Posts Tagged ‘CIA’

Business is booming for the surveillance state

Posted: May 7, 2017 by gamegetterII in Police state USSA, Uncategorized
Tags: , , , , ,
0
Surveillance companies like Axon hope to turn every law enforcement officer into a data-gathering drone for a bodycam surveillance database they privately control. Now ShotSpotter, a listening technology that triangulates gunfire in “urban, high-crime areas,” announced a planned IPO.

Above: ShotSpotter mobile app integrated with Google data, showing Oakland California.
They are also expanding from “urban” neighborhoods to a college campus near you. From the submission:
Our solutions consist of our highly-specialized, cloud-based software integrated with our proprietary, internet-enabled sensors and communication networks. When a potential gunfire incident is detected by our sensors, our software analyzes and validates the data and precisely locates where the incident occurred. An alert containing a location on a map and critical information about the incident is transmitted directly to law enforcement or security personnel through any internet-connected computer and to iPhone® or Android mobile devices.

Some Alleged CIA Hacking Tools—Like Apps That Turn Smart TVs into Spies—Do Exist

Posted: May 7, 2017 by gamegetterII in .gov bullshit, NSA, Police state USSA, Uncategorized
Tags: , , , , , ,
0

There is still a lot we don’t know regarding the WikiLeaks exposure of CIA cybersecurity documents this week. Many have suggested the documents may not be true or may have been tampered with before posting. And of course, everyone is wondering what the ramifications of such a revelation will be in terms of the CIA’s ability conduct its spycraft in the future. Some of the spying methods described in the documents may seem impossible, but I can attest that at least on that point, many of the tools described by the 8,000 documents do in fact exist.

According to what has been released so far, the CIA, through its Remote Devices Branch called UMBRAGE, maintains a library of hacking tools it has “stolen” from other groups. It goes on to explain the CIA can use the tools to compromise iOS and Android phones, and smart TVs, turning them into listening devices. It’s interesting to note the documents claim the CIA acquires these tools from others, instead of making them in-house.

That said, in my work as a reviewer of high-end security products, I have run across many of the hacking tools described in the leaked documents. In a few cases, companies have even provided them to me so I could challenge their defenses. I keep them in an air-gapped computer network along with my virus zoo, pulling them out whenever needed for a controlled test.

Full disclosure: I have no idea if I have the same tools the CIA is allegedly using, only that they seem to do many of the same things described by the WikiLeaks documents.

Hacking smart TVs seems to be getting the most attention, though it should come as the least surprising aspect of this. Smart TVs are basically all-in-one computers, only without any of the protections found on actual dedicated computers. That is why so many smart TVs ended up being part of the Mirai botnet.

In some cases, smart TVs seem to have been designed for spying. Vizio, which is one of the most popular manufacturers, recently agreed to pay $2.2 million in fines for secretly recording what people were watching and selling that data to advertisers.

The Vizio hacking tool, which was installed on new systems and allegedly also retrofitted to older TVs connected to the internet, was fairly ingenious. It would take snapshots of several pixels on the screen and then compare that to a database of what was playing. So, blue and blue and red might mean the user was watching the “Fresh off the Boat” sitcom, while black and white and green might line up with a feature movie. It required very little data to be sent from the TV back to the company, with all the high-end big data processing occurring after the data was captured.

Back to the alleged CIA tools. The CIA is supposed to be able to turn certain smart TVs into listening devices, while making it appear like the unit is turned off. I have recently tested a tool like that with a Samsung smart TV. I am not sure if it works with other types of TVs, but the tool I have uses a variant of the Samsung Screen Mirroring, modified to both record sound and keep its presence hidden from users.

As most TVs have no security, paring the hacking tool—which I was running off a Samsung tablet—with a TV is extremely easy. Simply select the TV in range you want to target. From there, I could share my screen with the TV, but the tool reverses this so users can instead see what is on the TV.

But then it gets interesting. By entering silent operation mode, the TV screen goes dark, as if whatever input is selected has no data. It also activates the internal microphone if the TV is equipped for videoconferencing, or uses the device’s speaker system if it’s not—though the sound quality is not nearly as good in the latter case.

From another room, I could clearly hear everything going on in the one with the TV. I even deployed this against a conference room setting, and the people talking in that room had no idea someone was listening in from a nearby office.

Read the rest here

The CIA is giving its surveillance tech to US law enforcement

Posted: March 11, 2015 by gamegetterII in Police state USSA
Tags: , , , , , , , ,
0

Las Cruces Air

The Justice Department’s newest electronic dragnet–plane-mounted “dirtboxes” that can slurp thousands of cellular phone ID’s from the air — was originally developed by the CIA to hunt terrorists in the Middle East, The Wall Street Journal reports. Now however, it’s being used domestically to track American citizens. That’s not good.

According to a new report from the WSJ, the US Marshals Service, with assistance from both the CIA and Boeing, developed these Cessna-mounted devices. They are electronic sniffers that mimic cellular tower signals to incite any cellular telephone within range to broadcast its identifying registration information. It’s essentially an aerial man-in-the-middle attack and one that has cost US taxpayers more than $100 million to create. With this information, US Marshals can effectively locate, identify, and lock on to specific cell phones — out of a sample population of thousands or even tens of thousands of devices — to within an accuracy of just three yards. What’s more, once the suspect phone is found, Marshals can then listen in on any calls originating from it. According to the WSJ, these devices have been in operation since 2007, mounted on Cessna aircraft flying out of five metropolitan airfields throughout the US and can access a majority of the US population.

This isn’t the first time that this technology has been put to use by US officials, mind you. Dirtbox technology first debuted in the Middle East where it was utilized in the hunt for terrorists in both Afghanistan and Iraq. However, this new program marks a troubling collaboration between domestic law enforcement and the nation spy agency that blurs a very important operational distinction between the two agencies.

That is, the CIA is an outward-looking agency; its purpose is to gather information from abroad regarding external threats to national security. The US Marshals (and the DOJ in general), instead is tasked with enforcing federal law here in the States. To provide the DOJ with more than a million dollars worth of equipment designed specifically to hunt people that aren’t protected by the Constitution and then allow federal officials to listen in on calls may conform to the letter of the law — as both the CIA and DOJ have asserted to the WSJ — but it certainly doesn’t conform to the spirit. And it could very well lead to further and more aggressive domestic surveillance efforts in the future.

Both the Electronic Frontier Foundation and the American Civil Liberties Union have already filed FOIA requests regarding the program and have requested “additional information about the Department of Justice’s and Department of Homeland Security’s acquisition, possession, and use of cell site simulators deployed on aircraft” ahead of any further legal action.

We’ve already seen that the Feds have very few qualms about utilizing digital dragnets like PRISM. This Dirtbox technology appears to signal a newfound readiness to apply these overreaching information gathering practices to not just our online lives but to our mobile devices as well.

Source  http://www.engadget.com/2015/03/10/the-cia-is-giving-its-surveillance-tech-to-us-law-enforcement/