Entries Tagged "Secret Service"

Page 1 of 2

Hey Secret Service: Don't Plug Suspect USB Sticks into Random Computers

I just noticed this bit from the incredibly weird story of the Chinese woman arrested at Mar-a-Lago:

Secret Service agent Samuel Ivanovich, who interviewed Zhang on the day of her arrest, testified at the hearing. He stated that when another agent put Zhang’s thumb drive into his computer, it immediately began to install files, a “very out-of-the-ordinary” event that he had never seen happen before during this kind of analysis. The agent had to immediately stop the analysis to halt any further corruption of his computer, Ivanovich testified. The analysis is ongoing but still inconclusive, he said.

This is what passes for forensics at the Secret Service? I expect better.

EDITED TO ADD (4/9): I know this post is peripherally related to Trump. I know some readers can’t help themselves from talking about broader issues surrounding Trump, Russia, and so on. Please do not comment to those posts. I will delete them as soon as I see them.

EDITED TO ADD (4/9): Ars Technica has more detail.

Posted on April 9, 2019 at 6:54 AMView Comments

Commenting on Aaron Swartz's Death

There has been an enormous amount written about the suicide of Aaron Swartz. This is primarily a collection of links, starting with those that use his death to talk about the broader issues at play: Orin Kerr, Larry Lessig, Jennifer Granick, Glenn Greenwald, Henry Farrell, danah boyd, Cory Doctorow, James Fallows, Brewster Kahle, Carl Malamud, and Mark Bernstein. Here are obituaries from the New York Times and Economist. Here are articles and essays from CNN.com, The Huffington Post, Larry Lessig, TechDirt, CNet, and Forbes, mostly about the prosecutor’s statement after the death and the problems with plea bargaining in general. Representative Zoe Lofgren is introducing a bill to prevent this from happening again.

I don’t have anything to add, but enough people have sent me their thoughts via e-mail that I thought it would be good to have a thread on this blog for conversation.

EDITED TO ADD (1/23): Groklaw’s legal analysis. Secret Service involvement.

EDITED TO ADD (1/29): Another.

EDITED TO ADD (2/28): The DoJ has admitted that Aaron Swartz’s prosecution was political.

EDITED TO ADD (3/4): This profile of Aaron Swartz is very good.

Posted on January 23, 2013 at 6:14 AMView Comments

Protecting (and Collecting) the DNA of World Leaders

There’s a lot of hype and hyperbole in this story, but here’s the interesting bit:

According to Ronald Kessler, the author of the 2009 book In the President’s Secret Service, Navy stewards gather bedsheets, drinking glasses, and other objects the president has touched­they are later sanitized or destroyed­in an effort to keep would be malefactors from obtaining his genetic material. (The Secret Service would neither confirm nor deny this practice, nor would it comment on any other aspect of this article.) And according to a 2010 release of secret cables by WikiLeaks, Secretary of State Hillary Clinton directed our embassies to surreptitiously collect DNA samples from foreign heads of state and senior United Nations officials. Clearly, the U.S. sees strategic advantage in knowing the specific biology of world leaders; it would be surprising if other nations didn’t feel the same.

The rest of the article is about individually targeted bioweapons.

Posted on October 29, 2012 at 1:53 PMView Comments

Cell Phone Surveillance System

I was not surprised that police forces are buying this system, but at its capabilities.

Britain’s largest police force is operating covert surveillance technology that can masquerade as a mobile phone network, transmitting a signal that allows authorities to shut off phones remotely, intercept communications and gather data about thousands of users in a targeted area.

The surveillance system has been procured by the Metropolitan police from Leeds-based company Datong plc, which counts the US Secret Service, the Ministry of Defence and regimes in the Middle East among its customers. Strictly classified under government protocol as “Listed X”, it can emit a signal over an area of up to an estimated 10 sq km, forcing hundreds of mobile phones per minute to release their unique IMSI and IMEI identity codes, which can be used to track a person’s movements in real time.

[…]

Datong’s website says its products are designed to provide law enforcement, military, security agencies and special forces with the means to “gather early intelligence in order to identify and anticipate threat and illegal activity before it can be deployed”.

The company’s systems, showcased at the DSEi arms fair in east London last month, allow authorities to intercept SMS messages and phone calls by secretly duping mobile phones within range into operating on a false network, where they can be subjected to “intelligent denial of service”. This function is designed to cut off a phone used as a trigger for an explosive device.

A transceiver around the size of a suitcase can be placed in a vehicle or at another static location and operated remotely by officers wirelessly. Datong also offers clandestine portable transceivers with “covered antennae options available”. Datong sells its products to nearly 40 countries around the world, including in Eastern Europe, South America, the Middle East and Asia Pacific.

Company website.

Posted on October 31, 2011 at 12:29 PMView Comments

The Security Threat of Forged Law-Enforcement Credentials

Here’s a U.S. Army threat assessment of forged law-enforcement credentials.

The authors bought a bunch of fake badges:

Between November 2009 and March 2010, undercover investigators were able to purchase nearly perfect counterfeit badges for all of the Department of Defense’s military criminal investigative organizations to include the Army Criminal Investigation Command (Army CID), Naval Criminal Investigative Service (NCIS), Air Force Office of Special Investigations (AFOSI), and the Marine Corps Criminal Investigation Division (USMC CID). Also, purchased was the badge for the Defense Criminal Investigative Service (DCIS).

Also available for purchase were counterfeit badges of 42 other federal law enforcement agencies including the Federal Bureau of Investigation (FBI), Drug Enforcement Administration (DEA), Alcohol, Tobacco and Firearms (ATF), Secret Service, and the US Marshals Service.

Of the other federal law enforcement agency badges available, the investigators found exact reproductions of the badges issued to Federal Air Marshals, Transportation Security Administration (TSA) Screeners, TSA Inspectors, and Special Agents of the TSA Office of Inspector General.

Average price: $60.

Then, they tried using them:

During the period of January to June 2010, undercover investigators utilized fraudulent badges and credentials of the DoD’s military criminal investigative organizations to penetrate the security at: 6 military installations; 2 federal courthouses; and 3 state buildings in the New York and New Jersey area.

[…]

Once being granted access to the military installation or federal facility, the investigators proceeded to areas that were designed as “Restricted Area” or “Authorized Personnel Only” and were able to wander around without being challenged by employees or security personnel. On one military installation, investigators were able to go to the police station and request local background checks on several fictitious names. All that was required was displaying the fraudulent badge and credentials to a police officer working the communications desk.

The authors didn’t try it getting through airport security, but they mentioned a 2000 GAO report where investigators did:

The investigation found that investigators were 100% successful in penetrating 19 federal sites and 2 commercial airports by claiming to be law enforcement officers and entering the facilities unchecked by security where they could have carried weapons, listening devices, explosives, chemical/biological agents and other such materials.

Websites are listed in the report, if you want to buy your own fake badge and carry a gun onto an airplane.

I’ve written about this general problem before:

When faced with a badge, most people assume it’s legitimate. And even if they wanted to verify the badge, there’s no real way for them to do so.

The only solution, if this counts as one, is to move to real-time verification. A credit card used to be a credential; it gave the bearer certain privileges. But the problem of forged and stolen credit cards was so pervasive that the industry moved to a system where now the card is mostly a pointer to a database. Your passport, when you present it to the customs official in your home country, is basically the same thing. I’d like to be able to photograph a law-enforcement badge with my camera, send it to some police website, and get back a real-time verification—with picture—that the officer is legit.

Of course, that opens up an entire new set of database security issues, but I think they’re more manageable than what we have now.

Posted on January 13, 2011 at 8:00 AMView Comments

Eating a Flash Drive

How not to destroy evidence:

In a bold and bizarre attempt to destroy evidence seized during a federal raid, a New York City man grabbed a flash drive and swallowed the data storage device while in the custody of Secret Service agents, records show.

The article wasn’t explicit about this—odd, as it’s the main question any reader would have—but it seems that the man’s digestive tract did not destroy the evidence.

Posted on March 8, 2010 at 11:00 AMView Comments

Vatican Admits Perfect Security is Both Impossible and Undesirable

This is refreshing:

Father Lombardi said it was not realistic to think the Vatican could ensure 100% security for the Pope and that security guards appeared to have acted as quickly as possible.

It seems that they intervened at the earliest possible moment in a situation in which zero risk cannot be achieved,” he told the Associated Press news agency.

“People want to see him up close and he’s pleased to see them closely too. A zero risk doesn’t seem realistic in a situation in which there’s a direct rapport with the people.”

EDITED TO ADD (1/4): This is particularly enlightened in comparison to the fears that somehow the U.S. president was endangered by people sneaking into a dinner with him. Presidents meet and shake hands with uncleared random people all the time; the Secret Service knows how to deal with that sort of thing.

Posted on January 4, 2010 at 1:15 PMView Comments

"Security Theater in New York City"

For the U.N. General Assembly:

For those entranced by security theater, New York City is a sight to behold this week. A visit to one of the two centers of the action—the Waldorf Astoria, where the presidents of China, Russia, the Prime Ministers of Israel and the Palestinian Authority, and the President of the United States—are all staying. (Who gets the presidential suite? Our POTUS.) Getting to the Waldorf is a little intimidating, which is the point. Wade through the concrete barriers, the double-parked police cars, the NYPD mobile command post, a signals post, acreages of metal fencing, snipers, counter surveillance teams, FBI surveillance teams in street clothes, dodge traffic and a dignitary motorcade or two, and you’re right at the front door of the hotel. A Secret Service agent from the Midwest gestured dismissively when a reporter showed him a press credential. “You don’t need it. Just go in that door over there.”

At the door over there, another agent sent the reporter back to the first agent. The two agents—each from different field offices, no doubt—argued a bit over which of the Waldorf front doors they were going to let the general public in. Maybe the agents had just been “pushed”—or there was a shift change. In any event, the agents didn’t seem to mind when the reporter walked right past them. A standard magnetometer and x-ray screening later, and I was in the packed front lobby. African heads of state were just about to have a group lunch, and about three dozen members of the continental press corps awaited some arrivals. Some of the heads of state walked in through the front, tailed by a few of their own bodyguards and tired looking USSS agents.

Posted on October 2, 2009 at 12:23 PMView Comments

Actual Security Theater

As part of their training, federal agents engage in mock exercises in public places. Sometimes, innocent civilians get involved.

Every day, as Washingtonians go about their overt lives, the FBI, CIA, Capitol Police, Secret Service and U.S. Marshals Service stage covert dramas in and around the capital where they train. Officials say the scenarios help agents and officers integrate the intellectual, physical and emotional aspects of classroom instruction. Most exercises are performed inside restricted compounds. But they also unfold in public parks, suburban golf clubs and downtown transit stations.

Curtain up on threat theater—a growing, clandestine art form. Joseph Persichini, Jr., assistant director of the FBI’s Washington field office, says, “What better way to adapt agents or analysts to cultural idiosyncrasies than role play?”

For the public, there are rare, startling peeks: At a Holiday Inn, a boy in water wings steps out of his seventh floor room into a stampede of federal agents; at a Bowie retirement home, an elderly woman panics as a role-player collapses, believing his seizure is real; at a county museum, a father sweeps his daughter into his arms, running for the exit, while a raving, bearded man resists arrest.

EDITED TO ADD (9/11): It happened in D.C., in the Potomac River, with the Coast Guard.

Posted on August 25, 2009 at 6:43 AMView Comments

Trends in Counterfeit Currency

It’s getting worse:

More counterfeiters are using today’s ink-jet printers, computers and copiers to make money that’s just good enough to pass, he said, even though their product is awful.

In the past, he said, the best American counterfeiters were skilled printers who used heavy offset presses to turn out decent 20s, 50s and 100s. Now that kind of work is rare and almost all comes from abroad.

[…]

Green pointed to a picture hanging in his downtown conference room. It’s a photo from a 1980s Lenexa case that involved heavy printing presses and about 2 million fake dollars.

“That’s what we used to see,” he boomed. “That’s the kind of case we used to make.”

Agents discovered then that someone had purchased such equipment and a special kind of paper and it all went to the Lenexa shop. Then the agents secretly went in there with a court order and planted a tiny video camera on a Playboy calendar.

They streamed video 24/7 for days, stormed in with guns drawn and sent bad guys to federal prison.

Green’s voice sank as he described today’s sad-sack counterfeiters.

These people call up pictures of bills on their computers, buy paper at an office supply store and print out a few bills. They cut the bills apart, go into a store or bar and pass one or two.

Many offenders are involved with drugs, he said, often methamphetamine. If they get caught, so little money is involved that federal prosecutors won’t take the case.

It’s interesting. Counterfeits are becoming easier to detect while people are becoming less skilled in detecting it:

Part of the problem, Green said, is that the government has changed the money so much to foil counterfeiting. With all the new bills out there, citizens and even many police officers don’t know what they’re supposed to look like.

Moreover, many people see paper money less because they use credit or debit cards.

The result: Ink-jet counterfeiting accounted for 60 percent of $103 million in fake money removed from circulation from October 2007 to August 2008, the Secret Service reports. In 1995, the figure was less than 1 percent.

Another article on the topic.

Posted on January 5, 2009 at 6:34 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.