would have to acquire “pervasive, persistent access on the global network.” An internal description of TAO’s responsibilities makes clear that aggressive attacks are an explicit part of the unit’s tasks. In other words, the NSA’s hackers have been given a government mandate for their work. During the middle part of the last decade, the special unit succeeded in gaining access to 258 targets in 89 countries — nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.

Indeed, TAO specialists have directly accessed the protected networks of democratically elected leaders of countries. They infiltrated networks of European telecommunications companies and gained access to and read mails sent over Blackberry’s BES email servers, which until then were believed to be securely encrypted. Achieving this last goal required a “sustained TAO operation,” one document states.

This TAO unit is born of the Internet — created in 1997, a time when not even 2 percent of the world’s population had Internet access and no one had yet thought of Facebook, YouTube or Twitter. From the time the first TAO employees moved into offices at NSA headquarters in Fort Meade, Maryland, the unit was housed in a separate wing, set apart from the rest of the agency. Their task was clear from the beginning — to work around the clock to find ways to hack into global communications traffic.

To do this, the NSA needed a new kind of employee. The TAO workers authorized to access the special, secure floor on which the unit is located are for the most part considerably younger than the average NSA staff. Their job is breaking into, manipulating and exploiting computer networks, making them hackers and civil servants in one. Many resemble geeks — and act the part too.

Indeed, it is from these very circles that the NSA recruits new hires for its Tailored Access Operations unit. In recent years, NSA Director Keith Alexander has made several appearances at major hacker conferences in the United States. Sometimes, Alexander wears his military uniform, but at others, he even dons jeans and a t-shirt in his effort to court trust and a new generation of employees. […]

——

Read the full article at: Inside TAO: Documents Reveal Top NSA Hacking Unit (Der Spiegel, 29 December 2013)

NSA intercepting laptops purchased online to install spy malware

COTTONMOUTH-I ANT (NSA USB bug) -- Applebaum 30c3 slide
Leaked NSA slide for the COTTONMOUTH-I program, shown at Jacob Applebaum’s presentation “To Protect and Infect, Pt. 2: The Militarization of the Internet” at the 30c3 conference.

“[…] the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories in order to implant bugs before they reach their destinations. According to Der Spiegel, the NSA’s TAO group is able to divert shipping deliveries to its own “secret workshops” in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access.

While the report does not indicate the scope of the program, or who the NSA is targeting with such wiretaps, it’s a unique look at the agency’s collaborative efforts with the broader intelligence community to gain hard access to communications equipment. One of the products the NSA appears to use to compromise target electronics is codenamed COTTONMOUTH, and has been available since 2009; it’s a USB “hardware implant” that secretly provides the NSA with remote access to the compromised machine.

This tool, among others, is available to NSA agents through what Der Spiegel describes as a mail-order spy catalog. The report indicates that the catalog offers backdoors into the hardware and software of the most prominent technology makers, including Cisco, Juniper Networks, Dell, Seagate, Western Digital, Maxtor, Samsung, and Huawei. Many of the targets are American companies. The report indicates that the NSA can even exploit error reports from Microsoft’s Windows operating system; by intercepting the error reports and determining what’s wrong with a target’s computer, the NSA can then attack it with Trojans or other malware. […]

—-

Read full article at: http://www.theverge.com/…/nsa-cia-fbi-laptop-usb-plant-spy

NSA infected 50,000 computer networks with malicious software

Via nrc.nl:

NSA intercept operations worldwideThe American intelligence service – NSA – infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive information. Documents provided by former NSA-employee Edward Snowden and seen by this newspaper, prove this.

A management presentation dating from 2012 explains how the NSA collects information worldwide. In addition, the presentation shows that the intelligence service uses ‘Computer Network Exploitation’ (CNE) in more than 50,000 locations. CNE is the secret infiltration of computer systems achieved by installing malware, malicious software. […]

The NSA computer attacks are performed by a special department called TAO (Tailored Access Operations). Public sources show that this department employs more than a thousand hackers. As recently as August 2013, the Washington Post published articles about these NSA-TAO cyber operations. In these articles The Washington Post reported that the NSA installed an estimated 20,000 ‘implants’ as early as 2008. These articles were based on a secret budget report of the American intelligence services. By mid-2012 this number had more than doubled to 50,000, as is shown in the presentation NRC Handelsblad laid eyes on.

Read full article: http://www.nrc.nl/nieuws/2013/11/23/nsa-infected-50000-computer-networks-with-malicious-software/