Who I am, why I'm here.

Just wanted to say a few brief words about myself.

First off, I'm not a bodybuilder, but rather a privacy geek. I've long had an interest in privacy/encryption -- I was one of the early adopters of PGP back in the early 1990s, when it was a DOS/Unix command-line based program.

Over the years, I have watched, with a mixture of horror and fascination, as the various organs of the state surveillance apparatus have ramped-up their operations, increasingly broadening their scope over time.

Under the rubric of fighting crime (especially drugs and child abuse) and, much later, terrorism, the authorities have appropriated to themselves the right to spy on all of us. With the widespread adoption of computers, such surveillance is now easier than it's ever been.

I do what I can to fight this by teaching people how to effectively use the various privacy tools that are freely available out there.

To allay any potential concerns, I am most assuredly NOT here to sell anything. I have nothing to sell.... If you knew me, you'd realize that I'm the world's WORST salesperson. (I couldn't sell ice-cold water to people dying of thirst in the middle of the Sahara desert!)

The services that I use are free of charge, as is the majority of the software that I recommend. In general, I prefer to use/ recommend free, open-source software, but in some cases, I might recommend that people purchase from reputable sources such as PGP Corporation.

My only affiliation with any commercial sources that I may happen to recommend is that I either use them myself, and/or believe them to trustworthy, or I recommend them because they fill specific needs that some people may have that are either not met (or not as well met) by the open source offerings.

In the mid-to-late 1990s, there was a loose-knit group of people who called themselves Cypherpunks. Many of them had Libertarian leanings (which I do not share) but they envisaged a society where crypto-anarchy held sway; a society where a citizen had the power to control their own private information and government had little or no power to compel its production.

If anything, the Cypherpunks were far too idealistic, believing that, as in Field of Dreams, "If you build it, they will come".

All too naively, as it turned out, they believed that people would rush to adopt cryptography in order to protect themselves against an overweening surveillance state. They were the prototypical geeks; technically skilled, but without a fundamental understanding of human nature. What they didn't count on was that the overwhelming majority of the public in Western societies simply didn't care about privacy or government surveillance.

The Cypherpunks didn't count on sloth, on people being complacent, and completely unwilling to learn new ways of doing things. They were passionate about privacy, and it was largely beyond their ken that people could take the attitude:

"Why should I care? I'm not a criminal. I have nothing to hide."

I guess, in my own insignificant way, I'm still struggling to keep their dream alive.

Mirrorshades
 
Nice to meet u. I'm neo. If it wasn't for the fact I do most postings from my phone I'd def hit u up for some advice. U seem like a smart bro. :)
 
So.. do you do arm curls once in a while.... Welcome to the board... again I guess.
 
Nice to meet u. I'm neo. If it wasn't for the fact I do most postings from my phone I'd def hit u up for some advice. U seem like a smart bro. :)

I don't have a mobile phone -- I refuse to own/carry one.

Mobile phones are the most heavily surveilled devices currently deployed. Here is an article you may find interesting, if not downright chilling:

Meet the ?Keyzer Soze? of Global Phone-Tracking
By Spencer Ackerman
July 18, 2011 7:00 am
Categories: Crime and Homeland Security

Chances are you?ve never heard of TruePosition. If you?re an AT&T or T-Mobile customer, though, TruePosition may have heard of you. When you?re in danger, the company can tell the cops where you are, all without you knowing. And now, it?s starting to let governments around the world in on the search.

The Pennsylvania company, a holding of the Liberty Media giant that owns Sirius XM and the Atlanta Braves, provides location technology to those soon-to-be-merged carriers, so police, firefighters and medics can know where you?re at in an emergency. In the U.S., it locates over 60 million 911 calls annually. But very quietly, over the last four years, TruePosition has moved into the homeland security business ? worldwide.

Around the world, TruePosition markets something it calls ?location intelligence,? or LOCINT, to intelligence and law enforcement agencies. As a homeland security tool, it?s enticing. Imagine an ?invisible barrier around sensitive sites like critical infrastructure,? such as oil refineries or power plants, TruePosition?s director of marketing, Brian Varano, tells Danger Room. The barrier contains a list of known phones belonging to people who work there, allowing them to pass freely through the covered radius. ?If any phone enters that is not on the authorized list, [authorities] are immediately notified.?

TruePosition calls that ?geofencing.? As a company white paper explains, its location tech ?collects, analyzes, stores and displays real-time and historical wireless events and locations of targeted mobile users.?

?The capability of doing mass tracking is possible.?

It can also work other ways: pinging authorities when a phone used by a suspected terrorist or criminal enters an airport terminal, bus station or other potential target. And it works just as well in monitoring the locations of phones the suspect?s phone calls ? and who they call and text, and so on.

For the past four years, TruePosition has quietly taken that tracking technology global. In the U.S., Varano says, TruePosition sells to mobile carriers ? though it?s cagey about whether the U.S. government uses its products. But abroad, it sells to governments, which it won?t name. Ever since it came out with LOCINT in 2008, he says, ?Ministries of Defense and Interior from around the world began beating down our door.?

That?s got some surveillance experts and mobile activists worried. Keeping suspected terrorists away from nuclear power plants and discovering their networks of contacts is well and good. But in the hands of foreign governments ? not all of whom respect human rights ? TruePosition tech can just as easily identify and monitor networks of dissidents.

For a company that can do so much to find out where a mobile user is, few outside of the surveillance industry know much about TruePosition. That?s a deliberate strategy on the company?s part, to keep a ?low profile from jump,? Varano says. It grants few interviews ? a little-noticed Fox News story from 2009 is a rare exception ? and discloses little about its foreign clients. Several surveillance experts contacted for this story were unfamiliar with the company.

The result, says Christopher Soghoian, a graduate fellow at Indiana University?s Center for Applied Cybersecurity Research, is to make TruePosition the most important global geolocation company you?ve never heard of. ?It?s like that line about Keyser Soze from The Usual Suspects ? the greatest trick the devil ever pulled was convincing the world he didn?t exist,? Soghoian says. ?They?ve done the same thing. Staying entirely below the radar.?

Source: http://www.wired.com/dangerroom/tag/christopher-soghoian/

Mirrorshades
 
Crap. Well I'm stuck with one regardless. :o. Does it change anything that I'm a Canadian. As our legal systems are different.
 
Crap. Well I'm stuck with one regardless. :o. Does it change anything that I'm a Canadian. As our legal systems are different.

Never fear! Our glorious Fuhrer (Heil Harper!) plans to introduce his "lawful access" legislation sometime this Spring. Here are some excellent articles on this important subject:

Issue: 80
Section: Canadian News
Geography: Canada
Topics: internet, lawful access, Privacy, surveillance
December 23, 2011

Online Privacy and the Police
Tory government pulls controversial online security bills, but concerns remain
by Kimberly Croswell

Source: http://www.dominionpaper.ca/articles/4294#

VICTORIA?It won?t be long before Canadian privacy laws regarding telecommunications come under attack again. These laws apply to technologies everyone relies on?from cell phones to the Internet. And as seen before, the federal government is likely to soon change them in a push towards facilitating online surveillance of individuals? lives. If the government succeeds, it would mean online monitoring could be done without a warrant and other impingements on Canadians? rights to privacy.

When parliament started with a Conservative majority in fall 2011, many privacy rights experts and advocated worried that the Conservative were going to push for ?Lawful Access? measures in the Omnibus Crime Bill C-10. These measures, which failed to pass the last parliament, would change the rules around what the state can and cannot monitor. They?re designed to expedite the passing of a variety of laws, from raising mandatory minimum sentences, to harsher sentencing for young offenders, and even providing victims of terrorism the right to sue for compensation.

Canada?s Federal Privacy Commissioner, Jennifer Stoddart, supported by many Provincial Privacy Commissioners opposed the ?Lawful Access? measures in an open letter, dated October 26, 2011, to the Deputy Minister of Public Safety, Mr. William V. Baker. After outlining how the new laws would ?make it easier for the state to subject more individuals to surveillance and scrutiny,? Stoddart went on to point out that there is a lack of evidence to support those measures.

?At no time have Canadian authorities provided the public with any evidence or reasoning to suggest that CSIS or any other Canadian law enforcement agencies have been frustrated in the performance of their duties as a result of shortcomings attributable to current law, [telecommunications service providers] or the manner in which they operate,? she wrote.

Stoddart wasn?t alone in the mobilization against ?Lawful Access?. Many NDP government critics penned letters condemning the proposed laws, and grassroots groups such as Openmedia.ca opened a petition, ?Stop Online Spying?, that was signed by more than 70,000 Canadians.

The ?Lawful Access? provisions, however, were in the end removed from the omnibus crime bill before it was formally tabled in September. But even though they aren?t currently up for consideration, many critics believe they will undoubtedly return to the table. Whether they are to be reintroduced with or without changes remains uncertain.

The ?Lawful Access? measures were first introduced in the 40th parliament in November 2010 via three complimentary internet crime bills, designed to tighten governance of Canada?s cyberspace: Bill C-50, Improving Access to Investigative Tools for Serious Crimes Act; Bill C-51 Investigative Powers for the 21st Century Act; and Bill C-52, Investigating and Preventing Criminal Electronic Communications Act.

Looking at the bigger picture, the government was presenting each new item of Internet law as a stand-alone policy necessary to ?modernize? telecommunications (ie, the Internet) in a bid to hide the interlocking nature of what is emerging: each new law, once passed, sets the stage for the next, facilitating unprecedented powers to implement mass online surveillance. [Emphasis added]

To begin, let?s look at some of the ?modernization? items included in Bill C-51, The Investigative Powers for the 21st Century Act. Firstly, the bill has been crafted to take advantage of technological developments in order to extend surveillance powers. For example, if a warrant to secretly install a tracking device is obtained, this legislation ?upgrades? its use to permit an officer to take advantage of the tracking capabilities installed in some cell phones and vehicles by allowing their remote activation. Then, there are changes in terminology within existing laws, such as the replacement of out-dated vocabulary like ?telephone? and ?pager? with an umbrella term, ?telecommunication device.? The new term is intended to be vague enough to include current and future technological developments, covering all possibilities of surveillance in ways never imagined before the technology came along and anticipating the seamless integration of ever newer and more robust capabilities.

Reflecting the desire of authorities to have the ability to track and contain information in a timely fashion, C-51 also includes new data retention and retrieval powers in the form of Preservation Demands and Preservation Orders directed at Telecommunications Service Providers (TSPs). Preservation Demands may be made by police officers, and judges authorize Preservation Orders. The purpose of both Preservation Demands and Orders is temporary: to preserve data on file to ensure it is not deleted or altered while waiting for a search warrant or a Production Order, which is yet another new tool.

Production Orders are like search warrants, but instead of requiring officers to physically search and seize equipment and data, the individual or business entity on the receiving end of a Production Order must obtain and deliver the requested information to the authorities. The information obtained in a Production Order, is historical, which includes anything the TSP has available in data storage at the time. However, requests for ?real-time? data, in other words, information that can be captured or recorded as events unfold, do require a warrant.

Furthermore, in an aside comment in the legislative summary, Production Orders are viewed as tools specifically designed to obtain information from other countries, which indicates reciprocal agreements between countries are in effect.
[Emphasis added]

Moving on, one of the main concerns around Bill C-52 is the legitimization of warrantless wiretapping. This is the concern of Bill C-52, which concentrates on TSPs obligations to upgrade and retrofit infrastructure to enable data reporting to policing authorities. The bill provides extensive lists of fines and punishments if TSPs do not comply. The most invasive point of compliance in the proposed legislation is the creation of a new class of authorities, to whom the TSPs must supply information. The Commissioner of the RCMP, the Director of CISIS, the Commissioner of Competition, and any head of a police force constituted under the laws of a province may appoint such individuals who are ?designated? to ask for such information, but the number of officers authorized with these new powers cannot total more than 5% of a policing agency. Interestingly, C-52 also establishes a new class of administrator whose role is to verify whether the TSPs have complied with the Act: they can test, investigate, search, examine, and print or reproduce any information at any telecommunications facility, all without a warrant, except when the facility is located in a personal residence. [Emphasis added]

If Bill C-52 becomes legal reality, TSPs have 18 months to fulfill their obligations and install the appropriate software to facilitate these measures and must submit a status report outlining their progress within the first 30 days. Smaller service providers (less than 100,000 subscribers) need only provide a physical access point to conduct interceptions. In the past, opponents to ?Lawful Access,? speculated costly upgrades Canadian TSPs will have to undergo to enable their transformation into surveillance state tools might derail the legislation, but Bill C-52 stipulates government assistance will be provided to help integrate surveillance technology for newly ?deputized? TSPs.

In anticipation of the government?s current move, Canadian TSPs actually began writing into their service agreements the right to disclose customer information, should they be required by law to do so, as early as 2006. Indeed, elements of ?Lawful Access-like? cyber-legislation already exist in current copyright and privacy bills.

Recently, at a September 2011 press conference announcing Bill C-11 (previously Bill C-32), The Copyright Modernization Act, evidence of the current capacity to retain users? data and identify content was offered by Bell Canada representatives, who discussed past incidents of having to turn over some of their customers? IP addresses to investigators.

In the same month, Bell Canada, Videotron, and Cogeco were hit with a court order to provide the IP addresses of customers who had violated copyright by downloading pirated copies of The Hurt Locker. The movie was released a year ago, in October 2010, and the first American copyright court cases emerged last May, with Canadian court orders served in September. Whether Bell is capable of retaining its users? data for the entire year the movie was available, or if limited storage capacities affected the amount of data they have on their users, is unclear. What is certain is that changes to Canada?s copyright laws will undoubtedly benefit from the pending expansion of online investigative capacities.

Another ?Lawful Access? puzzle piece has recently turned up in the form of an amendment to a law originally written to protect the online privacy of business transactions, The Personal Information Protection and Electronic Documents Act (PIPEDA), passed in 2000. The proposed amendment has been compared to the U.S. Patriot Act. It allows companies, of their own volition, to hand over personal files to the authorities without a warrant and, if the authorities deem it necessary, they may also be required to sign a non-disclosure agreement to keep the individual in question in the dark.The specific circumstances under which some companies may consider it necessary to hand over personal information is unclear, but presumptions of illegal behaviour are undoubtedly a factor.

The range of bills by which personal information can be disclosed without judicial oversight demonstrates an alarming trend in the government?s disrespect for privacy standards. Critics need to expand the parameters of analysis to reveal the larger pattern, but targeting the re-introduction of Bills C-51 and 52 is a start. As Lindsay Pinto, spokesperson with Openmedia.ca reflects, ?Public pressure knocked online spying out of the omnibus though, and it seems to be delaying the release of the bills?we at OpenMedia.ca are still confident that Canadians can convince [Public Safety Minister] Toews to do the right thing and adjust the legislation to include comprehensive internal controls, clear oversight from the courts, meaningful deterrents, and a system of enforcement.?

Kimberly Croswell is a freelancer who lives on
traditional Lekwungen Territory in in Victoria, BC. Questions? Comments? Drop us a line: info@mediacoop.ca.

The Dominion is a monthly paper published by an incipient network of independent journalists in Canada. It aims to provide accurate, critical coverage that is accountable to its readers and the subjects it tackles. Taking its name from Canada's official status as both a colony and a colonial force, the Dominion examines politics, culture and daily life with a view to understanding the exercise of power.

As Canadian privacy lawyer David T.S. Fraser described it:

Sunday, October 30, 2011
Why lawful access legislation should not be allowed

This is why lawful access legislation should not be allowed to pass.

The Guardian is reporting on equipment being used by London's Metropolitan Police to eavesdrop on cell phones: Met police using surveillance system to monitor mobile phones | UK news | The Guardian.

The last iteration of lawful access legislation that fell off the order paper with the last federal election would have allowed police to obtain any of the following information, without a warrant, without oversight, without justification and even without any active investigation:

name,
address,
telephone number and
electronic mail address,
Internet protocol address,
mobile identification number,
electronic serial number,
local service provider identifier,
international mobile equipment identity number,
international mobile subscriber identity number and
subscriber identity module card number that are associated with the subscriber?s service and equipment.

In the abstract, that may sound innocuous, but it's far from it.

The equipment described in the Guardian article allows police to scan the airwaves and pick out the unique identifiers for all cell phones in the area. With that identifier, they can get any of the above information, again without a warrant and without any justification. Such a device could be used to identify anyone at a lawful protest, regardless of whether they had done anything wrong. We expect to carry on our lawful lives free from police intrusion unless a judge can be persuaded that the police are justified in their intrusion into your life, including the fact that the intrusion relates to a lawful investigation into criminal wrongdoing. Lawful access would remove the only check and balance, allowing police the ability monitor citizens without any reason.

This is not the country we should aspire to live in.

Source: http://blog.privacylawyer.ca/2011/10/why-lawful-access-legislation-should.html

Saturday, December 03, 2011
Public Safety minister continues to mislead about "phone book information" and lawful access

In today's Globe & Mail, the Public Safety Minister continues to peddle the wholly erroneous and completely misleading line about "phone book information".

Dec. 3: Letters to the editor - The Globe and Mail

The poop on e-snoop

Re Tories Have Yet To Prove Case For E-Snooping Bill (online, Dec. 1): Technology is a critical aspect of the way Canadians do business and communicate with each other. But as technology advances, criminal activities become easier. The government will propose legislation that strikes an appropriate balance between the privacy rights of Canadians and the ability of police to enforce our laws.

We will allow police to access ?phone book?-type information from Internet service providers. If it becomes necessary to find a suspect's name, address, phone number or other similar identifier, ISPs will be required to disclose that information. ISPs will be required to have the capacity to allow police to investigate ? strictly with a warrant ? all communication methods.

Let me be clear: No legislation proposed will create powers for police to read e-mails without a warrant. Our proposed approach of linking an Internet address to subscriber information is on par with a phone book linking phone numbers to a residential address.

Vic Toews, Minister of Public Safety, Ottawa

If you want a definitive view on how this is completely misleading, check out this great analysis by Christopher Parsons: "The Anatomy of Lawful Access Phone Records".

Most notably, the article he is responding to is about the fact that the government hasn't made any compelling case for why it is necessary and a letter to the editor would have been a good opportunity to do so. He didn't. Not at all. Not one iota. They haven't even attempted to make a compelling case.
Posted by David Fraser at 12/03/2011 10:09:00 AM

The Anatomy of Lawful Access Phone Records
Posted on November 21, 2011 by Christopher

Photo by mjecker

Canadian advocates, government officials, and scholars are all concerned about the forthcoming lawful access legislation. A key shared concern is that authorities could, under the legislation, access telecommunications subscription records without court oversight. Moreover, as a condition of accessing these records businesses might be served with gag orders. Such orders would prevent Canadians from ever knowing (outside of court!) that the government had collected large swathes of information about them. In response to concerns aired in public, the Public Safety Minister has insisted that the legislation would merely let police access ?phone book? information from telecommunications providers.

I maintain that such assertions obfuscate the sheer amount of information contained in the records that authorities would collect. The aim of this post is to make clear just how much information is contained in a single lawful access ?phone record?, demonstrating that the government is seeking information that grossly exceeds what is contained in the white or yellow pages today. As a result, I first provide an example phone record that resembles those in every phonebook in Canada and then offer an example of a lawful access record. Remember that such requests may be filed to multiple service providers (e.g. Internet service provider, web forum hosts, blogs, mobile phone companies, etc) and thus a swathe of records can be combined to generate a comprehensive picture of any particular individual. By the conclusion of the post it should be evident that information provided under lawful access powers is more expansive than the phone records government ministers allude to and lay bare those ministers? technical obfuscations.

Phonebook Records, Today

In his response to the Information and Privacy Commissioner of Ontario, Vic Toews (Public Safety Minister) insisted that police would simply have access to ?phone book? information under the forthcoming lawful access legislation. He asserted that, ?Our proposed approach of linking an internet address to subscriber information is on par with the phone book linking phone numbers to an address.? While government officials insist Toews? response obfuscates just how expansive lawful access records are from traditional phone records, it is arguably challenging for the lay public to grasp the amount of information contained in the proposed subscriber record fields. So, let?s consider the differences between a phone book record accessible in your home, today, using a phone book and ?phone book? data the federal government wants to make available to authorities without a warrant. The following resembles a phone record reminiscent of one in a phone book today:

John Smith, 456 Westminister Ave . . . . . . (636)-421-6124

This record contains the listed name of an individual, the address associated with the phone number, and the area and local code for the telephone service. Not all individuals provide full details in the phone books that are distributed each year. Some individuals have their addresses removed or substitute their full names with their initials. Such modifications are often the result of people feeling uncomfortable with fully disclosing their address, phone number, and name in one publicly accessible location. Using this information you can (potentially) learn where the individual associated with a phone number lives, but you do not necessarily discover the names of particular individuals living in the home, number of people in the home, and so forth. Thus, where multiple people share a single phone and address the subscriber record may be somewhat nebulous; while it should identify an individual at the address it is questionable whether that particular individual interests the authorities.
Phonebook Records, Tomorrow

The ?phone records? that Minister Toews is talking about are quite a bit larger, and far more descriptive, than those found in the local yellow or white pages. As I?ve depicted them, one line grows to six, and three data items explode to eleven descriptively rich fields. The expanded list will be available as phone records to authorities but not to individuals. This stands as a clear distinction between a phone record that individuals think of in phonebooks and the record that authorities will have access under lawful access legislation. An updated record might appear as follows:

John Smith, 456 Westminister Ave . . . . . . (636)-421-6124
jsmith@example.com . . . . . . . . . . . . I.P., 10.0.0.100
MIN, 250-5211-0091 . . . . . . . . . SPID, 636-421-6124-00
ENS . . . . . . . . 1000 0010 0001 1010 0000 0101 0110 1111
IMEI, 35-209900-176148-23 . . . . . IMSI, 310-150-564857956
SIM . . . . . .. . . . . . . . . . . 894411 0112 12333344 4

Most of what is contained in these eleven fields will be foreign to the average user. In light of this, let?s turn to unpack the new record in a line-by-line format.

The first line is identical to your typical phone book record. Note that the phone number here would be a permanent number, such as the number to call if the mobile number identified in line three is inoperable. Obviously there may be instances where there isn?t a distinction between the phone numbers in those lines if the mobile subscriber either lacks a landline or alternate mobile phone. Further, where the telecommunications service provider, such as a web forum, only has a single phone number then a mobile number might be situated on this line.

Line two offers the email address and Internet Protocol address of the subscriber in question. Email addresses will be tied to particular accounts; you may have one email address for a web forum, another for purchases online, and yet another for personal correspondence from your Internet service provider. While a singular email address is given here, this is representative of a single subscriber record from a single telecommunications service provider. It is likely that different emails (and, thus, different ?phone records?) are kept by each of the service providers you engage with on a daily basis. The Internet Protocol address is assigned to you by your Internet service provider and is an essential element to accessing the Internet itself. IP addresses identify where data originates from and should be sent towards. Your IP address is likely either dynamic (changes with some degree of frequency) or static (permanently assigned to your modem). Regardless, using an IP address authorities could identify your Internet service provider and, from there, demand that the Internet provider disclose which subscriber was assigned the IP address at some particular time. Given that many IP addresses are dynamic it is possible that different telecommunications service providers will have different addresses attached to your record instead of the singular address offered in the example line two.

The third line contains the Mobile Identification Number (MIN) and Service Provider Identifier (SPIN). This line is needed for subscriber records associated with mobile phone/device usage. The MIN uniquely identifies a mobile device on a mobile provider?s wireless network and can be used to dial to and from the device. While the record that I provide is accessible to the human eye, MINs are typically kept in a database in two components. The area code is often stored in a 10 bit MIN2 section and the local portion in a 24 bit MIN1 section. (See UK ESN/MIN Grabbing for more information on how these two sections are divided.) Unlike other serials and codes, which are engrained into the hardware of a device, a MIN is stored in a mobile providers? database and can be changed. A SPIN is a unique number assigned to service providers so that telecommunications switch owners and service providers can enter financial relationships for the purposes of carrying traffic. The number identifies the company that ?owns? the account associated with the traffic. Thus, even when calling using a Rogers mobile phone on the AT&T network, the SPIN will help to ascertain that Rogers (and, ultimately, the account owner) is responsible for paying for using the AT&T network.

The fourth line holds the Electronic Serial Number (ESN), a number that is encoded into each mobile device as a 32-binary bit number. It is embedded into the device by the manufacturer and thus is not assigned by a mobile telephony/Internet company from whom a device is purchased. The ESN is often checked against the MIN to prevent fraud. Specifically, while an individual could try and have their MIN changed to try and receive free services, by correlating the MIN and ESN in the providers? database the likelihood of successfully conducting fraudulent activities are diminished. Moreover, with the ESN it is possible to ascertain whether the same phone is being used across a set of wireless carriers? networks.

The fifth line contains the International Mobile Equipment Identification (IMEI) and International Mobile Subscriber Identification (IMSI) numbers. These numbers are tied to mobile devices (e.g. phones, 3G-capable tablets). The following information can be derived from the IMEI number used in the example above, ?35-209900-176148-23″: that the number was issued by the British Approvals Board for Telecommunications (?35″) and given allocation code ?2099″. The ?00″ reveals the period of time when the device was manufactured, ?176148″ reveals the serial number issued to the model of device, and the ?23″ reveals the version of software installed on the phone. The IMSI identifies the mobile country code (?310), mobile network code (?150″), and mobile subscription identification number (?564857956″). ?310″ is the number associated with America, and ?150″ with AT&T. As a result, with the IMEI and IMSI numbers you can ascertain when the device was made, serial of the device, version of its software, nation of usage-origin, carrier-of-origin, and the subscriber code of the carrier associated with the device.

Line six has the Subscriber Identification Module (SIM) number. This number, ?894411 0112 12333344 4″ in our example, is broken into subcomponents to identify different bits of information. The first two digits (?89″) are associated with the telecom operators identifier. ?44″ refers to the country code and ?11″ to the network code the module is associated with. The next four digits (?0112″) indicate the month and year of the SIM?s manufacture and following two numbers (?12″) of the switch?s configuration code. The next six numbers disclose the SIM number itself and the last holds the digit to confirm the validity of the SIM serial itself.

Perhaps it needn?t be stated, but as should be clear there is a significant difference between a ?phone record? in a phonebook and a ?phone record? under the Canadian government?s proposed lawful access legislation. A phone number and address does not reveal the manufacturer of a mobile device, when it was made, when elements of the phone were provisioned, the provider of the telephone services, and so forth. Instead, the lawful access record affords a trove of data that is far in excess of what a citizen would find when they looked up a name, address, or phone number in the hardcopy phonebook that is delivered to their door each year.
Aggregating Records for Citizen Transparency

Not all telecommunications service providers could make available a full post-lawful access legislation ?phone record.? However, once authorities have a single piece of information they can then move to other service providers to develop a full record, one that could subsequently be used to map a person?s presence on the Internet, their habits, and their activities. Using open source intelligence, the email address can be employed to determine what other services are attached to that email address, and using the IP address authorities can determine where a person is accessing the Internet from (i.e. was the IP address leased to a cafe? to a home? to a business? to a mobile network?) and the billing records associated with that IP address. If browsing from Starbucks, the cafe might be able to turn over a log of users who used their wireless network during the time authorities are interested. If browsing from home, or your own mobile device, then the subscriber records associated with that billing address might be available. And, if browsing from a friend?s phone or computer, then their information might be given to police regardless of your friend?s interest to the police.

Remembering back to the discussion of traditional phone records, it is possible that multiple people share the same account and thus what turns up in the phonebook remains somewhat ambiguous. This may remain so when dealing with communal Internet connections but is far less true when dealing with mobile devices. Phones have, for many people, become fetishes that are carried on one?s person and jealously protected from third-party intrusion. Thus, the ability to ascertain who owns, and is using, a particular mobile device is far less ambiguous than who subscribes to, and uses, a landline phone. Using contemporary policing technologies such as IMSI catchers, authorities can de-anonymize a crowd by catching the IMSI associated with each phone and immediately requesting subscriber data from mobile phone providers. While it may not be legal for authorities to engage in ruses to compel individuals to identify themselves when those individuals have done nothing wrong, with IMSI catchers no ruse is needed for the identification process to occur. The term ?papers please? is a distinctly analogue notion, one that can be abandoned by authorities in possession of IMSI catchers and lawful access powers.

Surveillance is being automated, and vendors are accelerating the rates that records can be collected and analysed to meet the needs and expectations of the multibillion dollar surveillance complex that has significantly grown post-9/11. Developers are not about to slow the rate of their surveillance innovations in the face of regulation that permits more expansive surveillance, records collection, and correlation of online actions with those records. Technology, however, does not determine the course of society: technology and society are mutually entwined, with each influencing the other. While surveillance architectures are being developed, if their uses are either illegal or are accompanied by high administrative or financial burdens then the architecture can lay substantively dormant save for in truly exceptional times associated with incredibly significant events. Legal friction can encourage such high costs by outlawing particular ways of collecting subscriber information and requiring administrative burdens (e.g. the warranting process) to force authorities to intentionally assign resources to access subscriber records. Reducing legal and administrative frictions in an era where technical frictions are quickly becoming a thing of the past is a recipe for expanded government surveillance. Such surveillance can detrimentally affect individuals by chilling speech and association, harm businesses by increasing the costs of complying with regulation, and force citizens to pay for their own surveillance in increased service costs and by way of their charter rights. We must avoid such harms and, as such, retain administrative and legal frictions to ensure that strong oversight bodies exist and that appropriate frictions accompany novel policing and intelligence powers.

Source: http://www.christopher-parsons.com/blog/technology/the-anatomy-of-lawful-access-phone-records/

If, after reading this, you're not frightened, you haven't been paying attention.

Mirrorshades
 
Last edited:
What does he want us to do? We probably all have a closet with a few vials in it. I don't want to be pissing off any gubment or LE at this point.
 
What does he want us to do?

What I'm willing to do is invest some time and effort to help people to learn to use some tools and techniques that will even up the score a little bit. Why should the Feds have all the advantages?

I'm willing to teach, if people are wiling to learn. If you're interested, great! However, if you're not, that's fine too.

We probably all have a closet with a few [skeletons] in it. I don't want to be pissing off any gubment or LE at this point.

I would argue that it's not the government per-se, that you have to worry about, at least in the short-term; what you should be far more worried about is pissing someone else off, and having them turn you into the authorities, for whatever reason.

Part of this is due to what I've come to refer to as "the culture of informing" which seems to have firmly taken root in our respective societies.

What I mean is: LEA seem to rely very heavily on tips to begin investigations -- while the occasional case does fall unbidden into their laps, like manna from heaven, I believe this to be the exception, rather than the rule. (An example of this would be a traffic stop, where a search of the vehicle reveals quantities of contraband.)

All of this stands to reason -- there are only so many hours in the day, so many boots on the ground. The authorities cannot be everywhere, they cannot see everything, so they depend on others to be their eyes and ears. Some do it willingly, perhaps because of hard feelings over a failed business dealing, or perhaps, romantic reasons, e.g. jealousy.

Some are less willing, being coerced by the authorities to finger others in order to obtain a better deal for themselves. It's no coincidence that the phrase, "Dropping the dime" on someone has become a part of the vernacular.

During the last 30 years, the number of laws on the books have exploded, to the point where today, no one knows precisely how many are on the books, (See below for more details).

Some 2,000 years ago, the Roman historian Caius Cornelius Tacitus famously said: "The more corrupt the state, the more numerous the laws."

How sad it is that we have learned so little in the last 2,000 years. I would argue that not a day goes by, that the average citizen breaks half a dozen laws that they did not know even existed. This over-abundance of laws, coupled with an almost manic zeal on the part of some police and prosecutors has led to some almost unbelievable miscarriages of justice.

The strange case of McNab v. United States could have come straight out of the pages of Franz Kafka.

Mr. McNab and some associates were convicted of a violation of the Lacey Act, money laundering and conspiracy charges, for which Mr. McNab spent just over 8 years in prison.

What was their crime? Smuggling drugs, guns? No. Nothing so dramatic. Their crime was allegedly violating Honduran law regarding the export of seafood, specifically, lobster.

Mr. McNab is a Honduran national, and was in the seafood business. His business consisted of purchasing seafood (primarily lobster) from Honduran fishermen. This seafood was then exported to the United States where it was (and still is) sold to restaurants such as Red Lobster.

An anonymous fax was sent to American authorities reporting that Mr. McNab was importing 30,000 pounds illegal lobster tails from Honduras. The reason these were allegedly illegal was:

1) They were packaged in plastic bags, instead of cardboard boxes, as arequired by Honduran law; and 2) Some of them were less than 5.5 inches in length, also prohibited by Honduran law. .

As a Honduran national, Mr. McNab was denied bail, and imprisoned immediately after the charges were laid, being labelled as a flight risk by the U.S. government.

It is interesting to note that Mr. McNab was not prosecuted by his own government (Honduras) but by the U.S. government under the Lacey Act. The Lacey Act makes it an offence to violate another country's fish or wildlife statues or regulations.

Because these lobster were imported into the United States, the U.S. government decided to prosecute McNab and his associates for violating Honduran law. Naturally, as could be expected, the charges were grossly exaggerated or inflated:

Normal business dealings were painted as conspiracy; normal payments for goods were characterized as money-laundering, and normal importation of product was condemned as smuggling. The U.S. government further painted the defendants as deliberate criminal smugglers, incorrectly stating that the majority of their shipment was illegal -- only about 3% of the shipment were undersized, but the government behaved as if the bulk of the seized seafood were illegal.

The authorities would never have known about this, had someone not sent an anonymous fax to the Feds from a local Kinkos. One of McNab's associates believed it was a business competitor, trying to get even with him.

You can read all the sordid details at the following site:
http://www.overcriminalized.com/CaseStudy/McNab-Imprison-by-Foreign-Laws.aspx

Estimates of the current size of the body of federal criminal law vary. It has been reported that the Congressional Research Service cannot even count the current number of federal crimes.3 The American Bar Association reported in 1998 that there were in excess of 3,300 separate criminal offenses.4 More than 40 percent of these laws have been enacted in just the past 30 years, as part of the growth of the regulatory state.5 And these laws are scattered in over 50 titles of the United States Code, encompassing roughly 27,000 pages.6 Worse yet, the statutory code sections often incorporate, by reference, the provisions and sanctions of administrative regulations promulgated by various regulatory agencies under congressional authorization. Estimates of how many such regulations exist are even less well settled, but the ABA thinks there are "[n]early 10,000."7 The appetite for more federal criminal laws is driven principally by political consideration,8 and not by any consideration of whether particular laws are intrinsically federal in nature.9 The growth of "public welfare" offenses will, therefore, be restrained (if at all) only by a public or a court system educated as to the need for restraint.

Source: http://www.heritage.org/research/re...riminalization-of-social-and-economic-conduct

Mirrorshades
 

New Posts

Trending

Back
Top