Category Archives: Government

Baltimore City: IMSI Hell

Electronic Freedom, Government, , , , , , ,

After The Sun revealed massive use of IMSI catchers in Baltimore City over the 8 years, I decided to try to FOIA BPD.  Well, first road block is that their submission form online doesn’t even work.  The SMTP server is jacked up.  Further, the CAPTCHA code at the bottom of the page never changes and can be copied and pasted.

The idea that an NDA that a private company forces a police department into trumps court orders is utterly insane and must be stopped.  Many of the claims made in the NDA do not hold up to scrutiny anymore either, so I’m considering it null and void on those grounds and intend to take this to court if necessary.

Here’s my request:

Dear Custodian of Records,

I am writing, pursuant to Maryland Public Information Act laws and regulations, that any and all usage of IMSI/IMEI catcher, cell phone tower simulators, or devices similar to models known as “Stingray” or “Hailstorm” devices be provided.

This information should include how many times devices were employed and whether or not a warrant was obtained for their use, and if so, which judge authorized such warrants. No information that would be exempt under seciton 3 (Court Rules) is requested, just a broader amount of counts of use, and number of warrants broken down by which judge ordered them.

Separately, any records derived from the above devices that include my IMEI number (REDACTED) are also requested to ensure my privacy has not been unduly invaded in the course of business by Baltimore City Police’s excessive use of the aforementioned devices over the past 8 years.

Further, I request to know if Foxtrot (BPD’s helicopter) is capable of carrying an IMSI/IMEI/Cell phone simulator/stingray/hailstorm device, and if so, whether it has been employed.

Further, I also request information pertaining to the number of the aforementioned devices the Baltimore Police has purchased, and at what cost.

I expect this request to be honored individually among its parts rather than approved or denied wholesale. Information may be provided through digital or hard copy (digital preferred). If the cost exceeds $50 please contact me.

This request is not exempt from the Maryland Public Information Act as the NDA entered into by Baltimore City Police with Harris Corp is unlawful in that it is at odds with the public interest and prevents me from determining if my Constitutional right to privacy was violated. There is no non-public information about these devices and the counter-party to the NDA does not even hold a patent to such technology, as it is the same technology as a cell phone tower, thus no trade secrets or confidential information can possibly exist.

Thus, the non-disclosure agreement regarding the equipment is invalid, and as a basis of denial of records and court orders to that effect is purposefully deceptive and unlawful. Now that the public knows these devices have been in use for 8 years, the NDA’s claims to protecting the lives of officers is no longer valid, nor is the claimed benefit of concealing information valid any longer as the public is aware of such devices and actions by the police. The conclusions drawn no longer hold.

In the event any part of this request is denied, the requester intends to fully invoke the remedies in the Maryland Public Information Act to the fullest extent, up to and including holding the custodian of records legally accountable for improper denial.

Looking forward to your response,
Chris Crook

 

Should be interesting to see if I get a response.  Had to guess some email addresses @baltimorepolice.org – apparently webmaster and legal got through.  Next step: Building a mesh network of counter-detectors.  If they won’t give me the information, I’ll find a way to provide it.

Catching IMSI Catchers: Part 1

Electronic Freedom, Electronics, Government, , , , ,

I had picked up a GSM/GPRS shield for my Arduino a while back without any specific plans for it — I just thought it would be cool to have a project in the future that was able to communicate wireless over the Internet for either report purposes or to react to events (texts, tweets, etc).

After reports came out regarding local law enforcement’s use of IMSI catching devices like the Harris Stingray, I decided to start experimenting with the shield as means of at least detecting the use of IMSI catching devices.  Since I believe in the balance of power between law enforcement and citizens, and strongly believe in privacy rights,  I wish there were countermeasures (blacklisting after discovery?) that could be developed, but perhaps that is the next step after accurate detection of the devices in the first place.  The project is still under development, but so far here are my assumptions and how they figure into my plan of action.

Assumptions & Background Knowledge

IMSI catchers generally broadcast an extraordinarily strong signal in order to ensure that target cell phones in the area opt to connect to it versus other, real, cell phone towers.  This means signal strength analysis is important to identifying an IMSI catcher.

Further, most, if not all IMSI catchers interrupt service to some degree.  Since they aren’t part of the true cell phone network, typically issues arise when receiving calls and/or texts.  This information should also be possible to leverage during the IMSI catcher identification process.  I’m thinking an SMS notification service like Amazon’s SNS could be useful in this case to have the Arduino trigger texts to itself (since data typically still operates even when connected to an IMSI catcher) and see if they are actually delivered in a timely manner or not.  This could indicate whether the Arduino is connected to a false tower.

We also know there are multiple physical deployment options for IMSI catchers, from stationary devices, to ground-based semi-mobile (i.e. surveillance vans), to airborne (i.e. drones & specially equipped planes (with assistance from the CIA).  Since may of these can be mobile, I think my detection of the devices will have to be from stationary position(s) such that it is possible to detect the movement of the “tower” through signal strength changes and/or triangulation.

It may also be an interesting exercise to toggle through a number of directional antennae (or a single, rotating directional antenna) to see if the direction of the tower or IMSI device could be deduced, potentially leading to the ability to confront and shame law enforcement personnel utilizing the device (say, from a surveillance van) against innocent individuals’ devices (i.e. my Arduino “phone” which has never even made a call).

Out of convenience, and for lack of an adapter for my phone’s existing nano SIM card, I picked up a prepaid GSM SIM from the local Dollar General for about $10 for the kit, and $35 for the first month of service.

Next Steps

I plan to get acquainted with the GSM shield and commands to see what I need to do to create a device that can alert to and log the presence of potentially fake GSM towers, preferably with GPS coordinates marking the location of detection, and possible base station locations.

More to come as this project progresses.  I also recently picked up an RTL-SDR device that should allow straight up spectrum analysis in GSM frequency ranges, so that may change the direction of this project as well.

Since novel legal techniques are being used to suppress information regarding the use of these devices by law enforcement (non-disclose agreements between law enforcement and the manufacturer, which somehow trump Constitutional concerns, WTF?) it is time for this citizen to take matters into his own hands to at least reveal the extent of surveillance being performed on the average American using Stingray-like IMSI capturing devices.  It has become clear from the Snowden revelations that the court system cannot be relied upon to protect citizens, or even to provide information with respect to FOIA requests.  The only alternative is to play the same game the government is playing, utilizing technology, but play it back harder in order to force transparency in these programs.

Unleashing Economic Growth

Economics, Government

Kickstarer.  SeedInvest.  GoFundMe.

Let’s ask ourselves why crowdsourcing exists.

Answer: Because of regulations against normal people raising capital to bring new products to market is restricted if you simply want to see shares of your new enterprise; you need high net worth individuals to invest privately.

As demonstrated by Bain Capital’s retirement accounts, private equity can be extremely valuable; restricting this to already-high net worth individuals inherently concentrates wealth further.  If we allowed normal individuals to invest in private enterprises, some of that wealth could be spread around.

The argument that high net worth rules exist to protect investors is absolute bullshit.  Having a high net worth says absolutely nothing about your ability to choose future investments and not be defrauded.  Speaking of fraud, which is presumably what these private investment regulations tries to prevent, we already have laws making fraud illegal.  There is no sense in restricting investment further when fraud protection already exists in the form of other laws.

Let’s remove the hindrance to commerce that Reg. D and allow any individual to own private shares of a company.  General solicitation should be allowed to firms of all size.  Some people will lose money, some people will make out fantastically.  Worried about fraud so much?  Stick to publicly-traded companies and traditional investments, but do not make that choice for me.

Considering how FUBAR the publicly traded markets are at this point, I’d like to see normal investors like myself be given the option to choose how to invest in smaller, local enterprises.

Conaway Update 2: YouTube Metadata Analysis

Government, , , , , , , , ,

After discovering and immediately downloading backups of all of Frank M. Conaway, Jr’s videos for investigative purposes, I started probing YouTube’s API for video metadata via a Python script.  My goal was two-fold:

  1. Get exact timestamps for when the videos were published
  2. Get the original video files (if possible) to interrogate their metadata for when the videos were recorded (similar to the metadata on most mobile phone pictures that can include everything from device used, to location metadata)

Unfortunately, while I was working on it on the MARC train Wednesday morning, the videos were pulled off of YouTube, making the metadata no longer available.

Luckily, I had pulled metadata for one of the videos in order to figure out the best way to handle parsing the XML data returned by YouTube’s API.  I was able to preserve the metadata of one video: video010 know this moses hand.  I’ve included an attached copy of that metadata here: video010 know this moses hand Youtube Metadata.

This file includes a published tag which contains a ISO8601 format UTC datetime value.  This was the information I was trying to retrieve for Goal 1 above, but was trying to automate it for all 54 videos at once.  Goal 2 will unfortunately go unanswered for now as the copies of the videos I retrieved were transcoded to a different format in the process of being extracted from YouTube, destroying any associated metadata.

Here’s what I found:

<published>2014-08-29T14:13:59.000Z</published>

Since this is in UTC (Zulu) time zone, it must be converted back to Eastern Standard Time in order to be useful.  Currently, EST EDT (edit: thanks to an anonymous comment pointing out my mistake here) timezone stands 4 hours behind UTC.  Confirmed using this converter.

Out pops: 2014-08-29T10:13:59-04:00 — which is Friday, August 29th at 10:13AM.  During typical business hours.

I’m unsure of Mr. Conaway’s vacation schedule or typical work hours (I imagine city government workers probably have as flexible schedules as do federal).  But I think this is enough evidence, in conjunction with the questionable location of filming, to prompt an investigation by the City’s Comptrollers Office.  To paraphrase Stephanie Rawlings-Blake’s comment on the videos, it would certainly seem to be the first “appropriate action” the Comptroller should take, and Mr. Conaway’s fellow Delegates should probably take notice.

In the course of that hypothetical investigation, and I’m unsure if it is possible, if Mr. Conaway is required to provide either access to the original recordings or access to his YouTube account, I would be happy to volunteer my services to analyze any and all available data.

If any of you are wondering how to verify the metadata I’ve provided, it would require Mr. Conaway to unhide his videos (if he hasn’t wholesale deleted them — then we’re out of luck) in order for metadata to be probed once again on YouTube, though I’m unsure if making them public again will reset the “published” metadata to the date they were again made public.

I hope I’ve documented my process with sufficient detail for it to pass muster by anyone else who wishes to peer review this analysis.  If I am mistaken anywhere, please let me know in the comments and I’d be happy to update this article, with attribution to whomever points to any flaws.

The video in question is embedded below:

Conaway Update

Government, ,

The Baltimore Sun caught wind of his YouTube page and Mr. Conaway has taken down the videos.

I’m including them here because I am critical of his ability to effectively hold public office and the videos are my evidence of this concern. Under the Fair Use Doctrine, I’ve included mirrors of all of the videos for download. They speak volumes as a critique of his mental state.  I consider it necessary to include all in their entirety to show the breadth and scale of…this:  (embedded OneDrive share is slow, direct link is here)

The Tale of Frank M. Conaway, Jr: Author

Government, , , , , , ,

Please note this post was originally entitled “Seriously Baltimore?”.

Frank M. Conaway, Jr. is a current lawmaker in the Maryland House of Delegates, automatically starting a new term since there is no challenger for the November election.  Mr. Conaway is the son of former Delegate Frank Conaway, Sr.  He made it through the Democratic primary earlier this year despite not doing any apparent campaigning.  While only an anecdote, there were no campaign signs visible at any polling places I visited or drove past leading up the primary.  Who needs contributions to spend on advertising when you have dynastic name recognition thanks to your dad?

I recently had the displeasure of coming across Frank M. Conaway, Jr.’s literary works which he has apparently been writing for the last 13 years and as recently as earlier this summer.  Thanks to Adam Meister for the first introduction to them.  They appear to include the following titles available on Amazon (source of the publishing dates) or through his new website:

  • Baptist Gnostic Christian Eubonic Kundalinion Spiritual Ki Do Hermeneutic Metaphysics: The Word: Hermeneutics (2001)
  • THE 20 PENNIES A DAY DIET PLAN (2012)
    • Aside: don’t be fooled, this largely involves the same concepts as the other books, and I stumbled across some food reviews in the YouTube videos mentioned below.
  • Trapezium Giza Pyramid Artificial Black Hole Theory (2013)
  • Christian Kundalini Science- Proof of the Soul- Cryptogram Solution of Egyptian Stela 55001- & Opening the Hood of Ra (2014)
    • If you’re wondering what Stela 55001 is, it is yet another typo and appears to reference 55001 Papyrus (regarded as the worlds first men’s magazine as it depicts erotica) which is in fact not a stela (or stone slab) at all, which is what makes it a unique artifact from Egypt (no other scroll paintings are known to have survived).

Mr. Conaway’s House of Delegates biography page lists him as an “Author”, while claiming no authorship to any specific works, so presumably this is the same Frank M. Conaway, Jr.  In the course of researching this post, I have confirmed this assumption thanks to his consistent misspellings, and also uncovered approximately 54 videos / rambling rants posted in the last month on YouTube under user account 314meta.  They are clearly the Frank M. Conaway Jr. in question.

Have a look below of his work entitled “Baptist Gnostic Christian Eubonic Kundalinion Spiritual Ki Do Hermeneutic Metaphysics: The Word: Hermeneutics” (yes, that’s actually the title) :

 

Upon starting to attempt to read his work, it immediately becomes evident that no one except perhaps Mr. Conaway  himself has ever read this book, much less an editor or publisher.  It is littered with grammatical and spelling errors and contains a delightful pseudo-bibliography at the end (“THE KEYS”) which, also littered with misspellings.  In an attempt to “unlock” Mr. Conaway’s writing with “THE KEYS” provided, I attempted to browse to the only website listed which appears to be an article discussing religion and the brain.  Unless this is another one of Mr. Conaway’s typographical errors, the domain “msnbo.com” does not exist and a cursory search of The Wayback Machine Internet Archive provided by Archive.org indicates the domain has never hosted anything more than a placeholder page.  I assume this was originally an MSNBC article which doesn’t seem to have been captured by The Wayback Machine.

I’m relatively new to Baltimore, having moved here in 2011 from Washington, D.C. so I had to do a bit more research to get a complete picture of Mr. Conaway in order to put his writings in context.  The City Paper was a great help, detailing Mr. Conaway’s notable baggage in an article from 2006.  The aforementioned article references Mr. Conaway’s 2003 separation from his wife in which she received a protective order against him and swore under oath that he was mentally ill, suffering from bi-polar disorder, and had stopped taking his medication.  Mind you, this is prior to Mr. Conaway’s first term as delegate beginning in 2007.

I do not take mental illness lightly, nor do I claim that I am a psychologist.  I want to make it clear that I do not mean to disparage Mr. Conaway for having a condition; however, when that condition may inhibit a public servant from performing one’s duties which inherently require clear thinking and the ability to discern logic from fallacious argument or complete nonsensical delusions, that is where I feel obligated to speak up.

Writing is the manifestation of consolidated thought — the ability to coherently put together and communicate ideas and arguments through written word.  Wildly disorganized writing which appears to communicate sincere belief in profoundly bizarre concepts, as illustrated by the content of Mr. Conaway’s literary works I find truly and genuinely disturbing as the work product of an elected official.

Mr. Conaway’s books detail his ability to interpret biblical scripture, including deciphering hidden messages in various biblical verses and Egyptian art.  His writings he passes off as “science” (in his “talking horse” titled video) as well, which is clearly a delusion.  John Nash, the very real Princeton professor whom Russell Crowe portrayed in A Beautiful Mind, had similarly attempted (with perhaps less self-perceived success) to find messages in numbers and equations.  Nash, a brilliant but afflicted mathematician, was diagnosed with schizophrenia, but not before it had unfortunately destroyed his marriage.  The parallels in Mr. Conaway’s life, based on the details provided by the City Paper article, closely mirror that of Nash.  The article above also notes that schizophrenia typically presents earlier than bi-polar, with which Mr. Conaway is said to have been diagnosed.  Given the creation or at least upload of 54 videos in the last month, I don’t think it is a stretch of the imagination that Mr. Conaway could be suffering from a manic episode, if his bi-polar diagnosis is correct.

While John Nash was integral in the development and advancement of game and number theory, Mr. Conaway’s weak resume and lack of accomplishments short of riding the coattails of his father’s name to election and now re-election, stand in obvious contrast.  The ability for Mr. Conaway to draw the most votes of any candidate in the general election of 2006 is inexplicable other than name recognition.  Unfortunately, more than a glancing look at this candidate show an inability to commit to jobs for particularly long, pursuit of foolhardy businesses (like his replica car business), and presumably difficulty following through an entire bachelors degree given the separation of his his years of study at three different universities.  This would be consistent with bi-polar as described here, and I would like to especially put emphasis on NIMH’s study discussed in this article which indicates an average worker with bipolar disorder misses 65.5 workdays on average, which I find to be unacceptable for an elected representative serving in the Maryland House of Delegates which is only in session from January to May.

Baltimore City appears to be continuing to elect the politicians it deserves (of questionable skills, questionable character surrounding themselves by convicted drug dealers in a town where an estimated 10% of the population is addicted to heroin, and questionable mental faculties) but not the one it needs (someone with character and high ethical standards, clear thinking, and unwilling to dodge questions), as is evidenced by the continued decay of many parts of the City.

Perhaps I’m suffering from “The Hubris of the Defeated“, to borrow from A Beautiful Mind, but anyone who doesn’t think that the political game in Baltimore isn’t flawed isn’t paying attention.  Mr. Conaway just happens to be a remarkable manifestation of how broken the local political scene is.

 

 

 

Fun With FOIA & “The Free State” of Maryland.

Government, , , , , , , ,

Background

The corridor of 295 and 95 between Baltimore City and BWI Thurgood Marshall Airport is used by thousands of commuters on a daily basis.  Anecdotally, it seems the average speed is at least 65MPH and frequently I’ve found myself doing 80-85MPH in order to keep up with traffic.

Except the speed limit is 55MPH.  55.  On 95, which is, at minimum, 3 lanes in each direction.  On 295, which is minimum 2 lanes in each direction.

To give a comparison, Rt. 64 in Virginia is two lanes in each direction and has a speed limit of 70MPH, reflecting the speed that normal, safe, drivers actually drive on the road.  According to the National Motorists Association speed limits should be set to the 85th percentile of free-flowing traffic.  That is, 85% of traffic is going slower than this speed.

Of course, objectively setting speed limits based on data requires 1) Collecting the data in the first place and 2) being willing to give up a source of revenue for the state.

My intention was to find out if the speed limit is artificially low in this area, and that it could lead to the State exploiting those it supposedly serves by dipping into their wallets with no rational basis.

FOIA Request

I’ve attached my original FOIA request to the state of Maryland for the raw data they’ve captured involving volume and speed data.  Typically, this is done with the boxes you’ll see on the side of the road with two air-filled rubber strips crossing the road.   When cars hit the strip, the puff of air triggers a volume count, and based on the timing of the two strips being hit, one can gauge speed.

The original rationale I gave was in relation to the casino being built, though that was not my true reason for the request, I just thought it was mundane enough and considered that rationale for FOIA requests typically doesn’t matter.  Somehow I don’t trust the state government to provide me with data if I tell them I intend to use it in ways that have the potential to make them look bad.  It’s understandable — everyone, government included, acts in their own self-interest.

First Denial

I’ve also attached the original denial to my request (MD295 FOIA Response), which references several exemptions indicating (surprise!) the state does not have to produce the data for me.

However, the rationale given, and presumably this was written by a lawyer, are incoherent at best, given my request and the actual text of the referenced statues.

Basically, they claimed that “some of the data” were compiled into intra- and inter-agency memos which are not available via FOIA if they are not available to private party litigation or within the interest of the public.  Except you’ll note my original request did not ask for memos or associated materials, but simply the raw traffic (volume and speed) data.  So off the bat, this was irrelevant.  Further, the statement that “some of” the request was compiled into memoranda implies that there are some other records that are in fact, not compiled into memoranda, yet were still not produced.  Presumably, they failed to release the “other” records because of the following:

The exemption referenced that producing this information for me would violate a US statute stating that highway safety data cannot be produced in discovery for “…any action arising from an occurrence…” on a highway, but more broadly related to highway safety and limiting government liability.  Well, great, because generally FOIA isn’t a legal action arising from an occurrence and is specifically separate from discovery, though it can be used similarly.  So again, this is irrelevant.

There was an associated Supreme Court case which had the incredible holding that suppressing data collection efforts actually serves the public interest!  The idea is that officials don’t feel accountable to constituents which means they are able to adhere to better data collection standards.  Quite frankly, I find this argument bordering on the absurd — we peer review scientific studies where the entire process is open, including data collection standards, so others can point out where deficiencies lie or where methodology is flaw.  The fact that we don’t for government statistics is absolutely beyond me.  The Supreme Court’s argument cannot even be validated or verified since the data collected in secrecy cannot be reviewed for accuracy or methodology flaws.

Furthermore, I don’t even have standing to initiate legal action on the stretch of road — I have no accidents there nor speeding tickets, hence there is no risk of me using the data for such purposes.  Even if I did have standing though, releasing the data still wouldn’t violate the code, because it states that the data would be inadmissible as evidence during legal action anyway.  So there is no harm in releasing the data.  Period.

Next Steps

I’m currently sending in the attached response letter (FOIADenialChallenge).  I intend to pursue judicial remedy if I am again denied, up to and including record custodian reprimand, damages, and fees, since this request was clearly improperly denied.

I also amended my request to include data collection methodologies including what devices and data scrubbing are performed on traffic volume and speed data.  Don’t want to give me the data?  Then I’ll do a meta-analysis on how it is collected to inspect any flaws that may exist there.

Do I expect the state of Maryland to respond with the data I requested?  No.  They have no incentive to do so — in fact, it makes more sense for them to waste as much of my time as possible.  I have a day job.  I can’t dedicated a ton of time to this pursuit, which unfairly tilts the playing field towards the government, yet again.

Ultimately, I expect to have to take this for judicial review, in front of a judge and make my arguments, something I’d prefer not to do as I am not a lawyer, and I abhor the protocol involved in court proceedings.   However, it’s something I’m willing to do if it means I get to stick it to the state of Maryland and ratchet back the expanse of the State in general one tiny bit, simply by using logical analysis.

Once I receive the data, or in the absence of receiving it, I will be writing a Baltimore Sun editorial either about my findings within the data (if provided), or about the unfairness of the FOIA process.  In either case, I intend to name and shame all officials involved in the process.  People generally only respond to incentives, and embarrassment is a fairly powerful incentive.  They may be immune to providing me data collected on the tax payers dime, but they are not immune from me publicizing the shady proceedings involved in extracting the fruits of my tax dollars from bureaucracy.

Time will tell whether there is any remnant of Maryland’s motto left in state government.  Are we really still “The Free State”?  Updates to come once a further response is received.

DoJ Cognitive Dissonance: StingRay vs. StealthGenie

Electronic Freedom

Today the Department of Justice announced the arrest of a Pakistani man for writing and selling the StealthGenie spyware app that can monitor all communication from a cell phone, and can do so undetected.  The grounds for the arrest was based on the fact that it was advertised for spying on one’s spouse, enabling stalkers and domestic abusers:

“StealthGenie has little use beyond invading a victim’s privacy” said U.S. Attorney Boente. “Advertising and selling spyware technology is a criminal offense, and such conduct will be aggressively pursued by this office and our law enforcement partners.”

“This application allegedly equips potential stalkers and criminals with a means to invade an individual’s confidential communications,” said FBI Assistant Director in Charge McCabe.

While that is understandable, I can think of a scenario in which the software would be otherwise useful, not to mention similar to other phone recovery programs that allow users to look up the current location of their device, have similar features and are simply marketed differently.  If my phone was stolen, it could be immensely useful to be able to see what the individual using it is doing with it, including who they’re calling and what they’re accessing via the data connection. Some parents may also want to monitor what their children are doing as well (whether or not you agree with that as being good parenting is another question…).

Also included in the press release was an additional statement from McCabe:

“They do this not by breaking into their homes or offices, but by physically installing spyware on unwitting victim’s phones and illegally tracking an individual’s every move. As technology continues to evolve, the FBI will investigate and bring to justice those who use illegal means to monitor and track individuals without their knowledge.”

It would seem that accessing a system to which you are not legally provided permission (i.e. someone else’s cell phone in order to install this app) would already be against the law, and has been for decades.  It’s also interesting that this statement is referencing users of the software, rather than anything regarding the creator who was arrested.

The ultimate irony of this statement is that the FBI itself has been illegally monitoring and tracking individuals without warrants.  The device they use is manufactured by Harris Corporation and goes by a number of names including Stingray.  Basically, the device is a fake cell tower that any cell phone will automatically connect to since phones constantly look for the best cell signal possible — even if they don’t connect they’ll still handshake with the tower.  Law enforcement is then able to collect all individually-identifying IMSI/IMEI codes of the phones that have connected and are able to locate individuals based on this information.

The FBI, US Marshalls and local law enforcement agencies have gone to extreme lengths to keep the program secret and out of the court system, including the FBI even using non-disclosure agreements with local law enforcement agencies using the surveillance product.  The Marshalls, after the ACLU drew attention to their use of the device, seized local law enforcement records to prevent them from being exposed in court proceedings. Considering the recent discovery that there are many fake cell towers across the country, and it is unknown who is operating them, a reasonable assumption would be that it is local or federal law enforcement.

So how exactly does the DoJ and FBI rationalize arresting a man for creating a product that could be used in nefarious ways, when the FBI itself contracts with a private company that makes an even more invasive and privacy-eliminating product?  We shall see: I left a message with the DoJ’s press office asking for a statement regarding usage of Stingray in the face of this arrest.  My guess will be that my call will not be returned, or if it is, it will be “No Comment”.  Feel free to give them a call: 202-514-2007.

Will the CEO of Harris Corp be arrested for creating a product that has “little use beyond invading an individual’s privacy”?  The device they manufacture literally has no other purpose than to violate the civil rights of Americans by law enforcement when used for blanket data collection with or without a warrant.  It has no other valid use.  How can we trust our law enforcement when they arrest people for doing the same thing they do?  How can we trust them when they won’t even get a warrant to utilize such a device?  How can we trust them when they do everything in their power to suppress how the device has actually been used from coming to light in court?

Perhaps we should go back to the tried and true reasons for arresting and convicting:  an actor commits a crime against a specific victim or victims.  Creating software that can be used by those with ill intent is not a crime; using the software in a malicious fashion is.

I don’t believe anyone is suggesting we arrest the manufacturers of encryption software or hardware because it can be used to cover up evidence of criminal activity, yet that’s what we’re doing in this case despite heavy feature overlap between this product and many others currently available.

  • If the major difference is marketing, is it really a crime?
  • If I use innuendo instead or marketed the same exact product with a different stated purpose, is it still a crime?
  • If I suggest that you could re-purpose a Square card reader to steal credit card numbers, am I liable for marketing an identity theft device?

Simple marketing has no victim.  The people who would buy such a product and use it against another are the ones committing a crime.

I’ll post an update if and when I hear back from the DoJ regarding their comment.  This pissed me off enough to make an inaugural blog post about it.  More to come on technology, personal projects, and freedom.