CSEC Surveillance Analysis of IP and User Data

The most recent story from the Snowden documents is from Canada: it claims the CSEC (Communications Security Establishment Canada) used airport Wi-Fi information to track travelers. That's not really true. What the top-secret presentation shows is a proof-of-concept project to identify different IP networks, using a database of user IDs found on those networks over time, and then potentially using that data to identify individual users. This is actually far more interesting than simply eavesdropping on airport Wi-Fi sessions. Between Boingo and the cell phone carriers, that's pretty easy.

The researcher, with the cool-sounding job-title of "tradecraft developer," started with two weeks' worth of ID data from a redacted "Canadian Special Source." (The presentation doesn't say if they compelled some Internet company to give them the data, or if they eavesdropped on some Internet service and got it surreptitiously.) This was a list of userids seen on those networks at particular times, presumably things like Facebook logins. (Facebook, Google, Yahoo and many others are finally using SSL by default, so this data is now harder to come by.) They also had a database of geographic locations for IP addresses from Quova (now Neustar). The basic question is whether they could determine what sorts of wireless hotspots the IP addresses were.

You'd expect airports to look different from hotels, and those to look different from offices. And, in fact, that's what the data showed. At an airport network, individual IDs are seen once, and briefly. At hotels, individual IDs are seen over a few days. At an office, IDs are generally seen from 9:00 AM to 5:00 PM, Monday through Friday. And so on.

Pretty basic so far. Where it gets interesting his how this kind of dataset can be used. The presentation suggests two applications. The first is the obvious one. If you know the ID of some surveillance target, you can set an alarm when that target visits an airport or a hotel. The presentation points out that "targets/enemies still target air travel and hotels"; but more realistically, this can be used to know when a target is traveling.

The second application suggested is to identify a particular person whom you know visited a particular geographical area on a series of dates/times. The example in the presentation is a kidnapper. He is based in a rural area, so he can't risk making his ransom calls from that area. Instead, he drives to an urban area to make those calls. He either uses a burner phone or a pay phone, so he can't be identified that way. But if you assume that he has some sort of smart phone in his pocket that identifies itself over the Internet, you might be able to find him in that dataset. That is, he might be the only ID that appears in that geographical location around the same time as the ransom calls and at no other times.

The results from testing that second application were successful, but slow. The presentation sounds encouraging, stating that something called Collaborative Analysis Research Environment (CARE) is being trialed "with NSA launch assist": presumably technology, money, or both. CARE reduces the run-time "from 2+ hours to several seconds." This was in May 2012, so it's probably all up and running by now. We don't know if this particular research project was ever turned into an operational program, but the CSEC, the NSA, and the rest of the Five Eyes intelligence agencies have a lot of interesting uses for this kind of data.

Since the Snowden documents have been reported on last June, the primary focus of the stories has been the collection of data. There has been very little reporting about how this data is analyzed and used. The exception is the story on the cell phone location database, which has some pretty fascinating analytical programs attached to it. I think the types of analysis done on this data are at least as important as its collection, and likely more disturbing to the average person. These sorts of analysis are being done with all of the data collected. Different databases are being correlated for all sorts of purposes. When I get back to the source documents, these are exactly the sorts of things I will be looking for. And when we think of the harms to society of ubiquitous surveillance, this is what we should be thinking about.

EDITED TO ADD (2/3): Microsoft has done the same research.

EDITED TO ADD (2/4): And Microsoft patented it.

Posted on February 3, 2014 at 5:09 AM • 58 Comments

Comments

wiredogFebruary 3, 2014 5:38 AM

"Boingo and the cell phone carriers" would be an excellent name for a post-post-punk band.

EvanFebruary 3, 2014 6:41 AM

Pretty basic so far. Where it gets interesting his how this kind of dataset can be used. The presentation suggests two applications. The first is the obvious one. If you know the ID of some surveillance target, you can set an alarm when that target visits an airport or a hotel. The presentation points out that "targets/enemies still target air travel and hotels"; but more realistically, this can be used to know when a target is traveling.

You know what this made me think of? The assassination that occurred in Dubai four years ago. You don't need to trail targets for ages until you get an opportunity, you just need to be notified when they're in a vulnerable position so you can strike. Mossad just needed to have a few backdoors or exploits against the right servers - or a close relationship with another agency that does - and they could get an alert when a target visits an airport and then a hotel.

That might help explain the uncharacteristically messy job they did, too: if they didn't have agents tailing the target ahead of time, the operation team wouldn't have had the benefit of much reconnaissance beforehand - they had to wing it and made a few mistakes.

Nicholas WeaverFebruary 3, 2014 7:00 AM

Actually, for this, I bet a lot of the identifiers were simply advertising/analytics cookies rather than user logins: its a 10 line script to grab them off a big wiretap or simply purchasable data. It's probably the former.

Another thing of note is the CSEC's response, which basicaly said "we weren't actually tracking anybody. Oh, and its all metadata, so its OK".

When the experiment was all about anonymous tracking of people, and any "metadata" had to require deep content inspection to extract. By their standards, machine generated transcripts of all phonecalls is "just metadata" and therefore OK.

Bruce SchneierFebruary 3, 2014 7:07 AM

"When the experiment was all about anonymous tracking of people, and any 'metadata' had to require deep content inspection to extract. By their standards, machine generated transcripts of all phonecalls is 'just metadata' and therefore OK."

Since June, I have been suspicious that the President has been careful to say that no one is "listening" to peoples' telephone calls, leaving open the possibility that the NSA is "recording" or "transcribing" or "reading" peoples' telephone calls.

Nicholas WeaverFebruary 3, 2014 7:23 AM

Agreed.

Just knowing the NSA's attitude and resources [1], they are probably recording all calls for a limited period of time, and are furiously working on machine transcription (with the problem that its a hard problem, and all the good people in that space get hired away by Apple, Google, Amazon, etc) that distills those recorded phonecalls down into transcripts, so they can both perform searches for keywords etc and archive them basically forever.

Overall, my bet: Any major wordwide data stream that can be reduced to 10 TB/day gets archived forever, as thats ~8 racks/year of 10 TB/1u hadoop cluster nodes.

Any worldwide data stream thats 100 TB/day instead from an aggregate of at least 100 points instead gets archived local to the collection points and kept for ~1 week.

Lisa AustinFebruary 3, 2014 7:35 AM

"The presentation doesn't say if they compelled some Internet company to give them the data, or if they eavesdropped on some Internet service and got it surreptitiously."

Another option was that some Internet company willingly provided it to them when "requested" (so without some kind of court order). Canadian law permits this and telecos place provisions in their service agreements that tell consumers their information might be shared with the state. The Courts have looked at these agreements and held that this means that any reasonable expectation of privacy in the information is diminished. Not as bad as Smith v. Maryland (a line of cases Canadian law rejects) but still does a lot of harm. Large organizations might be able to contract for better terms, but the average consumer is stuck.

Clive RobinsonFebruary 3, 2014 9:21 AM

@ Bruce,

When you posted about the NSA Data center a while ago and various people gave you what they regarded as the technical methods that could be used, you were to put it tactfully a little reticent on the scale of what could be done.

However your comment above indicates that now you think that perhaps many of the technical methods sugested were actualy only part of what is going on.

Can we assume from this that some of what you have seen has kind of "hit you between the eyes" on the technical capabilities?

And if so are you going to be able to share them at some point?

jonesFebruary 3, 2014 9:33 AM

If the idea is to build a database of correlations, then this makes a lot of sense.

If you just have an IP address of an internet user, you can maybe tell what city that user is in, but that's not too helpful all by itself.

If you know a user in Toronto is named John, you've: 1) eliminated the female half of the population, and 2) narrowed the male population considerably.

If you can then get an age, or an occupation, or pretty much any other relevant tidbit of data, you can narrow your search even further.

It really takes remarkably few bits of personal information to de-anonymize a database of users.

Mike SFebruary 3, 2014 9:48 AM

I've carefully read the legislative amendments to the National Defense Act creating CSEC and don't quite understand what authority would allow them to:
a) Require telcoms to provide them information without a warrant.
b) Gather Canadians metadata.

The only means that I can surmise is the Ministerial authorizations but even those provide an exception for Canadians communications. So under these rules, does this mean that the Minister has the ability to authorize activities outside of the legal mandate?

Also, what does it mean that the ministers authorizations "are not statutory instruments within the meaning of the Statutory Instruments Act." Does this essential mean that they are not subject to Freedom of Information requests?

Bob S.February 3, 2014 9:55 AM

Well, yes.

Stupid, incompetent criminals will leave login credentials everywhere they go like fairy tale bread crumbs. Duh!

Those criminals get caught easily via standard measures.

However, once the state has established the lawful right (and duty?) to collect all electronic data (now progressing rather well but not yet finalized) the purpose will be, as usual, suppression of dissent, consolidation of political power, a tool of oppression, a device for the state to act illegally and in secret.

And let's tell it like it is, the world wide effort to "collect everything" is a cheap power grab while the threat of a handful of illiterate tribes-people is the excuse and tool to instill fear of the bogeyman.

tomFebruary 3, 2014 10:05 AM

@Nicholas @Bruce

One of the peculiar aspects to me is "discovery" of airport IP address context. The document speaks of starting with a single wifi IP of a single international airport as seed.

Surely airport wifi providers do not have secret IP addresses -- travellers could quickly compile and share them on the web simply by doing IP lookup when online in a terminal. Ditto hotels, libraries and cafes.

However an airport LAN in a departure terminal may have hundreds of devices connected simultaneously and many thousands over the course of the day so that lookup may give something artifactual as the wireless router enabling the wifi could be providing NAT (Network Address Translation) which modifies the IPv4 headers for internal distribution.

Further, a large airport could have many terminals plus ticketing counters, baggage areas and ground transportation sites that are too physically distant to be served by a single wifi signal. So unless there was a relay system, this calls for multiple routers. These in turn might report to a central hub router.

However I picture a single provider here, either the airport IT itself or a company like Boingo with an exclusive concession (like google with the Starbucks concession).

This hub router might be the airport IP address that we are talking about as seed. I suppose it has to be physically located somewhere near the airport but IP geolocation lookup might not provide this.

CSEC is paying for Quova and using Atlas geo here, just like they did in the Olympia slide deck. So did Quova go to any real trouble to locate things or just do lookup of registries. (I'm thinking of that google truck trolling wifi sites for StreetView.

No question, lookup can be crummy: for my WildBlue satellite connection, I'm geolocated in Phoenix at the main satellite down-link, which is 100 miles and 6 million people from where I am.

So I'm still not clear why they have to "discover" what sort of an IP it is by inferential properties (library hours, airport, cafe), is this just some exercise in academic cleverness, surely these are conveniently listed by now either free or for sale.

Bob S.February 3, 2014 10:08 AM

Re: "It really takes remarkably few bits of personal information to de-anonymize a database" ~jones

True is.

I went to the store today to buy birdseed. The clerk asked me three times for my phone number. It wasn't registering in my mind that the corporation truly wanted to "de-anonymize" this most trivial interaction.

I used to argue about that stuff, but the well trained and fearful clerk ALWAYS replies they never sell or share the information and it's "just in case" you want to return it, "we can look it up".

Thus low paid wage slaves become willing tools of the corporate-police state.

ps: I simply told her "I don't do that", paid cash and went away feeling I somehow dodged another unseen electronic bullet.

LegionOfBoomFebruary 3, 2014 10:27 AM

This seems to be more about the metadata involved in connecting to a WiFi router, and less about internet access through the carrier. In this document, they mention arrival passengers not connecting to WiFi. So we all know what data is transmitted over the air when connecting to WiFi (just look at your home router's DHCP page): MAC address and host name. For the average phone or computer user, these remain constant. For the above average user, they are probably randomized on every boot. So it seems they are either sniffing the air around airports, hotels, etc... or they have a way to get into the routers and look at the DHCP information.

They already have the infrastructure to look at "regular internet" traffic and log-ons. But then you are relying on the user actually logging in to an account, to identify him. This way, just connecting to WiFi, ID's them with MAC and host name.

What I don't know, is if your MAC and host name are flying about the ether if you don't actually connect. I assume WiFi OFF doesn't...but what if "scanning" is on, but you don't connect? Or if WiFi is on, but you don't scan, ie. "Notify me when open networks are found"?

tomFebruary 3, 2014 10:42 AM

I'm also struggling to parse "Data had limited aperture – Canadian Special Source ... major CDN ISPs team with US email majors, losing travel coverage ... Very many airports and hotels served by large Boingo private network not seen in aperture; traffic seems to return via local Akamai node... swept a modest size city and discovered two high traffic public access ranges with >300,000 active IDs over 2 weeks".

As I read this, by aperture, CSEC just means whatever internet data originating from free wifi sites the CSS (corporate cooperator) had access to. That didn't include Boingo. The local Akamai node didn't sound too useful either. It wouldn't be the true server you requested with a url as Akamai spreads corporate web sites around for faster local loading and DDoS resistance.

Boingo has the concession at the Toronto YYZ airport but not at Ottawa YOW or Vancouver YVR. CSEC is hq'ed in Ottawa. This was just a pilot pj so Ottawa would be convenient.

If the CSS (corporate cooperator) were one of the two big telecom network providers, Bell Canada and Rogers Communications, would they not carry Boingo traffic? If not, how will this scale given Boingo runs the wifi at all three NY airports (and many others)?

It sounds more like the CSS (corporate cooperator) wasn't a major CDN ISP because these lose travel-relevant coverage, seemingly by handing off to gMail, facebook and yahoo. Won't they frequently have the same problem in scaling globally?

Finally, comprehensive sweeping (apparently not courtesy of the CSS but by google-like truck) of a modest sized city got them two hyper-active sites that a whole lot of different devices used. 300k/14 days /2 sites gives 893 logins per hour over a 12 hour day. Too much for the type of sites they mention, must be city-supplied downtown.

It seems their sweep gave them not just hotspot IPs but the (never-specified) IDs as well. Why then did they need the corporate cooperator?

Saul TannenbaumFebruary 3, 2014 10:46 AM

Coincidentally, there's a description of what IBM says is the current state of the art in realtime voice recognition, for a talk at MIT this week:

https://calendar.csail.mit.edu/events/121131

As speech recognition continues to improve, new applications of the technology have been enabled. It is now common to search for information and send accurate short messages by speaking into a cellphone - something completely impractical just a few years ago. Another application that has recently been gaining attention is "Spoken Term Detection" - using speech recognition technology to locate key words or phrases of interest in running speech of variable quality. Spoken Term Detection can be used to issue real time alerts, rapidly identify multimedia clips of interesting content, and, when combined with search technology, even provide real-time commentary during broadcasts and meetings. This talk will describe the basics of Spoken Term Detection systems, including recent advances in core speech recognition technology, performance metrics, how out-of-vocabulary queries are handled, and ways of using score normalization and system combination to dramatically improve system performance.


Nicholas WeaverFebruary 3, 2014 11:24 AM

@tom:

They don't just use Whois/etc because that can sometimes be wrong, spectacularly so. Just as the New York "all internet in China to Wyoming" Times about the hazards of blindly relying on Whois.

The goal is to ask the question "can you find out network roles with this data", and the answer is yes. But at the same time, they reinvented the wheel here:

http://cseweb.ucsd.edu/~apitsill/papers/hotnets10.pdf

Is how to conduct this sort of analysis in far more technical detail. Its important to understand that this data is NOT WiFi/MAC data, but rather observed on the network/at the receiving site, where you see "ID i at time t from IP p" in your logs.

The only real difference in the analysis is that the UCSD/Microsoft paper started with the raw data to infer homes, and go from there, but the CSEC data started with a known airport and went from there.

Oh, and how the hell a "no domestic" SIGINT experiment was done using solely Canadian data...

tomFebruary 3, 2014 11:30 AM

That was my first paid job in computer sci, semantic parsing of text at dumb airport terminals ... sheesh that would have been 1967 @ MIT. It went nowhere then or subsequently, people couldn't articulate what they wanted, half-crazy and worse. First language english but couldn't spell or write one sentence in that or any language. Spoken is 100x worse, riddled with cultural slang and routinely obfuscated, like ya know whatta mean about them broncos bro?

NSA has the budget to blow on every angle, so yes they capture and store voice for a while but only to listen to it if otherwise justified.

What the Snowden docs show is that NSA really loves texting. And why not, talking on a cell is passe, receiving a call is an annoyance, texting is preferred over voicemail, shorter the better. We're very very busy turning our squirrel wheel.

With SMS, the FVEY do delve into content for certain selectors associated with the targeting selector. Yes they retain content after exfil but no one reads it unless it's really motivated. This hangs a small but very valuable relational database onto the target. However NSA wants clean short fields of constrained vocabulary as database records. Otherwise, it hangs downstream analytics (latency).

They're not trying to get rid themselves of analysts, just use them for the last mile when the computer can't do anything more good with it. Same as everywhere (eg genome sequencing or seeing the dr).

DanielFebruary 3, 2014 11:38 AM

This is why that I keep arguing that content retention regulations are the heart of the matter. No one can analyze data that doesn't exist. Real time collection poses issues. But the heavy threat is not the moment to moment collection and analysis but the way that data gets hooked up over time. You take away the ability to connect dots over time and the real time data becomes far less useful.

Saul Tannenbaum February 3, 2014 11:38 AM

@Bruce:

Marcy Wheeler, who is doing her usual remarkable work at analyzing the officially released government documents about NSA surveillance at her blog, EmptyWheel, notes the following paragraph that started to show up in the judicial orders authorizing the dragnet surveillance:

5 The Court understands that for the purposes of analytical efficiency a copy of meta data obtained pursuant to the Court’s Orders in this matter will be stored in the same database with data obtained pursuant to other NSA authorities and data provided to NSA from other sources. Access to such records shall be strictly limited in accordance with the procedures set forth in paragraphs A – G

So, it's not so much that different database are being correlated, it's that different databases are being merged into one large data store for "analytic efficiency". This is consistent with what we know about the NSA's development of Accumulo, their own variant of Hadoop, whose distinguishing feature is cell-level security. (And we know a lot about Accumulo because the NSA open-sourced it and the engineers who built it left the NSA to commercialize it. I've reported on that here: http://cctvcambridge.org/sqrrl )

PonyAdvocateFebruary 3, 2014 11:56 AM

... if you assume that he has some sort of smart phone in his pocket that identifies itself over the Internet ...

If I were a malefactor who wanted to avoid detection, or a dissident who wanted to avoid surveillance, I think I would know enough to leave my smart phone at home. What about my car, though? As more cars become GPS-enabled, and as more governments promiscuously install license plate readers, how can I move myself and my stuff (hostages, loot, anti-government placards) around? That, I think, is a more insidious danger.

[name redacted by Fox News]February 3, 2014 1:39 PM

Car GPS has its own fuse. Since it is not necessary for operation, all you have to do is take manual, find that second fuse box under the hood, and remove proper GPS fuse. That's all folks.

NobodySpecialFebruary 3, 2014 2:15 PM

@PonyAdvocate - if you James Bond Or Bin Laden you would know to take the battery out of your smart phone.
If you were an anti-pipeline or anti-seal clubbing protester and were going to meet some fellow enemies of the state at the airport, you might not take these elementary precautions.

Of course you have to wonder about the level of data.
My phone's mac address is picked up at Vancouver airport at the same time that 4x 747s from china disgorge 2000 people who all immediately turn on their iPhones. If one of these flights contained a person if interest how does that help?

It's like knowing that the person you are looking for was watching the superbowl - and trawling cable TV records to find him

Milo M.February 3, 2014 4:58 PM

Re: Saul Tannenbaum • February 3, 2014 10:46 AM

The term "voice recognition" can imply machine translation of human speech, or machine recognition of the human speaker, depending on who is using the term.

https://en.wikipedia.org/wiki/Speaker_recognition

"Speaker recognition is the identification of the person who is speaking by characteristics of their voices (voice biometrics), also called voice recognition.

There is a difference between speaker recognition (recognizing who is speaking) and speech recognition (recognizing what is being said). These two terms are frequently confused, and 'voice recognition' can be used for both."

http://www.biometrics.gov/Documents/SpeakerRec.pdf

"Speaker, or voice, recognition is a biometric modality that uses an individual’s voice for recognition purposes. (It is a different technology than “speech recognition”, which recognizes words as they are articulated, which is not a biometric.) "

The MIT talk appears to be about the former term. Of course, both are useful in the surveillance world.

The biometrics.gov PDF provides a link to NIST work in speaker recognition, but these seem to be more current or more appropriate:

http://www.nist.gov/itl/iad/mig/spkr-lang.cfm

http://www.nist.gov/itl/iad/mig/sre.cfm

The results of the 2012 trials are presented here, though not all that intelligibly:

http://www.nist.gov/itl/iad/mig/sre12results.cfm

Slides 21-25 here list the participants:

http://www.nist.gov/itl/iad/mig/upload/SRE12_maineval_workshop_public_brief.pdf

SkepticalFebruary 3, 2014 5:05 PM

Since June, I have been suspicious that the President has been careful to say that no one is "listening" to peoples' telephone calls, leaving open the possibility that the NSA is "recording" or "transcribing" or "reading" peoples' telephone calls.

The relevant sections of US law, 50 USC 1801(f), and USSID 18, do not make for easy reading, but they do rule out the legal possibility of the President being clever by using the word "listening" instead of "reading".

For surveillance that falls into the categories defined by 50 USC 1801(f), it is irrelevant as to whether the contents of communication are rendered into an intelligible form. The question is whether the contents are acquired (among other conditions).

Now, with respect to electronic surveillance outside 50 USC 1801(f), i.e. that governed by Presidential order, such as EO 12333, DoD regulations, NSA/CSS policies, and most prominently, USSID 18, matters are a little more complicated.

There are some interesting quirks in the technical meaning of terms in USSID 18 which, as I read it, could allow for the inadvertent capture of communications by US persons. So long as those captured communications are not rendered into an intelligible form, I do not see anything in USSID 18 requiring that they be destroyed.

So, bear with me for a few.

Section 5.4 of USSID 18 requires that "private communications solely between persons in the UNITED STATES inadvertently intercepted during the COLLECTION of FOREIGN COMMUNICATIONS will be destroyed upon recognition...."

The all-caps aren't mine; the document uses them to tell the reader when it is using specifically defined terms.

Now "interception" isn't capitalized, but it is a defined term; according to Section 9.11, "interception" occurs when a communication is acquired and rendered into an intelligible form.

Collection (Section 9.2) means "intentional tasking or SELECTION of identified nonpublic communications for subsequent processing aimed at reporting or retention as a file record."

Selection (Section 9.14) means the "intentional insertion of a [redacted] telephone number, email address, [redacted] into a computer scan dictionary or manual scan guide for the purpose of identifying messages of interest and isolating them for further processing."

This seems to leave open the possibility of the acquisition of raw data that could include US communications. And so long as this remained raw data, it seems possible that it could be stored indefinitely.

So, and I am way out of my technical depth here, if certain types of transmissions (along, say, fiber optic cables) were, upon acquisition, not intelligible - just some huge mass of 1s and 0s registered in some acquisition device - a mass in which many different things could be contained - then it seems possible that such acquired transmissions could be stored.

As soon as they are processed into a form amenable to understanding, however, and are identified as a US communication, they would have to be destroyed.

The policies do clearly guard against misuse, and do not allow the construction of a database of US calls or communications, such that construction would require processing and identification of US communications. However, arguably the storage of raw transmission acquisitions could include the storage of unidentified US communications hidden among the mass of unstructured digits.

Caveats: USSID 18 is not written entirely clearly. At times defined terms are capitalized, and at other times the same terms are used but are not capitalized. It is unclear as to whether the uncapitalized terms are to be given their ordinary meanings, or whether they should be read as defined terms. And since this is a complex subject, embedded in a complex technical context, it's entirely possible that I misread or missed a section answering any of my questions.

Conclusion: Neither activities governed by FISA, nor activities governed by Presidential authority, would include the transcribing or recording, as such, of all US calls. The manner of transmission acquisition by the NSA may mean that the data initially can contain varied types of information, including US communications. But once that data is resolved into recognizable forms, US communications must be destroyed (subject to narrow exceptions).

I would add that the acquired transmissions are useful to the NSA only insofar as they are susceptible to analysis, and so their incentive is to process such data into a useful format as quickly as possible. That means, of course, that US communications accidentally acquired are also destroyed as quickly as possible (outside narrow exceptions).

Brian MFebruary 3, 2014 5:43 PM

I've always wondered about this type of data. Correlation of burner phones to people.

Say someone turned off their burner phone as they got a new one, you would just look for new activations in the same area and time as a known burner was last seen. There can't be that many new activations at the same time. It could easily be thwarted by tossing the phone, then living without a phone for a few hours/days or until you are in a different area before activating a new one.

Or, you know their personal cell phone, and track it, but they're smart and are using a burner phone. Perhaps, with the right data, you will see only one other phone that follows the same approximate path as their real phone. It would need a few hours of data, but I'm sure you could make it work. They could thwart it by just taking the bus with a bunch of other people, but eventually they will go another direction from everyone else on the bus, and that's when you catch them.

Or, if you are looking for unknown associates, you just correlate their phone location to how often they are in the same area as other phones. If they see the same association at the same places, it's likely not an associate, but if they see the same association in different locations at different times, then you have some idea that, outside of coincidence, they know each other. The more data from different places, the stronger the potential association.

The scary part is, all of this could be done retro-actively. That's pretty much why we shouldn't put up with this.

65535February 3, 2014 7:50 PM

@ Bruce S

Since June, I have been suspicious that the President has been careful to say that no one is "listening" to peoples' telephone calls, leaving open the possibility that the NSA is "recording" or "transcribing" or "reading" peoples' telephone calls.

Yes, it’s a word game.

@Nicholas W

“When the experiment was all about anonymous tracking of people, and any "metadata" had to require deep content inspection to extract. By their standards, machine generated transcripts of all phonecalls is "just metadata" and therefore OK.”

Yes, any type of deep packet analyzer or promiscuous sniffers catches all of the packet, header, payload, trailer, crc, and so on.

[and]

“Overall, my bet: Any major wordwide data stream that can be reduced to 10 TB/day gets archived forever, as thats ~8 racks/year of 10 TB/1u hadoop cluster nodes. Any worldwide data stream thats 100 TB/day instead from an aggregate of at least 100 points instead gets archived local to the collection points and kept for ~1 week.”

That is a good bet.

I would guess by now the NSA has “distiller” programs that can remove unnecessary machine overhead and capture all of the important items such as geolocation of sender and receiver, all of the “id’s,” time, keywords (or the entire voice or text stream), protocols, cookies, browser activity and compress said data and store it for longer than one week.

@ Jones

“If you can then get an age, or an occupation, or pretty much any other relevant tidbit of data, you can narrow your search even further.It really takes remarkably few bits of personal information to de-anonymize a database of users.”

I agree.

@ Mike S

"The only means that I can surmise is the Ministerial authorizations but even those provide an exception for Canadians communications. So under these rules, does this mean that the Minister has the ability to authorize activities outside of the legal mandate? …what does it mean that the ministers authorizations "are not statutory instruments within the meaning of the Statutory Instruments Act." Does this essential mean that they are not subject to Freedom of Information requests?”

Those are good questions.

@ tom

“…I'm still not clear why they have to "discover" what sort of an IP it is by inferential properties (library hours, airport, cafe), is this just some exercise in academic cleverness, surely these are conveniently listed by now either free or for sale.”

Yes, at this point I would not be surprised if this individual information is for sale - or even free. The Dart cookie by Google, flash cookies and the like, contain a huge amount of information. When combined with geolocation this information becomes very potent and probably dangerous.

[and]

“It seems their sweep gave them not just hotspot IPs but the (never-specified) IDs as well. Why then did they need the corporate cooperator?”

Legal cover? Sysop rules?

@ Skeptical

“I would add that the acquired transmissions are useful to the NSA only insofar as they are susceptible to analysis, and so their incentive is to process such data into a useful format as quickly as possible. That means, of course, that US communications accidentally acquired are also destroyed as quickly as possible (outside narrow exceptions).”

Maybe and maybe not. You are assuming the US and other 5 Eyes players are playing by the rules (or what we think are the rules - or secret rules). That may not be true.

@ Brian M

“The more data from different places, the stronger the potential association. The scary part is, all of this could be done retro-actively. That's pretty much why we shouldn't put up with this.”

Yes, I agree.

That is the problem with the huge Utah facility. The NSA indicates that they only capture at “maximum” about 1.5% of all telco/internet communications. If you strip out all of the overhead, useless TV/Movies, and junk pictures, it leaves the valuable text and voice communications (about 1.5% of the data across the wire). That sub-set of data could easily be compressed and warehoused in the Utah facility for a long time and retro-actively analyzed. And, I agree, we should not put up with this mass data collection.

NobodySpecialFebruary 3, 2014 10:45 PM

@brian IIRC that is how the FBI caught the (alleged) Russian spy ring in New York who were using free coffee shop wifi and online chat to communicate.
Ironically it used to be very hard to operate spies behind the Iron Curtain because of the always present monitoring by the KGB/Stasi while it was comparatively easy for soviet spies to operate in the free west. Now it the other way around.

SkepticalFebruary 3, 2014 11:11 PM

0xffff Maybe and maybe not. You are assuming the US and other 5 Eyes players are playing by the rules (or what we think are the rules - or secret rules). That may not be true.

These institutions are highly developed bureaucracies. Think about the amount of documentation produced, and the regulations implemented and followed, for the so-called "enhanced interrogation" program. Or think about the incredibly risk-averse, byzantine rules followed by the IC and the FBI in the pre-9/11 days with respect to information sharing.

Or just think about it from the perspective of self-interest. Is any high-level intelligence officer going to get involved in large surveillance programs without ample legal cover and documentation? Barring a real sense of emergency, which absolutely existed in the aftermath of 9/11 and for damn good reasons, the odds of that happening are fairly small. And the larger the program gets, the smaller the odds of it being some type of off-the-books activity.

Not saying it doesn't happen - the Associated Press, in an absolutely disgraceful and reprehensible journalistic decision - recently published what appears to be such an example. I just doubt that a program of the size considered here functions outside the rules. Too much bureaucratic visibility and too many players involved.

AnonstersFebruary 4, 2014 2:18 AM

@skeptical:

"I just doubt that a program of the size considered here functions outside the rules."

You're doing it wrong, my man. In virtually every FISC opinion released so far there's language about NSA noncompliance with rules. Yes, FISC continues to churn out authorizations. Go figure. But we know, for an absolute certainty, that these programs have functioned and in all likelihood are functioning outside the rules. If you haven't discovered it yet, visit EmptyWheel. Marcy Wheeler does yeoman's work in investigating the minutiae of what we can glean from the various declassified documents, on-the-record statements of government officials, court filings, and so on. And the government playing word games with courts, with Congress, with the public: it's all very much par for the course.

Having said all that, we also know that we don't even know all the rules they purport to follow, because the government continues to resist declassifying (inter alia) FISC opinions. So even if we could trust that by pure bureaucratic inertia NSA's programs followed all the rules to the letter (and we can't, because all the evidence points in the other direction), it's not much comfort to say, "Trust us. We follow the rules. But no, you don't get to know the rules."

tomFebruary 4, 2014 7:50 AM

Just to clarify two common points of confusion:

First, the FVEY run a gigantic federated database across dozens of agencies and multiple countries. It consists of a few thousand component databases maintained a few hundred physical locations with many trillions of records residing on a few million distinct servers. It's all inter-connected and online.

Federated means your query can be seamlessly distributed across all of them -- the distinctness of the parts is operationally invisible to you. (Subject to constraints of your clearance and run-arounds of legality rules.)

This doesn't mean your query will get a fast answer. It won't.

The delay is called latency; with the advent of full-take on the internet backbone, it became intolerable. NSA has taken three measures to reduce latency: Bluffdale co-location, Hadoop efficient file system, and massive pre-compute of contact-chaining and other analytics.

Second, the FBI-style dossiers and acres of file cabinets from the Hoover era are long gone. NSA is all-digital. There is no longer a paper folder on you with a separate file for every peace rally and folk music concert attended.

Instead, the IC maintains a gigantic virtual dossier on you. It's a dossier that doesn't exist (according to them) yet one that can be computed on demand in a few microseconds from any of your selectors.

The knotty existential language of our time: no dossier until they build one, no one listening until they go back and listen, no one reading your emails until they go back and read it, no one surveilling you until your history is reconstructed from a selector, your identifiers are anonymized until someone de-anonymizes them.

Does the tree falls silently in the forest if no one is there to hear it? I'd say not.

anonFebruary 4, 2014 10:12 AM

Rather than a dumpster, a burner phone can simply be left on the bus or given to a homeless person. First clear away any personal data, give it a full charge, and throw in the charger.

I tired of a $15 prepaid phone from Family Dollar a couple years back and gave to a guy living along the creek. He winters down in Santa Barbara. Last I saw, he's still using it.

How is this going to be recovered from metadata analytics? What is the rate of false positives on burner phone switch-overs -- and what is the cost of pursuing those leads?

A lot of this stuff -- like this bogus CSEC IP analytic -- is just a pipe dream.

I'm curious. I haven't done anything wrong (lately) so what NatSec rationale prevents NSA from giving me my accumulated metadata? This is not a burdensome request -- just a tech in India pasting in my selectors to Marina or Mainway.

tomFebruary 4, 2014 11:04 AM

Sounds simple enough. A response to merchant sigint that undoes the CSEC analytic as a side benefit.

"Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks.

While you are not connected to a Wi-Fi network, the MAC address will constantly be pseudo-randomized, following a pattern that still makes the trackers think you are a real person, but they will not encounter your MAC address again. This will slowly poison their tracking database with useless information.

When you do connect to a Wi-Fi network, unless you specify otherwise, your MAC address will also be randomized - the same MAC address will not be used the next time you connect to this or any other network....

This is proof-of-concept code, and how for it will go in the future depends on interest and how well it works. It has been tested on several devices and seems to work, but it is very young still. The magic the app does to achieve its purpose is ever subject to changing Android security policies and OEM customizations, so even though it works now, there really is no saying if it will still be possible in future firmwares..."

https://plus.google.com/+Chainfire/posts/4eDhi3ew2Qk

SkepticalFebruary 4, 2014 12:37 PM

Anonsters You're doing it wrong, my man. In virtually every FISC opinion released so far there's language about NSA noncompliance with rules.

We need to distinguish between accidental noncompliance (e.g. an analyst includes an incorrect email address on an email, resulting in information sent to a person not authorized to view it), and deliberate rogue operations, which is what we're really concerned about when we discuss whether the NSA and IC generally are playing by the rules.

The compliance incidents contained in the FISC orders and memoranda (I've read them) were actually disclosed by the NSA to the FISC. In the most serious case (analysts ran non RAS (reasonably articulable suspicion) approved selectors on a set of databases that, unknowingly to them, included the Section 215 database), the FISC required that until a thorough examination of the causes of the errors and a thorough testing of the solutions was complete, all selectors would be required to be submitted to the Court for approval.

To be quite honest, those FISC documents actually gave me a great deal more confidence that the surveillance programs at issue had become squarely rule-governed - my impression of the surveillance program from earlier years (based on 2005 press articles) was more negative.

And by the way, the two semi-independent groups to review this program have both said that they found ZERO cases of deliberate evasion of the rules by the NSA institutionally, and noted that the personnel involved were highly dedicated to observing the rules. This has also been noted by the two Congressional oversight committees.

And the government playing word games with courts, with Congress, with the public: it's all very much par for the course.

Not with Congress or the courts. The oversight committees and the FISC are very well aware of what different terms mean in this context. In any complex regulatory area you're going to have the development of terms of art.

With respect to the public, there's no question that Clapper's response to Wyden's question was misleading.

Having said all that, we also know that we don't even know all the rules they purport to follow, because the government continues to resist declassifying (inter alia) FISC opinions.

The most recent FISC memorandum and order (and several prior) have been largely declassified, actually, and are available on the uscourts website. There are also statutory rules that are obviously a matter of public record, and the relevant executive orders and agency regs appear to have been largely declassified (though, as I noted in describing 50 USC 1801(f) and USSID 18, there are unclear areas).

tom Instead, the IC maintains a gigantic virtual dossier on you. It's a dossier that doesn't exist (according to them) yet one that can be computed on demand in a few microseconds from any of your selectors.

I think you're raising a really good question and some great points, but we should keep in mind that the rules and regs with respect to the content of communications seem to be written in a way that requires deletion upon recognition of the data as such content (unless the content falls into certain exceptions). For the type of fast searches you're talking about, and correct me if I'm wrong as I wouldn't know a bit from a bot, you'd need such content to be indexed to selectors, and you'd need to know that such content is a voice communication - so it seems to me that (again with respect to content) structuring the data into a searchable database would simultaneously trigger a requirement to delete that data.

GregFebruary 4, 2014 6:09 PM

@Bruce

This technology might also be quite good at trying to guess when you are next "going to look at the source documents." Be sure to leave your cell behind!

65535February 5, 2014 1:10 AM

@ Skeptical

Wow, you’re the first to convert it to hex. Good going.

All I am trying to say is that We Don’t Know! The evidence is against the NSA.

There are too many secret rulings. There is a lot of disinformation. Until we know the entire FISA court rulings we are in the dark.

If you have information that is not in the public domain – but should be – let us know in a legal fashion (that doesn't get you in trouble).

I think others would agree. And, please don’t unleashes the NSA’s K-street minions upon us in the process. This board is monitored as it is.

SarahFebruary 5, 2014 4:53 PM

Bruce: how is it "not really true" that what they are doing here is tracking? If you are using a huge trove of IP and ID data to build a database that triggers alerts based on people's movements, then that is self-evidently a kind of tracking.

AnonstersFebruary 6, 2014 12:32 PM

@Skeptical:

Based on all your comments that I've seen, I can only conclude that your chosen name, "Skeptical," is some kind of hipster irony.

PonyAdvocateFebruary 6, 2014 12:45 PM

@Anura:

I'm not sure how I can transport hostages, loot, or anti-government placards anonymously on mass transit, or even on foot, what with all the surveillance cameras, public and private, about. Of course, relying on mass transit also restricts my operations to an urban area that has such an amenity.

Neither is it clear to me how stealing a car, or putting stolen plates on my own car, disables a GPS system. If I steal a car, conceivably I'll be even less anonymous (since I'll be on a law enforcement BOLO list), and when they catch me, they'll be able to add grand theft, auto to the other charges they'll pin on me.


@NobodySpecial: I don't know if I'd even trust taking the battery out of a cell phone to disable it. I know nothing about phone technology, but I wouldn't be surprised if there were a separate integrated battery that provides some power for low-level functions, which might include broadcasting some identification info. And even is there's no such thing today, who's to say there won't be next year? The only way I would be absolutely confident I were not being tracked by a phone I'm carrying would be not to carry a phone.

SkepticalFebruary 7, 2014 8:45 AM

@Anonsters:

Based on all your comments that I've seen, I can only conclude that your chosen name, "Skeptical," is some kind of hipster irony.

After everything we've read recently, presumably so is yours. ;)

Michael HerouxMarch 29, 2014 6:09 AM

Michael Heroux said

My wife and I are the two people Justice Richard Mosley was refering to when he ruled CSIS was end running the law. We have been following this decision very closely, we are being spied on right here in Canada. My wife and I and our 3 children have been abused by the RCMP CSIS CSEC and other police forces in Ontario and British Columbia for over 5 years now. I have a mental disability and the police started harassing my family and I when I started using Craigslist 5 years ago, what can I say, we're swingers. My wife slept with a few of them while I watched. We are not terrorist. It sounds strange but I have been poisoned and my wife has been poisoned for speaking out publicly about the abuse. We have also been assulted numerous times in the last 5 years. They are listening to us in our bedroom and living room because they let us know by telling us what we are talking about in the privacy of our home. We contacted the BC Human Rights and Civil Rights office last year because the police were trying to run me and my family over on the streets, but they never got back to us. We got a lawyer a couple years ago and the lawyer was able to get them to lay off for a bit. They sent a gunman to murder us last year, we managed to evade him. It also sounds strange but we have a spy monitoring us right now in the adjacent suite to us and they have been there for 12 months now. Since Judge Mosleys decision they quit harassing us but they are still messing around with our internet and phone communications. Thank God for Judge Mosley, I think he saved our lives. We think the reason they are still watching over us is because of what Judge Mosley refered to as "invasive survailence techniques" used against the people who had those warrents issued on them. They don't want us to tell anyone about the techniques used against us for the last 5 years. Pretty sophisticated alien technology if I do say so myself. Pretty cool actually but we don't plan on telling anyone. We are patriotic Canadians and we hate terrorist like everyone else but we don't want to see people abused. Caught up in the fish net so to speak. They have tried to set us up numerous times for arrest over the last 5 years to get their hands on us and make us look like the bad guy's but we have managed to evade those attempts also.

My wife and I are concerned because Canada Post is being scaled back and it has got us worried. We use open source software for our operating system. In the last 5 years our privacy has been majorly violated. We are most concerned about our communications being sanitized. We no longer have control over who we can make contact with through electronic means. We can only contact people in person for representation so most people not within our city are off limits to us. We realize we are being followed and are being listened to in the privacy of our own home and our home has been entered numerous times when we are not home by intelligence but our means of communications are being sanitized. 5 years ago we noticed rootkits being installed on our operating systems and I was able to set up honey pots and found they were being installed by the military. Since, we switched to virtual machines from static medium verified with sha512sums (DEBIAN KNOPPIX) to get a malware free system each boot. The only website we use is Craigslist and we have met RCMP agents through Craigslist who wanted us to work for them to help them entrap people from terrorist to gangsters. We believe they were just looking for patsies though. I used to work for the RCMP over 20 years ago to infiltrate criminals and make arrests but I quit working for them because they wanted me to set people up that weren't even breaking the law. For the last 5 years we have used Gmail and we have had numerous internet suppliers and numerous Gmail accounts and we have noticed people we have been emailing and people emailing us have not been getting the emails even though Gmail says they have been sent. We use an SSL connection so our communications are encrypted. The same thing applies to our text messages, we have used Rogers for internet, text and phone for the last 5 years. We have noticed our posting on certains forums are not showing up or they are being deleted as we are writing them right before our eyes or our browsers are being closed as we are writing stuff. Our computers are being shut down and our cell phones are being shut down as we are trying to correspond with people. We have realized that people have been contacting us through our email and our cell phones claiming to be people we know like family members for instance but we know they are imposters. We have tried contacting Human and Civil Rights advocates through electronic means but have had no replies. We have even tried to contact legal representation through electronic means but have never heard anything back over the years. It sounds strange but a gunman was sent to kill us early last year but we managed to evade him. Shortly after that someone tried hiring a hitman through the SILK ROAD website to kill us. At first when the website was taken down by the FBI the owner said the hit was for a father of 3 from Vancouver but later he admitted it was for the whole family of 5, a husband, wife and 3 children. We have been poisoned numerous times in the last 5 years and I have numerous painful swollen lumps throughout my body. Strangers have come up to us on the streets and have told us I have cancer. I went to the emergency room last year because my brain was swelling in my head and my eyes were bulging and I was having severe headaches and the doctor didn't want to treat me and sent me home. Thanks for reading.

Michael HerouxApril 5, 2014 6:36 PM

Michael Heroux said

My wife and kids and I finally got a reply back from The Justice Department Of Canada. They were ignoring us just like the Privacy Commisioner Of Canada is now. They finally acknowledged our statements to them about us being poisoned and assaulted numerous times and the assasination attempts on our lives, and the fact that I have cancer because of the poisonings that they did against us. I think my cancer is getting worse, it is really painful now and the lumps are spredding throughout my abdomin. They sent us a letter the other day and said the information we are looking for on the 30-08 warrants against us are not under their control and told us to contact CSIS. I hope I live long enough to see those bastards pay.

Nick PApril 5, 2014 8:44 PM

re Michael Heroux

Only one I know of does exascale computing research at Sandia. This guy's name (in Canadian context) turns up nothing on the Internet except the same comment on other blogs under many different names. Like with some other online commenters, the tactics described are more hardcore than even those used against cypherpunks, Anonymous, Wikileaks and Lulzsec types. That's my usual point of comparison and it makes claims like this hard to believe. Initial reaction is that it's BS designed for notoriety or sidetracking important discussions.

Thoughts, anyone?

FigureitoutApril 5, 2014 9:19 PM

Nick P RE: Michael Heroux
--Some aspects are eerily similar to my experiences. I'm letting the lumps grow in me grow so I don't cost my parent's anymore money w/ medical costs when or if they finally shut down some organs; I have a feeling the intent was a long, slow, grinding painful death. My bones are thin and feel like their about to break. Don't underestimate the ability of teams of criminally immune agents to inflict mental illness and do extremely evil things. Obviously teams will be separated so the other more ethical agents won't believe it at all and even laugh at you. Don't believe it? Test it yourself. And we have more "confirmed" evidence of US gov't poisoning/infecting people for experiments. I have little doubt there are many more and the evidence was "disposed of" or you f*ck w/ someone enough you go crazy and no one believes you. Beware when you get shady new neighbors moving in (they wait for you to leave the home and can poison many things in your home); but even still the lumps initially popped up immediately after a physical break-in (sloppy one) and this was in an apartment. Once the agents have done their job, they move onto the next hit-job.

Michael HerouxApril 8, 2014 12:17 AM

We are not hackers. We learned about computers watching Kevin Rose and Leo Laporte and Patrick on the Screen Savers and we listen to Steve Gibsons podcast whenever we can. Our real email is michaelheroux1967@gmail.com but good luck getting through.

FigureitoutApril 8, 2014 1:24 AM

Michael Heroux
--I'll send an email (I would strongly recommend not a gmail account though); if you don't receive an email in the next few days, maybe next week (better not to leave a specific time) then post back here and we need another way (radio?). I know what it's like to have email acct's hacked; there is no limit to the abuse. No one on schneier.com was brave enough to email my infected email address (besides one person) or the account had emails deleted; not even the spammers lol. If you've already been poisoned then you shouldn't have a problem w/ a physical address; I don't.

I really hope I don't find out you're trolling b/c I'm most definitely not and I'm willing to undergo privacy violations to prove it to those that doubt me.

Michael HerouxApril 8, 2014 4:18 PM

We are not sure what anyone can do except a lawyer and I think we have to wait until the Harper government is no longer in power. We have talked to police about it over the years and they said they can't do anything. They basically tell us they want to kill us and to be careful. We have talk to RCMP and CSIS agents and they have no sympathy for us, they say we brought it on ourselves because of our dislike for the Harper government. We have spoke to the Ministry numerous times but they are pissed at us because we home school our kids. Every time they come to our house they bring agents and uniformed police and they try to pick fist fights with us. The nicer ones just tell us to be careful. They have even kick us out of different city in Canada we are not allowed to live in. We live in Vancouver now and the city lets us live here in peace but the spy is still next door monitoring us electronically and they don't really try to hide their presence.

michaelheroux1967@gmail.com

FigureitoutApril 8, 2014 11:05 PM

Michael Heroux
spy is still next door monitoring us electronically and they don't really try to hide their presence.
--Exactly the same here. I don't get why they are so terrible unless they just want to be sure we see them. There are *spies* in my neighborhood, and also just outside the neighborhood. Just saw another operation the other day again on my way to school and like usual it happens instantly as I leave my house to ensure they get the most time possible in the house and my stuff in my room is ruffled up for no reason. It doesn't scare me anymore; it's just pathetic now. B/c I saw it coming and have been just having fun and testing what the agents could and couldn't detect (nowhere near everything which means they fail to break a normal citizen's opsec, what about a foreign state agent's?). As much as I want to jam the sh*t out of my neighbors, I know they are just waiting for it; there's even a WEP network just tempting me...And then *Boom* crime for me fighting back. So I have to be sneaky and twist their games to where I get control (I managed to control agent's activities from this blog in my experiments lol).

Michael HerouxApril 9, 2014 4:49 PM

Michael Heroux said

Hey, we have nothing against the spies. If it wasn't for them we would be dead now. There are some rogue ones you have to be worried about. They have given us plenty of heads ups over the years so they have been keeping us alive. I don't know much about Edward Snowden but you have to think he did what he did for a reason and I don't think the true reason has been published yet. We have had spies tell us over the years they are trying to get rid of the mentally disabled and the poor and the blacks and the gays and anybody they feel that does not comply with their agenda. Edward Snoden knew this, he would of had to, how could he not of. It's a moral issue and he felt compeled to do what he believed was right. He has a conscience and he followed it. He was being human. You can't condemn a man for being human.

michaelheroux1967@gmail.com

Nick PApril 9, 2014 6:32 PM

@ Michael Heroux

"We have had spies tell us over the years they are trying to get rid of the mentally disabled and the poor and the blacks and the gays and anybody they feel that does not comply with their agenda. Edward Snoden knew this, he would of had to, how could he not of. It's a moral issue and he felt compeled to do what he believed was right. He has a conscience and he followed it. He was being human. You can't condemn a man for being human."

Now it's extra clear you're full of it. Edward Snowden said no such thing. He found out about surveillance system, secret programs, etc he wanted America to know about. So, he leaked it. He was very clear about this. He never said anything else you just mentioned. The "get rid of the mentally disabled and the poor and the blacks and the gays" sounds like typical conspiracy drivel. And this is on top of large amount of police and intelligence resources you claim are being used against you personally in ways that don't happen to well-known enemies of the state. They just get surveilled, searched, etc more, while you're living in the middle of a Ludlum novel without his plot sophistication.

In short, your story is more unbelievable with each post.

FigureitoutApril 10, 2014 12:31 AM

Nick P RE: Doubt
--There was no mention of Snowden saying anything. Pretty standard if it's another Fed troll trying to taint real victims trying to expose big time abuses (also can't underestimate mental illness brought on by very excessive investigations). This "conspiracy drivel" you speak of can happen, if you have the misfortune to experience it you will come away mentally harmed (you can't escape it, it's stuck in your head) and that has the added benefit of further discrediting you (must be the voices in your head kid). And just like bullies in grade school the predators will go after weakened individuals to make up for insecurities and let actual threats operate freely (like foreign agents intent on stealing IP) b/c they're too lazy or afraid or incapable. Granted it's a lot easier to do cointel than offensive intel gathering, and their nightmare is when they can't figure out how the cover got blown.

AnonApril 10, 2014 8:23 AM


I make this comment out of concern after reading some of the comments.

These are symptoms of paranoid schizophrenia. Please see a doctor. There is nothing to be ashamed of. You'll come up with lots of reasons to avoid this. Don't. Gather your strength, be brave. Get help from an understanding family member or friend first if a doctor is too big a first step.

MICHAEL HEROUXApril 10, 2014 6:26 PM

Michael Heroux said michaelheroux1967@gmail.com

My wife and I are the two people Justice Richard Mosley was refering to when he ruled CSIS was end running the law. We have been following this decision very closely, we are being spied on right here in Canada. My wife and I and our 3 children have been abused by the RCMP CSIS CSEC and other police forces in Ontario and British Columbia for over 5 years now. I have a mental disability and the police started harassing my family and I when I started using Craigslist 5 years ago, what can I say, we're swingers. My wife slept with a few of them while I watched. We are not terrorist. It sounds strange but I have been poisoned and my wife has been poisoned for speaking out publicly about the abuse. We have also been assulted numerous times in the last 5 years. They are listening to us in our bedroom and living room because they let us know by telling us what we are talking about in the privacy of our home. We contacted the BC Human Rights and Civil Rights office last year because the police were trying to run me and my family over on the streets, but they never got back to us. We got a lawyer a couple years ago and the lawyer was able to get them to lay off for a bit. They sent a gunman to murder us last year, we managed to evade him. It also sounds strange but we have a spy monitoring us right now in the adjacent suite to us and they have been there for 12 months now. Since Judge Mosleys decision they quit harassing us but they are still messing around with our internet and phone communications. Thank God for Judge Mosley, I think he saved our lives. We think the reason they are still watching over us is because of what Judge Mosley refered to as "invasive survailence techniques" used against the people who had those warrents issued on them. They don't want us to tell anyone about the techniques used against us for the last 5 years. Pretty sophisticated alien technology if I do say so myself. Pretty cool actually but we don't plan on telling anyone. We are patriotic Canadians and we hate terrorist like everyone else but we don't want to see people abused. Caught up in the fish net so to speak. They have tried to set us up numerous times for arrest over the last 5 years to get their hands on us and make us look like the bad guy's but we have managed to evade those attempts also.

My wife and I are concerned because Canada Post is being scaled back and it has got us worried. We use open source software for our operating system. In the last 5 years our privacy has been majorly violated. We are most concerned about our communications being sanitized. We no longer have control over who we can make contact with through electronic means. We can only contact people in person for representation so most people not within our city are off limits to us. We realize we are being followed and are being listened to in the privacy of our own home and our home has been entered numerous times when we are not home by intelligence but our means of communications are being sanitized. 5 years ago we noticed rootkits being installed on our operating systems and I was able to set up honey pots and found they were being installed by the military. Since, we switched to virtual machines from static medium verified with sha512sums (DEBIAN KNOPPIX) to get a malware free system each boot. The only website we use is Craigslist and we have met RCMP agents through Craigslist who wanted us to work for them to help them entrap people from terrorist to gangsters. We believe they were just looking for patsies though. I used to work for the RCMP over 20 years ago to infiltrate criminals and make arrests but I quit working for them because they wanted me to set people up that weren't even breaking the law. For the last 5 years we have used Gmail and we have had numerous internet suppliers and numerous Gmail accounts and we have noticed people we have been emailing and people emailing us have not been getting the emails even though Gmail says they have been sent. We use an SSL connection so our communications are encrypted. The same thing applies to our text messages, we have used Rogers for internet, text and phone for the last 5 years. We have noticed our posting on certains forums are not showing up or they are being deleted as we are writing them right before our eyes or our browsers are being closed as we are writing stuff. Our computers are being shut down and our cell phones are being shut down as we are trying to correspond with people. We have realized that people have been contacting us through our email and our cell phones claiming to be people we know like family members for instance but we know they are imposters. We have tried contacting Human and Civil Rights advocates through electronic means but have had no replies. We have even tried to contact legal representation through electronic means but have never heard anything back over the years. It sounds strange but a gunman was sent to kill us early last year but we managed to evade him. Shortly after that someone tried hiring a hitman through the SILK ROAD website to kill us. At first when the website was taken down by the FBI the owner said the hit was for a father of 3 from Vancouver but later he admitted it was for the whole family of 5, a husband, wife and 3 children. We have been poisoned numerous times in the last 5 years and I have numerous painful swollen lumps throughout my body. Strangers have come up to us on the streets and have told us I have cancer. I went to the emergency room last year because my brain was swelling in my head and my eyes were bulging and I was having severe headaches and the doctor didn't want to treat me and sent me home. Thanks for reading.

FigureitoutApril 11, 2014 1:24 AM

Anon
These are symptoms of paranoid schizophrenia.
--Appreciate the concern but it's really not on my end...If anything it's an unheard of mental condition (initiated from environmental stimuli); I've actually grown very mentally strong b/c of it (at least something positive). Is it really all that hard to believe that such a thing is possible given abuses that have happened in the past? Look at what severe stress can cause people to do, some guy down at Fort Hood just shot up a bunch of random people; what the hell?

I guess whatever helps people sleep at night, to talk down what I'm saying until you get the proof you want (all evidence can be fabricated anyway). I'm really sick of it though, the investigation is pointless (always has been), and just want to get a job, build my computer & radio, get out of the 'rent's basement, and put this nightmare behind me.

Michael HerouxApril 13, 2014 2:09 PM

Michael Heroux said michaelheroux1967@gmail.com

The Privacy Commissioner Of Canada finally got back to us after ignoring us for quite some time now. When we first contacted her office they wanted more specific information from us to prove to them that the 30-08 warrants Judge Richard Mosley issued were actually for us. We know they have the security clearance to find out and we know they know the warrants were for us but they keep saying prove it. We sent them the names of the first 2 agents they sent to investigate us in 2008 and they didn't even acknowledge the agents in any way. They didn't comment on the agents, they didn't ask questions about the agents or nothing. They are just ignoring anything we tell them even though they keep asking for more information. The first 2 agents they sent to investigate us in 2008 were our daughters. Our 2 daughters came back home to live with us in 2008 and told us they were working for Canadian Intelligence. They told us the agent that they were working for wanted them to set us up. It has got us worried. We don't know whether Canadian Intelligence are play some sort of sick game with us but a stranger approached us out of the blue last year and told us our daughters have been murdered. We have not heard from our 2 daughters since they were sent back home to investigate us for Canadian Intelligence. All The Privacy Commissioner Of Canada is saying to us is prove it. They want us to name names of the Intelligence agents we met in 2008-2009 but they won't offer us any protection against further assasination attempts against my wife and kids and I even though they know about the previous attempts. We are still being monitored as I write this and we have reason to believe they are using foreign spies from their international coalition. The last thing The Privacy Commissioner Of Canada did was refer us to the recommendations that she made to Parliament on our behalf. Thanks for reading.

Michael HerouxApril 14, 2014 8:30 PM

CONTINUED Michael Heroux said michaelheroux1967@gmail.com

The same thing is going on with The Justice Department Of Canada, all they want from us is more information from us to prove the 30-08 warrants were for us but even though they know about our daughters working as agents for Canadian Intelligence and they know about the poisonings and assasination attempts against us and they know the 30-08 warrants were for us all they are saying now is they don't have control over the 30-08 warrant information we are looking for against us and they are saying Canadian Intelligence have the information we are looking for.

Both agencies have security clearance and they know everything but they are playing dumb but they still want us to name names about the agents we met between 2008-2009 and neither of them are willing to offer us protection against further assasination attemtps against us.
After our daughters left our home when they were done investigating us in 2008 many agents were contacting us in the beginning of 2009 offering us large sums of money if we leave Canada for a while. We knew they were trying to get us to leave Canada but not until Judge Richard Mosley decision did we realize why. They were offering us luxury vacations in the sun and basically anything we wanted just to leave Canda for a while. Now we realize it was just a ploy to get their International Coalition involved, we probably would never have been heard from again. They also wanted us to bring our kids along. The good agents were warning us that our life was in danger and they were telling us to move back to British Columbia for our own safety. The local police force would escort us home late at night when we left the downtown area and we always wondered why we were so special. We decided to listen to the good agents and move back to British Columbia for our safety. Just as we were getting ready to moved a few agents approached us and offered us $250,000 dollars if we stay in Ontario. We couldn't believe it. But we left anyways. Thanks for reading.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..