Apple vs. FBI — What This Case Means for YOU

Bayard & Holmes

~ Piper Bayard & Jay Holmes

and

Guest Author & Information Security professional Chris Magill

The FBI wants Apple to rewrite code for iPhones in order to break into a phone used by one of the San Bernardino terrorists. Apple said no. They are now embroiled in a lawsuit.

On March 1, the FBI admitted exactly WHY it needs Apple’s help. The FBI was in the phone, with access to everything it needed. Then someone at the FBI changed the phone’s password. They forgot the password. Now, the FBI can’t get back in the phone.

In other words, the FBI is asking that it be allowed to gut the constitutional rights of every American in perpetuity because it made a sophomoric boo-boo.

This begs some questions . . .

1)  Why doesn’t the FBI just ask the NSA for the information?

The cat got out of the Snowden bag a few years ago that the NSA collects and stores every electronic communication that takes place in America, including and especially phone communications. Investigating the San Bernardino jihadis and their play pals is EXACTLY why the NSA collects and stores these communications. If the NSA can’t give the information to the FBI, they need to give US citizens a refund of the untold fortunes they have wasted on this data collection. (See Spooks Without Boundaries by Piper Bayard.)

2)  If the NSA for any reason can’t give the FBI the information it needs, why doesn’t the FBI ask Israel or one of the Five Eyes nations?

Again, thanks to the Snowden cat, it is public knowledge that the White House allows Israel and the Five Eyes nations (Canada, UK, NZ, Australia) access to the raw data that the NSA collects on Americans. If the NSA can’t give the FBI the info, we’re sure that for a few shekels, Israel would be happy to find it for them.

3)  What does this lawsuit mean for the American citizen?

To give you the best information possible, we have invited Information Security professional and privacy advocate Chris Magill to answer that question for us . . .

Internet bugs Canstock

Apple vs. the FBI: What This Case Means for YOU

By Chris Magill

Apple and the FBI are currently locked in a struggle over your right to privacy. The Federal government has asked the courts to require Apple to change its code to allow FBI agents to read protected data on an iPhone believed to belong to one of the San Bernardino attackers. It also wants this capability to be applied to all iPhones, even yours.

So, the question becomes should private citizens be allowed communications capabilities which cannot be read by the government?

By law, there already are communications which are protected from government eyes. For example, attorney-client privilege prevents the government from listening in on private conversations when discussing legal strategies. As Americans, we also have the protections of the right to Freedom of Speech and the right to Freedom of Assembly. Allowing government access to our phones without a warrant destroys these rights.

What is cryptography?

Cryptography is a mathematical operation that replaces plain text with scrambled characters that can only be correctly interpreted by someone who holds the secret “key.”

Cryptography has existed for thousands of years. It was a vital means of protecting communications during the Revolutionary War. Thomas Jefferson greatly improved cryptography after the founding of our country when he developed the Wheel Cipher while serving as George Washington’s Secretary of State. Yes, the United States once had a Secretary of State who understood the importance of cryptography. In the iPhone, the iMessage feature encrypts instant messages between recent iPhone versions, making it very difficult to be read by anyone other than the intended recipient, even with access to the device.

What is a backdoor?

A backdoor is an easy-to-decrypt method for governments to read content on devices that would otherwise be very difficult to access.

Think of it as though the Federal Government sought to require you to leave your patio door unlocked in case a police officer needs to access your living room during an investigation. Obviously this would be ridiculous. Only a tiny fraction of homes would ever need to be entered by police, yet everyone would be at risk from criminals entering the unsecured door. Backdoors are a dangerous idea for two reasons. First, they require a known weakness, which can then be exploited by hackers or online thieves. And second, backdoors enable government to bypass the judicial branch to spy on citizens in violation of our rights.

Aren’t bad guys protected by cryptography?

Yes, in the same way that bad guys are protected by the Constitution.

We have constitutional protections against unlawful search and seizure. These protections should also apply to the communications we share and the contents of our devices we rely on in our daily lives. The iPhone isn’t the strongest available way to pass secret messages. A determined adversary will find communications methods that can only be countered by diligent, labor-intensive traditional law enforcement and counterintelligence methods.

I haven’t broken the law, so I have nothing to hide. How does this affect me?

By the 1980s, the Justice Department estimated there were approximately 3,000 criminal offenses spanning more than 23,000 pages of Federal law. Even if you are the best attorney in the world, it’s unlikely you could even know for sure whether you’ve never violated any of them.

If the government decides to prosecute you, they have a huge arsenal of regulations to select from which you will have to defend against. Skilled cyber criminals, spies, and terrorist organizations already have access to encryption that is theoretically unbreakable. The bad guys don’t rely on commercial encryption products in consumer devices.

A government backdoor does not make you any safer from terrorism.

It does make it easier for governments to find and target those who disagree with them. This is a concern in modern day America. Ask any conservative group targeted by Lois Lerner’s IRS. With government access to a backdoor to your phone, finding people who have a differing political view becomes as simple as a Google search.

What else can happen if cryptography is compromised?

This has happened in the recent past. In 2011, Comodo was compromised by a nation state-affiliated hacker group.

Comodo is a registration authority that creates cryptographic certificates which tell your web browser the web sites you visit are who they claim to be. Fake certificates were created that enabled the government of Iran to intercept and read the personal emails of citizens using Gmail and Hotmail. We will likely never know how many Iranian dissidents were rounded up and imprisoned (or worse) as a result of this compromise. Weak encryption makes it easier for oppressive governments to spy on their own citizens and crush dissent. Weak cryptography is also a factor in most, if not all, data breaches. If your identity was stolen in any of the countless data breaches, such as Target, Home Depot, Experian, or OPM, you probably have weak or compromised cryptography to thank.

What next?

Governments have an insatiable appetite to know everything about their citizen’s activities, acquaintances, political views, and beliefs. They also have a desire to prevent citizens from having capabilities that are difficult for them to counter.

The Apple vs FBI case is not about terrorism or crime. This case is about control of the transfer of ideas.

You are the government. You select your representatives. They work for you. They derive their authority from you. You have the power to demand that they stop. Tell your representatives to block efforts to weaken freedom of speech by banning civilian access to strong encryption. Tell them to prevent the government from requiring tech companies to enable spying through commercial products.

Allowing the government to secretly spy on all Americans is the digital equivalent of book burning. Ideas that are found distasteful to whichever administration holds power can be sought out and banned, and those citizens with undesirable views targeted for retaliation or punishment. Far from protecting us from terrorists, such actions only serve to weaken our democracy.

Sources:

TechTarget: “A breach at a registration authority caused Comodo to issue nine fraudulent certificates, enabling an attacker to impersonate some major websites and servers.”

http://searchsecurity.techtarget.com/news/1529110/Comodo-warns-of-serious-SSL-certificate-breach

CNet: “Apple’s iMessage encryption trips up feds’ surveillancehttp://www.cnet.com/news/apples-imessage-encryption-trips-up-feds-surveillance/

Chris Magill is an Information Security professional and privacy advocate. When he isn’t helping companies manage their cryptographic systems and hunting down hackers, Chris enjoys spending time on his small ranch with his family in the Pacific Northwest chasing horses around. His LinkedIn profile is https://www.linkedin.com/in/cmagill

Advertisements

Which US Spy Agency Does What to Whom?

Bayard & Holmes

By Piper Bayard & Jay Holmes

One of the most common mistakes in fiction is confusing which intelligence agencies have the power to do what to whom and where they have the authority to do it. Today, we want to clear up that confusion.

Wiki 2015 March US_Intelligence_Community_Logo_blue

While there are numerous military and civilian intelligence agencies, we’ll focus on four of the biggest branches, which are also the ones most commonly assigned imaginative extracurricular activities books and movies – the Central Intelligence Agency (“CIA” or “Company”), the Federal Bureau of Investigation (“FBI”), the Department of Homeland Security (“DHS”), and the National Security Agency/Central Security Service (“NSA/CSS” or “NSA”). 

 

Wiki 2015 Mar CIA Logo

Central Intelligence Agency

Purpose:

To collect, assess, and disseminate foreign intelligence. The Central Intelligence Agency is and always was what Congress thought it was creating for the first time with the DHS.

Where the CIA operates:

Exclusively on foreign soil.

Entire novel and TV series are premised on the notion that the CIA conducts elaborate surveillance and investigations of American citizens on American soil. (i.e. Homeland and Burn Notice). No. Even in the case of an internal investigation, such as the investigation of traitor Aldrich Ames, the agency must contact the FBI and/or the DHS—depending on the foreigner’s activities—as soon as surveillance on American soil is involved.

What the CIA is authorized to do:

The CIA is authorized to gather intelligence on foreign countries and foreign individuals outside of the US. It has its own employees, but it can also employ contractors and foreigners. Any combination of employees (a.k.a. blue badgers), contractors (a.k.a. green badgers), or foreign agents can be involved in an operation.

Power to arrest:

The CIA does not have the authority to arrest anyone. They do at times detain foreigners in the process of covert actions, but you didn’t hear that from us. The CIA never arrests people for the purpose of prosecution.

To arrest someone on foreign soil for the purpose of prosecution, the CIA cooperates with the FBI, who must in turn cooperate with the host country.

 

Islamabad house where Ramzi Yousef was captured. Image by US govt., public domain.

Islamabad house where Ramzi Yousef was captured.
Image by US govt., public domain.

 

An example of this interaction is the arrest of the first World Trade Center bomber, Ramzi Yousef, in Islamabad, Pakistan. A US State Department employee found the relevant lead by passing out thousands of matchbooks with a modest reward offer printed on the covers. He turned over the information to the CIA, which located Yousef and kept him under surveillance until an FBI team could arrive in Pakistan. The FBI executed a raid while the Islamabad Police waited outside the building. When the FBI brought Yousef out, the Islamabad Police performed the arrest and immediately turned him back to the FBI team to be escorted to New York for formal prosecution.

Oversight:

The CIA reports to the National Intelligence Director, who reports to the president. The agency is overseen by the Senate and House Intelligence Committees. As much as Congress and the president disavow their knowledge of CIA activities at times, the CIA has never operated without oversight from Congress and the White House.

 

Wiki 2015 Mar FBI Logo

 

Federal Bureau of Investigation

Purpose:

The FBI was originally the federal government’s investigative agency. Now, the FBI investigates both criminal and terrorist activities and has offices in several overseas US embassies.

Official priorities listed at the FBI website:

  1. Protect the United States from terrorist attack
  2. Protect the United States against foreign intelligence operations and espionage
  3. Protect the United States against cyber-based attacks and high-technology crimes
  4. Combat public corruption at all levels
  5. Protect civil rights
  6. Combat transnational/national criminal organizations and enterprises
  7. Combat major white-collar crime
  8. Combat significant violent crime
  9. Support federal, state, local and international partners
  10. Upgrade technology to successfully perform the FBI’s mission

Unofficially, the FBI is tasked with keeping suit manufacturers in business.

 

Canstock photo of three actual FBI agents.

Canstock photo of three actual FBI agents.

 

Where the FBI operates:

The FBI operates inside the US as both an investigative and a law enforcement agency. Outside of the US, the FBI assists foreign governments in investigations and conducts investigations of crimes against Americans and American installations. It also acts as a liaison to foreign law enforcement agencies.

What the FBI is authorized to do:

The FBI is authorized to conduct law enforcement and surveillance inside the US. Outside the US, it relies on the CIA for surveillance and must obtain the permission and cooperation of foreign governments for any US law enforcement activities on their territory.

Power to arrest:

The FBI arrests people inside America and, with the cooperation of foreign governments, takes criminals abroad into custody.

Oversight:

The FBI answers to the Department of Justice. The president can and does speak directly to the bureau, and the attorney general and various congressional committees provide oversight.

 

Wiki 2015 Mar DHS Logo

 

Department of Homeland Security

Purpose:

We’re not sure they know, and if they do know, they’re not admitting it.

Law prevented the FBI and CIA from operating effectively to avert terrorism in the US in that the bureau and the agency weren’t allowed to share most of their information with each other. This could have been fixed with a few changes in law.

However, Congress, never one to do for a dollar what could be done for $38 billion dollars, created the DHS. Their intent in establishing the DHS was to set up an agency that could work with itself in order to prevent the next 9/11. Its original core mission was counter-intelligence in order to ensure a homeland that is safe and secure, whatever that means.

The DHS is still creating itself and being created by outside forces such as Congress and any given president. Since its inception, the department has grown to include FEMA, the Coast Guard, the Secret Service, ICE, Border Patrol, TSA, and more.

 

TSA agents in Boston. Image by DHS, public domain.

TSA agents in Boston.
Image by DHS, public domain.

 

Where the DHS operates:

DHS operates both inside the US and outside the US, supposedly with the cooperation of the CIA. That boundary is a grey area that has never quite been defined.

What the DHS can do:

The DHS can order surveillance on anyone inside the US for virtually any reason under the Patriot Act and its legal progeny. To spy on people outside the US, it relies on the NSA, the CIA, and other agencies.

Power to arrest:

Like the FBI, the DHS can arrest people in the US or abroad if it obtains the cooperation of the foreign country. Those arrested by the DHS in the US have all the rights they would have if arrested by any other US police body. If the DHS nabs someone overseas, that person will show up in the US judicial system.

Oversight:

DHS has full department status, unlike the FBI or the CIA. They have their own department head. It is a cabinet position that reports straight to the president and only nominally to the National Director of Intelligence.

 

Wiki 2015 Mar NSA Logo

National Security Agency/Central Security Service

Purpose:

Cryptology is at the core of the NSA/CSS. It’s the agency’s job to break foreign codes and set codes for the entire US government. It also listens to and stores foreign and domestic signals, including computer signals.

The NSA is very stingy at sharing what it gathers with other sectors of the intelligence community. Other intelligence organizations view the NSA as a black hole where information and money go in, and nothing comes out. In fact, it is undoubtedly the source of astronomers’ models of cosmological black holes.

Where the NSA operates:

Most NSA employees reside and operate inside the US, though they might travel to US embassies or foreign bases. Anywhere there are secured communications, the NSA has the authority to show up and investigate to make sure that security procedures are in place.

The NSA neither confirms nor denies having any facilities for gathering signals outside of the US.

What the NSA can do:

The NSA’s foreign and domestic intelligence gathering operations are not discussed, however, we would refer you to Piper’s PRISM articles listed below. Everyone in the NSA leadership serves at the pleasure of the president. As with the CIA, the president likes to pretend that he forgot that the NSA does what he tells it to do.

 

President Obama addressing NSA about mass surveillance on Jan 17, 2014, pretending he forgot that he ordered the mass surveillance in the first place. Image by US govt., public domain.

President Obama addressing NSA about mass surveillance on Jan 17, 2014, pretending he forgot that he ordered the mass surveillance in the first place.
Image by US govt., public domain.

 

Power to arrest:

The NSA doesn’t arrest anyone. Not ever. If someone shows up flashing an NSA badge, feel free to shoot them. They are a Hollywood crew and not NSA employees.

Oversight:

The question of NSA oversight has been afloat for many decades. They are supposed to report to the National Director of Intelligence and the CIA, but the CIA has never been satisfied with the NSA’s sharing of information.

Have you ever spotted fantastical activities on the part of the CIA, FBI, or NSA in fiction? Do you have any question about who gets to do what to whom in the real world?

*   *   *   *   *   *   *   *   *   *   *   *   *   *

PRISM Surveillance on Americans—What Price Convenience?

PRISM—We Can’t Stop the Signal

Why PRISM Matters

Spooks Without Boundaries

NSA: Hoarders, Cheaters, Dr. Phil, or Jerry Springer?

America Is Not a Location–The Ultimate Price of Citizen Surveillance

*   *   *   *   *   *   *   *   *   *   *   *   *

Coming in September!

THE SPY BRIDE Final Cover 3 inch

For Bayard & Holmes updates notice of releases, subscribe to the monthly Bayard & Holmes Covert Briefing.

America is Not a Location

By Piper Bayard

America is not a location. America is an ideal. It is the dream of a country in which freedom is paramount, and it is secure because the government is the servant of the people.

Because America is an ideal, Americans are not born. Rather, America, itself, must be born anew with each generation. Each generation has the choice of embracing the American ideal of a government that answers to the people, or of rejecting that ideal in favor of a more paternalistic system of government.

 

Actual photo of ideal elected American official at work.

Actual photo of ideal American government at work.

 

When the government spies on us with everything from street corner cameras to warrantless searches of random individuals to collection and analysis of our every electronic transmission and phone communication, we are no longer the masters, and the government is no longer our servant. It is our ruler. It is a parent searching our rooms and opening our mail on the off chance that we might be doing something it doesn’t want us to do. That is exactly what is happening now.

The difference between the government being the servant and the government being the master can be boiled down to one thing:  a warrant.

When an agency such as the NSA, FBI, DHS, etc., is required to obtain a warrant, an official paper trail is created by which the people can force the government to answer for who and how it searches, why it searches, and what it obtains. It is a record by which citizens can hold the government accountable for its actions in a court of law.

Since Edward Snowden dropped his NSA whistleblower bomb, the White House has gone from denying that the U.S. spies on its own citizens to unashamedly stating that it will continue to collect and analyze data on American citizens in the name of “national security.”

 

meme by bizarrojerri.wordpress.com

meme by bizarrojerri.wordpress.com

 

At this point, numerous disturbing facts have become public information:

  • Through various means, our government is collecting and storing every digital transaction American citizens make – every email, every phone communication, every bank transaction, every credit and debit card transaction, every check remittance, and every online health and education record.
  • Our government allows the other Five Eyes countries – Canada, New Zealand, the U.K., Australia – as well as Israel and unnamed others access to this raw data on American citizens.
  • Our government has written agreements with these countries for their unlimited access to our raw data, with only smoke and mirror oversight of what data they collect or how they use it. It is an “honor among eavesdroppers” arrangement.
  • Our government trades information about American citizens and intelligence operations with corporations in exchange for their data on American citizens.
  • When trigger words* like “snow,” “bust,” or “sick” alert one of the countless analysts in both the government and the private sector who are tasked with pawing through this hoarder’s mountain of raw data, they are free to peruse and interpret the threads of our lives at their personal discretion.
  • Everything these analysts do is off the public record. No probable cause. No individual warrant. No accountability.

 

U.S. Government Serving Up Americans to the World

U.S. Government Serving Up Americans to the World

 

The administration rationalizes all of these acts with the all-encompassing buzzwords “national security” and the Foreign Intelligence Surveillance Act (FISA).

Originally, FISA was enacted to allow data collection on foreign terrorists. Warrants were based on probable cause, and the judges of the FISA court approved them. These boundaries slipped substantially with the Patriot Act. Now, under the current administration, there are no meaningful boundaries at all, with the FISA court essentially rubberstamping every administrative request* to spy on American citizens that comes their way, issuing blanket orders that are nothing but fishing trips, subjecting Americans to data collection and retention with no probable cause.

One example of a typical FISA-approved blanket order is the Top Secret order to Verizon Wireless signed on April 25, 2013, which was published by The Guardian on June 6, 2013.

This order was requested by the FBI, which in turn receives its orders from the White House. It forces Verizon Wireless to give the NSA information on ALL telephone calls in its system on an “ongoing daily basis.” Telephone calls originating and terminating in foreign countries are specifically excluded—the height of irony considering the original purpose of FISA was solely to collect data on suspect foreigners. For full text of this order, see Verizon Forced to Hand Over Telephone Data–Full Court Ruling Dated April 25, 20143 (below).

At its core, our government has given itself authority and provision to maintain a wiretap on every American and foreigner within U.S. borders.

No probable cause. No discretion. No accountability to the public. Each and every one of us is now assumed guilty until proven innocent. Each and every one of us now answers to the government master that was once our servant, turning the American ideal on its ear.

 

Ideal photo of actual U.S. government at work.

Ideal photo of actual U.S. government at work.

 

Spy on suspected terrorists. Do it unapologetically. Do it inside or outside our borders. But let there be probable cause. Let there be warrants. Let there be public records. Let there be accountability. If we are to remain American, we must not allow the government to exercise such omnipotent power with impunity.

Freedom is the essence of the American ideal. It is about shouldering the responsibility for ourselves, for our safety, and for our governance. It is not about perfect security from cradle to grave. When we abdicate our responsibility for our freedom in favor of comfort and the illusion of safety, we become wards of the state. What were once our rights as responsible adults are now merely our privileges as subjects, granted or withheld by our rulers at their whim and discretion.

We must demand more of our leaders. Freedom can be won, and freedom can be surrendered, but Freedom will never be given back once successfully taken by the ruling class. Unbridled surveillance of American citizens is that taking.

Like nuclear weapons, the surveillance train has left the station. But like nuclear weapons, we have the choice about how we will use that technology. America is at a crossroads. Will our generation shoulder the responsibility for our freedom and set firm boundaries on the actions of our government? Or will we devolve into a location on a map? The choice belongs to each of us.

 

This Means You

This Means You

*   *   *   *   *   *   *   *   *   *   *   *   *

Verizon Forced to Hand Over Telephone Data–Full Court Ruling Dated April 25, 2013. The Guardian, June 6, 2013.

NSA Collecting Phone Records of Millions of Verizon Customers Daily, Glenn Greenwald, The Guardian, June 6, 2013.

NSA PRISM Program Taps in to User Data of Apple, Google, and others. Glenn Greenwald, The Guardian, June 6, 2013.

Obama Blasts Media ‘Hype’ Over Secret Program, Calling Them ‘Modest Encroachments on Privacy’. Brett LoGiurato, Business Insider, June 7, 2013.

US, British Intelligence Mining Data from Nine U.S. Internet Companies in Broad Secret Program. Barton Gellman and Lora Poitras, The Washington Post, June 7, 2013.

Here’s the Law the Obama Administration is Using as Legal Justification for Broad Surveillance. Brett LoGiurato, Business Insider, June 7, 2013.

Obama: No One is Listening to Your Calls. Michael Pearson, CNN Politics, June 9, 2013.

Edward Snowden: The Whistleblower Behind the NSA Surveillance Revelations. Glenn Greenwald, Ewen MacAskill, and Lora Poitras, The Guardian, June 9, 2013.

US Agencies Said to Swap Data with Thousands of Firms, Michael Riley, Bloomberg, June 14, 2013.

British Spy Agency Taps Cables, Shares with US NSA , Reuters, June 21, 2013. (Info on Five Eyes)

NSA Shares Raw Intelligence Including Americans’ Data with Israel, Glenn Greenwald, The Guardian, September 11, 2013.

NSA and Israeli Intelligence:  Memorandum of Understanding–Full Document, The Guardian, September 11, 2013.

What Makes US-Israeli Intelligence Co-operation ‘Exceptional’?, Matthew Brodsky, The Guardian, September 13, 2013.

Judge Upholds NSA’s Bulk Collection of Data on Calls, Adam Liptak and Michael S. Schmidt, New York Times, December 27, 2013.

Foreign Intelligence Surveillance Act Court Orders 1979 – 2014, Electronic Privacy Information Center, May 1, 2014.

 

 

 

Writing Spies–How the Pros Bug a Room

 By Piper Bayard & Jay Holmes

The basic function spooks serve is to spy on people and organizations. Technology makes that task easier. One major segment of that technology revolves around “bugs.”

 

James Bond checking the telephone for a bug. Of course, he finds one. Image from "From Russia with Love."

James Bond checking the telephone for a bug.
Of course, he finds one.
Image from “From Russia with Love.”

 

In spy parlance and crime stories, the term “bug” refers to electronic devices for clandestinely monitoring targeted spaces. We’ve all seen and read about fictional spooks locating bugs in homes, offices, and hotel rooms. The characters usually find them in a few seconds on lampshades, behind pictures, and inside desk phones. It’s cute and convenient, but it’s far from the truth.

After the Soviets successfully bugged the US Ambassador’s residential office in the US Embassy in Moscow from 1945 – 1952 with a gift of a carving of the US Great Seal, the US Central Intelligence Agency invested heavily in developing better bugging and bug-detection technology. They developed “audio teams,” whose specialty it was to bug targeted spaces. The term predates video surveillance. Modern intelligence services around the world now all field such specialty teams.

Bugging technology has improved tremendously since audio teams were first formed, but they still use some of the basic practices and principals developed prior to 1960. While other types of intelligence operatives partake in bugging activities as opportunities allow, when time and opportunity permit, a specialized team can do a better and less detectible installation of bugs.

Canstock 2014 Surveillance Word Collective

How an operative or a specialty team bugs a location depends on several factors.

  • Time—How soon do they need the information?

If critical information is needed quickly there may not be time for an audio team to show up and do a thorough job. In that case, field operatives would do the job, and they have varying degrees of training and expertise in basic bugging techniques.

  • Time—How long will they have to plant the bugs?

If a team or operative has only a few minutes, then they will use the simplest installations of disguised bugs. If a specialty team has as much as twenty minutes to work, they consider it a luxury. With less time, they will be less thorough.

  • Time—How sophisticated is the target?

In twenty minutes, a six-man team can install a high quality eavesdropping system that will be difficult for a sophisticated opponent such as a Russian or Communist Chinese embassy to detect. With a less sophisticated target, such as a drug gang or a third world military or diplomatic installation, a good team can do a great job in as little as five minutes.

  • Time—How long must the power source for the bug last? (Are you seeing a theme?)

Transmitters—bugs—need a power source. They are now smaller than a dime, and in the smallest devices, battery power is limited. However, technology allows for bugs to use external power sources, such as the target’s own electrical system, without a direct tap into the electrical system.

The bug’s transmission need not be powerful. In fact, if a bug transmits too strong a signal, the target can too easily detect it.

  • Location—Where can the operative or audio team monitor the bugs?

If the operative or team can’t safely monitor the installed bug from a nearby location, such as an apartment or business in an adjoining building, then larger (but still compact) relays can be installed nearby to receive and retransmit the bug’s weak signal. They can also install monitoring equipment in a vehicle. A car’s trunk can contain equipment that can trigger a relay to quickly transmit information and recordings picked up by the bug in a matter of seconds when the car drives past the relay.

  • Alternative Installation Methods

Sometimes, the operative doesn’t need to access the space. Many a bug has been placed by sending a nice gift to a target, such as a heavy desk clock, a lovely antique lamp, or the US Great Seal carving referenced above. The trick in these cases is to have a viable source for the gift. A contractor trying to do business with a foreign embassy might serve as such a source if the contractor is in the employ of the folks doing the bugging. Unfortunately, most of the premier targets, such as a Russian Embassy, will not be easily duped into accepting gifts and placing them in secured areas.

 

1945 Great Seal Exibit Replica of bugged gift to US Ambassador Harriman Image from NSA Cryptologic Museum

1945 Great Seal Exibit
Replica of bugged gift to US Ambassador Harriman
Image from NSA Cryptologic Museum

 

In the most ideal case, a targeted building can be bugged during construction. These windfalls are infrequent, but they provide the best opportunity for placing the most sophisticated, long acting bugs.

A more frequent event would be gaining access when repair work is being done. If you can intercept a delivery of new furniture or appliances, then you have a great opportunity to place the highest quality bugs with well-disguised installations without setting foot on the premises.

  • The Field Spook’s Bugging Kit

Once an operative gains access by way of bribery or burglary, his bugging kit need not be any larger than a paperback novel. A basic bugging kit would include bugs that can be programmed to record and/or transmit on preset schedules. The bugs can also be turned on and off remotely to foil bug sweepers. The kit would also contain a small hand drill, a minimal paint kit, and epoxies for patching minute holes in walls. The paint is odor free and fast drying. For the finishing touch, the kit would contain a “puffer” for adding a layer of ambient dust to a painted area. The entire kit may be disguised in something such as a travel-size chess set or built into real cosmetic containers for a female spy.

  • How a Field Spook Plants a Bug in a Wall

The operative first selects an advantageous location—often just above a baseboard. She begins by drilling a small hole, catching the dust on a little piece of plastic. She then selects a bug from her assortment, pops it in the hole, and seals the hole with epoxy. She empties the wall dust from the hole into a baggie and then uses the plastic as a palette to mix dabs of paint to match the color of the wall. With a small brush, she paints over the epoxy and then collects all of her materials to take with her. As a finishing touch, she sucks up ambient dust from against the baseboard with the puffer and puffs it onto the freshly painted wall until it looks like the surrounding area.

In short, your characters’ bugging efforts will be believable if you consider the full nature of the opportunities they have for surveillance and plan their bug installations accordingly. Where are they? How much time do they have? Who is the target? What equipment do they have? Work logically with your space, time, and tools, and your characters will bug like the pros.

Do you have any questions about bugging? What kinds of surveillance equipment do you see or use in books?

NSA: Hoarders, Cheaters, Dr. Phil, or Jerry Springer? You Decide.

By Piper Bayard

“Compulsive Hoarding is a mental disorder marked by an obsessive need to acquire and keep things, even if the items are worthless, hazardous, or unsanitary.” ~ Hoarders

At this point, we know the following about the NSA and its electronic data collection on Americans and foreigners:

  • First and foremost, the NSA is not acting in a vacuum. The basic purpose of intelligence agencies is to gather information . . . not for themselves, but for the policy makers. Their actions must be authorized and funded by the White House and Congress.
  • The NSA, at the behest of the White House and Congress, is unapologetically collecting and storing all of our electronic transmissions—phone calls, banking transactions, grocery purchases, social media posts, social media connections, internet search histories, etc., in the name of “security.”
  • In spite of all of this Extreme Security, they couldn’t pinpoint two deadbeats with a hotline to Chechnya Jihad Central who were Facebooking and Tweeting their jihadi hafla across the Cyberverse.

What does this tell us? The NSA has so many ones and zeros stacked up on us that it can no longer tell fact from fiction, or terrorist from law-abiding citizen. It has at this point collected so much hay in the barn that it can no longer find the threatening needle, or even the barn.

Actual photo of NSA data storage

Actual photo of NSA data storage

So I’m wondering . . . Do we need to send the Hoarders crew to NSA headquarters to help them sort out this dysfunction? Or do we just need to fire them all and put the crew of Cheaters in charge of figuring out who needs surveilling, and who doesn’t?

Come on over to our new site, and help me walk the NSA through a 12-Step Program. Please bring your comments — we love your comments — over to the new site, and remember to subscribe when you get there. We want to bring you all with us!

Bayard & Holmes

NSA:  Hoarders, Cheaters, Dr. Phil, or Jerry Springer? You Decide.

The DHS Trigger Word Challenge!

By Piper Bayard

It’s out! The Department of Homeland Security released the list of words that trigger Homeland Security unwarranted monitoring of our social media. What a great opportunity to have a bit of fun by playing the DHS Trigger Word Challenge.

%22GAME%22 on keyboard Canstock

Below is the list of my favorite words that I pulled from the Department of Homeland Security Analyst’s Desktop Binder. How many of them can you use in a sentence? Just to make sure that 20-something dropout at the NSA-contracted private corporation doesn’t get confused and think you’re a jihadi terrorist, be sure to include the word “bacon” in your sentence. Have fun! And don’t worry that you will get the DHS on your tail by commenting here. PRISM already has you covered. 🙂

From the Department of Homeland Security National Operations Center Media Monitoring Capability Desktop Reference Binder:

Interstate                         Authorities                    Initiative                    Facility

Southwest                        Worm                              2600                           Cloud

Drill                                   Cancelled                      Leak                             Smart

Exercise                            Help                               Burst                            Trojan

Cops                                   Recovery                       Crash                           Twister

Police                                 Recall                            Agriculture                 Sick

Exposure                           Flu                                  Wave                            Swine

Tamiflu                             Vaccine                          Strain                          Airport

Watch                               Closure                            Metro                          Power

Subway                              Electric                           Failure                        Dock

Relief                                  Delays                            Mexico                       Drug

Marijuana                         Border                            Twister                       Snow

Ice                                        Bust                               Pirates                        Plot

and my personal favorite . . .                                  Social media

Remember . . . Only one sentence, and include the word “bacon.” Go! 🙂

PRISM Surveillance on Americans–What Price Convenience?

By Piper Bayard

Sure, I could be writing about my debut dystopian thriller, FIRELANDS, which was released last week by Stonehouse Ink. In fact, I planned to do that very thing. And while I certainly hope you’ll decide to check it out, there is something even more important happening that we need to discuss.

Last week, former National Security Agency (“NSA”) intelligence analyst and whistleblower Edward Snowden came forward and released training slides used to train operatives at the NSA in a surveillance program called PRISM. PRISM allows the NSA to collect data directly from the servers of Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, and Apple and search for any information on anyone at all. It was begun under a previous administration for the purpose of collecting information on foreign terrorists. It was greatly expanded by President Obama to include data collection on all Americans. These are two of the slides.

PRISM - Providers & Dates when collection began

PRISM Collection details

Some of these companies cooperated without protest. Others required warrants issued under the Foreign Intelligence Surveillance Act (“FISA”). However, FISA does not grant authority to collect data on Americans or others within US borders, something which PRISM does. All of these companies are denying knowledge and participation at this point.

Not only does the NSA directly access these companies’ servers, which serve primarily Americans, they are sharing PRISM’s power of unbridled access into our internet usage with the UK government. That’s right. The GCHQ – that’s the UK’s NSA equivalent – has the same access to all of our information that our own Obama administration is enjoying.

As for President Obama, he and his administration are, of course, downplaying the whole PRISM-gate and denying that PRISM was ever used to collect data on Americans or on people living in the US. At the same time, he says this is a “modest encroachment” on privacy that is a worthy trade off for preventing terrorism. (Attorneys will recognize this as “arguing in the alternative.”) Groups such as the American Civil Liberties Union disagree with the inconsequential nature of these violations and are considering the legal options on behalf of the American people and others living within US borders.

As a recovering attorney, I could give you my take on the constitutionality and legal implications of this surveillance program. As a senior intelligence operative, Holmes could certainly enlighten us were he at liberty to do so. However, former intelligence analyst and whistleblower Edward Snowden says it best in his own words. Please take a few minutes to listen to this interview with him about PRISM, why he gave up the good life he led in Hawaii—he can never go home again—and what he hopes to accomplish with his revelations.

Programs like PRISM are extremely powerful and can reach into anyone’s email, internet records, and phone records. I am not suggesting that America should not track terrorists, but I see no sign from the Obama administration that any safeguards whatsoever are in place. Instead, the president suggests that we should take it all on good faith that his administration is not targeting Americans. Strong echoes of Richard Nixon’s infamous, “Trust me.”

In all of the stir this has created, we haven’t yet heard the deeper questions. Corporations sponsor and “own” politicians, so who in corporate America gets to benefit from this data collection? Do corporations who buy political figures get to use this technology to spy on their competitors? Do the IRS and other agencies get to use this information collected on us in the name of safety for their own purposes? After all, it’s much easier to target political opponents with such things as IRS scrutiny when their entire communication history is available for review.

Regardless of the answers to these questions, the most important point to remember is this:  the American government doesn’t do anything that the American people don’t let it get away with—yet. Where will we draw our line?

Related Links:

1)    Here’s the Law the Obama Administration is Using as Legal Justification for Broad Surveillance. Brett LoGiurato, Business Insider, June 7, 2013.

2)    Obama: No One is Listening to Your Calls. Michael Pearson, CNN Politics, June 9, 2013.

3)    Obama Blasts Media ‘Hype’ Over Secret Program, Calling Them ‘Modest Encroachments on Privacy’. Brett LoGiurato, Business Insider, June 7, 2013.

4)    Edward Snowden: The Whistleblower Behind the NSA Surveillance Revelations. Glenn Greenwald, Ewen MacAskill, and Lora Poitras, The Guardian, June 9, 2013.

5)    NSA PRISM Program Taps in to User Data of Apple, Google, and others. Glenn Greenwald, The Guardian, June 6, 2013.

6)    U.S., British Intelligence Mining Data from Nine U.S. Internet Companies in Broad Secret Program. Barton Gellman and Lora Poitras, The Washington Post, June 7, 2013.