close
  • Sc chevron_right

    Identifying People Using Cell Phone Location Data

    news.movim.eu / Schneier · Monday, 9 January - 04:50 · 1 minute

The two people who shut down four Washington power stations in December were arrested . This is the interesting part:

Investigators identified Greenwood and Crahan almost immediately after the attacks took place by using cell phone data that allegedly showed both men in the vicinity of all four substations, according to court documents.

Nowadays, it seems like an obvious thing to do—although the search is probably unconstitutional . But way back in 2012, the Canadian CSEC—that’s their NSA—did some top-secret work on this kind of thing. The document is part of the Snowden archive, and I wrote about it:

The second application suggested is to identify a particular person whom you know visited a particular geographical area on a series of dates/times. The example in the presentation is a kidnapper. He is based in a rural area, so he can’t risk making his ransom calls from that area. Instead, he drives to an urban area to make those calls. He either uses a burner phone or a pay phone, so he can’t be identified that way. But if you assume that he has some sort of smart phone in his pocket that identifies itself over the Internet, you might be able to find him in that dataset. That is, he might be the only ID that appears in that geographical location around the same time as the ransom calls and at no other times.

There’s a whole lot of surveillance you can do if you can follow everyone, everywhere, all the time. I don’t even think turning your cell phone off would help in this instance. How many people in the Washington area turned their phones off during exactly the times of the Washington power station attacks? Probably a small enough number to investigate them all.

  • chevron_right

    Facebook has been helping law enforcement identify Capitol rioters

    news.movim.eu / ArsTechnica · Friday, 12 February, 2021 - 18:00

Supporters of former President Donald Trump, including Jake Angeli, a QAnon supporter known for his painted face and horned hat, enter the US Capitol on January 6.

Enlarge / Supporters of former President Donald Trump, including Jake Angeli, a QAnon supporter known for his painted face and horned hat, enter the US Capitol on January 6. (credit: Saul Loeb/AFP via Getty Images)

Facebook has gone out of its way to help law enforcement officials identify those who participated in the January 6 riot at the US Capitol, the company said in a Thursday conference call with reporters.

"We were appalled by the violence," said Monika Bickert, Facebook's vice president of content policy. "We were monitoring the assault in real time and made appropriate referrals to law enforcement to assist their efforts to bring those responsible to account."

She added that this "includes helping them identify people who posted photos of themselves from the scene, even after the attack was over" and that Facebook is "continuing to share more information with law enforcement in response to valid legal requests."

Read 5 remaining paragraphs | Comments

index?i=TGnkvRz8H0c:85Tv0GYFEO8:V_sGLiPBpWUindex?i=TGnkvRz8H0c:85Tv0GYFEO8:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Sc chevron_right

    Police Have Disrupted the Emotet Botnet

    news.movim.eu / Schneier · Thursday, 28 January, 2021 - 16:09 · 1 minute

A coordinated effort has captured the command-and-control servers of the Emotet botnet:

Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware . Subjects of emails and documents in Emotet campaigns are regularly altered to provide the best chance of luring victims into opening emails and installing malware ­ regular themes include invoices, shipping notices and information about COVID-19 .

Those behind the Emotet lease their army of infected machines out to other cyber criminals as a gateway for additional malware attacks, including remote access tools (RATs) and ransomware .

[…]

A week of action by law enforcement agencies around the world gained control of Emotet’s infrastructure of hundreds of servers around the world and disrupted it from the inside.

Machines infected by Emotet are now directed to infrastructure controlled by law enforcement, meaning cyber criminals can no longer exploit machines compromised and the malware can no longer spread to new targets, something which will cause significant disruption to cyber-criminal operations.

[…]

The Emotet takedown is the result of over two years of coordinated work by law enforcement operations around the world, including the Dutch National Police, Germany’s Federal Crime Police, France’s National Police, the Lithuanian Criminal Police Bureau, the Royal Canadian Mounted Police, the US Federal Bureau of Investigation, the UK’s National Crime Agency, and the National Police of Ukraine.

  • chevron_right

    Insurrectionists’ social media presence gives feds an easy way to ID them

    news.movim.eu / ArsTechnica · Thursday, 7 January, 2021 - 21:19 · 1 minute

The seditionists who broke into the US Capitol on Wednesday were not particularly subtle and did not put any particular effort into avoiding being identified.

Enlarge / The seditionists who broke into the US Capitol on Wednesday were not particularly subtle and did not put any particular effort into avoiding being identified. (credit: Saul Loeb | AFP | Getty Images )

Law enforcement agencies trying to track down insurrectionists who participated in yesterday's events at the US Capitol have a wide array of tools at their disposal thanks to the ubiquity of cameras and social media.

Both local police and the FBI are seeking information about individuals who were "actively instigating violence" in Washington, DC, on January 6. While media organizations took thousands of photos police can use, they also have more advanced technologies at their disposal to identify participants, following what several other agencies have done in recent months.

Several police departments, such as Miami, Philadelphia, and New York City, turned to facial recognition platforms —including the highly controversial Clearview AI —during the widespread summer 2020 demonstrations against police brutality and in support of Black communities. In Philadelphia, for example, police used software to compare protest footage against Instagram photos to identify and arrest a protestor. In November, The Washington Post reported that investigators from 14 local and federal agencies in the DC area have used a powerful facial recognition system more than 12,000 times since 2019.

Read 10 remaining paragraphs | Comments

index?i=WoBat2qFt5Y:yeWC9zaQ-SQ:V_sGLiPBpWUindex?i=WoBat2qFt5Y:yeWC9zaQ-SQ:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • chevron_right

    COVID-19 contact-tracing data is fair game for police, Singapore says

    news.movim.eu / ArsTechnica · Tuesday, 5 January, 2021 - 21:21

Close-up image of a hand holding a palm-sized electronic device.

Enlarge / A user in Singaapore holding the TraceTogether device that can be used for COVID-19 contact tracing in lieu of a smartphone app. (credit: Roslan Rahman | AFP | Getty Images )

The government of Singapore said this week it has used data gathered for COVID-19 mitigation purposes in criminal investigations, sparking privacy concerns about contact tracing both in Singapore and elsewhere in the world.

Singapore's contract-tracing app, TraceTogether, has been adopted by nearly 80 percent of the country's population, according to The Guardian , and Singaporeans are required to use it to enter certain gathering places such as shopping malls.

TraceTogether's privacy statement originally read, "Data will only be used for Covid-19 contact tracing," but it was updated this week to add, "Authorised Police officers may invoke Criminal Procedure Code (CPC) powers to request users to upload their TraceTogether data for criminal investigations. The Singapore Police Force is empowered under the CPC to obtain any data, including TraceTogether data, for criminal investigations," The Register reports.

Read 8 remaining paragraphs | Comments

index?i=AJb39QvhSlw:Ns-raJ4Vj9c:V_sGLiPBpWUindex?i=AJb39QvhSlw:Ns-raJ4Vj9c:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • chevron_right

    Florida police raid home of former state coronavirus data manager

    news.movim.eu / ArsTechnica · Tuesday, 8 December, 2020 - 18:51

Workers removing a sign from a drive-through COVID-19 testing site in Orlando, Fla. in October, 2020.

Enlarge / Workers removing a sign from a drive-through COVID-19 testing site in Orlando, Fla. in October, 2020. (credit: Paul Hennessy | NurPhoto | Getty Images )

Police on Monday raided the Florida home of data scientist Rebekah Jones, who alleged in May that she was fired from her job collating COVID-19 data for the state because she refused to "manipulate" data to make the governor's agenda look more favorable.

"At 8:30 this morning, state police came into my house and took all my hardware and tech," Jones said in a Twitter thread on Monday afternoon. Her initial post included a 30-second video of armed officers pointing guns up a staircase and shouting for Jones' husband and children to come down before another officer shouted, "search warrant!" loudly to no one in particular.

"They pointed a gun in my face. They pointed guns at my kids," Jones added. "They took my phone and the computer I use every day to post the case numbers in Florida, and school cases for the entire country. They took evidence of corruption at the state level."

Read 16 remaining paragraphs | Comments

index?i=975IZwI_uaQ:5pIAxRvs9PU:V_sGLiPBpWUindex?i=975IZwI_uaQ:5pIAxRvs9PU:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • chevron_right

    Cops in Miami, NYC arrest protesters from facial recognition matches

    news.movim.eu / ArsTechnica · Wednesday, 19 August, 2020 - 20:45

People hold up signs while police in riot gear watch from above.

Enlarge / Demonstrators marching on a roadway during a protest against police brutality and the death of George Floyd, on May 31, 2020, in Miami, Florida. (credit: Joe Raedle | Getty Images )

Law enforcement in several cities, including New York and Miami, have reportedly been using controversial facial recognition software to track down and arrest individuals who allegedly participated in criminal activity during Black Lives Matter protests months after the fact.

Miami police used Clearview AI to identify and arrest a woman for allegedly throwing a rock at a police officer during a May protest, local NBC affiliate WTVJ reported this week. The agency has a policy against using facial recognition technology to surveil people exercising "constitutionally protected activities" such as protesting, according to the report.

"If someone is peacefully protesting and not committing a crime, we cannot use it against them," Miami Police Assistant Chief Armando Aguilar told NBC6. But, Aguilar added, "We have used the technology to identify violent protesters who assaulted police officers, who damaged police property, who set property on fire. We have made several arrests in those cases, and more arrests are coming in the near future."

Read 10 remaining paragraphs | Comments

index?i=Vj82z434fy0:2mRxggF6Jzw:V_sGLiPBpWUindex?i=Vj82z434fy0:2mRxggF6Jzw:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA