Law Enforcement can Find your Cell Phone in Seconds

Posted on May 11, 2018May 11, 2018 by Denise Simon

Lots of applications here, some rather scary, others real terrifying while others are rewarding. Make your own decision(s). As an aside, we can only hope there is no Chinese technology involved or data is sold without knowledge or permission.

The service provided by Securus reveals a potential weakness in a system that is supposed to protect the private information of millions of cellphone users. With customers’ consent, carriers sell the ability to acquire location data for marketing purposes like providing coupons when someone is near a business, or services like roadside assistance or bank fraud protection. Companies that use the data generally sign contracts pledging to get people’s approval — through a response to a text message, for example, or the push of a button on a menu — or to otherwise use the data legally.

But the contracts between the companies, including Securus, are “the legal equivalent of a pinky promise,” Mr. Wyden wrote. The F.C.C. said it was reviewing the letter.

Courts are split on whether investigators need a warrant based on probable cause to acquire location data. In some states, a warrant is required for any sort of cellphone tracking. In other states, it is needed only if an investigator wants the data in real time. And in others no warrant is needed at all.

photo

The Justice Department has said its policy is to get warrants for real-time tracking. The Supreme Court has ruled that putting a GPS tracker on a car counts as a search under the Fourth Amendment, but this was because installing the device involved touching a person’s property — something that doesn’t happen when a cellphone is pinged.

Phone companies have a legal responsibility under the Telecommunications Act to protect consumer data, including call location, and can provide it in response to a legal order or sell it for use with customer consent. But lawyers interviewed by The New York Times disagreed on whether location information that was not gathered during the course of a call had the same protections under the law.

As long as they are following their own privacy policies, carriers “are largely free to do what they want with the information they obtain, including location information, as long as it’s unrelated to a phone call,” said Albert Gidari, the consulting director of privacy at the Stanford Center for Internet and Society and a former technology and telecommunications lawyer. Even when the phone is not making a call, the system receives location data, accurate within a few hundred feet, by communicating with the device and asking it which cellphone towers it is near.

Other experts said the law should apply for any communications on a network, not just phone calls. “If the phone companies are giving someone a direct portal into the real-time location data on all of their customers, they should be policing it,” said Laura Moy, the deputy director of the Georgetown Law Center on Privacy & Technology.

***

Thousands of jails and prisons across the United States use a company called Securus Technologies to provide and monitor calls to inmates. But the former sheriff of Mississippi County, Mo., used a lesser-known Securus service to track people’s cellphones, including those of other officers, without court orders, according to charges filed against him in state and federal court.

The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon, documents show.

Between 2014 and 2017, the sheriff, Cory Hutcheson, used the service at least 11 times, prosecutors said. His alleged targets included a judge and members of the State Highway Patrol. Mr. Hutcheson, who was dismissed last year in an unrelated matter, has pleaded not guilty in the surveillance cases.

As location tracking has become more accurate, and as more people carry their phones at every waking moment, the ability of law enforcement officers and companies like Securus to get that data has become an ever greater privacy concern. Important to read more here.

Putin Denies Military Operations Against Ukraine, Proof Emerges

Posted on May 7, 2018May 7, 2018 by Denise Simon

photo

The Ambassador predicted liberation of Mariupol in 2014, the plan was in place, was anyone listening? Liberation? That is how Moscow packaged it? And the Active Measures/propaganda continues.

Russian troops attacking Mariupol, Ukrainian militia ... photo

Breaking: Russian Officers and Militants Identified as Perpetrators of the January 2015 Mariupol Artillery Strike

The investigation can be viewed here.

На русском языке

The Bellingcat Investigation Team has determined conclusively that the artillery attack on targets in the Ukrainian town of Mariupol on 24 January 2015, which resulted at least 30 civilian deaths and over 100 injuries, came from Russia-controlled territory. Bellingcat has also determined that the shelling operation was instructed, directed and supervised by Russian military commanders in active service with the Russian Ministry of Defense. Bellingcat has identified nine Russian officers, including one general, two colonels, and three lieutenant colonels, involved directly with the military operation.

Furthermore, Bellingcat has determined that two artillery batteries of Multiple Launch Rocket Systems (MLRS) were transported from Russia into Ukraine the day before the Mariupol operation. In the early morning of 24 January 2015, these batteries were deployed near the village of Bezimenne exclusively for the shelling of targets in and around Mariupol, after which they were repatriated back into Russia.

In the course of analyzing the events in the eve of and on 24 January 2015, Bellingcat has also identified two Russian generals involved with the selection and assignment of Russian artillery specialists to commanding roles in eastern Ukraine.

This investigation was made possible due to access to raw video and audio data that is being submitted by the Ukrainian government to the International Court of Justice as part of an ongoing legal case. This data was made available to a small group of international investigative media for the purposes of independent assessment. Bellingcat and its media partners analyzed a large volume of intercepted calls from and to participants in the armed conflict located in the area of Bezimenne at the time of shelling. Bellingcat conducted detailed cross-referencing of events, names and locations, as well as metadata from the calls, to open source data, including satellite photography data, social media posts, and voice samples from public statements of some of the identified persons. A detailed analysis permitted the identification of persons and military units, and the reconstruction of events leading up to the shelling of residential areas in Mariupol.

While previous reports, including the OSCE Special Monitoring Mission (SMM) to Ukraine report from 24 January 2015, have identified that shelling of Mariupol’s residential areas came from separatist-controlled territory, Bellingcat’s investigation is the first to fully detail and identify the role of active Russian military units, as well as the direct commanding role of active Russian army officers in this military operation.

Our full report identifying the nine Russian officers involved with the military operation that led to the deaths of 30 Ukrainian civilians in Mariupol will be published later this week. Today, we are revealing the names of these individuals, along with a sampling of the telephone conversations that led to their identification.

The Russian officers who were in charge on high and lower levels of the MLRS batteries on the day of the shelling at Mariupol, or provided target instructions from another location in Eastern Ukraine, have been identified by Bellingcat as:

Major General Stepan Stepanovich Yaroshchuk

Alexander Iozhefovich Tsapliuk, call sign ‘Gorets’

Alexander Anatolevich Muratov

Maksim Vladimirovich Vlasov, call sign ‘Yugra’

Sergey Sergeyevich Yurchenko, call sign ‘Voronezh’

Alexander Valeryevich Grunchev, call sign ‘Terek’

The Russian officers who were in charge of selecting and sending artillery commanders and artillery equipment to Eastern Ukraine have been identified by Bellingcat as:

Colonel Oleg Leargievich Kuvshinov

Major General Dmitry Nikolaevich Klimenko

Colonel Sergey Ivanovich Lisai

The two Russian and Ukrainian militants in direct charge of the artillery units that shelled Mariupol have been identified by Bellingcat as:

Alexander Mikhailovich Evtody, call sign ‘Pepel’

Grayr Manukovich Egiazaryan, call sign ‘Shram’

Our full investigation, with biographical details on each of these men, our research process, and our analysis of the shelling attack itself, will be published later this week.

The investigation can be viewed here.

From the APP Store, Notifica ICE Raids

Posted on May 4, 2018May 4, 2018 by Denise Simon

Ah yes those pesky apps found on iTunes and Google Play, funded by George Soros. This app helps illegal immigrants avoid federal immigration authorities. The group behind this scheme is United We Dream and guess what? That organization receives taxpayer funding. Uh huh…

Notifica is a project of United We Dream

United We Dream is the largest immigrant youth-led network in the country. With over half a million members, we advocate for the justice and dignity for all immigrants. Notifica was made thanks to the knowledge of immigrant youth organizing, and a generous partnership with Huge and Matter Supply, full service design/digital agencies.

***

Notifica, is a new app that will act as a panic button for undocumented immigrants who are detained by Immigration and Customs Enforcement (ICE), Wired reports.

To help immigrants who have been detained, the organization United We Dream, which is led by young immigrants, and digital agency Huge developed the Notifica app. When immigrants are detained by ICE their families and loved ones might not even know what happened, but Notifica aims to change that.

“You have the right to be prepared,” says the app’s site. “Be prepared with Notifica, an app that sends out secure messages to your support network when you need it most.”

How The Notifica App Works

With Notifica, users can select contacts they want to notify in case they are taken by ICE. The app allows users to set up a personalized notification to each recipient, for example, a message to your mom or sibling would be different than the one you send to your attorney. After you write the preloaded messages, others will not have access to them and will not be able to read them. There is also a pin that seals off the messages in case your device is lost or stolen.

If the user is taken by ICE, a single click will send all messages via text in less than two seconds. Huge has also launched a phone hotline for those who don’t have a phone in reach but may be able to make a call afterwards. More here.

***

A division of the Justice Department awarded at least $206,453 to the National Immigration Law Center, which advises illegal immigrants on their rights, according to records obtained by Judicial Watch.

The Office of Justice Programs awarded the grants between fiscal years 2008 and 2010, the records cited by the conservative government watchdog group show. That would overlap the administrations of both Presidents George W. Bush and Barack Obama.

One of the projects of the National Immigration Law Center is United We Dream, which describes itself as a youth program for “undocumented” immigrants.

The Laredo Morning Times quoted Adrian Reyna, director of membership and technology strategies for United We Dream, as saying that “when something actually happens, most people don’t know what to do at that moment.”

The Texas newspaper also reported that United We Dream is working on a second version of Notifica that will include the ability to use more languages besides Spanish and English.

The second version, set to be released this summer, would include Vietnamese, Korean, and Chinese. The updated app also will be able to determine where an illegal immigrant is being detained, the newspaper reported.

United We Dream pushes to give legal status to so-called Dreamers, illegal immigrants brought to the United States when they were children. The organization, which has a hotline, advises illegal immigrants against cooperating with agents from U.S. Immigration and Customs Enforcement.

In a press release, the group says: “United We Dream calls on our communities to defend their rights, not open the door to ICE, and to report ICE activities to the United We Dream MigraWatch hotline.”

The April release adds: “United We Dream has also developed the mobile app, Notifica, which immediately alerts your loved ones and legal advocates to the user’s location in cases of detention. Text ‘Notifica’ to 877-877 for a link for download.”

The Soros-backed Open Societies Foundations don’t have a direct role in the app, but doesn’t find it objectionable, said Angela Kelley, the senior strategic adviser on immigration at the Open Society Foundations.

Approval Process for Cyberwarfare Challenged

Posted on May 2, 2018May 2, 2018 by Denise Simon

Cyber is a real battlefield and yet it gets almost zero ink in the media. The reason is due in part to exposing vulnerabilities, forced ransoms and stolen data.

NotPetya could be the beginnings of a new kind of ... photo

Just a couple of years ago: Chet Nagle, a former CIA agent and current vice president of M-CAM, penned an article in the Daily Caller, stating, “At FBI headquarters in July, the head of FBI counterintelligence, Randall Coleman, said there has been a 53% increase in the theft of American trade secrets, thefts that have cost hundreds of billions of dollars in the past year. In an FBI survey of 165 private companies, half of them said they were victims of economic espionage or theft of trade secrets — 95% of those cases involved individuals associated with the Chinese government.”

The threats all appear to have a foreign genesis and the United States does not have a real cyber policy due in part to debates over whether cyber attacks are acts of war. Can the United States fight back with her own cyber weapons? Not really, kinda, maybe.

Tracking the theft is left to the FBI, while responding is left to the U.S. Cyber Command. Army Lt. Gen. Paul Nakasone is the head of Cyber Command facing strategic threats from Russia, China, North Korea and Iran. During his confirmation hearings, Nakasone was grilled on how he would position the agencies to confront mounting Russian aggression in cyberspace, whether through attempted interference in U.S. elections or targeting the electric grid and other critical industrial systems.

Members of the White House’s National Security Council are pushing to rescind Presidential Policy Directive 20, an important policy memorandum that currently guides the approval process for government-backed cyberattacks, three current U.S. officials familiar with the matter tell CyberScoop.

The effort is driven in part by a desire from some NSC staff to create a more streamlined channel for military leaders to get their offensive cyber operations greenlit, insiders familiar with the matter said. The sources spoke under the condition of anonymity to freely discuss sensitive national security matters.

The move comes as lawmakers openly question whether U.S. Cyber Command, the nation’s premier cyber warfare unit, is hamstrung from responding to Russian meddling due to bureaucratic red tape. CyberScoop previously reported that multiple congressional committees are considering policies that could empower the military’s cyber mission.

But the push for change faces resistance from the intelligence community and several other federal agencies involved in cybersecurity.

Senior U.S. intelligence officials have expressed concerns over what rescinding the directive will mean for their own active computer spying missions. These covert operations, which are typically pursued by intelligence agencies like the CIA or NSA, could be exposed by the launch of “louder” disruptive-style attacks from the military. The presence of multiple hacking teams simultaneously targeting a single network often makes it easier for them all to be discovered by the victim.

Prior reporting by CyberScoop has shown that a long-running turf war exists between different federal agencies regarding the proper use of hacking tools in order to protect the homeland.

Even before Trump came to office though, the framework in question was considered a source of frustration inside the Pentagon.

Signed by President Barack Obama in 2012, the directive’s critics say that it was written in a confusing manner that leaves open-ended questions. In addition, critics tell CyberScoop that too many federal agencies are allowed to weigh in on proposed cyber operations, causing “even reasonable” plans to be delayed or outright rejected.

Insiders who are resistant to eliminating the directive admit that PPD-20 is flawed, but fear change because they’ve not seen a replacement plan.

“Better the devil you know, or something like that,” a former U.S. official said. “This is such a crucial decision because whatever comes next will dictate how arguments are settled inside government … you have the military on one side and the IC on the other.”

The NSC, CIA and Office of the Director of National Intelligence declined to comment. The NSA referred CyberScoop to U.S. Cyber Command, who in turn did not respond to a request for comment.

Currently, PPD-20 requires U.S. government agencies to run approvals for offensive operations through a chain of command that stretches across the federal government. The process is largely focused on controlling those operations that go beyond the confines of everyday digital espionage, or computer exploitation, to simply collect information.

According to PPD-20, if an operation is considered “of significant consequence,” it requires the direct blessing of the president in addition to the interagency group. Hacking operations that, for example, shut down a power grid or cause equipment to explode would fit into such a description. But experts say it also includes less flashy tactics like deleting data or corrupting software in a destructive manner.

“This directive pertains to cyber operations, including those that support or enable kinetic, information, or other types of operations,” PPD-20 reads. “The United States has an abiding interest in developing and maintaining use of cyberspace as an integral part of U.S. national capabilities to collect intelligence and to deter, deny, or defeat any adversary.”

After coming under scrutiny last month, outgoing NSA Director Adm. Michael Rogers told lawmakers that there’s an “ongoing policy discussion” about redrawing the regulations looming over military cyber operations. Unlike conventional military activities, the internet makes it difficult for policymakers to draw clear cut boundaries. This challenges also runs up against longstanding laws that underpin, and therefore divide, the work of soldiers and spies.

Historically, intelligence agencies — empowered by Title 50 of the U.S. Code — have led the way on U.S.-backed hacking that occur in countries like Iran or China; where armed conflict is absent. Military operations fall under the purview of Title 10 of the U.S. Code.

It’s not clear whether giving military leaders more leeway to conduct hacking operations will ultimately make those units more effective at their missions. The details surrounding these activities are always classified, which inhibits the public from having a substantive policy debate.

Ultimately, the decision to eliminate PPD-20 falls solely to the executive branch. Sources tell CyberScoop no final decision has been made.

What makes PPD-20 difficult to analyze is the fact that it remains a classified document, despite it being leaked by NSA whistleblower Edward Snowden. The classification means current officials are barred from publicly commenting on it.

Thomas Rid, a professor of strategic studies at Johns Hopkins University, said that Snowden’s PPD-20 leak was notable because it revealed the U.S. government’s thought process behind “the rise of unwanted norms caused by escalatory cyberattacks.”

“Reading between the lines, the framework acknowledges the negative effect on global cyber norms that events like Stuxnet can cause because of escalation,” said Rid.

Rid also believes the directive was “naïvely constructed,” relying too much on the idea that cyberattacks only impact other machines, and not people.

“When you look at what’s happened in 2016, and really since then, it makes the people who wrote PPD-20 seem like they don’t understand the current threat environment where Russia, and to some degree Iran, are combining active measures with cyber to change public perception,” he told CyberScoop. “Russia is basically kicking the U.S.’ ass.”

Meet Kevin Thurm and Here Comes the Clinton Foundation, Again

Posted on May 1, 2018May 1, 2018 by Denise Simon

The last we heard from Hillary, she was whining that no one liked her. Before that, she was still finding excuses for her loss in the quest for the White House. All through that we continued to hear about corruption and fraud in all things Clinton including the foundation(s).

Sidebar: Read about the Foundation ah weirdness in Columbia.

The Clinton Foundation left a toxic legacy in Colombia ... photo

Well….she is back…and Kevin is leading the charge. But bring money for cocktails and photos.

So, who is Kevin?

Kevin Thurm, A83, A17P, is dedicated to finding solutions that last to transform lives and communities. As the CEO of the Clinton Foundation, he leads its efforts to build partnerships of great purpose between businesses, governments, NGOs, and individuals.

Prior to working at the Clinton Foundation, Thurm held various leadership positions in government and the corporate sector. As a senior counselor at the U.S. Department of Health and Human Services (HHS), he partnered with Secretary Sylvia Burwell and HHS senior leadership on cross-cutting strategic initiatives, including continuing implementation of the Affordable Care Act. At Citigroup, he held senior positions including chief compliance officer and deputy general counsel. Before joining Citigroup, Thurm served as the deputy secretary and chief of staff for the Department of Health and Human Services under Secretary Donna E. Shalala.

Thurm received a bachelor’s from Tufts University in 1983; a bachelor’s/master’s from Oxford University in 1986, where he was a Rhodes Scholar; and a J.D. from Harvard Law School in 1989.

***

The Clinton Foundation, after seeing a drop in donations amid increased scrutiny and “pay-to-play” allegations, is revving back up with a glitzy fundraising gala that coincides with a broader push by the Clinton machine to stay in the political spotlight.

Axios reported Monday that longtime Clinton supporters received an invitation offering access — a word that dogged Hillary Clinton throughout her failed 2016 presidential campaign — to the family at a May 24 benefit for the Clinton Foundation.

The cheapest tickets for the event will be $2,500 for cocktails and dinner. Deep-pocketed donors can lay out $100,000 for a package including “leadership reception for two, a premium table of 10, program recognition as Gala Chair and invitations to the Clinton Foundation Annual Briefing.”

The invite features photos of Bill, Hillary and Chelsea Clinton, implying they’ll all be attending.

The foundation scaled back its activities in 2016, downsizing the Clinton Global Initiative and placing restrictions on fundraising amid claims of “pay-to-play” by donors seeking access when Clinton was secretary of state. The Clintons denied any such arrangements.

The biggest such controversy related to the sale of Uranium One — a Canadian-based energy firm and holder of 20 percent of U.S. uranium stocks — to Russian energy company Rosatom during Clinton’s time as secretary of state. The connections between the sale of Uranium One and donations to the foundation were first reported by author Peter Schweizer in his 2015 book “Clinton Cash.”

The New York Times reported that the Clinton Foundation received millions of dollars from donors connected to Uranium One as the deal was in the process of being approved by representatives of government agencies, including Clinton’s State Department.

Since the election, questions about that deal have not gone away. In October, The Hill reported that the FBI received an account that Russian nuclear officials had routed millions of dollars to the U.S. designed to benefit the Clinton Foundation amid a broader pattern of bribery and kickbacks designed to extend Russia’s footprint to the U.S.

Amid the controversies in 2015 and 2016, the foundation saw a plunge in donations. While data from 2017 are not available, 2016 numbers showed that donations fell by 42 percent, from $108 million in 2015 to $63 million in 2016. Then-acting CEO Kevin Thurm told The New York Post, which first reported on the numbers, that that was due in part to restrictions on fundraising the foundation placed on itself as Clinton ran for president.

But while numbers for 2017 aren’t available, IB Times reported last year that a number of big companies have distanced themselves from the foundation and were choosing not to give. Companies that told the outlet in November they have not donated since the 2016 election included Boeing, Chevron, Dell, General Electric, and Lockheed Martin.

“Last year was a tough year,” Donna Shalala, then-president of the foundation, told The Times in 2017, “because people were beating on us with nonsense.”

Clinton Foundation dealings have continued to stay in the headlines. Former FBI Deputy Director Andrew McCabe was fired by Attorney General Jeff Sessions in March after an inspector general report said he leaked the existence of a probe into the foundation during the presidential campaign and later lied about it.

Meanwhile, conservative watchdog Judicial Watch has continued to publish emails sent by Clinton when she served as secretary of state — emails that touch on foundation activity.

The May fundraiser is the latest sign from the Clintons that they do not intend to retreat from the spotlight. After losing in 2016, Hillary Clinton has set up the political action organization Onward Together and released a lengthy campaign post-mortem titled, “What Happened.” She went on a speaking tour coinciding with the book’s release and has made numerous additional appearances discussing her 2016 loss.

Axios reported Monday that Hillary Clinton was to lead the first meeting of Onward Together on New York’s Upper East Side for a session on “harnessing the energy and activism post-election.” Bill, meanwhile, will publish his novel “The President is Missing,” co-authored with James Patterson on June 4.

An April Wall Street Journal/NBC News poll found that only 27 percent of those polled had a very or somewhat positive view of the former secretary of state. That makes her less popular than President Trump, whose popularity registered at 35 percent. It marked a new low for her in the poll, which clocked her popularity at 30 percent in August 2017.