Privacy, Big Brother (State and Corporate) and the 4th & 9th Amendments

[G M]

San Francisco’s crime cameras were first installed in 2005 as a crime-fighting tool when The City’s homicide tally reached a decade-high 96. Advocates billed the cameras, which continuously record the activities in crime hot spots throughout San Francisco, as a creative new way to deter illegal behavior.
 
For a map of locations of San Francisco's crime cameras and more information, click on the photo to the right.
 
But the cameras have since become more than just a crime-fighting tool. They have also become a tool exploited by defense lawyers who often seek footage from the cameras to exonerate falsely accused clients. The footage is not monitored in real time, but can be reviewed upon request by attorneys, police and prosecutors.
 
Nearly one-third of 109 requests for footage made last year came from defense attorneys, according to data supplied by The City in response to a public records request by The San Francisco Examiner.
 
Criminal defendants have been cleared or had charges reduced when footage proved their alibis or disproved police or witnesses’ accounts of incidents.
 
“We’ve incorporated the existence of surveillance tapes into our practice,” Public Defender Jeff Adachi said, adding that his office has a list of all the city surveillance cameras and his attorneys are trained to request the footage.
 
“It is hit or miss. You have an obligation to secure that evidence,” Adachi said. “They have proven valuable in some cases.”
 
Deputy Public Defender Kwixuan Maloof was the defense attorney in one of the more well-known cases where surveillance camera footage resulted in someone being exonerated. Maloof’s client, 44-year-old Michael Cooper, had a 2008 murder charge dropped when the footage showed Cooper was acting in defense of a disabled woman.
 
“In that case, there were witnesses that gave statements to the police that were blatantly false,” Maloof said.
 
The 71 cameras, once at the center of budget battles and political sparring over civil liberties, remain in operation in 24 locations, selected for their high-crime concentrations. The system costs $200,000 annually to operate.


Read more at the San Francisco Examiner: http://www.sfexaminer.com/local/crime/2011/07/san-franciscos-crime-cameras-zoom-innocent

[bigdog]

Very interesting.  While I still do not like the presence of cameras on every street corner, the unintended consequence here is a nice one.  Thanks for sharing this article also.

[G M]

Very interesting.  While I still do not like the presence of cameras on every street corner, the unintended consequence here is a nice one.  Thanks for sharing this article also.

Evidence is evidence. The evidentiary techniques that can lead to convictions can also lead to acquittals. DNA can put a guilty man on death row, and free an innocent from it.

[Crafty_Dog]

I'm with BD on this.

[G M]

Obviously cameras are not a crime fighting silver bullet, though there are certain locations where they are useful. At 200,000 dollars a year, I think it is worthwhile. Given salary and benefits, 200,000 probably would barely cover the cost of two entry level SFPD officers.

[G M]

The Investigation into the Death of Leibby Kletzky
From the moment Leibby disappeared to his horrifying discovery, the investigation moved at a rapid pace. Police were able to quickly piece together surveillance video that led them to Levi Aron and the little boy's body. Pei-Sze Cheng takes us through the investigation step by step.

http://www.nbcnewyork.com/news/local/The_Investigation_in_the_Death_of_Leiby_Kletzky_New_York-125541418.html

[G M]

http://www.fox40.com/news/headlines/wpix-missing-boy-body,0,4230265.story?track=rss

Commissioner Kelly said that police arrested Aron at his home at 466 East 2nd St. in Brooklyn at 2:40 Wednesday morning. When cops first stormed up to Aron's third-floor attic apartment at 2:00 A.M., they found the door ajar, Kelly said. Detectives asked Aron where the boy was, and Aron pointed to the refrigerator in his apartment. Cops found blood stains on the refrigerator door, which they opened to find a bloody cutting board, a knife and body parts.

"[Aron] killed him [in the apartment], then dismembered the body," Commissioner Kelly said at a press briefing at Police Headquarters Wednesday morning. Further questioning resulted in Aron telling detectives that he had moved more of the boy's remains to a dumpster two miles away in South Park Slope.

Police responded to that dumpster on 20th Street near 4th Avenue minutes later. Inside, they found a plastic bag inside a suitcase. Inside that bag were some of the boy's remains.

"I heard [the detectives] say they had a head and a torso," Samantha Hernandez told PIX11 News.

She lives in an apartment building two doors up from where the dumpster was, and watched the scene unfold outside her window. She and her brother also ran up to the roof of their building to see what was unfolding in the early morning investigation.

"They had a... bag," she said, "tied at both ends, and it wasn't as long as the boy['s body] that I saw on the video."

She's talking about surveillance video of the last minutes before Leiby Kletzky (pronounced, "Lye - bee Kletz - key") vanished.

In the video, the boy wanders around the corner of 18th Avenue and Dahill Road in Borough Park around 5:30 p.m. Monday, then is approached by a man. Commissioner Kelly identified the man as Aron. Kelly said that the boy had been walking home from his day camp for the first time ever and got lost. Leiby Klotzky apparently asked Aron for directions. Aron talkes with the boy, then leaves to go into a nearby dentist's office to pay a bill. For seven minutes, Leiby waits on the corner, possibly having been told by Aron to stay there. Aron returns, and the boy who's been described as autistic ends up getting into a 1990 gold-colored Honda with Aron.

That car, according to the commissioner, was found by volunteer community searchers near Aron's home, which is about six blocks from where the surveillance video was recorded. The volunteers alerted police in one of two major breaks in the case, according to Commissioner Kelly.

The other break came from the dentist's office out of which Levi Aron emerged to pick up the boy. Detectives reached the dentist at his home in New Jersey overnight Tuesday and got access to records showing that Levi Aron had been in the dentist's office minutes before Kletzky disappeared. That linked Aron to the surveillance video and the license plate number of the car that volunteers found matched Aron as well.

Once investigators connected the clues, they swooped in, and the case quickly unfolded.

[Crafty_Dog]

I noted that when I read about the case.  A powerful example for your POV.

[G M]

http://volokh.com/2011/07/15/dc-circuit-holds-that-new-airport-screening-security-measures-comply-with-the-fourth-amendment/



DC Circuit Holds that New Airport Screening Security Measures Comply With the Fourth Amendment

Orin Kerr • July 15, 2011 11:19 am


The new airport screening measures involving millimeter wave technology and backscatter technology — together with the opt-out of a pat-down — have received a great deal of public attention. Back when the new measures were first widely introduced, I blogged about why a Fourth Amendment challenge to the new practices was an uphill battle. Today, the DC Circuit handed down an opinion in EPIC v. Department of Homeland Security holding that the new practices comply with the Fourth Amendment. I believe this is the first clear court ruling on the question, and it’s certainly the first from a federal court of appeals. The opinion is by Judge Douglas Ginsburg, and it was joined by Judges Henderson and Tatel. From the opinion:


[T]he petitioners argue that using [Advanced Imaging Technology] AIT for primary screening violates the Fourth Amendment because it is more invasive than is necessary to detect weapons or explosives. In view of the Supreme Court’s “repeated[] refus[al] to declare that only the least intrusive search practicable can be reasonable under the Fourth Amendment,” City of Ontario v. Quon, 130 S. Ct. 2619, 2632 (2010) (internal quotation marks omitted), and considering the measures taken by the TSA to safeguard personal privacy, we hold AIT screening does not violate the Fourth Amendment.

As other circuits have held, and as the Supreme Court has strongly suggested, screening passengers at an airport is an “administrative search” because the primary goal is not to determine whether any passenger has committed a crime but rather to protect the public from a terrorist attack. See United States v. Aukai, 497 F.3d 955, 958–63 (9th Cir. 2007) (en banc) (passenger search at airport checkpoint); United States v. Hartwell, 436 F.3d 174, 178–81 (3d Cir. 2006) (Alito, J.) (same); United States v. Edwards, 498 F.2d 496, 499–501 (2d Cir. 1974) (Friendly, J.) (carry-on baggage search at airport); see also Illinois v. Lidster, 540 U.S. 419 (2004) (police set up checkpoint to obtain information about earlier crash); Mich. Dep’t of State Police v. Sitz, 496 U.S. 444 (1990) (sobriety checkpoint). An administrative search does not require individualized suspicion. City of Indianapolis v. Edmond, 531 U.S. 32, 41, 47–48 (2000) (individualized suspicion required when police checkpoint is “primarily [for] general crime control,” that is, “to detect evidence of ordinary criminal wrongdoing” unlike “searches at places like airports ... where the need for such measures to ensure public safety can be particularly acute”). Instead, whether an administrative search is “unreasonable” within the condemnation of the Fourth Amendment “is determined by assessing, on the one hand, the degree to which it intrudes upon an individual’s privacy and, on the other, the degree to which it is needed for the promotion of legitimate governmental interests.” United States v. Knights, 534 U.S. 112, 118–19 (2001) (internal quotation marks omitted).

That balance clearly favors the Government here. The need to search airline passengers “to ensure public safety can be particularly acute,” Edmond, 531 U.S. at 47–48, and, crucially, an AIT scanner, unlike a magnetometer, is capable of detecting, and therefore of deterring, attempts to carry aboard airplanes explosives in liquid or powder form. On the other side of the balance, we must acknowledge the steps the TSA has already taken to protect passenger privacy, in particular distorting the image created using AIT and deleting it as soon as the passenger has been cleared. More telling, any passenger may opt-out of AIT screening in favor of a patdown, which allows him to decide which of the two options for detecting a concealed, nonmetallic weapon or explosive is least invasive.

Contrary to the EPIC’s argument, it is not determinative that AIT is not the last step in a potentially escalating series of search techniques. In Hartwell, from which the petitioners tease out this argument, the Third Circuit upheld an airport search that started with a walk-through magnetometer, thence to scanning with a hand-held magnetometer and, when the TSA officer encountered a bulge in the passenger’s pocket, progressed (according to the passenger) to the officer’s removing a package of crack cocaine from that pocket. 436 F.3d at 175–76. The court noted, however, that its opinion, while describing the search at issue there as “minimally intrusive,” did “not purport to set the outer limits of intrusiveness in the airport context.” Id. at 180 & n.10. Nothing in Hartwell, that is, suggests the AIT scanners must be minimally intrusive to be consistent with the Fourth Amendment.

It’s a bit surprising, given the public controversy, that the analysis here was so sparse. It seems that Judge Ginsburg didn’t even think it required any heavy lifting — just a quick paragraph or two. And notably, no one wrote separately. That’s particularly interesting given that this opinion is from a pretty Fourth-Amendment-rights-friendly panel: Note that Judge Ginsburg authored the recent Maynard decision holding that GPS surveillance requires a warrant, which also was joined by Judge Tatel.

It is also worth noting that another part of the same decision sends back the DHS rule on procedural admin law grounds, so the ultimate ruling is a partial victory for the challengers to the new policy. I see that Eugene has just blogged on that issue below, so please post any comments relating to the non-Fourth Amendment parts in the thread attached to Eugene’s post.

Thanks to Adam J. White for the link.

[bigdog]

I have taught my children never to assume that a person with a badge at the door is a police officer and to call the police if someone knocks on the door when I am not home.  This is common practice, because safety experts realized a long time ago that people can pose as police officers to enter the home. 

http://www.cnn.com/2011/WORLD/europe/07/23/norway.explosion/index.html?iref=BN1&hpt=hp_t1

It was while authorities were searching for survivors of the mid-afternoon bombing in Oslo that a man wearing a police uniform and identifying himself as a officer arrived by boat at Utoya island, where word was spreading among the campers about the explosion in the capital, Pracon said.

The hundreds teens and young adults attending the camp were gathered in a large meeting room where camp organizers were sharing information about the bombing in Olso when the police officer asked if he could address the group, Pracon said.

"We, of course, allowed him to come" in and address the group, Pracon said.

[G M]

I have taught my children never to assume that a person with a badge at the door is a police officer and to call the police if someone knocks on the door when I am not home.  This is common practice, because safety experts realized a long time ago that people can pose as police officers to enter the home. 

http://www.cnn.com/2011/WORLD/europe/07/23/norway.explosion/index.html?iref=BN1&hpt=hp_t1

It was while authorities were searching for survivors of the mid-afternoon bombing in Oslo that a man wearing a police uniform and identifying himself as a officer arrived by boat at Utoya island, where word was spreading among the campers about the explosion in the capital, Pracon said.

The hundreds teens and young adults attending the camp were gathered in a large meeting room where camp organizers were sharing information about the bombing in Olso when the police officer asked if he could address the group, Pracon said.

"We, of course, allowed him to come" in and address the group, Pracon said.

Note: This was written prior to the BTK killer having been captured.

FBI Profiler John Douglas in the book Obsession has a chapter on the BTK strangler. It is the chapter called "Motivation X".  Within the book, Douglas states that there were no defensive wounds found on any of the victims, assuming that the killer used a gun to control them.  He further stated that the killer's letters to the police had so much detail that he is convinced that the perpetrator had taken his own crime scene photos in order to have a keepsake of the crime to fantasize about later.

Douglas states that the killer used police lingo in his letters - Douglas thinks he may actually be a cop, or may impersonate a cop - he probably reads detective magazines and may have even bought a police badge.  He would attempt to insert himself in the investigation.  He would be tempted to brag or leave hints about what he had done.

Douglas states that the killer was in all probability a loner, inadequate, in his 20s or 30s, might possibly have an arrest record for break-ins or voyeurism, but probably no actual rapes.

[Crafty_Dog]

This is a fascinating subject you broach here GM, but I am thinking the Security thread or the Citizen-Police Interaction thread on the MA forum might be a better place for it.

[Crafty_Dog]

       CRYPTO-GRAM

                August 15, 2011

               by Bruce Schneier
       Chief Security Technology Officer, BT
              schneier@schneier.com
             http://www.schneier.com


A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and otherwise.

For back issues, or to subscribe, visit <http://www.schneier.com/crypto-gram.html>.

You can read this issue on the web at
<http://www.schneier.com/crypto-gram-1108.html>.  These same essays and news items appear in the "Schneier on Security" blog at <http://www.schneier.com/blog>, along with a lively comment section.  An RSS feed is available.


** *** ***** ******* *********** *************

In this issue:
      Developments in Facial Recognition
      News
      Schneier News
      Is There a Hacking Epidemic?


** *** ***** ******* *********** *************

      Developments in Facial Recognition



Eventually, it will work.  You'll be able to wear a camera that will automatically recognize someone walking towards you, and a earpiece that will relay who that person is and maybe something about him.  None of the technologies required to make this work are hard; it's just a matter of getting the error rate down low enough for it to be a useful system.
  And there have been a number of recent research results and news stories that illustrate what this new world might look like.

The police want this sort of system.  MORIS is an iris-scanning technology that several police forces in the U.S. are using.  The next step is the face-scanning glasses that the Brazilian police claim they will be wearing at the 2014 World Cup.

     A small camera fitted to the glasses can capture 400 facial images
     per second and send them to a central computer database storing up
     to 13 million faces.

     The system can compare biometric data at 46,000 points on a face
     and will immediately signal any matches to known criminals or
     people wanted by police.

In the future, this sort of thing won't be limited to the police.
Facebook has recently embarked on a major photo tagging project, and already has the largest collection of identified photographs in the world outside of a government.  Researchers at Carnegie Mellon University have combined the public part of that database with a camera and face-recognition software to identify students on campus.  (The paper fully describing their work is under review and not online yet, but slides describing the results can be found here.)

Of course, there are false positives -- as there are with any system like this.  That's not a big deal if the application is a billboard with face-recognition serving different ads depending on the gender and age
-- and eventually the identity -- of the person looking at it, but is more problematic if the application is a legal one.

In Boston, someone erroneously had his driver's license revoked:

     It turned out Gass was flagged because he looks like another
     driver, not because his image was being used to create a fake
     identity. His driving privileges were returned but, he alleges in a
     lawsuit, only after 10 days of bureaucratic wrangling to prove he
     is who he says he is.

     And apparently, he has company. Last year, the facial recognition
     system picked out more than 1,000 cases that resulted in State
     Police investigations, officials say. And some of those people are
     guilty of nothing more than looking like someone else. Not all go
     through the long process that Gass says he endured, but each must
     visit the Registry with proof of their identity.

     [...]

     At least 34 states are using such systems. They help authorities
     verify a person's claimed identity and track down people who have
     multiple licenses under different aliases, such as underage people
     wanting to buy alcohol, people with previous license suspensions,
     and people with criminal records trying to evade the law.

The problem is less with the system, and more with the guilty-until-proven-innocent way in which the system is used.

     Kaprielian said the Registry gives drivers enough time to respond
     to the suspension letters and that it is the individual's
     "burden'" to clear up any confusion. She added that protecting
     the public far outweighs any inconvenience Gass or anyone else
     might experience.

     "A driver's license is not a matter of civil rights. It's not a
     right. It's a privilege," she said. "Yes, it is an inconvenience
     [to have to clear your name], but lots of people have their
     identities stolen, and that's an inconvenience, too."

Related, there's a system embedded in a pair of glasses that automatically analyzes and relays micro-facial expressions.  The goal is to help autistic people who have trouble reading emotions, but you could easily imagine this sort of thing becoming common.  And what happens when we start relying on these computerized systems and ignoring our own intuition?

And finally, CV Dazzle is camouflage from face detection.

MORIS:
http://www.schneier.com/blog/archives/2011/07/iphone_iris_sca.html

Brazilian face-scanning glasses:
http://nextbigfuture.com/2011/04/brazilian-police-will-have-face.html

Facebook photo tagging:
http://www.pcworld.com/article/229870/facebook_photo_tagging_a_privacy_guide.html
or http://tinyurl.com/3pbqmof

Carnegie Mellon research:
http://blogs.forbes.com/kashmirhill/2011/08/01/how-face-recognition-can-be-used-to-get-your-social-security-number/
or http://tinyurl.com/42fl3m2
http://blogs.wsj.com/digits/2011/08/01/tech-today-using-facebook-and-facial-recognition-to-id-random-people/
or http://tinyurl.com/3dodgu2
http://pda.physorg.com/news/2011-08-facial-recognition-software-reveal-social.html
or http://tinyurl.com/3o4fty9
http://www.heinz.cmu.edu/~acquisti/face-recognition-study-FAQ/

Billboard with face-recognition:
http://www.engadget.com/2008/06/04/billboards-with-facial-recognition-software-trickling-out/
or http://tinyurl.com/4o9ltd

Boston false positive:
http://articles.boston.com/2011-07-17/news/29784761_1_fight-identity-fraud-facial-recognition-system-license
or http://tinyurl.com/3sppab3

IEEE Spectrum and The Economist have published similar articles.
http://spectrum.ieee.org/riskfactor/computing/it/heres-looking-at-you-and-you-and-you-
or http://tinyurl.com/3rfuusw
http://www.economist.com/node/21524829

Micro facial expression analysis glasses.
http://www.newscientist.com/article/mg21128191.600-specs-that-see-right-through-you.html
or http://tinyurl.com/64won9f

CV Dazzle:
http://www.core77.com/blog/core77_design_awards/core77_design_award_2011_cv_dazzle_student_winner_for_speculative_objectsconcepts_20115.asp
or http://tinyurl.com/3w4lhcs


** *** ***** ******* *********** *************

      News


Ross Anderson discusses the technical and policy details of the British
phone hacking scandal.
http://www.lightbluetouchpaper.org/2011/07/16/phone-hacking-technology-and-policy/
or http://tinyurl.com/3lhz8fn

This is really clever: the Telex anti-censorship system uses deep-packet
inspection to avoid Internet censorship.
https://freedom-to-tinker.com/blog/jhalderm/anticensorship-internets-infrastructure
or http://tinyurl.com/4yhnwm6
https://threatpost.com/en_us/blogs/researchers-develop-end-middle-proxy-system-evade-censorship-071811
or http://tinyurl.com/3lzntqt
http://arstechnica.com/tech-policy/news/2011/07/researchers-develop-end-to-middle-anti-censorship-tech.ars

The police arrested sixteen suspected members of the Anonymous hacker group.
http://www.schneier.com/blog/archives/2011/07/members_of_anon.html

Google detects malware in its search data, and alerts users.  There's a
lot that Google sees as a result of its unique and prominent position in
the Internet.  Some of it is going to be stuff they never considered.
And while they use a lot of it to make money, it's good of them to give
this one back to the Internet users.
http://googleonlinesecurity.blogspot.com/2011/07/using-data-to-protect-people-from.html
or http://tinyurl.com/3v8zuzd

Smuggling drugs in unwitting people's car trunks.
http://www.npr.org/2011/07/21/138548294/at-border-teacher-becomes-unwitting-drug-smuggler
or http://tinyurl.com/4yumaou
This attack works because 1) there's a database of keys available to
lots of people, and 2) both the SENTRI system and the victims are
predictable.

Revenge effects of too-safe playground equipment.
http://www.nytimes.com/2011/07/19/science/19tierney.html

iPhone iris scanning technology:
http://www.reuters.com/article/2011/07/20/us-crime-identification-iris-idUSTRE76J4A120110720
or http://tinyurl.com/44fdowt

Good article on liabilities and computer security.
http://arstechnica.com/tech-policy/news/2011/07/will-your-employer-get-sued-for-your-security-screw-ups.ars
or http://tinyurl.com/3nx4wkv
I've been talking about liabilities for about a decade now.  Here are
essays I wrote in 2002, 2003, 2004, and 2006.
http://www.schneier.com/essay-369.html
http://www.schneier.com/essay-025.html
http://www.schneier.com/essay-073.html
http://www.schneier.com/essay-116.html

Matt Blaze analyzes the 2010 U.S. Wiretap Report.
http://www.crypto.com/blog/wiretap2010/

I second Matt's recommendation of Susan Landau's book "Surveillance or
Security: The Risks Posed by New Wiretapping Technologies" (MIT Press,
2011).  It's an excellent discussion of the security and politics of
wiretapping.
http://www.amazon.com/exec/obidos/ASIN/0262015307/counterpane/

Data privacy as a prisoner's dilemma: a good analysis.
http://arstechnica.com/tech-policy/news/2011/07/why-the-us-needs-a-data-privacy-lawand-why-it-might-actually-happen.ars
or http://tinyurl.com/3n2gytv
The solution -- and one endorsed by the essay -- is a comprehensive
privacy law.  That reduces the incentive to defect.
http://www.schneier.com/blog/archives/2011/07/data_privacy_as.html

ShareMeNot is a Firefox add-on for preventing tracking from third-party
buttons (like the Facebook "Like" button or the Google "+1" button)
until the user actually chooses to interact with them.  That is,
ShareMeNot doesn't disable/remove these buttons completely.  Rather, it
allows them to render on the page, but prevents the cookies from being
sent until the user actually clicks on them, at which point ShareMeNot
releases the cookies and the user gets the desired behavior (i.e., they
can Like or +1 the page).
http://sharemenot.cs.washington.edu/

Hacking Apple laptop batteries.
https://threatpost.com/en_us/blogs/apple-laptop-batteries-can-be-bricked-firmware-hacked-072211
or http://tinyurl.com/43zgnpw

Bypassing the lock on luggage.
http://kipkay.com/videos/just-for-fun/is-your-luggage-safe-from-airport-security/
or http://tinyurl.com/3hv3dld

Interesting paper: "Science Fiction Prototyping and Security Education:
Cultivating Contextual and Societal Thinking in Computer Security
Education and Beyond," by Tadayoshi Kohno and Brian David Johnson.
http://www.cs.washington.edu/homes/yoshi/papers/SIGCSE/csefp118-kohno.pdf or
http://tinyurl.com/3ecj6c3

Breaking the Xilinx Virtex-II FPGA bitstream encryption.  It's a
power-analysis attack, which makes it much harder to defend against.
And since the attack model is an engineer trying to reverse-engineer the
chip, it's a valid attack.
http://eprint.iacr.org/2011/390

Attacking embedded systems in prison doors.
http://m.wired.com/threatlevel/2011/07/prison-plc-vulnerabilities/
This seems like a minor risk today; Stuxnet was a military-grade effort,
and beyond the reach of your typical criminal organization.  But that
can only change, as people study and learn from the reverse-engineered
Stuxnet code and as hacking PLCs becomes more common.  As we move from
mechanical, or even electro-mechanical, systems to digital systems, and
as we network those digital systems, this sort of vulnerability is going
to only become more common.

The article is in the context of the big Facebook lawsuit, but the part
about identifying people by their writing style is interesting.
http://www.nytimes.com/2011/07/24/opinion/sunday/24gray.html
It seems reasonable that we have a linguistic fingerprint, although 1)
there are far fewer of them than finger fingerprints, 2) they're easier
to fake.  It's probably not much of a stretch to take that software that
"identifies bundles of linguistic features, hundreds in all" and use the
data to automatically modify my writing to look like someone else's.

A good criticism of the science behind author recognition, and a paper
on how to evade these systems.
http://languagelog.ldc.upenn.edu/nll/?p=3317
http://www.aaai.org/ocs/index.php/IAAI/IAAI09/paper/view/257

Seems that the one-time pad was not first invented by Vernam.
http://www.nytimes.com/2011/07/26/science/26code.html
http://www.theregister.co.uk/2011/07/26/perfect_cipher_crypto_discovery/
or http://tinyurl.com/3cbv8me
The paper:
http://www.tandfonline.com/doi/abs/10.1080/01611194.2011.583711

Two items on hacking lotteries.  The first is about someone who figured
out how to spot winners in a scratch-off tic-tac-toe style game, and a
daily draw style game where expected payout can exceed the ticket price.
  The second is about someone who has won the lottery four times, with
speculation that she had advance knowledge of where and when certain
jackpot-winning scratch-off tickets would be sold.
http://www.wired.com/wiredscience/2011/07/broken-lotteries/
http://www.scribd.com/doc/60495831/Nathaniel-Rich-The-Luckiest-Woman-on-Earth-Three-Ways-to-Win-the-Lottery

Home-made Wi-Fi hacking, phone snooping, UAV.
http://www.geekosystem.com/tag/wireless-aerial-surveillance-platform/

German police call airport full-body scanners useless.
http://www.google.com/hostednews/afp/article/ALeqM5jGUyRTjF-WA40GLjIMEo6dFgSxlw?docId=CNG.d76d1890df3edca8dd08181cb6808c7f.881
or http://tinyurl.com/4y9dvud

Here's a story about full-body scanners that are overly sensitive to
sweaty armpits.
http://news.cnet.com/8301-17852_3-20086884-71/new-airport-scanners-alarmed-by-sweaty-armpits/
or http://tinyurl.com/3slpxgo

The Zodiac cipher was announced as cracked, but the break was a hoax.
http://www.schneier.com/blog/archives/2011/08/zodiac_cipher_c.html

XKCD on the CIA hack.
http://www.xkcd.com/932/

I've been using the phrase "arms race" to describe the world's
militaries' rush into cyberspace for a couple of years now.  Here's a
good article on the topic that uses the same phrase.
http://www.businessweek.com/printer/magazine/cyber-weapons-the-new-arms-race-07212011.html
or http://tinyurl.com/3ehcpa8

New bank-fraud Trojan.
http://krebsonsecurity.com/2011/07/trojan-tricks-victims-into-transfering-funds/
or http://tinyurl.com/4y8cof5

An article on MRI lie detectors -- lots of interesting research.
http://www.salon.com/life/feature/2011/07/23/lie_detector_excerpt/index.html
or http://tinyurl.com/3cbdr74
My previous blog post on the topic.
http://www.schneier.com/blog/archives/2007/07/mri_lie_detecto_1.html

There's a security story from biology I've used a few times: plants that
use chemicals to call in airstrikes by wasps on the herbivores attacking
them.  This is a new variation:  a species of orchid that emits the same
signals as a trick, to get pollinated.
http://blogs.discovermagazine.com/notrocketscience/2008/05/12/orchid-lures-in-pollinating-wasps-with-promise-of-fresh-meat/
or http://tinyurl.com/3r9unrm

I'm a big fan of taxonomies, and this "Taxonomy of Operational Cyber
Security Risks" -- from Carnegie Mellon -- seems like a useful one.
http://www.schneier.com/blog/archives/2011/08/taxonomy_of_ope.html

GPRS hacked.
http://www.technologyreview.com/communications/38268/
http://www.theregister.co.uk/2011/08/10/gprs_cellphone_call_snooping/
http://blogs.computerworld.com/18776/mobile_phone_eavesdropping_made_easy_hackers_crack_gprs_encryption?source=rss_blogs
or http://tinyurl.com/3rafv3k

Security flaws in encrypted police radios:  "Why (Special Agent) Johnny
(Still) Can't Encrypt: A Security Analysis of the APCO Project 25
Two-Way Radio System," by Sandy Clark, Travis Goodspeed, Perry Metzger,
Zachary Wasserman, Kevin Xu, and Matt Blaze.  I've heard Matt talk about
this project several times.  It's great work, and a fascinating insight
into the usability problems of encryption in the real world.
http://online.wsj.com/public/resources/documents/p25sec08102011.pdf
http://blogs.wsj.com/digits/2011/08/10/security-flaws-in-feds-radios-make-for-easy-eavesdropping/?mod=WSJBlog&mod=
or http://tinyurl.com/3suhkte

Counterfeit pilot IDs and uniforms will now be sufficient to bypass
airport security.  TSA is testing a program to not screen pilots.
http://www.schneier.com/blog/archives/2011/08/counterfeit_pil.html

The African crested rat applies tree poison to its fur to make itself
more deadly.
http://news.nationalgeographic.com/news/2011/08/110803-african-rat-poison-crested-hair-science-proceedings/
or http://tinyurl.com/42q8opk

A couple of weeks ago Wired reported the discovery of a new,
undeletable, web cookie.
http://www.wired.com/epicenter/2011/07/undeletable-cookie/
The Wired article was very short on specifics, so I waited until one of
the researchers -- Ashkan Soltani -- wrote up more details.  He finally
did, in a quite technical essay.
http://ashkansoltani.org/docs/respawn_redux.html


** *** ***** ******* *********** *************

      Schneier News



My new book, "Liars and Outliers," has a cover.  Publication is still
scheduled for the end of February -- in time for the RSA Conference --
assuming I finish the manuscript in time.
http://www.schneier.com/blog/archives/2011/08/liars_and_outli.html
Older posts on the book:
http://www.schneier.com/blog/archives/2011/05/status_report_t.html
http://www.schneier.com/blog/archives/2011/02/societal_securi.html

Interview with me from the Homeland Security News Wire.
http://www.homelandsecuritynewswire.com/attackers-have-advantage-cyberspace-says-cybersecurity-expert
or http://tinyurl.com/3jhw73s


** *** ***** ******* *********** *************

      Is There a Hacking Epidemic?



Freakonomics asks: "Why has there been such a spike in hacking recently?
Or is it merely a function of us paying closer attention and of
institutions being more open about reporting security breaches?"

They posted five answers, including mine:

     The apparent recent hacking epidemic is more a function of news
     reporting than an actual epidemic. Like shark attacks or school
     violence, natural fluctuations in data become press epidemics, as
     more reporters write about more events, and more people read about
     them. Just because the average person reads more articles about
     more events doesn't mean that there are more events -- just more
     articles.

     Hacking for fun -- like LulzSec -- has been around for decades.
     It's where hacking started, before criminals discovered the
     Internet in the 1990s. Criminal hacking for profit -- like the
     Citibank hack -- has been around for over a decade.  International
     espionage existed for millennia before the Internet, and has never
     taken a holiday.

     The past several months have brought us a string of newsworthy
     hacking incidents. First there was the hacking group Anonymous, and
     its hacktivism attacks as a response to the pressure to interdict
     contributions to Julian Assange's legal defense fund and the
     torture of Bradley Manning.  Then there was the probably
     espionage-related attack against RSA, Inc. and its authentication
     token -- made more newsworthy because of the bungling of the
     disclosure by the company -- and the subsequent attack against
     Lockheed Martin. And finally, there were the very public attacks
     against Sony, which became the company to attack simply because
     everyone else was attacking it, and the public hacktivism by
     LulzSec.

     None of this is new.  None of this is unprecedented.  To a security
     professional, most of it isn't even interesting. And while
     national intelligence organizations and some criminal groups are
     organized, hacker groups like Anonymous and LulzSec are much more
     informal. Despite the impression we get from movies, there is no
     organization. There's no membership, there are no dues, there is
     no initiation. It's just a bunch of guys. You too can join
     Anonymous -- just hack something, and claim you're a member.
     That's probably what the members of Anonymous arrested in Turkey
     were: 32 people who just decided to use that name.

     It's not that things are getting worse; it's that things were
     always this bad. To a lot of security professionals, the value of
     some of these groups is to graphically illustrate what we've been
     saying for years: organizations need to beef up their security
     against a wide variety of threats. But the recent news epidemic
     also illustrates how safe the Internet is. Because news articles
     are the only contact most of us have had with any of these attacks.

http://www.freakonomics.com/2011/07/19/why-has-there-been-so-much-hacking-lately-or-is-it-just-reported-more-a-freakonomics-quorum/
or http://tinyurl.com/3jtfcnk


** *** ***** ******* *********** *************

Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing
summaries, analyses, insights, and commentaries on security: computer
and otherwise.  You can subscribe, unsubscribe, or change your address
on the Web at <http://www.schneier.com/crypto-gram.html>.  Back issues
are also available at that URL.

Please feel free to forward CRYPTO-GRAM, in whole or in part, to
colleagues and friends who will find it valuable.  Permission is also
granted to reprint CRYPTO-GRAM, as long as it is reprinted in its entirety.

CRYPTO-GRAM is written by Bruce Schneier.  Schneier is the author of the
best sellers "Schneier on Security," "Beyond Fear," "Secrets and Lies,"
and "Applied Cryptography," and an inventor of the Blowfish, Twofish,
Threefish, Helix, Phelix, and Skein algorithms.  He is the Chief
Security Technology Officer of BT BCSG, and is on the Board of Directors
of the Electronic Privacy Information Center (EPIC).  He is a frequent
writer and lecturer on security topics.  See <http://www.schneier.com>.

Crypto-Gram is a personal newsletter.  Opinions expressed are not
necessarily those of BT.

Copyright (c) 2011 by Bruce Schneier.

[Crafty_Dog]

http://technolog.msnbc.msn.com/_news/2011/08/16/7387638-man-steals-57k-from-neighbors-using-their-facebook-info?GT1=43001

[G M]

http://www.popularmechanics.com/technology/how-to/software/8-weird-ways-people-are-using-facial-recognition-software?click=pm_news#fbIndex1

8 Weird Ways People Are Using Facial Recognition Software


Read more: 8 Weird Ways People Are Using Facial Recognition Software - Popular Mechanics

[Crafty_Dog]

WASHINGTON — The precedent is novel. More precisely, the precedent is a novel.

In a series of rulings on the use of satellites and cellphones to track criminal suspects, judges around the country have been citing George Orwell’s “1984” to sound an alarm. They say the Fourth Amendment’s promise of protection from government invasion of privacy is in danger of being replaced by the futuristic surveillance state Orwell described.

In April, Judge Diane P. Wood of the federal appeals court in Chicago wrote that surveillance using global positioning system devices would “make the system that George Orwell depicted in his famous novel, ‘1984,’ seem clumsy.” In a similar case last year, Chief Judge Alex Kozinski of the federal appeals court in San Francisco wrote that “1984 may have come a bit later than predicted, but it’s here at last.”

Last month, Judge Nicholas G. Garaufis of the Federal District Court in Brooklyn turned down a government request for 113 days of location data from cellphone towers, citing “Orwellian intrusion” and saying the courts must “begin to address whether revolutionary changes in technology require changes to existing Fourth Amendment doctrine.”

The Supreme Court is about to do just that. In November, it will hear arguments in United States v. Jones, No. 10-1259, the most important Fourth Amendment case in a decade. The justices will address a question that has divided the lower courts: Do the police need a warrant to attach a GPS device to a suspect’s car and track its movements for weeks at a time?

Their answer will bring Fourth Amendment law into the digital age, addressing how its 18th-century prohibition of “unreasonable searches and seizures” applies to a world in which people’s movements are continuously recorded by devices in their cars, pockets and purses, by toll plazas and by transit systems.

The Jones case will address not only whether the placement of a space-age tracking device on the outside of a vehicle without a warrant qualifies as a search, but also whether the intensive monitoring it allows is different in kind from conventional surveillance by police officers who stake out suspects and tail their cars.

“The Jones case requires the Supreme Court to decide whether modern technology has turned law enforcement into Big Brother, able to monitor and record every move we make outside our homes,” said Susan Freiwald, a law professor at the University of San Francisco.

The case is an appeal from a unanimous decision of a three-judge panel of the United States Court of Appeals for the District of Columbia Circuit, which said last year that the government was simply seeking too much information.

“Repeated visits to a church, a gym, a bar or a bookie tell a story not told by any single visit, as does one’s not visiting any of those places in the course of a month,” wrote Judge Douglas H. Ginsburg.

He added: “A person who knows all of another’s travel can deduce whether he is a weekly churchgoer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups — and not just one such fact about a person, but all such facts.”

Federal appeals courts in Chicago and San Francisco, on the other hand, have allowed the police to use GPS tracking devices without a warrant. The police are already allowed to tail cars and observe their movements without warrants, those courts said, and the devices merely allow them to do so more efficiently.

Judge Richard A. Posner, writing for a unanimous three-judge panel in the Chicago case, did caution that institutionalized mass surveillance might present a different issue.

Some judges say that world is fast approaching.

“Technology has progressed to the point where a person who wishes to partake in the social, cultural and political affairs of our society has no realistic choice but to expose to others, if not to the public as a whole, a broad range of conduct and communications that would previously have been deemed unquestionably private,” Magistrate Judge James Orenstein of the Federal District Court in Brooklyn wrote last year.

The case to be heard by the Supreme Court arose from the investigation of the owner of a Washington nightclub, Antoine Jones, who was suspected of being part of a cocaine-selling operation. Apparently out of caution, given the unsettled state of the law, prosecutors obtained a warrant allowing the police to place a tracking device on Mr. Jones’s Jeep Grand Cherokee. The warrant required them to do so within 10 days and within the District of Columbia. The police did not install the device until 11 days later, and they did it in Maryland. Now contending that no warrant was required, the authorities tracked Mr. Jones’s travels for a month and used the evidence they gathered to convict him of conspiring to sell cocaine. He was sentenced to life in prison.

The main Supreme Court precedent in the area, United States v. Knotts, is almost 30 years old. It allowed the use of a much more primitive technology, a beeper that sent a signal that grew stronger as the police drew closer and so helped them follow a car over a single 100-mile trip from Minnesota to Wisconsin.

The Supreme Court ruled that no warrant was required but warned that “twenty-four hour surveillance of any citizen of the country” using “dragnet-type law enforcement practices” may violate the Fourth Amendment.

Much of the argument in the Jones case concerns what that passage meant. Did it indicate discomfort with intense and extended scrutiny of a single suspect’s every move? Or did it apply only to mass surveillance?

In the Jones case, the government argued in a brief to the Supreme Court that the Knotts case disapproved of only “widespread searches or seizures that are conducted without individualized suspicion.”

The brief added: “Law enforcement has not abused GPS technology. No evidence exists of widespread, suspicionless GPS monitoring.” On the other hand, the brief said, requiring a warrant to attach a GPS device to a suspect’s car “would seriously impede the government’s ability to investigate leads and tips on drug trafficking, terrorism and other crimes.”

A decade ago, the Supreme Court ruled that the police needed a warrant to use thermal imaging technology to measure heat emanating from a home. The sanctity of the home is at the core of what the Fourth Amendment protects, Justice Antonin Scalia explained, and the technology was not in widespread use.

In general, though, Justice Scalia observed, “it would be foolish to contend that the degree of privacy secured to citizens by the Fourth Amendment has been entirely unaffected by the advance of technology.”

[Crafty_Dog]

By EMILY STEEL
The Federal Trade Commission wants to give parents more control over what information websites can collect about their children.

The FTC is proposing changes to the Children's Online Privacy Protection Act that include requiring parental consent for websites to collect a broader range of information about children under age 13, including location. They also would require parental permission for a website to use tracking software, known as cookies, to build a profile about a child and monitor children's online activities for purposes such as targeting ads.

Journal Community
Question of the Day: Should Congress pass laws requiring parental consent for companies to gather information about children's online activities?

.The move marks a major action by federal regulators to bolster privacy protections for Internet users.

The proposed changes, however, are likely to face stiff opposition from Internet and advertising companies, as new rules would drastically change how they currently operate. Websites currently only have to obtain parental consent when collecting personal information about children such as their name and email address.

The FTC's proposed changes to the decade-old children's privacy rules come amid escalating scrutiny from federal regulators and lawmakers of the fast-growing business of tracking Internet users and selling personal details about their lives such as their online purchases and social-networking activities.

"The Internet revolution makes snapshot photography and wiretap technology look like child's play," FTC Commissioner Julie Brill said during a speech Thursday at the International Association of Privacy Professionals. Ms. Brill said that the level of online tracking is unprecedented, largely undetected by the consumer and raises serious privacy concerns.

As proof that the use of consumer data is wading into dangerous territory, Ms. Brill cited a 2010 story from The Wall Street Journal's "What They Know" series on online privacy issues about a life insurer that used tracking data about consumers to help determine their life expectancy, rates and insurance coverage.

In addition to Thursday's proposed changes, the FTC has been calling for companies to build stronger privacy protections for consumers and be more transparent about information they collect. The commission also has launched investigations of Internet, advertising and mobile companies for deceptive online privacy practices or violating established guidelines.

In the "What They Know" series, the Journal last year reported that popular children's websites install more tracking technologies on personal computers than the top websites aimed at adults.

Internet and advertising industry groups argue that many of the changes are unnecessary.

The Direct Marketing Association disputed the FTC's proposed change that would require parental consent before using tracking cookies because the programs don't always identify children but rather the computer. The trade group said the definition of "personal information" only should include information that could be used to directly contact or communicate with a child.

"We think they may have gone a little too far," said Jerry Cerasale, senior vice president of government affairs for the Direct Marketing Association.

The Interactive Advertising Bureau, which represents more than 500 media and Internet companies, took issue with a proposed change that would require self-regulatory groups to audit their members annually and report the results to the commission. The group said it supports random audits but that yearly audits would create a "dangerous precedent which would impose burdensome and largely unnecessary expenses on the very companies that are proactively taking steps to protect children."

Meanwhile, lawmakers and privacy advocates applauded the commission's proposed updates.

"Given the potential for this sensitive data to be misused to endanger a child, the commission's proposal in this area is a much-needed step," Rep. Edward Markey (D., Mass.), said in a statement. Mr. Markey, along with Rep. Joe Barton (R., Tex.), introduced a children's online privacy bill earlier this year to update existing rules and would extend privacy safeguards to teenagers. The bill now is in committee. "Strong legal requirements along with vigilant enforcement are needed to protect children from tracking and targeting on the Internet," Mr. Markey said.

The FTC is soliciting comments on its proposed changes until Nov. 28. The commission last reviewed the Children's Online Privacy Protection Act in 2005, without making changes.

Write to Emily Steel at emily.steel@wsj.com

[Cranewings]

"Over 30,000 British schoolchildren, some as young as three, have had their names registered on a government database and branded “racist” or “homophobic” for using playground insults, infractions that could impact their future careers.

The shocking figures were disclosed after civil liberties group the Manifesto Club made a Freedom of Information Act request which betrayed the fact that kids who used petty jibes are now being treated as thought criminals by education authorities.

34,000 incidents of “racism” in total were reported for the year 2009-2010, with nursery school toddlers as young as three being put on a state database for using the words “gay” and “lesbian”. One child who called another “broccoli head” was also reported to authorities. Other cases included a child who used the word “gaylord,” while another who told a teacher “this work is gay,” was also added to the thought crime database. "

- http://www.infowars.com/3-year-olds-branded-racist-homophobic-put-in-government-database/

[G M]

"Over 30,000 British schoolchildren, some as young as three, have had their names registered on a government database and branded “racist” or “homophobic” for using playground insults, infractions that could impact their future careers.

The shocking figures were disclosed after civil liberties group the Manifesto Club made a Freedom of Information Act request which betrayed the fact that kids who used petty jibes are now being treated as thought criminals by education authorities.

34,000 incidents of “racism” in total were reported for the year 2009-2010, with nursery school toddlers as young as three being put on a state database for using the words “gay” and “lesbian”. One child who called another “broccoli head” was also reported to authorities. Other cases included a child who used the word “gaylord,” while another who told a teacher “this work is gay,” was also added to the thought crime database. "

- http://www.infowars.com/3-year-olds-branded-racist-homophobic-put-in-government-database/

Yes, this isn't a good thing at all, but infowars rots the brain. There are better sources out there.

[Cranewings]

Yes, this isn't a good thing at all, but infowars rots the brain. There are better sources out there.

I don't know anything about infowars. I just heard about this on Savage last night and thought some folks might enjoy it.

The bully thing is weird to me. If they really want to help kids that are bullied, they should educate the parents to move, home school their kids, help the kids learn it gets better when they grow up, or see if it is possible to whip the kid into fighting shape or something so he can defend himself. Yelling at bullies isn't going to change their nature.

Who knows. Maybe the psychologists know what they are doing? (;

[G M]

Yes, this isn't a good thing at all, but infowars rots the brain. There are better sources out there.

I don't know anything about infowars. I just heard about this on Savage last night and thought some folks might enjoy it.

The bully thing is weird to me. If they really want to help kids that are bullied, they should educate the parents to move, home school their kids, help the kids learn it gets better when they grow up, or see if it is possible to whip the kid into fighting shape or something so he can defend himself. Yelling at bullies isn't going to change their nature.

Who knows. Maybe the psychologists know what they are doing? (;

Addressing bullying is important, but placing children in a thoughcrimes database isn't the way to go about it.

[Crafty_Dog]

IMO (Notice the distinction from IMHO please) Infowars.com is a seriously dubious site that occasionally raises something interesting.   Any time it is cited around here, I'd appreciate a notation to that effect.

Continuing with the conversation:

As best as I can tell, the gay forces have seized on the term "bullying" because many gay kids get bullied.  Naturally as a result of their gayness, they seek solution in neuterization-- as some dead French guy said, "the idea of virtue consisting of the absence of clause" or something like that.

A more Taoist approach would see that Bullying is but one half of the totality, the other being Wimpiness-- the emasculinization of the manly energy in our culture IS Wimpiness-- and the Progressive-PC-liberal-left-socialist solution is to solve it by further emasculinization! Its like solving a debt crisis by deficit spending!!!
 
In my humble opinion it would make more sense to offer physical education classes in martial arts and self-defense.  Strength and Honor is the solution to the Bully.

[G M]

IMO (Notice the distinction from IMHO please) Infowars.com is a seriously dubious site that occasionally raises something interesting.   Any time it is cited around here, I'd appreciate a notation to that effect.

Continuing with the conversation:

As best as I can tell, the gay forces have seized on the term "bullying" because many gay kids get bullied.  Naturally as a result of their gayness, they seek solution in neuterization-- as some dead French guy said, "the idea of virtue consisting of the absence of clause" or something like that.

A more Taoist approach would see that Bullying is but one half of the totality, the other being Wimpiness-- the emasculinization of the manly energy in our culture IS Wimpiness-- and the Progressive-PC-liberal-left-socialist solution is to solve it by further emasculinization! Its like solving a debt crisis by deficit spending!!!
 
In my humble opinion it would make more sense to offer physical education classes in martial arts and self-defense.  Strength and Honor is the solution to the Bully.

I'd agree to a certain extent, however I don't want to see the school culture turn into that found within "gladiator academies". Yes, the culture of wimpiness the left wants to cultivate is a problem, but we don't want to raise kids exactly like the spartans did, do we?

[Cranewings]

When I was in jr. high school I got in a fight with this kid that lived by my grand mother after he knocked the books out of my hand. Neither of us got hurt and too many people came so we had to stop. Anyway, after it was over I got confronted by the biggest bully in the school. He was bigger than everyone else and had a black belt in some kind of karate. I had actually seen him stomp kick a high school kid through his car door. "You like to fight? I didn't know you liked to fight." He had a cast. "When my cast comes off you and I are going to fight."

Anyway, two weeks later, after talking shit all week about how he was going to kick my ass, he beats up some other kid and never looks at me again. So I never had to fight the guy. He beat up a lot of kids.

If they offered karate and self defense at high school, just like wrestling, I'm pretty sure it would only be the most fit kids that would get any benefit out of it. You would just make the bullies stronger because it isn't like the education staff has any authority or capacity to help the right kids.

I like the idea of kids that get bullied going to home school, getting some classes in confidence building / social skills, being sent to karate, and then going back to a new school, or maybe even their old one. I don't like the idea of just teaching big groups of kids how to fight better.

[Crafty_Dog]

Well, certainly I'm not advocating the school yard become a Darwinian cagefighting pit, I'm thinking more like a good BJJ class.  EVERY ONE has to tap in BJJ sometimes and it seems to me a good way to channel and ritualize energies that will make themselves felt in one way or another.   It offers a vehicle for the not naturally tough to toughen up.

[ccp]

"In my humble opinion it would make more sense to offer physical education classes in martial arts and self-defense.  Strength and Honor is the solution to the Bully."

"You would just make the bullies stronger"

Both seem like good points.  I guess the question is moot anyway as I could not see martial arts being allowed in public schools for two reasons:

not politically correct
liability issues

That suggested, I am no expert in martial arts but did have past exposure with a few different instructors.  It seems like the ethical? ones IMveryHO would teach martial arts more to avoid conflict and too use physical means only as last resort.

"If they really want to help kids that are bullied, they should educate the parents to move, home school their kids, help the kids learn it gets better when they grow up, or see if it is possible to whip the kid into fighting shape or something so he can defend himself. Yelling at bullies isn't going to change their nature."

I guess every case is unique in it's own way.  I would rather the bully get the penalty.  If discipline at school doesn't work, then get the law involved (assualt or and battery).

If the bullying is so bad (like with gangs) then yea I guess getting the heck out of the area is best or the only means of really doing anything.

The "karate kid" thing is just a movie anyway.

 

[Crafty_Dog]

FWIW my sense of things is that the world "bully" has become a blunderbuss to bludgeon far too much of the banter and social battering that is part of growing up.  As far as making bullies stronger, IMHO more often we would be giving a place for the naturally competitve and naturally aggressive to channel their energies.

[G M]

FWIW my sense of things is that the world "bully" has become a blunderbuss to bludgeon far too much of the banter and social battering that is part of growing up.  As far as making bullies stronger, IMHO more often we would be giving a place for the naturally competitve and naturally aggressive to channel their energies.

I think we should encourage competitive and aggressive behavior (as opposed to the modern trend of soccer games where no score is kept because someone's widdle feelings might be hurt), but be sure to teach lessons about when and where it is ok to be aggressive and even violent, and when it isn't.

[Crafty_Dog]

http://www.theblaze.com/stories/onstar-announces-tracking-continues-even-after-cancellation/

[Crafty_Dog]

By JENNIFER VALENTINO-DEVRIES
For more than a year, federal authorities pursued a man they called simply "the Hacker." Only after using a little known cellphone-tracking device—a stingray—were they able to zero in on a California home and make the arrest.

 
A Harris StingRay II, one of several devices dubbed 'stingrays.'

Stingrays are designed to locate a mobile phone even when it's not being used to make a call. The Federal Bureau of Investigation considers the devices to be so critical that it has a policy of deleting the data gathered in their use, mainly to keep suspects in the dark about their capabilities, an FBI official told The Wall Street Journal in response to inquiries.

A stingray's role in nabbing the alleged "Hacker"—Daniel David Rigmaiden—is shaping up as a possible test of the legal standards for using these devices in investigations. The FBI says it obtains appropriate court approval to use the device.

Stingrays are one of several new technologies used by law enforcement to track people's locations, often without a search warrant. These techniques are driving a constitutional debate about whether the Fourth Amendment, which prohibits unreasonable searches and seizures, but which was written before the digital age, is keeping pace with the times.

On Nov. 8, the Supreme Court will hear arguments over whether or not police need a warrant before secretly installing a GPS device on a suspect's car and tracking him for an extended period. In both the Senate and House, new bills would require a warrant before tracking a cellphone's location.

More
Key Documents in 'Stingray' Case
Digits: How 'Stingray' Devices Work
Digits: How Technology Is Testing the Fourth Amendment
.<div class="noFlash">
{if djIsFlashPossible}
<p>The version of Adobe Flash Player required to view this interactive has not been found. To enjoy our complete interactive experience, please download a free copy of the latest version of Adobe Flash Player here</p>
{else}
<p>This content can not be displayed because your browser does not support the Adobe Flash player required to view it.</p>
{/if}
</div>
.And on Thursday in U.S. District Court of Arizona, Judge David G. Campbell is set to hear a request by Mr. Rigmaiden, who is facing fraud charges, to have information about the government's secret techniques disclosed to him so he can use it in his defense. Mr. Rigmaiden maintains his innocence and says that using stingrays to locate devices in homes without a valid warrant "disregards the United States Constitution" and is illegal.

His argument has caught the judge's attention. In a February hearing, according to a transcript, Judge Campbell asked the prosecutor, "Were there warrants obtained in connection with the use of this device?"

The prosecutor, Frederick A. Battista, said the government obtained a "court order that satisfied [the] language" in the federal law on warrants. The judge then asked how an order or warrant could have been obtained without telling the judge what technology was being used. Mr. Battista said: "It was a standard practice, your honor."

Judge Campbell responded that it "can be litigated whether those orders were appropriate."

On Thursday the government will argue it should be able to withhold details about the tool used to locate Mr. Rigmaiden, according to documents filed by the prosecution. In a statement to the Journal, Sherry Sabol, Chief of the Science & Technology Office for the FBI's Office of General Counsel, says that information about stingrays and related technology is "considered Law Enforcement Sensitive, since its public release could harm law enforcement efforts by compromising future use of the equipment."

Enlarge Image

Close.The prosecutor, Mr. Battista, told the judge that the government worries that disclosure would make the gear "subject to being defeated or avoided or detected."

A stingray works by mimicking a cellphone tower, getting a phone to connect to it and measuring signals from the phone. It lets the stingray operator "ping," or send a signal to, a phone and locate it as long as it is powered on, according to documents reviewed by the Journal. The device has various uses, including helping police locate suspects and aiding search-and-rescue teams in finding people lost in remote areas or buried in rubble after an accident.

The government says "stingray" is a generic term. In Mr. Rigmaiden's case it remains unclear which device or devices were actually used.

The best known stingray maker is Florida-based defense contractor Harris Corp. A spokesman for Harris declined to comment.

Harris holds trademarks registered between 2002 and 2008 on several devices, including the StingRay, StingRay II, AmberJack, KingFish, TriggerFish and LoggerHead. Similar devices are available from other manufacturers. According to a Harris document, its devices are sold only to law-enforcement and government agencies.

Some of the gadgets look surprisingly old-fashioned, with a smattering of switches and lights scattered across a panel roughly the size of a shoebox, according to photos of a Harris-made StingRay reviewed by the Journal. The devices can be carried by hand or mounted in cars, allowing investigators to move around quickly.

A rare public reference to this type of technology appeared this summer in the television crime drama "The Closer." In the episode, law-enforcement officers use a gadget they called a "catfish" to track cellphones without a court order.

The U.S. armed forces also use stingrays or similar devices, according to public contract notices. Local law enforcement in Minnesota, Arizona, Miami and Durham, N.C., also either possess the devices or have considered buying them, according to interviews and published requests for funding.

The sheriff's department in Maricopa County, Ariz., uses the equipment "about on a monthly basis," says Sgt. Jesse Spurgin. "This is for location only. We can't listen in on conversations," he says.

Sgt. Spurgin says officers often obtain court orders, but not necessarily search warrants, when using the device. To obtain a search warrant from a court, officers as a rule need to show "probable cause," which is generally defined as a reasonable belief, based on factual evidence, that a crime was committed. Lesser standards apply to other court orders.

A spokeswoman with the Bureau of Criminal Apprehension in Minnesota says officers don't need to seek search warrants in that state to use a mobile tracking device because it "does not intercept communication, so no wiretap laws would apply."

FBI and Department of Justice officials have also said that investigators don't need search warrants. Associate Deputy Attorney General James A. Baker and FBI General Counsel Valerie E. Caproni both said at a panel at the Brookings Institution in May that devices like these fall into a category of tools called "pen registers," which require a lesser order than a warrant. Pen registers gather signals from phones, such as phone numbers dialed, but don't receive the content of the communications.

To get a pen-register order, investigators don't have to show probable cause. The Supreme Court has ruled that use of a pen register doesn't require a search warrant because it doesn't involve interception of conversations.

But with cellphones, data sent includes location information, making the situation more complicated because some judges have found that location information is more intrusive than details about phone numbers dialed. Some courts have required a slightly higher standard for location information, but not a warrant, while others have held that a search warrant is necessary.

The prosecution in the Rigmaiden case says in court documents that the "decisions are made on a case-by-case basis" by magistrate and district judges. Court records in other cases indicate that decisions are mixed, and cases are only now moving through appellate courts.

The FBI advises agents to work with federal prosecutors locally to meet the requirements of their particular district or judge, the FBI's Ms. Sabol says. She also says it is FBI policy to obtain a search warrant if the FBI believes the technology "may provide information on an individual while that person is in a location where he or she would have a reasonable expectation of privacy."

Experts say lawmakers and the courts haven't yet settled under what circumstances locating a person or device constitutes a search requiring a warrant. Tracking people when they are home is particularly sensitive because the Fourth Amendment specifies that people have a right to be secure against unreasonable searches in their "houses."

"The law is uncertain," says Orin Kerr, a professor at George Washington University Law School and former computer-crime attorney at the Department of Justice. Mr. Kerr, who has argued that warrants should be required for some, but not all, types of location data, says that the legality "should depend on the technology."

In the case of Mr. Rigmaiden, the government alleges that as early as 2005, he began filing fraudulent tax returns online. Overall, investigators say, Mr. Rigmaiden electronically filed more than 1,900 fraudulent tax returns as part of a $4 million plot.

Federal investigators say they pursued Mr. Rigmaiden "through a virtual labyrinth of twists and turns." Eventually, they say they linked Mr. Rigmaiden to use of a mobile-broadband card, a device that lets a computer connect to the Internet through a cellphone network.

Investigators obtained court orders to track the broadband card. Both orders remain sealed, but portions of them have been quoted by the defense and the prosecution.

These two documents are central to the clash in the Arizona courtroom. One authorizes a "pen register" and clearly isn't a search warrant. The other document is more complex. The prosecution says it is a type of search warrant and that a finding of probable cause was made.

But the defense argues that it can't be a proper search warrant, because among other things it allowed investigators to delete all the tracking data collected, rather than reporting back to the judge.

Legal experts who spoke with the Journal say it is difficult to evaluate the order, since it remains sealed. In general, for purposes of the Fourth Amendment, the finding of probable cause is most important in determining whether a search is reasonable because that requirement is specified in the Constitution itself, rather than in legal statutes, says Mr. Kerr.

But it is "odd" for a search warrant to allow deletion of evidence before a case goes to trial, says Paul Ohm, a professor at the University of Colorado Law School and a former computer-crime attorney at the Department of Justice. The law governing search warrants specifies how the warrants are to be executed and generally requires information to be returned to the judge.

Even if the court finds the government's actions acceptable under the Fourth Amendment, deleting the data is "still something we might not want the FBI doing," Mr. Ohm says.

The government says the data from the use of the stingray has been deleted and isn't available to the defendant. In a statement, the FBI told the Journal that "our policy since the 1990s has been to purge or 'expunge' all information obtained during a location operation" when using stingray-type gear.

As a general matter, Ms. Sabol says, court orders related to stingray technology "will include a directive to expunge information at the end of the location operation."

Ms. Sabol says the FBI follows this policy because its intent isn't to use the data as evidence in court, but rather to simply find the "general location of their subject" in order to start collecting other information that can be used to justify a physical search of the premises.

In the Rigmaiden example, investigators used the stingray to narrow down the location of the broadband card. Then they went to the apartment complex's office and learned that one resident had used a false ID and a fake tax return on the renter's application, according to court documents.

Based on that evidence, they obtained a search warrant for the apartment. They found the broadband card connected to a computer.

Mr. Rigmaiden, who doesn't confirm or deny ownership of the broadband card, is arguing he should be given information about the device and about other aspects of the mission that located him.

In the February hearing, Judge Campbell said he might need to weigh the government's claim of privilege against the defendant's Fourth Amendment rights, and asked the prosecution, "How can we litigate in this case whether this technology that was used in this case violates the Fourth Amendment without knowing precisely what it can do?"

Write to Jennifer Valentino-DeVries at Jennifer.Valentino-DeVries@wsj.com

[Crafty_Dog]

A bit paranoid, but some interesting points

http://goldsilver.com/video/smart-meters/

[Crafty_Dog]

CRYPTO-GRAM

               October 15, 2011

               by Bruce Schneier
       Chief Security Technology Officer, BT
              schneier@schneier.com
             http://www.schneier.com


A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and otherwise.

For back issues, or to subscribe, visit <http://www.schneier.com/crypto-gram.html>.

You can read this issue on the web at
<http://www.schneier.com/crypto-gram-1110.html>.  These same essays and news items appear in the "Schneier on Security" blog at <http://www.schneier.com/blog>, along with a lively comment section.  An RSS feed is available.


** *** ***** ******* *********** *************

In this issue:
      Three Emerging Cyber Threats
      Status Report: Liars and Outliers
      News
      Official Malware from the German Police
      Domain-in-the-Middle Attacks
      Schneier News
      Insider Attack Against Diebold Voting Machines
      National Cybersecurity Awareness Month


** *** ***** ******* *********** *************

      Three Emerging Cyber Threats



Last month, I participated in a panel at the Information Systems Forum in Berlin.  The moderator asked us what the top three emerging threats
were in cyberspace.   I went last, and decided to focus on the top three
threats that are not criminal:

* The Rise of Big Data.  By this I mean industries that trade on our data. These include traditional credit bureaus and data brokers, but also data-collection companies like Facebook and Google.  They're collecting more and more data about everyone, often without their knowledge and explicit consent, and selling it far and wide: to both other corporate users and to government.  Big data is becoming a powerful industry, resisting any calls to regulate its behavior.

* Ill-Conceived Regulations from Law Enforcement.  We're seeing increasing calls to regulate cyberspace in the mistaken belief that this will fight crime.  I'm thinking about data retention laws, Internet kill switches, and calls to eliminate anonymity.  None of these will work, and they'll all make us less safe.

* The Cyberwar Arms Race.  I'm not worried about cyberwar, but I am worried about the proliferation of cyber weapons.  Arms races are fundamentally destabilizing, especially when their development can be so easily hidden.  I worry about cyberweapons being triggered by accident, cyberweapons getting into the wrong hands and being triggered on purpose, and the inability to reliably trace a cyberweapon leading to increased distrust.  Plus, arms races are expensive.

That's my list, and they all have the potential to be more dangerous than cybercriminals.

Big data:
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1926431

Internet kill switches:
http://www.schneier.com/essay-224.html

Calls to eliminate anonymity:
http://www.schneier.com/blog/archives/2010/02/anonymity_and_t_3.html

Cyberwar:
http://www.schneier.com/blog/archives/2010/12/cyberwar_and_th.html

[Crafty_Dog]

By STEVE STECKLOW, FARNAZ FASSIHI and LORETTA CHAO
When Western companies pulled back from Iran after the government's bloody crackdown on its citizens two years ago, a Chinese telecom giant filled the vacuum.

Huawei Technologies Co. now dominates Iran's government-controlled mobile-phone industry. In doing so, it plays a role in enabling Iran's state security network.

Huawei recently signed a contract to install equipment for a system at Iran's largest mobile-phone operator that allows police to track people based on the locations of their cellphones, according to interviews with telecom employees both in Iran and abroad, and corporate bidding documents reviewed by The Wall Street Journal. It also has provided support for similar services at Iran's second-largest mobile-phone provider. Huawei notes that nearly all countries require police access to cell networks, including the U.S.

Huawei's role in Iran demonstrates the ease with which countries can obtain foreign technology that can be used to stifle dissent through censorship or surveillance. Many of the technologies Huawei supports in Iran—such as location services—are available on Western networks as well. The difference is that, in the hands of repressive regimes, it can be a critical tool in helping to quash dissent.

See a screenshot of an article about Huawei reprinted on the website of the Chinese embassy in Tehran. It first appeared in August 2009, two months after mass demonstrations erupted in Iran. The article notes that Huawei's clients include "military industries."

Last year, Egyptian state security intercepted conversations among pro-democracy activists over Skype using a system provided by a British company. In Libya, agents working for Moammar Gadhafi spied on emails and chat messages using technology from a French firm. Unlike in Egypt and Libya, where the governments this year were overthrown, Iran's sophisticated spying network remains intact.

In Iran, three student activists described in interviews being arrested shortly after turning on their phones. Iran's government didn't respond to requests for comment.

Iran beefed up surveillance of its citizens after a controversial 2009 election spawned the nation's broadest antigovernment uprising in decades. Authorities launched a major crackdown on personal freedom and dissent. More than 6,000 people have been arrested and hundreds remain in jail, according to Iranian human-rights organizations.

Enlarge Image

 
Close.This year Huawei made a pitch to Iranian government officials to sell equipment for a mobile news service on Iran's second-largest mobile-phone operator, MTN Irancell. According to a person who attended the meeting, Huawei representatives emphasized that, being from China, they had expertise censoring the news.

The company won the contract and the operator rolled out the service, according to this person. MTN Irancell made no reference to censorship in its announcement about its "mobile newspaper" service. But Iran routinely censors the Internet using sophisticated filtering technology. The Journal reported in June that Iran was planning to create its own domestic Internet to combat Western ideas, culture and influence.

In winning Iranian contracts, Huawei has sometimes partnered with Zaeim Electronic Industries Co., an Iranian electronics firm whose website says its clients include the intelligence and defense ministries, as well as the country's elite special-forces unit, the Islamic Revolutionary Guards Corps. This month the U.S. accused a branch of the Revolutionary Guards of plotting to kill Saudi Arabia's ambassador to the U.S. Iran denies the claim.

Huawei's chief spokesman, Ross Gan, said, "It is our corporate commitment to comply strictly with all U.N. economic sanctions, Chinese regulations and applicable national regulations on export control. We believe our business operations in Iran fully meet all of these relevant regulations."

William Plummer, Huawei's vice president of external affairs in Washington, said the company's location-based-service offerings comply with "global specifications" that require lawful-interception capabilities. "What we're doing in Iran is the same as what we're doing in any market," he said. "Our goal is to enrich people's lives through communications."

 .Firms Aided Libyan Spies
8/30/2011
Cisco Poised to Help China Keep an Eye on Its Citizens
7/5/2011
Iran Vows to Unplug Internet
5/28/2011
U.S. Products Help Block Mideast Web
3/28/2011
Full Coverage: Wsj.com/censorship
.Huawei has about 1,000 employees in Iran, according to people familiar with its Iran operations. In an interview in China, a Huawei executive played down the company's activities in Iran's mobile-phone industry, saying its technicians only service Huawei equipment, primarily routers.

But a person familiar with Huawei's Mideast operations says the company's role is considerably greater, and includes a contract for "managed services"—overseeing parts of the network—at MTN Irancell, which is majority owned by the government. During 2009's demonstrations, this person said, Huawei carried out government orders on behalf of its client, MTN Irancell, that MTN and other carriers had received to suspend text messaging and block the Internet phone service, Skype, which is popular among dissidents. Huawei's Mr. Plummer disputed that the company blocked such services.

Huawei, one of the world's top makers of telecom equipment, has been trying to expand in the U.S. It has met resistance because of concerns it could be tied to the Chinese government and military, which the company denies.

Last month the U.S. Commerce Department barred Huawei from participating in the development of a national wireless emergency network for police, fire and medical personnel because of "national security concerns." A Commerce Department official declined to elaborate.

Enlarge Image

 
CloseBloomberg News
 
Building F1, home to the exhibition hall, stands at the Huawei Technologies Co. campus in Shenzhen, Guangdong Province, China, on Thursday, May 19, 2011.
.In February, Huawei withdrew its attempt to win U.S. approval for acquiring assets and server technology from 3Leaf Systems Inc. of California, citing opposition by the Committee on Foreign Investment in the United States. The panel reviews U.S. acquisitions by foreign companies that may have national-security implications. Last year, Sprint Nextel Corp. excluded Huawei from a multibillion-dollar contract because of national-security concerns in Washington, according to people familiar with the matter.

Huawei has operated in Iran's telecommunications industry since 1999, according to China's embassy in Tehran. Prior to Iran's political unrest in 2009, Huawei was already a major supplier to Iran's mobile-phone networks, along with Telefon AB L.M. Ericsson and Nokia Siemens Networks, a joint venture between Nokia Corp. and Siemens AG, according to MTN Irancell documents.

Iran's telecom market, which generated an estimated $9.1 billion in revenue last year, has been growing significantly, especially its mobile-phone business. As of last year, Iran had about 66 million mobile-phone subscribers covering about 70% of the population, according to Pyramid Research in Cambridge, Mass. In contrast, about 36% of Iranians had fixed-line phones.

As a result, mobile phones provide Iran's police network with far more opportunity for monitoring and tracking people. Iranian human-rights organizations outside Iran say there are dozens of documented cases in which dissidents were traced and arrested through the government's ability to track the location of their cellphones.

Many dissidents in Iran believe they are being tracked by their cellphones. Abbas Hakimzadeh, a 27-year-old student activist on a committee that published an article questioning the actions of Iran's president, said he expected to be arrested in late 2009 after several of his friends were jailed. Worried he could be tracked by his mobile phone, he says he turned it off, removed the battery and left Tehran to hide at his father's house in the northeastern city of Mashhad.

A month later, he turned his cellphone back on. Within 24 hours, he says, authorities arrested him at his father's house. "The interrogators were holding my phone records, SMS and emails," he said.

He eventually was released and later fled to Turkey where he is seeking asylum. In interviews with the Journal, two other student activists who were arrested said they also believe authorities found them in hiding via the location of their cellphones.

In early 2009, Siemens disclosed that its joint venture with Nokia, NSN, had provided Iran's largest telecom, government-owned Telecommunications Company of Iran, with a monitoring center capable of intercepting and recording voice calls on its mobile networks. It wasn't capable of location tracking. NSN also had provided network equipment to TCI's mobile-phone operator, as well as MTN Irancell, that permitted interception. Like most countries, Iran requires phone networks to allow police to monitor conversations for crime prevention.

NSN sold its global monitoring-center business in March 2009. The company says it hasn't sought new business in Iran and has established a human-rights policy to reduce the potential for abuse of its products.

A spokesman for Ericsson said it delivered "standard" equipment to Iranian telecom companies until 2008, which included built-in lawful-interception capabilities. "Products can be used in a way that was not the intention of the manufacturer," the spokesman said. He said Ericsson began decreasing its business in Iran as a result of the 2009 political upheaval and now doesn't seek any new contracts.

As NSN and Ericsson pulled back, Huawei's business grew. In August 2009, two months after mass protests began, the website of China's embassy in Tehran reprinted a local article under the headline, "Huawei Plans Takeover of Iran's Telecom Market." The article said the company "has gained the trust and alliance of major governmental and private entities within a short period," and that its clients included "military industries."

The same month the Chinese embassy posted the article, Creativity Software, a British company that specializes in "location-based services," announced it had won a contract to supply a system to MTN Irancell. "Creativity Software has worked in partnership with Huawei, where they will provide first and second level support to the operator," the company said.

The announcement said the system would enable "Home Zone Billing"—which encourages people to use their cellphones at home (and give up their land lines) by offering low rates—as well as other consumer and business applications that track user locations. In a description of the service, Creativity Software says its technology also enables mobile-phone operators to "comply with lawful-intercept government legislation," which gives police access to communications and location information.

A former telecommunications engineer at MTN Irancell said the company grew more interested in location-based services during the antigovernment protests. He said a team from the government's telecom-monitoring center routinely visited the operator to verify the government had access to people's location data. The engineer said location tracking has expanded greatly since the system first was installed.

An official with Creativity Software confirmed that MTN Irancell is a customer and said the company couldn't comment because of "contractual confidentiality."

A spokesman for MTN Group Ltd., a South African company that owns 49% of the Iranian operator, declined to answer questions, writing in an email, "The majority of MTN Irancell is owned by the government of Iran." He referred questions to the telecommunications regulator, which didn't respond.

In 2008, the Iranian government began soliciting bids for location-based services for the largest mobile operator, TCI's Mobile Communication Co. of Iran, or MCCI. A copy of the bidding requirements, reviewed by the Journal, says the contractor "shall support and deliver offline and real-time lawful interception." It also states that for "public security," the service must allow "tracking a specified phone/subscriber on map."

Ericsson participated in the early stages of the bidding process, a spokesman said. Internal company documents reviewed by the Journal show Ericsson was partnering with an Estonian company, Reach-U, to provide a "security solution" that included "Monitor Security—application for security agencies for locating and tracking suspects."

The Ericsson spokesman says its offering didn't meet the operator's requirements so it dropped out. An executive with Reach-U said, "Yes, we made an offer but this ended nowhere."

One of the ultimate winners: Huawei. According to a Huawei manager in Tehran, the company signed a contract this year to provide equipment for location-based services to MCCI in the south of Iran and is now ramping up hiring for the project.

One local Iranian company Huawei has done considerable business with is Zaeim Electronic Industries. "Zaeim is the security and intelligence wing of every telecom bid," said an engineer who worked on several projects with Zaeim inside the telecom ministry. Internal Ericsson records show that Zaeim was handling the "security part" of the lawful-interception capabilities of the location-based services contract for MCCI.

On its Persian-language website, Zaeim says it launched its telecommunications division in 2000 in partnership with Huawei, and that they have completed 46 telecommunications projects together. It says they now are working on the country's largest fiber-optic transfer network for Iran's telecom ministry, which will enable simultaneous data, voice and video services.

Zaeim's website lists clients including major government branches such as the ministries of intelligence and defense. Also listed are the Revolutionary Guard and the president's office.

Mr. Gan, the Huawei spokesman, said: "We provide Zaeim with commercial public use products and services." Zaeim didn't respond to requests for comment.



Read more: http://online.wsj.com/article/SB10001424052970204644504576651503577823210.html#ixzz1c0UPXuMc

[Crafty_Dog]

DALLAS—Drones, the remote-controlled aircraft used in combat zones, are now hovering over some U.S. cities as police enlist them to get a bird's-eye view of crime scenes and accidents at relatively low expense.

But as financially strapped municipalities add drones to their crime-fighting arsenal, they are facing increasing questions about the vehicles' safety, as well as their potential to violate citizens' privacy.

Law-enforcement officials say the unmanned aircraft help avoid putting police in the line of fire, either by performing surveillance close to the ground, like a live officer, or by monitoring from high up, removing pilots from potential danger. Earlier this year, a police helicopter in Los Angeles had to make an emergency landing after it was shot at by a gunman.

Drones are also considerably cheaper than regular aircraft. Officials in Montgomery County, near Houston, Texas, estimate it costs $30 an hour to operate a drone, compared with a minimum of $500 an hour for a helicopter. The purchase price of a drone is typically less than that of a chopper or plane, too.

Airborne Enforcer
How one drone shapes up

Department: Montgomery County Sheriff's Office, Texas

Model: Shadowhawk

Cost:$300,000

Manufacturer: Vanguard Defense Industries LLC

Altitude limit: 8,000 feet

Weight: About 50 pounds

Features: Infrared camera that can detect the heat emitted by a person below

Source: Vanguard Defense Industries LLC, Montgomery County Sheriff's Office .That math was attractive to the Montgomery County Sheriff's Office, which recently used a grant from the U.S. Department of Homeland Security to purchase a $300,000 drone called the Shadowhawk, made by Vanguard Defense Industries LLC, of Conroe, Texas. It comes equipped with an infrared camera that can detect the heat emitted by a person below. In addition to crime-fighting assistance, officials say, that will help track lost hikers in a nearby national forest.

"We certainly do not have the funds to go out and purchase our own helicopter," said Randy McDaniel, the office's chief deputy.

Most departments say the small craft aren't suitable for high-speed chases of suspects. But police are finding they can help with other duties, including monitoring crowds at parades, performing reconnaissance ahead of raids and helping ground officers respond more quickly to accidents such as highway pileups and hazardous-material spills.

Because of increasing demand for small unmanned aircraft, the Federal Aviation Administration is devising new rules to regulate their flight. A proposal is expected in January.

The FAA grants permits to operate drones on a case-by-case basis, depending on their planned use. As of September, there were 285 active permits requested by 85 government groups, including public universities, federal law-enforcement agencies and police departments.

However, some airplane pilots complain that the rules set by those individual permits are largely unknown to the rest of the flying public. Heidi Williams, of the Aircraft Owners and Pilots Association, said that drones should be subject to a set of standard rules, just like manned aircraft.

"There has to be some way for them to integrate safely into the airspace system," she said.

Though drones have been used by the military for decades, they are still relatively new in law enforcement on U.S. soil. The models used by police are smaller and unarmed, weigh less than 55 pounds and are maneuvered from the ground through a computer or a joystick. Their range varies from a few hundred to several thousand feet in altitude, and their price from $5,000 for in-house-fabricated models to several hundred thousand dollars.

Vanguard Defense, the company that made the Montgomery County drone, markets its law-enforcement units through in-person presentations and at industry trade shows such as the International Association of Chiefs of Police Conference, said Michael S. Buscher, the company's chief executive.

Civil-rights advocates worry the technology could be used to pry into citizens' lives.

"There's a question about the degree to which Americans are going to be able to preserve the privacy of movement that we've all enjoyed," said Catherine Crump, an attorney with the American Civil Liberties Union in New York.

In response to such concerns, some agencies are setting guidelines that allow the flight of drones only for specific missions, rather than random air patrols.

Andrew Cohen, a sergeant with the Miami-Dade Police Department, said its two units were reserved for emergencies, and hadn't been deployed a single time since the agency got a flying permit for them six months ago.

Another challenge for police is changing the drone's public image.

"We are purposely not calling these drones. When people hear the word 'drone' they automatically think of the huge military-type aircraft equipped with weapons," said Lt. Chad Gann of the Arlington police department.

He prefers the term "small unmanned aircraft" to describe the two units his department is buying. Mr. Gann said they will help jump-start fatal-crash investigations by arriving to the scene sooner and taking aerial pictures, saving money and officers' time.

In Columbia, S.C., police planning a raid on a house where an armed man had barricaded himself used a small drone to get details of the property, such as the direction in which the door opened, said Ruben Santiago, deputy chief of operations. "It cut down on the time it would take for us to do the necessary surveillance," he said.

Mr. Cohen, at the Miami-Dade Police Department, said that whenever the drones make their debut, residents don't have to worry about the aircraft sneaking up on them, because they sound like flying lawn mowers.

"It's not stealth technology at all," he said.  (That may change though, yes?)

[G M]

"It's not stealth technology at all," he said.  (That may change though, yes?)


So?

[Crafty_Dog]

C'mon GM, you already know the answer to that.  The technological trajectory is towards the capability to have Big Brother watching all the time everywhere.  That may fit your idea of a free people in a free society, but it does not fit mine.  You already know this.

[G M]

Law enforcement having aircraft is new?

[Crafty_Dog]

The technology in short order will produce zillions of flying surveillance robots, too small or too far away to be seen or heard.

Please feel free to break out of your self-sustaining feedback loop on this one , , ,

[G M]

 

Uhuh. Yeah, the police departments that are cancelling academies, laying off officers, closing specialized units just to put bodies into uniforms to catch calls are going to have legions of remote aircraft watching everything.

Totally realistic concern.

[Crafty_Dog]

Ummm , , , I see, , , our American Creed and the Freedom with which we live is to be dependent on the government not deciding to spend/print money on this stuff-- stuff which, like all technology, rapidly decreases in cost?  , , , You know that bill we are discussing on another thread with the troubling language that Congress is working on rather secretly to have American citizens indefinitely detained by US military?

This is the proper time, use, and place for drones: 
http://www.theblaze.com/stories/intense-footage-shows-taliban-insurgents-destroyed-in-bombings/

Not as SOP for daily life in America.

[G M]

Human beings don't decrease in cost. A UAV might be cheaper than a conventional aircraft, but it still has to be flown by a trained pilot and maintained by trained personnel. Anything that has the potential to crash or cause any sort of injury/death has a huge legal price tag attached to it.

How many SoCal law enforcement agencies that used to have aviation programs have gutted them or shut them down completely?

[G M]

http://www.aviationweek.com/aw/jsp_includes/articlePrint.jsp?headLine=UAVs, or Nothing Can Go Wrong, Go Wrong. . .&storyID=news/bca0108p2.xml

UAVs, or Nothing Can Go Wrong, Go Wrong. . .
By George C. Larson
 
Before most people noticed, the idea of employing aircraft in the national airspace without pilots aboard them -- unmanned aerial vehicles, or UAVs (and sometimes UAS, where the S is for "systems") -- has gotten to a point where their introduction is considered inevitable. Who'd have thought? After all, these machines were originally developed to conduct military missions in areas deemed too hazardous for humans, not for ordinary flying tasks. Advocates like to say UAVs are best at "3-D missions" -- those that are dull, dirty or dangerous.

Now there's palpable pressure from UAV advocates to insert the aircraft into an array of civilian missions as well. And there are two leading arguments for their use: long endurance and low cost.

It's true that replacing the weight of a pilot with an equal amount of fuel confers on the UAV a higher fuel fraction in its design gross weight, which is where the endurance comes from. A solar-powered Zephyr UAV stayed aloft for 54 hours, setting a record in 2006, and the turbofan-powered Northrop Global Hawk operated by the U.S. Air Force has a claimed 42-hour endurance. No current production human-piloted aircraft can match numbers like those, although Burt Rutan's one-off designs for record-setting aircraft prove that endurance can be had with a pilot aboard. (Rutan's Voyager flew for nine days, or 216 hours, on its nonstop, round-the-world flight. It also demonstrated that a flight of that length is hard on pilots.)

The cost-saving argument, though, may not hold up for high-end machines such as the military's Predator and Global Hawk families, which can be priced in the tens of millions (average Global Hawk in 2003: $57 million) and require extensive logistics and ground crew. Versions tailored to the less-exotic needs of civil operators are cheaper but still priced like small business jets. Economy-class UAVs are confined to much smaller vehicles in a class with radio-control scale-model hobby aircraft; they are cheaper to acquire and operate. One problem at the low end is that many would-be operators think of them as the same as recreational scale models and don't yet realize that the flight of these vehicles falls under the jurisdiction of the FAA.

Perhaps a typical example is one from The New York Times of Jan. 13, 2005. Chang Industry, Inc., of La Verne, Calif., was reported to be marketing a five-pound aircraft with a four-foot wing and a unit cost of only $5,000. The company anticipated a demonstration for the Los Angeles County Sheriff's Department to show off a video surveillance camera. With a fabric wing and kite-like structure, a service ceiling of 1,000 feet and an endurance of 20 minutes, the little airplane seemed harmless enough if things went south. But Chang knew its market: There was also a $15,000 model in the works with an eight-foot wing. An FAA spokesman quoted in the story pointed out that the agency would issue limited certificates of authorization defining where such aircraft could operate and under what conditions. And that's still the way it's done today.

There's no argument in wartime over the preference for an unmanned aircraft in combat areas where lives are at stake. The saving of an American life trumps all, and Congress has responded in kind. The Congressional Research Service (CRS) reports that between 2001 and 2004, UAV expenditures rose from $667 million to over $1.1 billion. In Washington, UAVs (now labeled "transformational," the magic word around the Department of Defense) are the darlings of procurement programs and may well have a total market somewhere north of $3 billion by now.

But the question lingers as to a UAV's comparative effectiveness and cost performing ordinary surveillance missions in the national airspace system (NAS) when the competition is a Cessna 182 with aux tanks and containing a couple of observers with night binoculars and piddle packs. Some estimates peg operating cost at six times a manned aircraft like the Cessna, while UAV advocates prefer to compare the price of their wares with a Lockheed P-3, a four-engine Navy antisubmarine patrol aircraft, or a Sikorsky Black Hawk. That argument won't be settled here, though. The issue of concern to business aviation is how the introduction of UAVs may affect our operations, particularly at the lower and middle altitudes where the civil versions are likely to fly.

Law-enforcement agencies conduct a lot of airborne surveillance missions, but within the last 30 to 40 years, eyeballs have concentrated along the borders, particularly the 2,062-mile-long one dividing the United States and Mexico. And there's lot to watch for, from smugglers running illegals across at night to drug couriers moving their goods north to urban markets. The former Customs Service ranged far and wide in its drug-interdiction missions, even employing sensor-equipped Cessna Citations to pursue blacked-out aircraft headed for landing strips and drop zones. The Border Patrol spent its days and nights in low-flying airplanes and helicopters "cutting sign" -- their term for tracking -- in the desert. Now the two agencies have been combined to form U.S. Customs and Border Protection (CBP) under the Department of Homeland Security. A 2005 report counted some 10,000 agents on duty on the southern border alone; the figure is sure to have risen.

With the exception of aerostats, simple tethered balloons mounting sensors that scan wide areas, aerial surveillance has been conducted mainly in piloted aircraft by these agencies and others. And throughout these efforts, the presence of pilots on the aircraft has ensured the safety of their operation in the NAS. In addition to the see-and-avoid doctrine governing visual flight, pilots flying surveillance could interact with ATC. Perhaps a science payload might fly IFR, but surveillance, by its very nature, connotes visual conditions. And for the most part, such flights were ordinary in every sense.

Aerostats present the same issues as tall broadcast towers and appear on charts and in NOTAMs. Impromptu deployments are a cause for concern, however. In November 2007, a Honolulu police helicopter collided with a balloon being flown above a department store and was forced to make an emergency landing with its tail rotor inoperable.

Advocates of UAVs argue that aircraft like the Predator B, operating today as the MQ-9 Unmanned Aircraft System for the CBP's Air and Marine division from a center in Riverside, Calif., fly at altitudes of up to 50,000 feet and are well above commercial and business traffic. However, the sensors deliver better images from altitudes lower than that, and operators are likely to go for the best pictures. The aircraft, manufactured by General Atomics Aeronautical Systems in San Diego, is operated remotely from the Air and Marine Operations Center by either line-of-sight direct link or Ku-band links via satellite when the horizon intervenes. Most of the General Atomics Predator family is also said to be capable of autonomous flight: programmed flight plans flown without a remote link.

When a Predator B surveillance aircraft crashed near Nogales, Ariz., in April 2006, a subsequent investigation revealed that the fuel supply to the aircraft's engine had been inadvertently shut down during a mix-up as two remote operators changed controls. The aircraft continued to descend, giving no indication of the problem, until it struck the ground. Although there were no casualties or property damage, the incident put the spotlight on a serious operational flaw. A news report at the time cited the value of the aircraft at $6.5 million (another said $14 million) and stated that it was generally operated at 15,000 feet. Another recent accident in Kinshasa, capital of the Congo, involving a European Union-operated Belgian-built UAV, reportedly killed one person and injured two others.

According to a CRS estimate, the UAV accident rate is 100 times that of manned aircraft, a factor that is seldom considered when system costs are reckoned.

Surveillance flights by UAVs are one thing when they're operating along the southern border far from congested airspace. But it's another matter to envision them performing surveillance over the major port cities on both coasts, although there is considerable enthusiasm among their advocates for employing them in just that role.

From a 2003 CRS document: "Additional roles for UAVs in the near future may include homeland security and medical resupply. The Coast Guard and Border Patrol, parts of the newly formed Department of Homeland Security, already have plans to deploy UAVs to watch coastal waters, patrol the nation's borders, and protect major oil and gas pipelines. Congressional support exists for using UAVs like the Predator for border security." Military operation would be inappropriate for such duties, the report said, so domestic agencies would carry out the missions. Still . . . medical resupply? Watch coastal waters? From another CRS paper: "The longer flight times of UAVs means that sustained coverage over a previously exposed area may improve border security."

But if the purpose is to stare at one spot for a very long time, why not install an aerostat or a camera tower? And the language justifying use of these vehicles invariably rolls out the "T" word. Has there been one proven instance of a terrorist entering the United States by overland crossing of the border in a remote area? Would a terrorist choose that route to, say, a crowded railroad terminal? So far, only government agencies have been seated around the tables where such questions are debated, and the FAA has been the sole guardian of NAS integrity.

Setting aside the unsettling feeling that the UAV movement is at least partly fueled by overwrought enthusiasm, there are the practicalities of their operation, and that's what moved the AOPA to ask for formation of a Special Committee under the Radio Technical Commission for Aeronautics (RTCA) to formulate the operational specifications of UAVs to operate in civilian airspace. The creation of SC-203 under the RTCA effectively blocks helpful suggestions from UAV advocates that the best solution to NAS flights was to revise the FARs or create semi-permanent temporary flight restrictions. The AOPA pointed out that a restricted area in a swath painted along the southern border would affect more than 100 airports.

In medicine, physicians adhere to the tenet "Do no harm." Heidi Williams, AOPA director of Air Traffic Services, states flatly, "We have gone on record to the FAA that any [UAV] integration into the NAS should be done without any harm to the existing civil airspace user." In expanding upon that, she says, the organization believes UAVs in the NAS should be regulated and equipped like other aircraft. At the heart of the discussion within circles such as SC-203 is the concept of "sense and avoid" and what that will mean. Obviously rooted in the concept of "see and avoid," the execution of an automated equivalent adds considerable complexity to the current architecture of the UAV, which is focused on surveillance below, not the airspace surrounding it. And the AOPA is rightly focused on keeping attention on the low- and mid-altitude vehicles with enough mass to create a hazard. Williams also emphasizes that the AOPA is not opposed to the introduction of UAVs into the NAS.

Envisioning actual operations leads to looming questions. How will UAVs in climb and descent phases of their missions manage encounters with other aircraft? If you instinctively think, "Light that sucker up so I can avoid him," you're not alone. Both visual and electronic beacons are needed even in daylight VMC because UAVs can be difficult to spot. But the current thinking would provide the UAV itself with an electronic awareness of its surroundings and automate its responses. That means programming relatively complicated scenarios such as the Right of Way Rule (FAR Part 91.113) governing overtaking, intersecting courses and head-on encounters. If you put yourself into any of those situations while driving your Learjet on an arrival profile, you would wish for an automated maneuver that would take the UAV out of the play completely.

The AOPA's Williams characterizes the present level of discussions as "concept and philosophy." Spokesman Chris Dancy adds, "The immediate concern the AOPA has is potential civil end users. They're getting ahead of the game but are not looking at the regulatory environment." He's talking about law-enforcement agencies, of course, in small towns everywhere who are thinking about how cool it would be to have their own little mini-Predator.
 

[G M]

http://www.khou.com/news/local/HPD-helicopters-grounded-following-fuel-budget-cut--125791023.html

HOUSTON -- Numerous sources within HPD's Helicopter Unit say they are upset because the department's fuel budget was just cut by 75 percent.
 
And now the choppers, which are used for public safety, are just sitting on the ground for most of the day.
 
"I have received information today that the helicopters have been reduced from about 20-plus hours in the air to about 3 hours in the air per day. That is unacceptable," City Council Member C.O. Bradford said.
 
Bradford knows a lot about the fleet. He spent 24 years with HPD and for seven years he was the police chief.
 
"We have about a dozen helicopters sitting out there costing about a million dollars each and they are new. These helicopters are probably two years of age or less. We cannot afford to have those helicopters, and all of the technology inside those helicopters sitting on the ground," Bradford said.
 
KHOU 11 News confirmed Monday that a new Bell 412 helicopter, purchased by the federal government for HPD, will arrive soon.
 
When it gets here, sources inside HPD said mechanics will drain all of its fluids and store it in a hangar. It will not be used.
 
"You can bet I will be calling the police chief, asking the mayor to do what we can do in this city to get that safety tool back in the air," Bradford said.
 
Even though HPD's budget has been cut by $40 million, Bradford and Houston City Council Member James Rodriguez say the helicopter cuts are a concern because it affects public safety.
 
"We need to find the resources in this city to get those helicopters back into the air," Bradford said.

[G M]

http://www.ocregister.com/articles/helicopter-240425-beach-police.html

Published: March 22, 2010 Updated: March 23, 2010 6:23 p.m.


Police helicopter programs get trimmed


Government agencies work to trim their budget resulting in less flight time for law enforcement's helicopters.BY ANNIE BURRIS / THE ORANGE COUNTY REGISTER



Hovering about 900 feet in the air in a police helicopter, officer Ryan Walker moves a spotlight with 50 million candlepower over a local park looking for a missing 11-year-old girl.
 
Tactical flight officer Walker and pilot Rob Dimel circle the park and surrounding neighborhoods searching for the girl, who was last seen about an hour before in a red shirt and jeans. They cover miles at a time, doing what might take a patrol officer on the ground hours of legwork.





Tactical Flight Officer Ryan Walker, left, and pilot Rob Dimel patrol the skies over Orange County Friday night.

KEVIN SULLIVAN, THE ORANGE COUNTY REGISTER

MORE PHOTOS »

ADVERTISEMENT



Cuts:
 
Huntington Beach – Voted March 1 to slash their helicopter budget by $108,000, taking two pilots and putting them back on regular patrol and having the helicopters fly 40 hours a week instead of 60.
 
Anaheim – Cut 15 hours of flying time out of the helicopter's usual 60 hours, saving the city about $868,000.
 
Orange County Sheriff – Cut their patrol time in half to two and a half hours a day, saving the department about $700,000.
 
A.B.L.E. – Cut its training budget by about $80,000.




 
Minutes later, a broadcast over one of the helicopter's nine radios confirms that the girl was found and has gone home. Mission accomplished.
 
"We are doing the same thing patrol cars are doing, we just see a whole lot more,'' said Dimel, who has worked 10 years with Costa Mesa and Newport Beach's joint helicopter program, including three as a pilot.
 
Law enforcement officials tout their helicopter programs as one of their most important and effective tools. Helicopters can move and search faster than a patrol car and they often act as a psychological deterrent to crime, they say. However, with the economic slowdown, agencies countywide have trimmed their helicopter programs by about $1.2 million and grounded their helicopters for more than 40 total hours a week.
 
Huntington Beach, Anaheim, the Orange County Sheriff's Department and California Highway Patrol have their own helicopter departments. Costa Mesa and Newport share a combined program called Airborne Law Enforcement, or A.B.L.E., which also contracts with the Santa Ana Police Department.
 
Huntington Beach's helicopter is called HB1, Anaheim's is Angel, A.B.L.E.'s is Eagle, and the sheriff's is Duke after John Wayne. CHP's helicopter names vary throughout the state.
 
Due to budget cuts, Huntington Beach has decreased its flight time to 40 hours from 60, saving about $108,000. Anaheim has cut their hours to 45 from 60, reducing costs by $311,000, and the Sheriff's Department slashed its air time in half – from five hours a day to two and a half, saving $700,000. A.B.L.E. decreased its training budget by about $80,000.
 
"It is so helpful on so many incidents," said Sgt. Rick Martinez with the Anaheim Police Department. "You can feel the void when they are not there."
 
Because of the decreased air time, Huntington Beach police have fewer resources readily available, spokesman Lt. Russell Reinhart said.
 
"A lot of it is less efficiency on our end and less service we can give to the community," he said.

[G M]

[youtube]http://www.youtube.com/watch?feature=endscreen&v=aL6a0DLT6YQ&NR=1[/youtube]

http://www.youtube.com/watch?feature=endscreen&v=aL6a0DLT6YQ&NR=1

Imminent threat.

[Crafty_Dog]

GM:

Frankly I see these articles you post as non-responsive to the points I am making.

a) we should not depend upon costs of intrusive surveillance for the protection of our freedom
b) costs of the technolgy are and will continue to decline dramatically
c) the technologies capabilities and sneakiness are and will continue to increase dramatically.

======

On a different but related matter, its a good thing that we have Attorney General Holder to protect us from the misuse of surveilling technology in the government's hands like this:

WSJ


In August 2010, Libyan journalist Khaled Mehiri shot an email to his editor at al-Jazeera proposing an article about the hollow nature of the Gadhafi regime's anticorruption efforts.

Before the story was even written, the regime knew about it. Libyan security agents had intercepted the email, using an Internet-surveillance system purchased from a French company, Amesys.

For months, the agents monitored the journalist's emails and Facebook messages via the Amesys tools, printing out messages and storing them in a file that The Wall Street Journal recovered in an abandoned electronic-surveillance headquarters in Tripoli.

In January 2011, as the Arab Spring was exploding in neighboring Tunisia and unrest was building in Libya, Mr. Mehiri was summoned for a face-to-face meeting with Moammar Gadhafi's intelligence chief, Abdullah Senussi, who Mr. Mehiri says admonished him not to publish remarks by certain leading anti-Gadhafi activists.
The surveillance operation now is causing headaches for Amesys, a unit of French technology company Bull SA. Lawmakers from the opposition Socialist Party in France have called for a parliamentary inquiry into any role the French government might have played in facilitating Amesys's sale of equipment to Libya. Human-rights groups have filed court complaints asking French prosecutors to investigate Amesys for what the groups call possible violations of export rules and complicity in torture. Prosecutors haven't yet ruled on the requests.

The French company acknowledges it sold Web-surveillance equipment to Libya but says it has done nothing wrong. "All Amesys activities strictly adhere to the statutory and regulatory requirements of both European and French international conventions," a spokeswoman said. "We are fully prepared to answer any questions which the legal authorities may ask us."

French government officials said the presidency and the office of then-Interior Minister Nicolas Sarkozy were routinely informed of Amesys's negotiations and the subsequent contract in Libya. French authorities, however, didn't vet the Amesys export to Libya because such equipment doesn't require a special license when sold outside France, the officials said. Mr. Sarkozy, who became president in May 2007, declined to comment through a spokesman.

In statements, Amesys and parent company Bull have emphasized that Libya had become a counterterrorism ally with Western governments by 2007, when the contract was signed.

Mr. Mehiri's tangle with the Libyan surveillance apparatus shows how U.S. and European interception technology, though often exported for the stated purpose of tracking terrorists, could instead be deployed against dissidents, human-rights campaigners, journalists or everyday enemies of the state—all categories that appear in Libyan surveillance files reviewed by the Journal.

The story also underscores how the intelligence apparatus overseen by Mr. Senussi, the spy chief, invaded the lives of Libyans amid acquiescence from the West.

Enlarge Image

 
CloseKhaled Mehiri
 
Emails of reporter Khaled Mehiri, pictured, were monitored, and he was called to a meeting with Gadhafi spy chief Abdullah Senussi.
.Enlarge Image

 
CloseReuters
 
Abdullah Senussi
.Mr. Mehiri calls Amesys's decision to sell Libya an invasive spying tool despite Gadhafi's history of repression "a cowardly act and a flagrant violation of human rights," adding: "To me, they are therefore directly involved in the work of the Gadhafi criminal regime."

Mr. Senussi is wanted by the International Criminal Court at The Hague on war-crimes charges for his role in the brutal crackdown against Libyan protesters this spring. About three weeks ago, forces loyal to Libya's transitional government said they had apprehended him, but the government hasn't confirmed this. His whereabouts remain unclear.

Philippe Vannier, a former head of Amesys and current chief executive of Bull, was seen in Tripoli meeting with Mr. Senussi around 2007, according to a person familiar with the matter. Bull and Mr. Vannier declined to comment on that.

Mr. Senussi was long viewed by human-rights advocates as one of Gadhafi's most ruthless operatives, suspected of a role in the assassinations of Libyan dissidents abroad. A French court in 1999 convicted him in absentia of masterminding the 1989 bombing of a French airplane in central Africa that killed 170 people.

Libyan authorities didn't make Mr. Senussi available for questioning by the French court. It is unclear whether he ever made any public statement concerning the bombing or assassinations.

Mr. Mehiri antagonized the Gadhafi regime with articles that took aim at rights abuses. He wrote about poverty that persisted despite Libya's oil wealth. He came to be considered by some an expert on a mass killing of more than 1,200 inmates in Tripoli's Abu Salim prison in June 1996, after he spent months interviewing relatives and survivors.

Mr. Mehiri, 38 years old, grew up in a small town outside the eastern city of Benghazi and studied journalism there. He worked for various Libyan media outlets, some of which were shut down. When Internet service became widespread in the country around 2004, he worked for online Arabic news outlets, including one of the top Libyan dissident sites, Libya Today. In 2007 he started writing for the website of al-Jazeera, the Arabic television channel based in Qatar.

"I had ambitions to find professional and free journalism in my country," Mr. Mehiri says. "For this reason, I decided not to leave the field and to continue my work no matter the circumstances or threats against me."

Those threats ebbed and flowed, he says. By the mid-2000s, he found himself the defendant in a series of what he calls harassment lawsuits, filed by people he said had ties to the security agencies. Human-rights lawyers came to his defense, helping him avoid stiff penalties or jail time in these cases.

In 2009, however, he was convicted of the criminal offense of working for a foreign news organization without the proper license, after a controversial interview he gave to al-Jazeera. In it, he alleged, based on his reporting about the mass prison killing, that Mr. Senussi was at the prison that day, a conclusion that groups like Human Rights Watch have also reached based on survivor testimony.

Mr. Mehiri says a prosecutor allowed him to remain free on condition he sign in each week at the central judicial office in Tripoli. Harassment by intelligence agencies increased, however, he says, including interrogation by prosecutors who said he was under investigation for spying and threatening state security—crimes punishable by death.

During this period, Gadhafi, long a pariah to Western governments, was reaping the benefits of a newfound acceptance. Libya started to come in from the cold around 2003 by relinquishing its weapons of mass destruction program, agreeing to help fight terrorism and later paying large sums to the families of terrorism victims, including those killed in the airliner bombing over Lockerbie, Scotland, for which a Libyan was convicted.

In 2007, Mr. Sarkozy welcomed Gadhafi on an official visit to France, his first in more than three decades.

The Libyan regime saw an opportunity to upgrade its surveillance capability with French technology, according to people familiar with the matter.

Amesys signed its contract with Libya that year, it said, and then in 2008 shipped its "Eagle" surveillance system and sent engineers to Libya to help set it up. The system became fully operational in 2009, the people familiar with it said.

The Libyan government now had a powerful new tool to track its adversaries. The system intercepted traffic from Libya's main Internet service provider and sent it to the monitoring center in Tripoli, which the Journal found in August after rebels overran the capital city.

There, a wall of black refrigerator-size devices inspected the Internet traffic, opening emails, divining passwords, snooping on online chats and mapping connections among various suspects. A sign on the wall in the main room gave the name, French phone number and Amesys corporate email of an Amesys employee, Renaud Roques, to call for technical help. Mr. Roques didn't respond to a request for comment. The Amesys spokeswoman said the company didn't have access to the use made of the equipment in the center.

In an adjoining room, a file on Mr. Mehiri, bound in a green folder marked with the name of Libya's internal-security service, lay amid scores of others stacked in floor-to-ceiling shelves. It shows he had been subjected to electronic surveillance at least as far back as August 2010 and as recently as last February.

The file consists of dozens of pages of emails. All feature the designation "https://eagle/interceptions" in the upper right corner, an indication that agents printed out the messages using the Eagle interception system from Amesys.

The file reveals a journalist working to document the underbelly of Libya, while struggling to fend off pressure from the regime.

In an email to a Human Rights Watch researcher, Mr. Mehiri frets about a defamation suit, which he worries could become a pretext for an arrest. In another email, he tells the researcher the date of the first hearing and updates her on the case of another Libyan journalist.

"Please do not reveal my identity because things are risky here," he writes. "We hope that you support the journalists here in Libya."

Much of the file consists of emails between Mr. Mehiri and other journalists, including editors at al-Jazeera, describing his ideas for articles. One was to be a piece about a Gadhafi son who said there was no strife in Libya. Another he planned was about how Libya was compensating victims of bombings by the Irish Republican Army, which Libya at one point helped arm, but not victims of the Libyan prison massacre.

Mr. Mehiri long suspected his communications were being monitored, but didn't confirm this until a meeting in January with a longtime source, a Gadhafi cousin and policy adviser. He says the man told him the regime had copies of his emails. "He even described the color of the text written by my editors when they were making changes in my copy," Mr. Mehiri says.

A few days later, Mr. Mehiri found himself in a confrontation with the official whose surveillance apparatus had been tracking him. He was summoned to a meeting with Mr. Senussi in Tripoli on Jan. 16. It was two days after the departure from office of Tunisia's president, Zine el Abedine Ben Ali, signaled the full explosion of the Arab Spring.

Mr. Mehiri says he showed up for the meeting in Mr. Senussi's office wearing jeans, tennis shoes and an old jacket, a sign of disrespect in his culture, because he wanted to show he wasn't scared.

The meeting lasted four hours. Mr. Senussi, a man with jet-black curly hair and small, deep-set eyes, talked about the need for reform in Libya and said the government was interested in change, but he also leveled subtle but clear threats, Mr. Mehiri says. He warned not to publish remarks by certain core activists and reminded Mr. Mehiri that he could be picked up by police at will because of his prior conviction.

"He argued about my style in covering events," Mr. Mehiri says. "I spoke about myself, my family, my profession and the origin and history of my tribe. I found out that he already knew all my personal information."

Libyan agents continued to intercept Mr. Mehiri's emails after the meeting. They printed out one he sent two days later to editors at al-Jazeera.

"Tomorrow, journalists here are holding a protest against confiscating people's properties," he wrote. "Should I send a report?"

Surveillance continued after the uprising began. On Feb. 25, Libyan agents intercepted an email sent by a Libyan law professor, Faiza al Basha, to a group that included Mr. Mehiri and employees of the U.S. State Department and a United Nations agency, in which she advocated trying to get Google Inc. to open up a live view of Libya on Google Earth that would "help us track down the security personnel and therefore inform protesters and demonstrators about the locations of the security personnel so they can avoid them." Ms. Basha confirmed making that suggestion "to help the rebels achieve the liberation."

By then, Mr. Mehiri wasn't checking his email. Though he had covered the protests the first few days after they broke out in eastern Libya on Feb. 15, he began to worry that if the regime sent troops to Benghazi, he was likely to pay for his years of criticizing it. Fearing also for his wife and young son, he put down his recorder and reporting pad and went into hiding. He stayed out of view for the rest of the war.

"When I went underground, large amounts of news discussing this crackdown was not published," Mr. Mehiri says. All along, the medium had been the message, he says: "Surveillance alone is enough to terrorize people."

Mr. Mehiri came out of hiding in September, shortly after Libya's rebels gained control of the capital. He's now back at work in Benghazi writing about Libya's political changes for al-Jazeera.

—David Gauthier-Villars contributed to this article.

Read more: http://online.wsj.com/article/SB10001424052970203764804577056230832805896.html#ixzz1gWloxI4h

[G M]

GM:

Frankly I see these articles you post as non-responsive to the points I am making.

a) we should not depend upon costs of intrusive surveillance for the protection of our freedom

**As pointed out many times before, you have no reasonable expectation of privacy when out in the public venue. The feds and well financed local/state agencies have long used aircraft for surveillance purposes, though even they don't use it often, given the costs involved.

b) costs of the technolgy are and will continue to decline dramatically

**Not according to the Aviation Week article. Are Business Jets/helicopters and pilots notably cheaper these days? If so, why are police aviation units getting cut/closed down?

c) the technologies capabilities and sneakiness are and will continue to increase dramatically.

**By what measurement? Please quantify "sneakiness" for the purposes of this topic.

[DougMacG]

My favorite fights on the board are between GM and Crafty on privacy.    I'm busy now but will come back later with popcorn...

[Crafty_Dog]

 

GM: 

Sneaky is the opposite of readily detectable.

A helicopter buzzing overhead is one helluva tip off that you might be being watched.  A satellite orbiting above earth than can tell the size of a woman's breasts is another matter, as are the tiny cameras and tiny flying nanobots that are in the pipeline-- and they will cost a fraction of what helicopters and planes cost to buy and operate.

But lets put aside the issue of cost.  If massive all pervasive surveillance could be afforded, would you be for or against it?  Under the logic you continuously give, the answer will be that you have no problem with it.  Your use of cost is essentially an evasion and/or subterfuge from the core point:  Do we have a right to live free of continuous surveillance absent reasonable cause?

[G M]

"A helicopter buzzing overhead is one helluva tip off that you might be being watched."

It's been decades since surveillance aircraft needed to be visible/audible to be close enough to surveil a subject. If the FBI (as an example) was serious about placing you under surveillance, It would be mutiple teams and air cover 24/7 and you would have to be very good/lucky to detect anything. Does that violate your rights? Surveillance like this is very expensive, and not done lightly, but I'm glad the FBI can do this.