Entries Tagged "FOIA"

Page 3 of 4

DHS's Files on Travelers

This is interesting:

I had been curious about what’s in my travel dossier, so I made a Freedom of Information Act (FOIA) request for a copy. I’m posting here a few sample pages of what officials sent me.

My biggest surprise was that the Internet Protocol (I.P.) address of the computer used to buy my tickets via a Web agency was noted. On the first document image posted here, I’ve circled in red the I.P. address of the computer used to buy my pair of airline tickets.

[…]

The rest of my file contained details about my ticketed itineraries, the amount I paid for tickets, and the airports I passed through overseas. My credit card number was not listed, nor were any hotels I’ve visited. In two cases, the basic identifying information about my traveling companion (whose ticket was part of the same purchase as mine) was included in the file. Perhaps that information was included by mistake.

Posted on January 12, 2009 at 5:15 AMView Comments

Government Can Determine Location of Cell Phones without Telco Help

Interesting:

Triggerfish, also known as cell-site simulators or digital analyzers, are nothing new: the technology was used in the 1990s to hunt down renowned hacker Kevin Mitnick. By posing as a cell tower, triggerfish trick nearby cell phones into transmitting their serial numbers, phone numbers, and other data to law enforcement. Most previous descriptions of the technology, however, suggested that because of range limitations, triggerfish were only useful for zeroing in on a phone's precise location once cooperative cell providers had given a general location.

This summer, however, the American Civil Liberties Union and Electronic Frontier Foundation sued the Justice Department, seeking documents related to the FBI's cell-phone tracking practices. Since August, they've received a stream of documents—the most recent batch on November 6—that were posted on the Internet last week. In a post on the progressive blog Daily Kos, ACLU spokesperson Rachel Myers drew attention to language in several of those documents implying that triggerfish have broader application than previously believed.

Posted on November 26, 2008 at 6:06 AMView Comments

NSA Forms

They’re all here:

Via a Freedom of Information Act request (which involved paying $700 and waiting almost 4 years), The Memory Hole has obtained blank copies of most forms used by the National Security Agency.

Most are not very interesting, but I agree with Russ Kick:

They range from the exotic to the pedestrian, but even the most prosaic form shines some light into the workings of No Such Agency.

Posted on August 6, 2008 at 7:26 AMView Comments

Pentagon May Issue Pocket Lie Detectors to Afghan Soldiers

This is just ridiculous. Lie detectors are pseudo-science at best, and even the Pentagon knows it:

The Pentagon, in a PowerPoint presentation released to msnbc.com through a Freedom of Information Act request, says the PCASS is 82 to 90 percent accurate. Those are the only accuracy numbers that were sent up the chain of command at the Pentagon before the device was approved.

But Pentagon studies obtained by msnbc.com show a more complicated picture: In calculating its accuracy, the scientists conducting the tests discarded the yellow screens, or inconclusive readings.

That practice was criticized in the 2003 National Academy study, which said the “inconclusives” have to be included to measure accuracy. If you take into account the yellow screens, the PCASS accuracy rate in the three Pentagon-funded tests drops to the level of 63 to 79 percent.

Posted on April 14, 2008 at 12:57 PMView Comments

The Zotob Worm and the DHS

On August 18 of last year, the Zotob worm badly infected computers at the Department of Homeland Security, particularly the 1,300 workstations running the US-VISIT application at border crossings. Wired News filed a Freedom of Information Act request for details, which was denied.

After we sued, CBP released three internal documents, totaling five pages, and a copy of Microsoft’s security bulletin on the plug-and-play vulnerability. Though heavily redacted, the documents were enough to establish that Zotob had infiltrated US-VISIT after CBP made the strategic decision to leave the workstations unpatched. Virtually every other detail was blacked out. In the ensuing court proceedings, CBP claimed the redactions were necessary to protect the security of its computers, and acknowledged it had an additional 12 documents, totaling hundreds of pages, which it withheld entirely on the same grounds.

U.S. District Judge Susan Illston reviewed all the documents in chambers, and ordered an additional four documents to be released last month. The court also directed DHS to reveal much of what it had previously hidden beneath thick black pen strokes in the original five pages.

“Although defendant repeatedly asserts that this information would render the CBP computer system vulnerable, defendant has not articulated how this general information would do so,” Illston wrote in her ruling (emphasis is lllston’s).

The details say nothing about the technical details of the computer systems, and only point to the incompetence of the DHS in handling the incident.

Details are in the Wired News article.

Posted on November 6, 2006 at 12:11 PMView Comments

Indexes to NSA Publications Declassified and Online

In May 2003, Michael Ravnitzky submitted a Freedom of Information Act (FOIA) request to the National Security Agency for a copy of the index to their historical reports at the Center for Cryptologic History and the index to certain journals: the NSA Technical Journal and the Cryptographic Quarterly. These journals had been mentioned in the literature but are not available to the public. Because he thought NSA might be reluctant to release the bibliographic indexes, he also asked for the table of contents to each issue.

The request took more than three years for them to process and declassify—sadly, not atypical—and during the process they asked if he would accept the indexes in lieu of the tables of contents pages: specifically, the cumulative indices that included all the previous material in the earlier indices. He agreed, and got them last month. The results are here.

This is just a sampling of some of the article titles from the NSA Technical Journal:

“The Arithmetic of a Generation Principle for an Electronic Key Generator” · “CATNIP: Computer Analysis – Target Networks Intercept Probability” · “Chatter Patterns: A Last Resort” · “COMINT Satellites – A Space Problem” · “Computers and Advanced Weapons Systems” · “Coupon Collecting and Cryptology” · “Cranks, Nuts, and Screwballs” · “A Cryptologic Fairy Tale” · “Don’t Be Too Smart” · “Earliest Applications of the Computer at NSA” · “Emergency Destruction of Documents” · “Extraterrestrial Intelligence” · “The Fallacy of the One-Time-Pad Excuse” · “GEE WHIZZER” · “The Gweeks Had a Gwoup for It” · “How to Visualize a Matrix” · “Key to the Extraterrestrial Messages” · “A Mechanical Treatment of Fibonacci Sequences” · “Q.E.D.- 2 Hours, 41 Minutes” · “SlGINT Implications of Military Oceanography” · “Some Problems and Techniques in Bookbreaking” · “Upgrading Selected US Codes and Ciphers with a Cover and Deception Capability” · “Weather: Its Role in Communications Intelligence” · “Worldwide Language Problems at NSA”

In the materials the NSA provided, they also included indices to two other publications: Cryptologic Spectrum and Cryptologic Almanac.

The indices to Cryptologic Quarterly and NSA Technical Journal have indices by title, author and keyword. The index to Cryptologic Spectrum has indices by author, title and issue.

Consider these bibliographic tools as stepping stones. If you want an article, send a FOIA request for it. Send a FOIA request for a dozen. There’s a lot of stuff here that would help elucidate the early history of the agency and some interesting cryptographic topics.

Thanks Mike, for doing this work.

Posted on September 26, 2006 at 12:58 PMView Comments

1 2 3 4

Sidebar photo of Bruce Schneier by Joe MacInnis.