Your Source for Leaks Around the World!

Archive for December, 2013|Monthly archive page

Matthew Cole – OPSEC Failures of Spies – BlackHat 2013

In Archive, CIA, Italy, Lebanon, Surveillance on December 31, 2013 at 6:38 PM

Matt Blaze: “Anyone who says it’s ‘just’ harmless metadata should be forced to watch Matthew Cole’s talk Clockwork Orange style.”


The CIA is no more technologically sophisticated than your average American, and as a result, has suffered serious and embarrassing operational failures.

This is a rare peek inside the CIA’s intelligence gathering operations and the stunning lack of expertise they can bring to the job.

In 2005, news organizations around the world reported that an Italian court had signed arrest warrants for 26 Americans in connection with an extraordinary rendition of a Muslim cleric. At the heart of the case was the stunning lack of OPSEC the team of spies used while they surveilled and then snatched their target off the streets of Milan.

The incident, known as the Italian Job inside the CIA, became an international scandal and caused global outrage. What very few people ever understood was that the CIA’s top spies were laughably uneducated about cell phone technology and ignorant of the electronic fingerprints left behind.

The story would be startling, though old, if not for the fact that eight years after the debacle in Milan, history repeated itself.

In 2011, an entire CIA network of Lebanese informants was busted by Hezbollah. The reason: cell phone OPSEC failures. After receiving a warning from Mossad, who had lost their network a year earlier the same way, the CIA dismissed Hezbollah’s ability to run analytic software on raw cell phone traffic. But they did. And with a little effort, the CIA’s network of spies, as well as their own officers, were identified one by one.

This is the true story of American Intelligence’s Keystone Kops.

Matthew Cole is an investigative journalist, specializing in national security and intelligence issues. Most recently, Cole worked as a television producer at ABC News’ investigative unit. There, he garnered two Emmy nominations in 2011 for his coverage of the CIA and an al Qaeda terrorist plot. His work has aired on Good Morning America, World News Tonight and Nightline.

While at ABC News, Cole broke several international stories, which include a CIA secret prison in Lithuania, and revelations that a missing Iranian nuclear scientist had in fact defected to the US for the CIA. Cole has covered Blackwater, mercenaries, the expansion of JSOC, the CIA, and war crimes in Afghanistan. Prior to ABC, Cole was a contributing writer at ESPN the Magazine and wrote features for GQ, New York, Salon, and Details among others.

His work has been cited by the annual Best Sports Writing. Cole has filed or produced from Afghanistan and Pakistan, as well as reporting in Egypt, Jordan, Dubai, Thailand, Lithuania, Italy and Panama. Cole graduated from Sarah Lawrence College and received a master’s degree in journalism from Columbia University. He resides in New York.

Kevin McNamee – How to Build a SpyPhone – BlackHat 2013

In Archive, Hacking, Surveillance, Technology on December 31, 2013 at 5:57 PM


Learn how to build an Android SpyPhone service that can be injected into any application. The presentation will feature a live demonstration of how phones can be tracked and operated from a Web based command and control server and a demonstration of how to inject the SpyPhone service into any Android application. The presentation will also cover the APIs used to track the phone’s location, intercept phone calls and SMS messages, extract e-mail and contact lists, and activate the camera and microphone without being detected.

Kevin McNamee has over 30 years of security and networking experience. He is currently the Director of Kindsight Security Labs. Previously he was Director of Security Research at Bell Labs and has also held security development and design roles at Alcatel-Lucent, TimeStep, Milkyway Networks and Newbridge Networks.

NYPD’s Next-Gen “Smart Car” Loaded with High-Tech Surveillance Tools

In Archive, NYPD, Surveillance, Technology on December 31, 2013 at 1:41 PM




To the untrained eye, it looks like almost any other New York Police Department cruiser combing the city’s streets—but this squad car has just as much brains as it does brawn.

It is the department’s prototype “smart car,” outfitted with the latest gadgets in public surveillance. It has two infrared monitors mounted on the trunk that record any numbers it sees—such as license plates and addresses. It has surveillance cameras and air sensors capable of sending real-time information to police headquarters. The NYPD says it is the cruiser of the very near future.

The smart car is one of dozens of projects included in a long-term strategic plan known as NYPD2020, prepared in November for Police Commissioner Raymond Kelly.

The 13-page report describes initiatives ranging from the high-tech (500 officers have received Samsung Rugby smartphones equipped to deliver real-time crime data) to the bureaucratic (new guidelines for recruiting and keeping qualified candidates). More than a dozen are already under way.

The initiative began in 2011, under the guidance of McKinsey & Co. The consulting firm worked with NYPD officials over 11 months to create a road map for the department over the next decade. McKinsey & Co. declined to comment.

The smart car prototype has been on the road for about a year and is based out of the 84th Precinct in Brooklyn Heights. The idea came about as the NYPD looked for ways to connect intelligence gathered in the field with the department’s new system that compiles raw data, video feeds and other information, then alerts officials to potential incidents and maps where crimes occur. The system is already at police headquarters, and will soon be in each precinct and command around the city.

The car’s scanner can read license plates, then check the results against a database that contains the plate numbers of cars that are stolen, may have been involved in a crime, or have outstanding infractions. The data is stored for an indefinite period, though that will likely change, Mr. del Pozo said.

Related: NYPD License Plate Readers Will Be Able To Track Every Car Entering Manhattan

“It reads any set of numbers,” Mr. del Pozo said. “If it doesn’t get a hit, it gets stored. We don’t look at [the results] unless an investigation points to them.”

A detector attached to the rear windshield can scan the air for increased radiation levels, and ship the results back to an NYPD command center.

Some of these capabilities already exist in some squad cars, but no other car is outfitted with all of the technology, Mr. del Pozo said, adding that future smart cars might include fingerprint scanners and facial recognition sensors.

No mention in the WSJ story, of course, of the NYPD’s lack of transparency on surveillance and extremely questionable track record as of late when it comes to civil rights, namely wiretapping mosques and the infamous stop and frisk program. Who cares! Police car of the future, baby!

Demolition Man anyone?


CSEC 101: Foundational Learning Curriculum

In Archive, Canada, CSEC, FOIA, Surveillance on December 31, 2013 at 7:00 AM


Colin Freeze/GlobeAndMail:

The “CSEC 101: Foundational Learning Curriculum,” comprises dozens of PowerPoint decks that are intended to help new employees at the Ottawa agency find their feet. The Globe and Mail obtained the 650-page manual through Access to Information laws.

These partly redacted presentations from 2012 do not speak to the kinds of CSEC spying lately brought to light by former American contractor Edward Snowden – the leaked operational slides that allegedly show CSEC spying on Brazil’s energy sector and also taking steps to keep tabs on foreign diplomats at G20 meetings.

Rather, the “learning curriculum” – complete with arcane acronyms and occasional illustrations from The Simpsons – speaks to the bureaucratic banalities behind the job, and a culture of extreme caution in terms of protecting information from outsiders.


Through a PRISM, Darkly: Everything We Know About NSA Spying – Kurt Opsahl @ 30c3

In Archive, NSA, NSA Files, Surveillance on December 31, 2013 at 5:19 AM


From Stellar Wind to PRISM, Boundless Informant to EvilOlive, the NSA spying programs are shrouded in secrecy and rubber-stamped by secret opinions from a court that meets in a faraday cage. The Electronic Frontier Foundation‘s Kurt Opsahl explains the known facts about how the programs operate and the laws and regulations the U.S. government asserts allows the NSA to spy on you.

The Electronic Frontier Foundation, a non-profit civil society organization, has been litigating against the NSA spying program for the better part of a decade. EFF has collected and reviewed dozens of documents, from the original NYTimes/stories in 2005 and the first AT&T/whistleblower (Mark Klein) in 2006, through the latest documents released in the Guardian or obtained through EFF’s Freedom of Information (government transparency) litigation.

EFF attorney Kurt Opsahl’s lecture will describe how the NSA spying program works, the underlying technologies, the targeting procedures (how they decide who to focus on), the minimization procedures (how they decide which information to discard), and help you makes sense of the many code names and acronyms in the news. He will also discuss the legal and policy ramifications that have become part of the public debate following the recent disclosures, and what you can do about it.

%d bloggers like this: