Why Would The Government Want to Spy On Me?

Why Would The Government Want to Spy On Me?
By Logan Robinson
Camrea

After all the debating over privacy rights violation, justification, and the technical hows of government spying, there is one question to answer: why? Glenn Sulmasy of CNN argues here that the U.S. government’s motivation for collecting information on individuals is genuinely about protecting the citizens from “Jihadists”. But considering the U.S. government has a lot to lose here, it’s a little naive to take their explanation blindly. Let’s go a little deeper.

Either the agents in charge of spying operations have no idea how to profile a terrorist or they’re just not looking for terrorists. I’m going to go out on a limb and say that people don’t tend to talk about their diabolical plans for overthrowing government or flying planes into buildings in online multiplayer fantasy games like World of Warcraft. Yet government spying is also taking place there. Closer to home and almost as absurd is the NSA’s Xbox Live data collecting practices from tracking locations to monitoring audio channels between game players.

With the NSA tapping into the phone records of millions of U.S. citizens and countless more in other countries, mining information on individuals through Facebook and social networking sites, and gaining access to emails of users of Google and Yahoo, it’s bewildering to think even supercomputers might sort through it efficiently enough to come up with useful leads. Quite bewildering indeed. In fact, data sorting programs that are suspected to be used in these vast spying operations actually create false connections or see patterns where there are none. Each series of connections the program finds is marked to be reviewed by a real human being (if you consider NSA agents human beings). This means that in order to find terrorists, real people have to use time, money, and resources chasing down tens of thousands of leads that turn out to be useless false connections. Even with a program that could recognized patterns and connections in vast amounts of data with more discretion, the underlying assumption from which the NSA works, that terrorists have a consistent data profile, isn’t anywhere near agreed-upon. Simply put, this method of searching for terrorists seems horrendously inefficient.

The original number of acts of terrorism thwarted by your altruistic friends at the National Security Agency was greatly exaggerated. You likely heard the number to be 54. It turns out that there was exactly one criminal conviction of terrorism that came about by the violation of your 4th amendment civil rights. A cab driver named Basaaly ­Moalin sent 8500 dollars to an extremist group with ties to Al-Qaeda. You can see that it is inefficient both in in theory and practice.

Now, we have that the NSA is searching in suspiciously irrelevant places and its terrorist search is wildly ineffective. It is therefore not unreasonable to think that the motivation, or at the very least the result, of government spying is not only to search for terrorists. The NSA has shared the information it collects with the DEA and the FBI to help with their investigation of suspects at home. It has gone even gone on the offensive and attacked its targets. Whatever the initial cause of spying was, it appears now that it is being used to enhance the oppressive capabilities of other branches and bureaucracies and to bring us twenty steps closer to a dystopian police state.

So why does the U.S. government want to spy on you? Simply put, because it understands that information is power and anyone can be a liability.

Follow our Facebook and Twitter.

Advertisements
Why Would The Government Want to Spy On Me?

The Debate is Over: the NSA is Weakening Encryption

The Debate is Over: the NSA is Weakening Encryption
Thibault Serlet

11180393_10202717539019021_2025347776_o

Is the NSA weakening encryption? Numerous cybersecurity professionals and enthusiasts have asked themselves that question for years. Nobody really knows the NSA’s true motives. Even post-Snowden, most of the organization’s methods are a mystery to the general public.

Motives

Terrorists, dissidents, and politicians which the NSA may be interested in spying on clearly use cryptography.

Furthermore, the FBI is known to oppose cryptography. The Guardian has alleged that the NSA spends $250 million per year weakening cryptography. The basis for the Guardian’s claims come from this document.

The Clipper Chip

In the 1990s, the NSA developed a small chip known as the clipper chip. It was to be inserted into every single audio telecommunications device, and automatically bypass all encrypted communications. News of the clipper chip was made public after a series of declassified and top secret memos were made public.

The Electronic Privacy Information Center and EFF fought a 6 year long legal battle, and eventually defeated the NSA.

The clipper chip used the Skipjack algorithm to break encryption. The chip would suck the private keys out of the device into which it was built.

Due to security vulnerabilities exposed by legendary cypherpunk Matt Blaze, the government abandoned its clipper chip program in 1996.

RSA and NSA

A Snowden document revealed that in 2004 or 2005 the NSA paid RSA 10 million dollars to insert a backdoor into its BSAFE algorithm.

Long before the Snowden leaked the document explaining the $10 million dollar deal, various security experts raised the possibility several RSA algorithms had been compromised. In 2007, Microsoft security researchers Dan Shumow and Niels Ferguson released a report suggesting a backdoor.

Security company Cloudflare detailed the technical details such a backdoor might entail.

RSA has denied that it intended to weaken BSAFE. Despite this, following the revelations of backdoors, RSA has since told its customers to stop using its compromised algorithms. Numerous disgruntled developers have left the company to look for less corrupt pastures.

The RSA incident doesn’t appear to be an isolated one; the New York Times brought to light a secret document detailing government plans to insert vulnerabilities into IT security and encryption systems.

NIST

The NSA has been watching us since at least the late 1990s. After the unwinding of the first crypto war, the NSA funded NIST (National Institute of Standards in Technology) hosted a series of contests to see who could develop the most secure cryptographic algorithms. In most of these contests, the seemingly most secure algorithms would win.

During the Advanced Encryption Standard process contests from 1997 until 2000, NIST made several odd choices of winners.

Ultimately, NIST chose the now widely-used AES algorithm. Another encryption algorithm, SERPENT, was proven during the contest to be less vulnerable to XSL attacks. Moreover, security experts have argued that SERPENT is more secure than AES. NIST argued that AES had higher performance speeds when compared to SERPENT, and that is why they chose it.

Some have argued that NSA’s involvement in NIST’s standard creation poses a conflict of interest. Considering the AES fiasco, this appears to be the case. NIST itself found that the NSA’s influence over the organization was detrimental to cryptography.

Icing on the Cake

Perhaps the most alarming piece of evidence concerning the NSA’s role in weakening cryptography is Suite A Cryptography. The NSA uses its own top secret encryption algorithms which are unknown to the general public. If the NSA is truly weakening encryption, then they wouldn’t use any publicly available cryptography.

Pushback

This year, a large group of security experts wrote the NSA an open letter warning about the national security and human rights risks of waking cryptography.

The Presidential Panel on Liberty and Security in a Changing Worldrecommended that the NSA immediately halt any efforts to undermine cryptography. The panel recommended: (1) fully support and not undermine efforts to create encryption standards;

(2) not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software; and

(3) increase the use of encryption, and urge US companies to do so, in order to better protect data in transit, at rest, in the cloud, and in other storage.

The House Committee has already decided to start the process of separating NIST from the NSA.

Not all encryption appears to be compromised, and there also is a growing push-back against the NSA and DHS. One can only hope that the government adapts to the new changing world we live in.

Follow our Facebook and Twitter.

The Debate is Over: the NSA is Weakening Encryption

DHS, The Little NSA

DHS, The Little NSA
Thibault Serlet 

 

Seal_of_the_United_States_Department_of_Homeland_Security
Political Blowback Against the NSA

In the post-Snowden world, there has been significant political blowback against the NSA. Already there are several 2016 presidential contenders who are campaigning on an antisurveillance platform, such as Rand Paul. Should one win, the NSA data gathering programs will likely be curtailed.

Sadly, the NSA isn’t the only sinister government organization spying on Americans. When the NSA’s surveillance powers are eventually reigned in, it is unlikely that the established surveillance state will simply stand down. Instead, the focus will likely shift to another sinister organization. The public will think the surveillance will have stopped, when in reality, it will simply be done under a new banner.

The DHS is already engaged in numerous surveillance activities, perhaps even to the same degree as the NSA. Should a new organization become the lead espionage agency, DHS is the most likely contender. In fact, President Obama has recently issued an executive order mandating that DHS will now be put in charge of certain data sharing initiatives.

The History of DHS

In the wake of the 2001 September 11 attacks, there was a public outcry for security. In November 2002, President George Bush responded by consolidating 22 existing federal agencies into the Department of Homeland Security (DHS). Such agencies included the Coast Guard, Customs Service, Secret Service, TSA, National Domestic Preparedness Office, FEMA, Federal Protective Service, and Federal Law Enforcement Training Center.

Since 9/11, the government has spent nearly a trillion dollars on DHS.

NSA DHS Cooperation

The NSA and DHS have a long history of working closely together.

In addition to the expected talent sharing programs, DHS and NSA jointly maintain a vast data sharing effort.

Most importantly is the existence of DHS fusion centers. Fusion centers are where the various federal and state agencies which conduct surveillance combine their collected data. Although the fusion centers are run and maintained by DHS, they assemble the data from organizations such as the military, FBI, CIA, NSA, DoJ, private companies, and even local fire departments and medics. DHS has spent at least 1.4 billion dollars maintaining and establishing its 43 known fusion centers.

The centers are the subject of much criticism from privacy advocates. For example, the ACLU has issued an interesting report condemning fusion centers. Considering statements from officials such as Arkansas fusion center director Richard Davis, this should come to no surprise. He said in a local television interview: “we focus on a little more than that: domestic terrorism, and certain groups that are anti-government.” The ACLU is concerned that there are numerous benign, or even praiseworthy, anti-government groups. Nobody knows for sure exactly on which groups DHS is spying, although what evidence has come to light is very alarming.

DHS Spies On Peaceful Protestors and Other Non-Violent Groups

An October 2011 document leaked by Wikileaks revealed that the DHS was spying on the Occupy Wall Street Movement. For example, DHS closely monitored the twitter feeds of Occupy-affiliated activists. In order to spy on the movement, DHS worked closely with the FBI and NYPD.

DHS is also known to spy on Tea Party affiliated groups. In an effort to supposedly “curtail domestic terrorism” dubbed Operation Vigilant Eagle, it was revealed by the Wall Street Journal that veterans were discriminatorily targeted and spied upon. Vigilant Eagle has been criticized by civil rights organizations such as the Rutherford Institute as a ploy to keep tabs on conservative and Tea Party groups.

Both the Tea Party and Occupy Movements have something in common: they both promise to radically change the political narrative of the country. As discussed in a previous article on this blog, there is evidence that the surveillance state is being used to control American politics. It would not be unreasonable to speculate that the DHS aims to suppress widespread countercultural movements.

The University of Maryland issued a DHS sponsored study which investigated anti-abortion activists as potential domestic terrorists. After criticism from various religious communities, the DHS backed down from such claims.

DHS was also spying on various anti fracking groups. Anti-fracking activist Virginia Cody claims he was amongst those being spied on. Recently declassified documents also reveal that DHS considered using terrorism statutes to prosecute non-violent Keystone activists.

DHS and Local Police Departments

One of DHS’ main activities involves supporting local police departments. A significant portion of this aid has come in the form of surveillance equipment and assistance. Police militarization critics have argued that provision of equipment to local police departments is dangerous.

Phone tapping tools called Stingrays, which have previously been covered here on 21st Century Locksmith, have been given by DHS to police departments across the country. Stingrays can intercept thousands of calls daily, but are used with little or no oversight by local police departments.

An absurd example of DHS aid to a local police department is its recent assistance local police in Missoula, Montana. Citing a family oriented hippie gathering as a one of its reasons, the department received a quarter million dollar mobile command unit with surveillance capabilities.

DHS is also promoting the use of BRS-like technologies (which have also been covered on this blog). These technologies are weak AIs which automatically analyze bulk data collected to look for troublemakers without human input. In Seattle, the DHS help unfold a $2.6 million spy mesh net. The mesh net includes a series of IMSI-catcher on poles across the city which can spy on cell phone transmissions. Pictures of the IMSI-catchers can be found here. The network also included surveillance cameras, gunshot detectors, and many other alarming pieces of equipment.

Internet Spying

By now, the public is mostly aware of the government’s online spying. There are many mostly unknown interesting aspects to DHS’ internet surveillance which the public isn’t widely aware of.

Few people are aware that the DHS monitors the communications of people inside video games such as World of Warcraft. In coordination with the US Navy, the “Gaming Systems Monitoring and Analysis Project” was launched in 2008 to track pedophiles and terrorists inside the Playstation and Xbox networks.

A list of words DHS uses to spy on people was published several years ago following a freedom of information request. Activist trolls could create software which randomly includes these words in all electronic communications. A complete list can be found here.

Same Shit, Different Asshole

Perhaps there is a reason that the DHS threatened its employees reading about the Snowden leaks. The DHS wants to replace the NSA. Although there might be a new sheriff in town, there is no reason to expect any major changes within the American surveillance state. For several years, the DHS has been lobbying to receive the same cyber-spying powers as the NSA.

Already, the DHS engages in surveillance on a scale comparable with the NSA. The NSA might soon die, but if it does, it will almost certainly be reincarnated under the umbrella of the Department of Homeland Security.

Follow our Facebook and Twitter.

DHS, The Little NSA

Are Politicians Being Manipulated by the Surveillance State?

Are Politicians Being Manipulated by the Surveillance State?

Thibault Serlet

Puppet

 

Using spying to control political opposition is nothing new. In the United States, the most notorious example occurred during the 1972 Watergate scandal. President Nixon was caught sending five burglars to break into the DNC, which led the media to discover a series of dirty tricks being used by the administration to control opposition. Ultimately, Nixon resigned over a dozen wiretaps in the offices of his opponents.

And yet, 40 years later, when it was found that every office in the nation was wiretapped, the political fallout wasn’t nearly as damaging to President Obama. Perhaps the reason why is because the modern surveillance state has the “just” cause of protecting Americans from terrorists and other villains.

If it was found out that this new panopticon society under which we live was in fact being used to manipulate politicians, the public’s views of government snooping might take on a whole new shape.

The CIA Torture Report

Apologetically pro-NSA senator Dianne Feinstein was herself the victim of government targeting.

In December 2014, Feinstein released a scathing report detailing the torture methods used by the CIA on detainees after 6 years of intensive research. She claims her investigation was hindered by CIA spying and intimidation. She revealed that several computers used by her and her staffers had files stolen by CIA operatives.

Although CIA director John Brennan initially denied Feinstein’s claims, he eventually admitted that CIA personal had searched the emails and computer files of various congressmen, including Feinstein. A spokesperson for the agency admitted that “some CIA employees acted in a manner inconsistent with the common understanding reached between the [senate intelligence committee] and the CIA.” Despite this, Brennan argued that the CIA hadn’t broken any laws.

Although Feinstein is a supporter of the NSA data gathering program, she has called for a full congressional investigation into the surveillance program and has also opposed NSA spying on American allies. More shocking yet is that Feinstein believes that there are many more instances of political spying which haven’t yet come to light.

The IRS as a Bludgeon

Government surveillance of politicians and dissidents isn’t party specific. It seems that whoever is in power actively suppresses and controls their opposition by inappropriately and illegally using the national security apparatus.

Another recent example, this time targeting republicans, involves the IRS. In 2013, the IRS scrutinized select conservative and tea party groups applying for Tax Exempt status. IRS employees in a dozen offices nationwide targeted activists who opposed the government. The employees were told to investigate groups which used words such as “tea party,” “patriots,” “occupy,” amongst others. They also targeted groups which advocated education about the constitution or bill of rights, opposed Obamacare, and criticized the country’s leadership.

After it came out in congressional hearings that Lois Lerner, head of the IRS at the time, had destroyed 30 thousand emails, she resigned.

The Broader Implications 

These are two well publicized incidents which occurred both within the last two years. How many undiscovered and unpublicized incidents are there? How much control does the security state have over our government? We will likely never know the answer.

Even more alarming is the possibility that not only Federal, but also local politics are being affected. Local police are using tools such as stingrays without much oversight. How easy would it be for a local police department to control city level elections by using phone tapping and other technologies?

America is not the Soviet Union. We are supposed to live in a free country, protected by a fourth amendment which safeguards citizens from unreasonable searches and seizures. If the deep state can exert control over politics, we may very well see the emergence of a shadow government which controls every aspect of our political process.

The Solutions 

Usually, political issues have political solutions. When it comes to the control of the democratic process from the shadows, this is axiomatically not the case. There is no political solution, politicians such as Dennis Kucinich and Rand Paul who oppose the NSA are likely the prime targets of such surveillance. If opposing dark power structures translates to victimization, otherwise anti-surveillance politicos might be unwilling to come out.

Instead, the solution lies in cryptography. Activists and politicians alike should encrypt everything that may hurt them. In a world where spying is a tool of political control, cryptography is freedom’s last stand.

Are Politicians Being Manipulated by the Surveillance State?

How Police Listen to You Part 4: Range-R, the Device That Helps Cops See Through Walls

How Police Listen to You Part 4: Range-R, the Device That Helps Cops See Through Walls

Thibault Serlet

sensor

Police can now see through walls.

The fact such technology exists should hardly come as a surprise considering America’s seemingly never-ending race to become a dystopian police state. Using a small portable microwave radar known as the RANGE-R, police can identify the location of people and objects behind walls.

How is RANGE-R Used?

In order to determine the locations of the occupants of a building, all an officer has to do is hold the RANGE-R against the wall. The distances of all moving objects within a 160° range is then revealed to the user via the device’s LED screen. This allows police to tell if anyone is hiding inside a building, perhaps with the intention of ambushing officers.

How Does RANGE-R Work?

According to its manufacturer, the RANGE-R weights less than two pounds and is powered by 4 standard AA batteries. The devices cost roughly $2000 each.

The RANGE-R is a standard Doppler Radar modified for indoor use, similar to the ones used by traffic enforcement in speed traps. When the RANGE-R is pressed against a wall, it emits a series of brief microwave pulses. Whenever the pulses hit an object, a small fraction of the microwave is bounced back towards the device. The device then calculates the distance of the objects by measuring the amount of time it takes for the signal being bounced back to return to the radar.

Microwave has a low enough frequency that it can easily penetrate through thick concrete walls, but will not penetrate metal. The manufacturers believe that RANGE-R will not be significantly impeded by metal-embedded materials such as rebar.

In order to detect motion, the RANGE-R sends multiple pulses into the room being targeted. Static objects will always have the same bounce back time, while moving objects will have slightly different frequency over time. This allows the RANGE-R to detect motion with precision, and thus distinguish people from stationary objects. The RANGE-R’s motion detection is sensitive enough to detect an individual breathing as far as 50 feet behind a brick wall.

Objects are finally classified into two categories: movers and breathers. Stationary objects are discarded. Breathers are objects which are only slightly moving, while movers are moving significantly.

History of Use

RANGE-Rs have been in use since 2012. Although the extent of RANGE-R technology’s use is unknown, Justice Department Spokesman Patrick Rodenbush said that Federal Marshals routinely use RANGE-R to execute arrest warrants. The Federal Marshals are believed to have spent as much as $180,000 on RANGE-Rs.

Use of RANGE-Rs was an open secret until the December 30 2014 Federal Court ruling United States of America vs Steven J. Denson. After Denson, convicted for armed robbery, missed several meetings with his probation officer, a SWAT team raided his residence. The SWAT officers determined Denson was inside his house by using RANGE-R, and proceeded to carry out their arrest warrant. Inside the house, they found a stash of illegal firearms. After the raid, Denson sued in the 10th Circuit Court of Appeals that the officers had violated his Fourth Amendment right by deploying the handheld doppler radars. The court ruled against Denson’s favor.

According to USA Today’s groundbreaking report on the topic, at least 50 agencies including the FBI are confirmed to posses RANGE-R or similar technology.

The coalition forces in Iraq and Afghanistan have been using similar technology when conducting raids for years.

The Dangers It Poses to American Freedoms

There are currently no Federal rules or guidelines restricting the use of RANGE-R and similar technology. Privacy advocates are concerned that the lack of regulation means law enforcement will be tempted to use the technology with impunity.

The ACLU argues that the use of similar technologies erodes the Fourth Amendment. Use of RANGE-R supports the hypothesis that all technological evils are first used for good.

Currently the manufacturer boasts that new iterations of the technology are far more sophisticated and are capable of generating real time 3D models of the inside of a building.

As the technology progresses, the possibilities become increasingly alarming. In the near future, a police department will be able to use large-scale doppler scanning to determine the positions off all the occupants within an entire neighborhood and analyze them using BRS technology. Once BRS is combined with persistent interior doppler scanning, it will effectively as if the state had cameras inside every room of every house.

Arguing for the continued expansion of radars which scan the interiors of buildings eventually becomes equivalent to arguing there should be a surveillance camera and microphone inside every house. At least cameras can be covered, and microphones detected. This isn’t the case for BRS.

Possible Countermeasures

The manufacturers admit that RANGE-R isn’t capable of penetrating metal walls. However, coating walls with metal or metal fragments isn’t an option for most people.

Slightly easier than protecting all possible attack surfaces might be the use of chaff. During WW2, pilots would drop small pieces of metal from their airplanes to jam enemy radar. Chaff is widely used as a detection countermeasure by armies around the world, although it has been made mostly irrelevant since the invention of space-time adaptive processing. To make chaff, aluminum foil can be cut into small strips and attached to the surface to be protected. Do not use tin foil!

Both countermeasures described above are perfectly legal in the United States. The one described in this paragraph is legal in most countries, but illegal in America. Because RANGE-R and similar doppler radars use microwaves, frequency jamming could be used. The easiest way to do this is by turning on 3-4 kitchen microwaves at the same time. A more technically advanced solution would be to use a device such as a modified IMSI-catcher.

Stay safe, and whatever you do, don’t break the law.

If you wanna stay updated on privacy related news and philosophy, check out our Facebook and Twitter.

How Police Listen to You Part 4: Range-R, the Device That Helps Cops See Through Walls

Chinese Hackers Might Be Preparing For War

Chinese Hackers Might Be Preparing For War

Thibault Serlet

China Government

In March 2015, the Chinese were caught DDOSing popular code-sharing website GitHub. This is but one in a long series of devastating Chinese cyber-attacks. The purpose of this attack was to shut down various services which allowed Chinese citizens to bypass their government’s internet censorship.

Lurking past the numerous well-publicized news stories fear mongering about ISIS, Russia, or Iran there lies a much more sinister danger. It is very possible that a series of nationwide Chinese hacks have the intention of probing American defenses.

Few Americans realize the extent of the damage which can be done through hacking. Intuitively, they assume that the worst case scenario is a data breech. As frequently discussed on this blog, much more is at stake. Self driving cars, power grids, drones, air traffic control, water infrastructure, and many other soft targets could be easily attacked at any moment. In the 21st century, a single skilled hacker could easily be responsible for millions of deaths.

Business Hacks- The Tip of the Iceberg

The Chinese are already known to be responsible for dozens of major computer security breaches. Alarmingly, most all of these attacks occurred in the last five years. All the attacks have been denied by Chinese officials.

Bush administration NSA director Mike McConnell warned that the Chinese had hacked all major American corporations to gather valuable information. Recently, attorney general Eric Holder prosecuted five suspected Chinese spies for allegedly hacking major American corporations.

America’s second largest health insurer, Anthem, was also hacked by the Chinese in 2013. The private records of 80 million customers were stolenRegister.com was, according to the FBI, hacked by the Chinese military.

The Chinese May Be Preparing for Cyber War

Business hacks are relatively innocuous. The writers of this blog suspect much more is at stake; there is a darker pattern behind the Chinese hacks: preparation for an electronic confrontation with the United States.

If the Chinese were planning for war, the most obvious target would be military contractors. The Senate Armed Services Committee have identified 20 instances where the Chinese army successfully attacked military industrial complex targets such as Lockheed Martin.

In September 2014, Chinese hackers reported hacked into the Federal Weather Satellite System . Although the motives of the attack are unknown, one possible explanation is that the Chinese wanted to find out if the weather satellites were in fact spy satellites.

Also in September 2014, the Chinese hacked the US Postal Service stealing the data of over 800 000 employees. Package and mail data could be used to data mine the strength of various military assets.

In what is perhaps the biggest data breach in recorded history, the Chinese hacked Google along with numerous other major American companies in an event which has since been dubbed Operation Aurora. Although the extent of the hacks is still unknown, Google left the Chinese market as a result of the incident. Considering Google’s 2013 acquisition of military robotics contractor Boston Dynamics, Google may well be one of America’s most strategically important targets.

The Mother Lode: The Electrical Grid

Current NSA chief Admiral Michael Rogers has warned of the dangers of a Chinese attack on the American power grid. He said that the previous wave of hacks is a reconnaissance mission for a much greater cyber-attack. Considering that the NSA is home to the world’s largest collection of electronic intelligence data, his warnings are very credible.

General Keith Alexander stated that the Chinese are practicing blowing up American pipelines and shutting down the infrastructure. Cybersecurity firm Mandiant released a report stating that PLA Unit 61398 hacked numerous American power grid targets from a location outside Shanghai. Mandiant was itself the victim of a Chinese attempt at spear fishing in early 2013.

The San Jose SWAT-Style Physical Infrastructure Attack

Few Americans have heard about a series of highly sophisticated attacks by unknown assailants on Californian power grid structures.

It is important to keep in mind that nobody has found any evidence tying the Chinese to this attack.

In April 2013, one day after the Boston Marathon bombing, a sniper and five other men attacked 17 transformers in San Jose, California causing 15 million in damages. The special-ops style attack was well orchestrated. Around 1 am, two individuals crawled from manholes at the Metcalf substation. First, they cut the fiber cables around the station to delay communication with law enforcement. Their initial attack knocked out cell phone coverage, 911 services, and landline service to the substation. They proceeded to fire more than 100 rounds from high-power sniper rifles at the station. In addition to the rifle, there is evidence the attackers also used AK-47s. The cooling oil dispenser was damaged, causing a meltdown.

At 1:31 am, a nearby security camera recorded a flash of light the FBI believes was a signal used by the attackers. At 1:51 am, police arrived on the scene, but the attackers had already left. No fingerprints, or other identifying evidence were found on the scene.

The incident was described as “the most significant incident of domestic terrorism involving the grid that has over occurred” by Jon Wellinghoff, chairman of the Federal Energy Regulation Commission.

Making the incident even more troubling, is that the same station was attacked roughly a year later. Unknown assailants cut through the substation’s fence without triggering the alarm system, and stole equipment. It is unclear if the attacks are related, and possible the second attack was an example of theft.

Once more, there is no public evidence linking the Chinese to the series of sophisticated power grid attacks. However, considering the extensive series of Chinese hacks, especially those concerning the power grid, along with the expertise of the attack, the possibility that the Chinese were testing our capabilities is distinct.

Only Cryptography Will Save Us

Regardless of who physically attacked the California power grid, one thing is clear. Foreign cyber-attacks pose a growing threat to American national security. The US government, insistent on spying on its population, has consistently hampered the progress of cryptography.

If the Americans want to remain safe from foreign attacks, they will have to encourage cryptography and relinquish their spying capabilities. The American civilization will only remain secure as long as the people are armed with cryptography. This is just another case of freedom for one equating security for all.

If you wanna stay updated on privacy related news and philosophy, check out our Facebook and Twitter.

Chinese Hackers Might Be Preparing For War

Behavioral Detection Software: How Police Are Listening to You Part 3

Behavioral Detection Software: How Police Are Listening to You Part 3

Thibault Serlet

Possible Mugging

What Are Behavioral Recognition Systems?

Behavioral recognition systems (BRS) are one of the first law-enforcement applications of AI. BRS is an AI-based software which analyzes camera footage without human input. Increasingly, American and foreign law enforcement agencies are using BRS software that can analyze CCTV camera footage to detect various behaviors. There are benign applications for such technology (as pictured above). Police could use BRS to automatically detect all fights captured on camera within a city.

Most software which analyzes video footage is “stupid.” That said, the software is only capable of detecting specific pre-programmed behaviors. BRS takes surveillance software to a new level: it can be trained to detect new types of behavior and learns through statistical analysis.

Behavioral Recognition Systems is also the name of a corporation which invests and researches technology of the same name. They are the primary focus of this article, as most advancements in BRS have come from BRS labs.

How does BRS work?

In 2008, Behavioral Recognition Systems Corporation filed a patent for an AI that could use individual frames from any video to detect the behavior of the filmed individuals.

John Frazzini, President of BRS Labs briefly explained his patent. “Generally speaking, video analytics software receives video data from cameras and issues alerts based on very specific and narrowly defined human programmed rules that have failed to provide operational value in the video surveillance market. In strong contrast to those limited and deteriorating solutions, the patented technology of BRS Labs does not require any human pre-programmed rules, thereby providing an inherently scalable enterprise class software platform to the video surveillance market.”

The patent details several steps which the AI takes when analyzing video footage, although not in great detail.

First, BRS attempts to delineate groups of pixels from a picture into objects. Identifying objects and types of objects is difficult. In order to understand how BRS can learn to recognize objects, let’s detail the process BRS software might take to learn to identify cars.

If the BRS relied solely on using static pictures, visible non-objects such as shadows or reflections might get misidentified as objects. When BRS identifies a pattern of pixels, it will first attempt to see if the object persists between frames. This process is likely carried out to eliminate potential false positives. The diagram below shows how BRS eliminates the shadows cast by a tree by verifying if the shadow appears in multiple frames.

Shadow Car
Once an object has been tracked over time across multiple video frames, the BRS then attempts to see if the object or parts of the object are already in its database. In the example of the BRS learning how to identify cars, lets assume the BRS has never encountered cars before.

Although the patent doesn’t go into detail about how BRS identifies objects, it likely uses some form of genetic appearance-based pixel searching. This method of object recognition technology searches for patterns of pixels such as edges, greyscale/color matching, and position recognition. This isn’t as simple as it sounds; whole cars are very hard to recognize. Both limousines and Humvees are cars, and yet they are very physically dissimilar. Instead of looking for whole objects, the BRS will look for the most easily recognizable parts of objects, and if enough parts repeatedly keep appearing, define a meta-object. A linear classifier will attempt to label new objects using an evolutionary database.

In the case of a car, examples sub-objects include circular patterns of black pixels which consistently appear near the ground (wheels), glowing pixel patterns in the front and back of cars (lights), etc…

After an object has been identified and classified, the BRS will then attempt to create a 3D model of what it sees. The process of creating a 3D model of a situation is fairly complex, and this brief summary will not do it justice.

Generating a 3D model from a single 2D static imagine is much more difficult than generating such a model from a 2D video. That is because static images only have calculable X and Y distances. In a 2D video, objects in motion appear to change size between pixels as the move relative to the position of the camera. The apparent change in size over time can be used to calculate distance.

Using the calculated distances, the BRS will attempt to identify a blob of pixels in the foreground, and a blob of pixels in the background. The computer assumes that the objects in the frame which remain static between frames are a background, while objects which move are a foreground.

By tracking 2 different blobs across at least 3 different frames depicting motion, the BRS estimates the positions of the identified objects, and thus creates a crude geographical 3D model of the scene.

Using methods similar to the BRS’ recognition of 2D objects, the BRS then groups elements in the 3D model into 3D objects. Once more, the objects are tracked frame by frame. If patterns of behavior
are detected in the geographical model, they are noted and stored.

How BRS Works: TL;DR

If police wanted to find all the muggings within LA, here is how LAPD would proceed to train the BRS. First, they would provide the BRS with as much footage of known muggings as possible. The BRS would turn the 2D objects into 3D models, then identify patterns of behavior within the 3D models as described above. Once common traits have been detected across the mugging footage, the BRS now has learned how to identify muggings.

Once the BRS has completed its training, it will then look for the patterns it identified in the footage earlier across all of LA’s CCTV footage. Now, any time the BRS detects a mugging taking place, it can notify LAPD.

When has BRS been used?

Police used BRS systems to police the 2012 Tampa Florida Republican protests.

It has also been confirmed that numerous train and rail services across the country have already deployed BRS on their CCTV systems. Amtrak, a California railroad line, is also known to use BRS on their cameras. Atlanta’s MARTA transit authority has also deployed BRS.

In addition to servicing local police departments, BRS has been deployed by businesses and governments worldwide. The Department of State deployed BRS systems across numerous hotels in Mumbai, India to fight terrorism after a series of bombings in 2009. BRS has already been deployed everywhere from nuclear power stations in Virginia to airports in the United Arab Emirates. It is likely that BRS-like systems will soon become a ubiquitous component of CCTV surveillance.

The Dangers of BRS

Human surveillance is strictly limited by manpower. When humans analyze data, more cameras gathering footage doesn’t amount to more actual monitoring. If anything, there is a data overflow, and diseconomies of scale kick in.

BRS has the potential to change that. In the hands of the American government, BRS poses a relatively small threat to humanity. American police will probably use this technology to prevent real crime, at least for now. Imagine that an evil government, such as the North Koreans, got their hands on such technology.

The North Koreans could use BRS-like systems to install a camera in every home, and literally bring about 1984. Dissidents would have no chances to escape the ubiquitous police state. What little opposition manages to sustain itself behind closed doors will die.

How to Fool BRS Surveillance

Because BRS relies on reading camera frames rather than more indirect methods of sensory input, there are few ways of easily avoiding BRS detection. There are, currently, numerous groups working to undermine the surveillance state.

Various design firms are creating clothing styles that can foil facial detection software. A Dutch artist is creating a T-shirt to foil facial recognition software. Fake 3D-printed faces may also hold the key to foiling facial recognition technologies. For lower budgets, this makeup tutorial explains how to easily hide one’s identity.

There also are numerous smart phone apps released and in development built to detect CCTV cameras. Some, such as the NYC surveillance camera project are massive databases of user-submitted camera locations.

Other apps, such as Privacy Electronic’s app, use infrared beams to detect nearby cameras.

Privacy is an arms race, with both sides making leaps and bounds. The outcome of the surveillance wars is, as of yet, unwritten. It is up to the brave and technical people of the world to find new ways to outwit the ubiquitous surveillance, and push back 1984. While the odds are currently stacked against privacy, history has a tendency to give moral victories to the most virtuous. Even more important than fighting against BRS-like systems using technology is winning the moral and ethical arguments for privacy.

Wanna learn more while keeping up with our latest blog posts? Check out our facebook page and twitter and stay connected.

Behavioral Detection Software: How Police Are Listening to You Part 3