A Geek With Guns

Discount security adviser to the proles.

Archive for the ‘Corruption Corner’ Category

It’s Good To Be The King’s Men

with one comment

A court ordered the Federal Bureau of Investigations (FBI) to reveal the exploit it used to reveal the identities of systems that accessed a Tor hidden service that was serving child pornography. The FBI has responded by saying, “Nah, brah!”

In yet another case, the one involving Jay Michaud — his lawyers have now told the court that the DOJ has made it clear that despite the court ruling earlier this year that the FBI must reveal the details of the NIT/hacking tool, it will not do so (first revealed by Brad Heath).

This refusal is nothing new. The FBI has refused to turn over information about Stingray interceptors as well:

The filing goes on to point out how the FBI has similarly been refusing to reveal details of its Stingray mobile phone surveillance tools (something we’ve discussed here quite a bit), leading to convictions being overturned. As Michaud’s lawyers point out, the situation here is basically the same. If the FBI refuses to obey a court order, then the case should be dropped.

While the article does note that the Stringray case was dropped I think it’s important to note the stark difference between the way the king’s men are treated compared to regular individuals. If a court orders somebody like you or me to do something and we refuse we’re held in a cage until we decide to comply. When the FBI refused to obey a court order they go unpunished. For the sake of consistency I believe the judge should order the agents involved in the case and the heads of the FBI to be locked in a cage until they comply with the court order.

Written by Christopher Burg

April 27th, 2016 at 10:30 am

The FBI Heroically Saves Us Yet Again From A Criminal It Created

with one comment

Just one week after heroically saving us from a terrorist it created, the Federal Bureau of Investigations (FBI) has saved us from yet another criminal it created:

US authorities depict Franey as an unstable anti-government militant who deserved a closer look to see how far he might go. One of his neighbors told FBI agents that Franey said he hated the US military for not allowing him “to leave the Army” after he enlisted, and that he railed at the system for “taking away his kids.” As US Attorney Hayes put it, the Justice Department was obligated to “pursue all available leads to ensure the public was protected from any possible harm.”

But while it seems Franey talked often and enthusiastically about plotting a terrorist attack, there’s little indication he ever had any intention of following through with his threats until the FBI’s undercover agent came along. After befriending Franey, the agent took him on an eight-month ride — sometimes literally, including a road trip along the West Coast — while recording their conversations, doling out cash, furnishing him with guns, and then busting him for illegal possession of the weapons.

I once heard that the FBI used to arrest criminals it didn’t create. Does it still do that once in a while? Is that still a thing?

What happened here is the same thing that always happens. The FBI identified somebody, likely of lukewarm intelligence, who it thought was capable of being radicalized into a threat. It then assigned an agent to befriend the individual and slowly radicalize him. After radicalizing him the agent then provided him a means to perpetuate an attack. The operation then closed with the agent arresting the guy for basically being a radicalized individual in possession of a means to commit an attack.

In this case the FBI’s prey was arrested for illegally possessing weapons. Weapons which were given to him by the FBI.

These operations rely on taking a hypothetical scenario and making it a reality. The individuals they target are those the agency deems capable of being radicalized. If left to their own devices the individuals would almost certainly remain harmless. Most of these individuals are socially isolated, aren’t the brightest bulbs in the box, and are seldom go-getters. Since they’re socially isolated they’re usually desperate for friendship, which makes them vulnerable to FBI agents. Their lukewarm intelligence also makes them more susceptible to being influenced. When you combine social isolation with lukewarm intelligence you have a recipe for an individual who can be easily manipulated to do bad things. But even if they’re manipulated into doing something bad they seldom have the motivation or means. So the FBI prods these individuals into performing an attack and provides them a means with which to pull it off. Finally, with all the pieces in place the FBI arrests its creation.

What the FBI is doing is preying on vulnerable individuals, convincing them to do something bad, and then providing the means to do that bad thing. If the FBI didn’t involve itself these people would normally just fade into the annals of history. The FBI isn’t protecting us from anything with these operations. It’s creating a bad situation and then claiming to save everybody from it.

Do As We Say, Not As We Do

with one comment

A lot of people are talking about the Panama Papers. This treasure trove of shell corporations created by utilizing the services of Mossack Fonseca measures in at over 2.5 terabytes in size and it seems to contain dirt on almost every politician. The prime minister of Iceland just resigned due to public outrage stirred by his name appearing in the papers and others are likely to follow.

But the real scandal isn’t that these politicians are utilizing tax havens to protect their wealth. The real scandal is that these politicians continue to hunt those who utilize tax havens while making use of such wealth preserving institutions themselves.

There is nothing immoral about trying to conceal your wealth from thieves. In fact doing so is meritorious. In the case of tax thieves concealing wealth keeps resources out of the hands of the most violent gangs in the world. The less resources the State has the less effective it is as subjugating its victims. We shouldn’t decry anybody for protecting their wealth from the State.

What we should decry are thieves and these politicians are not only thieves but their dishonest thieves. In public these politicians espouse the merits of taxes and viciously criticize tax evaders. In private they are whisking their wealth away to the exact same places using the exact same tactics as private tax evaders. I believe the only fair thing to do in this case is treat these politicians the exact same way they treat private tax evaders. Make examples of them in the media. Hold a show trial. Then lock them in a cage for the rest of their lives. And do this not because they’re tax evaders but because they’ve gleefully inflicted such harm on tax evaders themselves.

Written by Christopher Burg

April 6th, 2016 at 10:30 am

Having Your Surveillance Cake And Eating It Too

without comments

At one point it wasn’t uncommon for employers to issue company devices to employees. Things have changed however and now it is common for employers to expect employees to use their personal devices for work. It seems like a win-win since employees don’t have to carry two cell phones or use whatever shitty devices their company issues and employers safe money on having to buy devices. However, it leads to an interesting situation. What happens when the employer wants to surveil an employee’s personal device? That’s the battle currently being waged by Minnesota’s state colleges and their employees:

Two faculty unions are up in arms over a new rule that would allow Minnesota’s state colleges and universities to inspect employee-owned cellphones and mobile devices if they’re used for work.

The unions say the rule, which is set to take effect on Friday, would violate the privacy of thousands of faculty members, many of whom use their own cellphones and computers to do their jobs.

“[It’s] a free pass to go on a fishing expedition,” said Kevin Lindstrom, president of the Minnesota State College Faculty.

But college officials say they have an obligation under state law to protect any “government data” that may be on such devices, and that as public employees, faculty members could be disciplined if they refuse to comply.

If the universities have such a legal obligation then they damn well should be issuing devices. Data is at the mercy of the security measures implemented on whatever devices it is copied to. When businesses allow employees to use personal devices for work any data that ends up on those devices is secured primarily by whatever measure the employee has put into place. While you can require certain security measures such as mandating a lock screen password on the employee’s phone, employees are still generally free to install any application, visit any website, and add any personal accounts to the device. All of those things can compromise proprietary company data.

By issuing centrally managed devices, the universities could restrict what applications are installed, what webpages devices are willing to visit, and what accounts can be added.

There is also the issue of property rights. What right does an employer have to surveil employee devices? If so, how far does that power extend? Does an employer has the right to surveil an employee’s home if they work form home or ever take work home? Does an employer have the right to surveil an employee’s vehicle if they use that vehicle to drive to work or travel for work? When employers purchase and issue devices these questions go away because the issued devices are the employer’s property to do with as they please.

If an employer wants to surveil employee devices then they should issue devices. If an employer is unwilling to issue devices then they should accept the fact they can’t surveil employee devices. If an employer is under a legal obligation to protect data then it needs to issue devices.

FBI Heroically Saves Us From Yet Another Person It Radicalized

with one comment

Without the Federal Bureau of Investigations (FBI) who would protect us from the people radicalized by the FBI? Without the heroics of the agency a lot of people might be dead today — killed by a terrorist radicalized by the FBI:

KHALIL ABU RAYYAN was a lonely young man in Detroit, eager to find a wife. Jannah Bride claimed she was a 19-year-old Sunni Muslim whose husband was killed in an airstrike in Syria. The two struck up a romantic connection through online communications.

Now, Rayyan, a 21-year-old Michigan man, is accused by federal prosecutors of supporting the Islamic State.

Documents released Tuesday show, however, that Rayyan was motivated not by religious radicalism but by the desire to impress Bride, who said she wanted to be a martyr.

Jannah Bride, not a real name, was in fact an FBI informant hired to communicate with Rayyan, who first came to the FBI’s attention when he retweeted a video from the Islamic State of people being thrown from buildings. He wrote later on Twitter: “Thanks, brother, that made my day.”

According to the FBI, the agency discovered a radicalized supporter of the Islamic State that was going to perpetrate a terrorist attack. But the attack never happened because the FBI was able to discover the individual ahead of time and intervene.

Put into normal people lingo, the FBI found somebody with neither the motivation or means to perform a terrorist attack. The agency then provided the motivation and eventually the means. If the FBI hadn’t inserted itself into this individual’s life they still wouldn’t have perpetrated a terrorist attack.

I like to say, if it weren’t for the people radicalized by FBI agents there wouldn’t be any terrorists for the FBI to capture. When I first started saying that it was done with a modicum of sarcasm because I assumed the agency did manage to fight some actual crime once in a while. But so many of these FBI created cases exist that they literally fill a book. It’s getting to the point where seems the agency’s only job is dealing with the “terrorists” it creates.

Law Enforcers Caught Abusing A Databases Again

without comments

I have a natural aversion to government databases. This may seem ironic coming from a man whose name probably appears in dozens of them but that’s beside the point. Databases for sex offenders, felons, known gang members, and gun owners are always sold as being valuable tools for protecting the public. What is often ignored by proponents of such databases is how easily they can be abused by law enforcers. Denver law enforcers are the latest in a long line of law enforcers busted for abusing government databases for personal gain:

Denver Police officers caught using a confidential database for personal reasons should face stiffer penalties, the city’s independent monitor argued in a report released Tuesday.

The report, which reviewed both the Denver Police and the Denver Sheriff Department’s performance for 2015, found several instances of officers abusing both the National Crime Information Center (NCIC) and it’s state counterpart, the Colorado Crime Information Center (CCIC). Independent Monitor Nicholas Mitchell said in the report that he believes the penalties for those caught aren’t stiff enough to deter further abuse.

[…]

One officer, for example, was found to have used the database to assist an acquaintance who was going through a divorce determine the identity of the man he believed his wife was having an affair with. Then it spiraled out of control, possibly enabling violence from the vengeful ex-husband:

Shortly thereafter, the ex-husband began driving by the man’s house and threatening him. The ex-husband also found and contacted the man’s wife to tell her that the man was having an affair. The ex-husband told the wife that he knew their home address, showed her a picture of the man’s car, and asked her questions about the man to find out what gym he worked out at, what shift he worked, and where he spent his leisure time.

[…]

In another instance, a Denver Police officer who was at a hospital investigating a reported sexual assault made “small talk” with a female employee at the hospital who wasn’t involved in the investigation. The report continues:

At the end of her shift, the female employee returned home and found a voicemail message from the officer on her personal phone. She had not given the officer her phone number, and was upset that he had obtained it (she assumed) by improperly using law enforcement computer systems.

Note the lack of punishments received by officers caught abusing these databases. The first mentioned infraction resulted in a written reprimand and the second resulted in a fine of two days pay in addition to a written reprimand.

There are two major problems here. First, the existence of these databases. Second, the almost complete absence of oversight. These databases hold a tremendous amount of personal information on individuals. That information isn’t anonymized in any way so any officer can bring up the home address, phone number, and other personal information of those entered into the database. No oversight is apparently needed as multiple officers have been able to access the database for unauthorized uses. And no apparent interest in establishing oversight seems to exist since those finally caught abusing the database received no real punishment.

Databases containing personal information are dangerous to begin with. But when you add a complete lack of accountability for those accessing the databases, especially when they’re almost entirely shielded from personal liability, you have a recipe for disaster. Never let yourself be lulled into believing establishing a government database is necessary or in any way a good thing.

Written by Christopher Burg

March 18th, 2016 at 10:30 am

Threat Posed By Personally Owned Drones Overblown, Water Is Wet

with one comment

Last year the Federal Aviation Administration (FAA) announced it would be requiring all drone owners to register so their personal information, including home address, could be published for all to see. This requirement was justified under the claim that personally owned drones posed a major threat to other forms of aviation traffic. A lot of people, including myself, called bullshit on that and now research exists backing up our accusation:

That research, shown in a study just published by George Mason University’s Mercatus Center, was based on damage to aircraft from another sort of small, uncrewed aircraft—flying birds.

Much of the fear around drones hitting aircraft has been driven by FAA reports from pilots who have claimed near-misses with small drones. But an investigation last year by the Academy of Model Aeronautics (AMA) found that of the 764 near-miss incidents with drones recorded by the FAA, only 27 of them—3.5 percent—actually were near misses. The rest were just sightings, and those were often sightings that took place when drone operators were following the rules. The FAA also overcounted, including reports where the pilot said explicitly that there was no near miss and some where the flying object wasn’t identified, leading the AMA to accuse the FAA of exaggerating the threat in order to get support for its anti-drone agenda.

So for starters all the “near misses” we’ve read about in the media weren’t near misses. A vast majority of them were mere sightings. But the FAA’s bullshit doesn’t stop there:

There hasn’t yet been an incident in which a drone has struck an aircraft. But bird strikes (and bat strikes) do happen, and there’s a rich data set to work from to understand how often they do. Researchers Eli Dourado and Samuel Hammond reasoned that the chances of a bird strike remain much higher than that of an aircraft hitting a drone because “contrary to sensational media headlines, the skies are crowded not by drones but by fowl.”

The researchers studied 25 years of FAA “wildlife strike” data, reports voluntarily filed by pilots after colliding with birds. The data included over 160,000 reported incidents of collisions with birds, of which only 14,314 caused damage—and 80 percent of that number came from collisions with large or medium-sized birds such as geese and ducks.

Emphasis mine. No drones have struck a plane yet, which means the threat of drones to already existing aviation traffic is still entirely unrealized. Hell, this combined with the fact most reported near misses weren’t near misses, we should actually take a moment to recognize how much of a nonissue personally owned drones have been so far. Drone operators by and large have been very well behaved.

The data on wildlife strikes is also valuable since it indicates that when a drone finally does strike a plane there probably won’t be much damage to the plane. Most personally owned drones are more fragile than the large or medium sized birds that managed to cause damage when colliding with a plane.

What we have here is another example of a government money grab disguised as a crisis. With the FAA’s new rules in place the agency can extract $5 from every registered drone operator and up to $250,000 from operating a drone without being registered. Furthermore, the FAA can up the fees and fines as it sees fit.

Written by Christopher Burg

March 16th, 2016 at 10:00 am

The Most Transparent Government In History

without comments

Nearly a decade ago Obama was campaigning on a platform of, amongst other things, transparency. After 9/11 the Bush administration went full Orwell (you never go full Orwell) and people were demanding change. Obama promised to deliver that change. But history repeated itself as it so often does. Like every other politician before him, Obama failed to deliver on most of the promises he made. He not only failed to deliver on his promises but he actually expanding what Bush was doing.

Decades will likely pass before we learn the full extent of the current administration’s expansions to the surveillance state. However, bits and pieces are already leaking out. A recent Freedom of Information Act (FOIA) request produced a wealth of information on how the current administration has been working to undermine FOIA requests:

The Obama administration has long called itself the most transparent administration in history. But newly released Department of Justice (DOJ) documents show that the White House has actually worked aggressively behind the scenes to scuttle congressional reforms designed to give the public better access to information possessed by the federal government.

The documents were obtained by the Freedom of the Press Foundation, a nonprofit organization that supports journalism in the public interest, which in turn shared them exclusively with VICE News. They were obtained using the Freedom of Information Act (FOIA) — the same law Congress was attempting to reform. The group sued the DOJ last December after its FOIA requests went unanswered for more than a year.

The documents confirm longstanding suspicions about the administration’s meddling, and lay bare for the first time how it worked to undermine FOIA reform bills that received overwhelming bipartisan support and were unanimously passed by both the House and Senate in 2014 — yet were never put up for a final vote.

It’s a lengthy article detailing several different ploys made by Obama’s administration in its quest to establish the most opaque government in history.

While the FOIA has revealed a great deal of the State’s dirty laundry it has always been a limited tool. When it was written a number of exemptions were included. Basically, at the judgement of the State, FOIA requests can be denied under several justifications. A FOIA request only reveals what the State is willing to reveal. However, the higher ups in the State have recognized that even with the number of exemptions put in place a lot of embarrassing information is still becoming public. That being the case, it’s not surprising to see the current administration working to add further restrictions on top of a bill that already includes numerous restrictions.

There is a lesson to be learned here. No matter what promises a politician makes up front they will almost invariably go unfulfilled if they win an election. Power seems terrible until you have it. Before becoming president I’m better Obama was being sincere in many of his promises. But when he gained the power he likely realized how good it felt. This is also why reforming the system through the voting process is doomed to fail. Even the most honest individuals can be corrupted with enough power.

Written by Christopher Burg

March 11th, 2016 at 10:30 am

Terrorist Plots Aren’t The Only Things The FBI Makes Up

without comments

The Federal Bureau of Investigations (FBI) has a long history of creating terrorists. This practice is so prevalent that there’s a book about it. But terrorist plots aren’t the only thing the FBI makes up. The agency also likes to make up sex-trafficking rings:

In the press, it was a “wide-reaching sex-trafficking operation” run by Somali Muslim gangs who forced “girls as young as 12” to sell sex in Minnesota and Tennessee. In reality, the operation—which led to charges against 30 individuals, sex-trafficking convictions for three, and an eight year legal battle—was a fiction crafted by two troubled teenagers, a member of the FBI’s human-trafficking task force, and an array of overzealous officials. An opinion released this week by the 6th Circuit Court of Appeals shows that federal prosecuters had no evidence whatsoever to support their “child sex trafficking conspiracy” case outside the seriously flawed testimony of two teenagers, one of whom had “been diagnosed as insane and was off her medication.”

“We conclude from our careful review of the trial transcript and record that, if the prosecution proved any sex trafficking at all (and we have serious doubts that it did), then at best it proved two separate, unrelated, and dissimilar sex-trafficking conspiracies, involving different defendants, albeit with the same alleged victim, namely Jane Doe 2,” states the 6th Circuit opinion, written by judges Alice M. Batchelder, Sean F. Cox, and Helene N. White.

At some point you would think the general public would begin asking why the FBI even exists. An agency has been caught time and again fabricating crimes. So one is forced to question whether any of the crimes it has solved were actually real.

We return again to the fact that the supposed system of checks and balances is more accurately described as a circlejerk. If the legislative and judicial branches were a check and balance against the executive branch there would have been investigations into the FBI itself by now. Judges would be throwing out cases on the grounds that the FBI isn’t a credible agency. Senators would be urging their fellows to vote to dissolve the agency. The heads of the FBI would be facing charges and begging oversight committees for mercy. But none of that is happening. Instead the FBI continues to operate as a law enforcement agency and its transgressions are continuously ignored.

Written by Christopher Burg

March 10th, 2016 at 10:30 am

Because Punishing The Victim Makes Sense

without comments

Hypothetically let’s say a student stole a cell phone from their teacher. The teacher, being an average person and almost entirely ignorant on security, didn’t set a lock code. Because there was no lock code the student was able to log in. After logging in the student found embarrassing pictures of the teacher and sent them to friends.

In this situation would you punish the teacher or the student? Although not setting a lock code on your phone isn’t a wise decision there is no victim involved when somebody is ignorant. There is, however, a victim when a theft occurs. That being the case, I would argue the student should be punished but the teacher should not. Of course, that’s not how things work in our society:

A South Carolina high-school teacher may be charged with contributing to the delinquency of a minor after a student stole her cellphone and distributed partially nude photos from it around the school. Administrators say she should have password-protected the phone.

[…]

One might think that the student would at least face disciplinary action from the school, if not criminal charges of some sort. But thus far, the school has not moved to hold the 16-year-old student accountable at all. Arthur, however, is another story. After teaching in Union County for 13 years, she resigned when district officials gave her the choice to do so immediately or start the firing process.

Interim superintendent David Eubanks told The State that Arthur might also be charged with contributing to the delinquency of a minor. “I think we have a right to privacy, but when we take inappropriate information or pictures, we had best make sure it remains private,” he said.

I would argue that this is the inevitable result of combining zero tolerance policies, a total lack of critical thinking when “it’s for the children”, and having a legal system instead of a justice system.

The only victim here was the teacher because her phone was stolen. But since children saw her nude photos the fact that she was the victim of theft and didn’t send the photos is ignored. To make matters worse, the thief is left unpunished because, well, reasons.

So here we are, continuing to wallow in a society that punishes victims and lets criminals go unscathed.

Written by Christopher Burg

March 3rd, 2016 at 10:00 am