Frequently Asked Questions? (FAQ?)

What is "Surveillance" and why should I care, since I'm not doing anything criminal?

• What is "Surveillance? Wikipedia

• Why should I care?

Most people, living in democratic countries, have the Constitutional Right to Privacy. This Right is being taken from you and sold for corporate profit. To the Corporation you and your data are a commodity. To the government you are a "terrorist suspect" until they have gathered enough data about you and analyzed the existing data to find that you are no longer "suspect." The data they analyze includes who you associate with online i.e. "Friend" on Social Networks.

• See also "McCarthyism" and Hollywood Blacklist and "Blacklisting" that in computing terms may also be considered a form of "Censorship."

"In computing, a blacklist is an access control system which denies entry to a specific list (or a defined range) of users, programs, or network addresses."

What is "Persona Management" Software?

In short it is a software technology employed by the military, governments, politicans and blue chip corporations to create fake identities aka "sock puppets" for surveillance of opponents and the dissenting public, most often on social media.

Project PM and Operation Metal Gear began researching and exposing such online surveillance activities in 2011, as explained further in this video prior to the creation of The Telecomix Blue cabinet. One example of a company that has contracted with the US Military to provide Persona Management Software is Ntrepid

Example Patent application Persona management system for communications

What about cell phones?

Cell phones are easily tracked by Law Enforcement Agencies (LEA), that can find your location through the internal GPS battery like cell inside the phone. Even if you remove the GPS tracker, your cell phone can expose your location through sound waves and so-called "Lawful Intercept" surveillance products available to LEAs. It is even possible for LEAs to turn on the remote mic in your cell and home phones. If you are trying to have a private discussion in person, make sure that phones have the batteries removed. There are numerous online publications and videos on this subject. If you find a good one, please add it here. <3

• UnLockMe Blacklisted, Barred and Blocked Handsets.
• Commercial Software available to the public.
• The American Dream blog Some cell phones record your location hundreds of times a day.

What is Commercialized Spying?

Here is a great video "The World of Commercialized Spying" explained by Julian Assange, publisher with the nonprofit organisation, WikiLeaks Disclose.tv and "Marriage From Hell" by Dr. Evgeny Morosov Key Note Speaker at 28c3 conference

What is NFC?

Near Field Communication is explained by arstechica

How can you fight online Government Spying?

2009 Electronic Frontier Foundation (EFF) launched its Surveillance Self-Defense project-- an online how-to guide for protecting your private data against government spying. You can find the project at http://ssd.eff.org.

What is Network Intelligence?

Network Intelligence technology is an emerging category of technology to reveal the critical details of the data locked inside network traffic and transactions. See Wikipedia

What is Lawful Interception (LI)?

Packet capture can be used to fulfill a warrant from a law enforcement agency (LEA) to produce all network traffic generated by an individual. Internet service providers and VoIP providers in the United States of America must comply with CALEA (Communications Assistance for Law Enforcement Act) regulations. Deep Packet Capture provides a record of all network activities.[3] Using packet capture and storage, telecommunications carriers can provide the legally required secure and separate access to targeted network traffic and are able to use the same device for internal security purposes. DPC probes can provide lossless capture of target traffic without compromising network performance.[9] However DPC appliances may be unable to provide chain of evidence audit logs, or satisfactory security for use in this application. Collection of data from a carrier system without a warrant is illegal due to laws about interception. [1]

Are printers used for surveillance?

Yes they are. Several printer companies are listed in this Response Letter from U.S. Department of Homeland Security and Secret Service]

What can I do to help ban or limit the expansion of surveillance technologies?

Although there are pros and cons of these technologies, the cons are certainly outweighed when being used against the rights of humans and privacy. One simple way to fight back is to expose the vendors and people financially profitting from the technologies. You can do this by adding more info and content to this Blue Cabinet wiki and coming to the irc #bluecabinet. Also, listen to this 2011 keynote presentation video by Evgeny Morozov for additional info and ways to take action.

What is a Point of Presence?

An Internet point of presence is an access point to the Internet. It is a physical location that houses servers, routers, ATM switches and digital/analog call aggregators. It may be either part of the facilities of a telecommunications provider that the Internet service provider (ISP) rents or a location separate from the telecommunications provider. ISPs typically have multiple PoPs, sometimes numbering in the thousands. PoPs are also located at Internet exchange points and colocation centres. [2].

How is surveillance equipment installed?

Surveillance equipment is usually installed at a POP and the traffic is further encapsulated by protocols such as MPLS (Multiprotocol Label Switching) in the backbone. This makes it possible to route the traffic from Proxy servers, which may decrypt the traffic, making it possible to monitor in realtime or reconstruct its stored sessions.

How to protect yourself?

Encryption does protect against surveillance when it is based on public/private key encryption, such as when using SSL/TLS. Surveillance methods can use man-in-the-middle attacks, such as using a proxy to present a fake SSL certificate which the user must thrust. One recommended proxy is TOR

Are there vulnerabilities in Lawful Intercept Solutions?

• DefCon presentation video
• BlackHat presentation video

What is Deep Packet Inspection (DPI)?

• Patent on DPI

• Wikipedia explanation

• zdnet Deep Packet Inspection - What you should know.

• Firewall Expansion - Deep Packet Inspection by Ido Dubrawsky

"Invented by Check Point Software Technologies in the mid-to-late 1990s stateful inspection quickly became an industry standard. Stateful inspection provides for the analysis of packets at the network layer as well other layers (typically the transport layer in the OSI model but the firewall may look at layers above that as well) in order to assess the overall packet. By combining information from various layers (transport, session, and network) the firewall is better able to understand the protocol it is inspecting. This also provides for the ability to create virtual sessions in order to track connectionless protocols such as UDP-based applications as well as RPC-based applications..."

Full/deep packet capture of entire populations is now possible. The only limitation is storage space. This means that all traffic from a user/subscriber is captured and stored in realtime to a data centre. It can lates be played back or reconstructed. One product which does this is RSA NetWitness. Normally a full capture is only performed by technicians for troubleshooting network connectivity problems.

"Deep Content Inspection is considered the evolution of Deep Packet Inspection with the ability to look at what the actual content contains" wikipedia

"Deep Content Inspection v. Deep Packet Inspection" http://www.wedgenetworks.com/resources/technology/deep-content-inspection-with-wedgeos.html

What is Data Carving?

Data carving (Antonio Merola, Data Carving Concepts, SANS Institute 2008) is the process of extracting a collection of data from a larger data set. Data carving techniques frequently occur during a digital investigation when the unallocated file system space is analyzed to extract files. The files are "carved" from the unallocated space using file type-specific header and footer values. File system structures are not used during the process.

Data carving is done on a disk when the unallocated file system space is analysed to extract files because data cannot be identified due to missing of allocation info, or on network captures where files are "carved" from the dumped traffic using the same techniques. One drawback of this process on disks or images is that file-carving tools typically contain many false positives, hence tests must be done on each of the extracted files in order to check its consistency. This is not the case with network-dumped files where files are within the dump (if the dump is complete) and is just matter of doing extraction. There are many powerful automated forensic analysis tools available for use. There are no standard techniques for the tools to perform common investigative tasks, such as recovering a deleted file.

Where can I get additional information about Spy technologies?

Bugged Planet, ProjectPM and some news publications have special sections on IT and mobile phone surveillance (see Bloomberg, WSJ and Forbes. In addition, Wikileaks have released The Spy Files which contains a large collection of documents related to Spy technologies. The collection can be obtained from The Pirate Bay [3].

What can I do to help ban or limit the expansion of surveillance technologies?

Although there are pros and cons of these technologies, the cons are certainly outweighed when being used against the rights of humans and privacy. One simple way to fight back is to expose the vendors and people financially profitting from the technologies. You can do this by adding more info and content to this Blue Cabinet wiki and coming to the irc #bluecabinet. Also, listen to this 2011 keynote presentation video by Evgeny Morozov for additional info and ways to take action.

What about government sanctions on technology?

• United States of America

CBSNews reports Obama levies new tech sanctions on Syria, Iran

President Barack Obama's Executive Order 13606 13606 pdf version blocking the property and suspending entry into the United States of certain persons with respect to grave human rights abuse by the governments of Iran and Syria via information technology. The lead departments are the US Department of Treasury in consultation with the US State Department.

• US Treasury data regarding Syria sanctions

• US Treasury Fact Sheet

• US Treasury data regarding Iran sanctions

Although some EU countries and the USA have agreed to sanctions the enforcement is lacking. Especially when other countries do not have sanctions where distributors/resellers are providing the surveillance tech to government dictatorships. How to hold the manufacturers, sellers and shippers accountable has not been simple. Most likely there is a black market.

• European Union

• EU proposals raise the ante for non-compliant companiesForbes 12.12.11

• Sweden stopped EU sanctions against Syria - Ericsson factor Stockholm News 12.2.11

• EU sanction on Syria - Assad family and businesses including Syriatel

• Other Sanctioned Countries

• US keeps sanctions on Myramar/Burma,while EU eases theirs

• UN and EU sanctions on Sudan

More data on Sanctions see Sactions wiki