Hi!
We don't. They have to protect themselves end-to-end. They should never
be trusting us or anybody else.
Mitar
> Couldn't a community mesh network be suspected of having the same sort of
> tracking abilities?
> How do we convince potential mesh network users that we aren't collecting
> location data on them?
>
> Steve
>
>
> On Friday, November 8, 2013, Jenny Ryan wrote:
>
>>
>>
>> ---------- Forwarded message ----------
>> From: Preston Rhea <prestonrhea@opentechinstitute.org <javascript:_e({},
>> 'cvml', 'prestonrhea@opentechinstitute.org');>>
>> Date: Thu, Nov 7, 2013 at 6:49 AM
>> Subject: Fwd: [Commotion-discuss] Seattle Police mesh network for
>> surveillance?
>> To: Jenny Ryan <jenny@thepyre.org <javascript:_e({}, 'cvml',
>> 'jenny@thepyre.org');>>, Shaun Houlihan <shaunhoulihan@gmail.com<javascript:_e({}, 'cvml', 'shaunhoulihan@gmail.com');>
>>>
>>
>>
>> Thought this would interest y'all, I don't know if you are already on
>> the Commotion listserv Jenny.
>>
>>
>> ---------- Forwarded message ----------
>> From: Dan Staples <danstaples@opentechinstitute.org <javascript:_e({},
>> 'cvml', 'danstaples@opentechinstitute.org');>>
>> Date: Wed, Nov 6, 2013 at 9:32 PM
>> Subject: [Commotion-discuss] Seattle Police mesh network for surveillance?
>> Commotion-discuss@lists.chambana.net <javascript:_e({}, 'cvml',>> To: commotion-discuss <commotion-discuss@lists.chambana.net<javascript:_e({}, 'cvml', 'commotion-discuss@lists.chambana.net');>
>>>
>>
>>
>>
>> http://www.thestranger.com/seattle/you-are-a-rogue-device/Content?oid=18143845
>>
>> You Are a Rogue Device
>> A New Apparatus Capable of Spying on You Has Been Installed Throughout
>> Downtown Seattle. Very Few Citizens Know What It Is, and Officials Don’t
>> Want to Talk About It.
>>
>> by Matt Fikse-Verkerk and Brendan Kiley
>>
>> If you're walking around downtown Seattle, look up: You'll see off-white
>> boxes, each one about a foot tall with vertical antennae, attached to
>> utility poles. If you're walking around downtown while looking at a
>> smartphone, you will probably see at least one—and more likely two or
>> three—Wi-Fi networks named after intersections: "4th&Seneca,"
>> "4th&Union," "4th&University," and so on. That is how you can see the
>> Seattle Police Department's new wireless mesh network, bought from a
>> California-based company called Aruba Networks, whose clients include
>> the Department of Defense, school districts in Canada, oil-mining
>> interests in China, and telecommunications companies in Saudi Arabia.
>>
>> The question is: How well can this mesh network see you?
>>
>> How accurately can it geo-locate and track the movements of your phone,
>> laptop, or any other wireless device by its MAC address (its "media
>> access control address"—nothing to do with Macintosh—which is analogous
>> to a device's thumbprint)? Can the network send that information to a
>> database, allowing the SPD to reconstruct who was where at any given
>> time, on any given day, without a warrant? Can the network see you now?
>>
>> The SPD declined to answer more than a dozen questions from The
>> Stranger, including whether the network is operational, who has access
>> to its data, what it might be used for, and whether the SPD has used it
>> (or intends to use it) to geo-locate people's devices via their MAC
>> addresses or other identifiers.
>>
>> Seattle Police detective Monty Moss, one of the leaders of the
>> mesh-network project—one part of a $2.7 million effort, paid for by the
>> Department of Homeland Security—wrote in an e-mail that the department
>> "is not comfortable answering policy questions when we do not yet have a
>> policy." But, Detective Moss added, the SPD "is actively collaborating
>> with the mayor's office, city council, law department, and the ACLU on a
>> use policy." The ACLU, at least, begs to differ: "Actively
>> collaborating" is not how they would put it. Jamela Debelak, technology
>> and liberty director of the Seattle office, says the ACLU submitted
>> policy-use suggestions months ago and has been waiting for a response.
>>
>> Detective Moss also added that the mesh network would not be used for
>> "surveillance purposes... without City Council's approval and the
>> appropriate court authorization." Note that he didn't say the mesh
>> network couldn't be used for the surveillance functions we asked about,
>> only that it wouldn't—at least until certain people in power say it can.
>> That's the equivalent of a "trust us" and a handshake.
>>
>> His answer is inadequate for other reasons as well. First, the city
>> council passed an ordinance earlier this year stating that any potential
>> surveillance equipment must submit protocols to the city council for
>> public review and approval within 30 days of its acquisition and
>> implementation. This mesh network has been around longer than that, as
>> confirmed by Cascade Networks, Inc., which helped install it. Still, the
>> SPD says it doesn't have a policy for its use yet. Mayor McGinn's office
>> says it expects to see draft protocols sometime in December—nearly nine
>> months late, according to the new ordinance.
>>
>> Second, and more importantly, this mesh network is part of a whole new
>> arsenal of surveillance technologies that are moving faster than the
>> laws that govern them are being written. As Stephanie K. Pell (former
>> counsel to the House Judiciary Committee) and Christopher Soghoian
>> (senior policy analyst at the ACLU) wrote in a 2012 essay for the
>> Berkeley Technology Law Journal:
>>
>> The use of location information by law enforcement agencies is
>> common and becoming more so as technological improvements enable
>> collection of more accurate and precise location data. The legal mystery
>> surrounding the proper law enforcement access standard for prospective
>> location data remains unsolved. This mystery, along with conflicting
>> rulings over the appropriate law enforcement access standards for both
>> prospective and historical location data, has created a messy,
>> inconsistent legal landscape where even judges in the same district may
>> require law enforcement to meet different standards to compel location
>> data.
>>
>> In other words, law enforcement has new tools—powerful tools. We didn't
>> ask for them, but they're here. And nobody knows the rules for how they
>> should be used.
>>
>> This isn't the first time the SPD has purchased surveillance equipment
>> (or, as they might put it, public-safety equipment that happens to have
>> powerful surveillance capabilities) without telling the rest of the
>> city. There was the drones controversy this past winter, when the public
>> and elected officials discovered that the SPD had bought two unmanned
>> aerial vehicles with the capacity to spy on citizens. There was an
>> uproar, and a few SPD officers embarked on a mea culpa tour of community
>> meetings where they answered questions and endured (sometimes raucous)
>> criticism. In February, Mayor Mike McGinn announced he was grounding the
>> drones, but a new mayor could change his mind. Those SPD drones are
>> sitting somewhere right now on SPD property.
>>
>> Meanwhile, the SPD was also dealing with the port-camera surveillance
>> scandal. That kicked off in late January, when people in West Seattle
>> began wondering aloud about the 30 cameras that had appeared unannounced
>> on utility poles along the waterfront. The West Seattle neighborhood
>> blog (westseattleblog.com) sent questions to city utility companies, and
>> the utilities in turn pointed at SPD, which eventually admitted that it
>> had purchased and installed 30 surveillance cameras with federal money
>> for "port security." That resulted in an additional uproar and another
>> mea culpa tour, much like they did with the drones, during which
>> officers repeated that they should have done a better job of educating
>> the public about what they were up to with the cameras on Alki.
>> (Strangely, the Port of Seattle and the US Coast Guard didn't seem very
>> involved in this "port security" project—their names only appear in a
>> few cursory places in the budgets and contracts. The SPD is clearly the
>> driving agency behind the project. For example, their early tests of
>> sample Aruba products—beginning with a temporary Aruba mesh network set
>> up in Pioneer Square for Mardi Gras in 2009—didn't have anything to do
>> with the port whatsoever.)
>>
>> The cameras attracted the controversy, but they were only part of the
>> project. In fact, the 30 pole-mounted cameras on Alki that caused the
>> uproar cost $82,682—just 3 percent of the project's $2.7 million
>> Homeland Security–funded budget. The project's full title was "port
>> security video surveillance system with wireless mesh network." People
>> raised a fuss about the cameras. But what about the mesh network?
>>
>> Detective Moss and Assistant Chief Paul McDonagh mentioned the downtown
>> mesh network during those surveillance-camera community meetings, saying
>> it would help cops and firefighters talk to each other by providing a
>> wireless network for their exclusive use, with the potential for others
>> to use overlaid networks handled by the same equipment. (Two-way radios
>> already allow police officers to talk to each other, but officers still
>> use wireless networks to access data, such as the information an officer
>> looks for by running your license plate number when you've been pulled
>> over.)
>>
>> As Brian Magnuson of Cascade Networks, Inc., which helped install the
>> Aruba system, explained the possible use of such a system: "A normal
>> cell-phone network is a beautiful thing right up until the time you
>> really need it—say you've just had an earthquake or a large storm, and
>> then what happens? Everybody picks up their phone and overloads the
>> system." The network is most vulnerable precisely when it's most needed.
>> A mesh network could be a powerful tool for streaming video from
>> surveillance cameras or squad car dash-cams across the network, allowing
>> officers "real-time situational awareness" even when other communication
>> systems have been overloaded, as Detective Moss explained in those
>> community meetings.
>>
>> But the Aruba mesh network is not just for talking, it's also for tracking.
>>
>> After reviewing Aruba's technical literature, as well as talking to IT
>> directors and systems administrators around the country who work with
>> Aruba products, it's clear that their networks are adept at seeing all
>> the devices that move through their coverage area and visually mapping
>> the locations of those devices in real time for the system
>> administrators' convenience. In fact, one of Aruba's major selling
>> points is its ability to locate "rogue" or "unassociated" devices—that
>> is, any device that hasn't been authorized by (and maybe hasn't even
>> asked to be part of) the network.
>>
>> Which is to say, your device. The cell phone in your pocket, for instance.
>>
>> The user's guide for one of Aruba's recent software products states:
>> "The wireless network has a wealth of information about unassociated and
>> associated devices." That software includes "a location engine that
>> calculates associated and unassociated device location every 30 seconds
>> by default... The last 1,000 historical locations are stored for each
>> MAC address."
>>
>> For now, Seattle's mesh network is concentrated in the downtown area.
>> But the SPD has indicated in PowerPoint presentations—also acquired by
>> The Stranger—that it hopes to eventually have "citywide deployment" of
>> the system that, again, has potential surveillance capabilities that the
>> SPD declined to answer questions about. That could give a whole new
>> meaning to the phrase "real-time situational awareness."
>>
>> So how does Aruba's mesh network actually function?
>>
>> Each of those off-white boxes you see downtown is a wireless access
>> point (AP) with four radios inside it that work to shove giant amounts
>> of data to, through, and around the network, easily handling
>> bandwidth-hog uses such as sending live, high-resolution video to or
>> from moving vehicles. Because this grid of APs forms a latticelike mesh,
>> it works like the internet itself, routing traffic around bottlenecks
>> and "self-healing" by sending traffic around components that fail.
>>
>> As Brian Magnuson at Cascade Networks explains: "When you have 10 people
>> talking to an AP, no problem. If you have 50, that's a problem." Aruba's
>> mesh solution is innovative—instead of building a few high-powered,
>> herculean APs designed to withstand an immense amount of traffic, Aruba
>> sprinkles a broad area with lots of lower-powered APs and lets them
>> figure out the best way to route all the data by talking to each other.
>>
>> Aruba's technology is considered cutting-edge because its systems are
>> easy to roll out, administer, and integrate with other systems, and its
>> operating system visualizes what's happening on the network in a simple,
>> user-friendly digital map. The company is one of many firms in the
>> networking business, but, according to the tech-ranking firm Gartner,
>> Aruba ranks second (just behind Cisco) in "completeness of vision" and
>> third in "ability to execute" for its clever ways of getting around
>> technical hurdles.
>>
>> Take Candlestick Park, the San Francisco 49ers football stadium, which,
>> Magnuson says, is just finishing up an Aruba mesh network installation.
>> The stadium has high-intensity cellular service needs—70,000 people can
>> converge there for a single event in one of the most high-tech cities in
>> America, full of high-powered, newfangled devices. "Aruba's solution was
>> ingenious," Magnuson says. It put 640 low-power APs under the stadium's
>> seats to diffuse the data load. "If you're at the stadium and trying to
>> talk to an AP," Magnuson says, "you're probably sitting on it!"
>>
>> Another one of Aruba's selling points is its ability to detect rogue
>> devices—strangers to the system. Its promotional "case studies" trumpet
>> this capability, including one report about Cabela's hunting and
>> sporting goods chain, which is an Aruba client: "Because Cabela's stores
>> are in central shopping areas, the company captures huge quantities of
>> rogue data—as many as 20,000 events per day, mostly from neighboring
>> businesses." Aruba's network is identifying and distinguishing which
>> devices are allowed on the Cabela's network and which are within the
>> coverage area but are just passing through. The case study also
>> describes how Cabela's Aruba network was able to locate a lost
>> price-scanner gun in a large warehouse by mapping its location, as well
>> as track employees by the devices they were carrying.
>>
>> It's one thing for a privately owned company to register devices it
>> already owns with a network. It's another for a local police department
>> to scale up that technology to blanket an entire downtown—or an entire
>> city.
>>
>> Aruba also sells a software product called "Analytics and Location
>> Engine 1.0." According to a document Aruba has created about the
>> product, ALE "calculates the location of associated and unassociated
>> wifi devices... even though a device has not associated to the network,
>> information about it is available. This includes the MAC address,
>> location, and RSSI information." ALE's default setting is anonymous,
>> which "allows for unique user tracking without knowing who the
>> individual user is." But, Aruba adds in the next sentence, "optionally
>> the anonymization can be disabled for richer analytics and user behavior
>> tracking." The network has the ability to see who you are—how deeply it
>> looks is up to whoever's using it. (The Aruba technology, as far as we
>> know, does not automatically associate a given MAC address with the name
>> on the device's account. But figuring out who owns the account—by asking
>> a cell-phone company, for example—would not be difficult for a
>> law-enforcement agency.)
>>
>> Geo-location seems to be an area of intense interest for Aruba. Last
>> week, the Oregonian announced that Aruba had purchased a Portland
>> mapping startup called Meridian, which, according to the article, has
>> developed software that "pinpoints a smartphone's location inside a
>> venue, relying either on GPS technology or with localized wireless
>> networks." The technology, the article says, "helps people find their
>> way within large buildings, such as malls, stadiums, or airports and
>> enables marketing directed at a phone's precise location."
>>
>> How does that geo-location work? Devices in the network's coverage area
>> are "heard" by more than one radio in those APs (the off-white boxes).
>> Once the network hears a device from multiple APs, it can compare the
>> strength and timing of the signal to locate where the device is. This is
>> classic triangulation, and users of Aruba's AirWave software—as in the
>> Cabela's example—report that their systems are able to locate devices to
>> within a few feet.
>>
>> In the case of large, outdoor installations where APs are more spread
>> out, the ability to know what devices are passing through is
>> useful—especially, perhaps, to policing agencies, which could log that
>> data for long-term storage. As networking products and their uses
>> continue to evolve, they will only compound the "legal mystery" around
>> how this technology could and should be used that Pell and Soghoian
>> described in their Berkeley Technology Law Journal piece. Aruba's mesh
>> network is state-of-the-art, but something significantly smarter and
>> more sensitive will surely be on the market this time next year. And who
>> knows how much better the software will get.
>>
>> An official spokesperson for Aruba wrote in an e-mail that the company
>> could not answer The Stranger's questions because they pertained "to a
>> new product announcement" that would not happen until Thanksgiving.
>> "Aruba's technology," the spokesperson added, "is designed for indoor
>> (not outdoor) usage and is for consumer apps where they opt in." This is
>> in direct contradiction to Aruba's own user's manuals, as well as the
>> fact that the Seattle Police Department installed an outdoor Aruba mesh
>> network earlier this year.
>>
>> One engineer familiar with Aruba products and similar systems—who
>> requested anonymity—confirmed that the mesh network and its software are
>> powerful tools. "But like anything," the engineer said, it "can be used
>> inappropriately... You can easily see how a user might abuse this
>> ability (network admin has a crush on user X, monitors user X's location
>> specifically)." As was widely reported earlier this year, such alleged
>> abuses within the NSA have included a man who spied on nine women over a
>> five-year period, a woman who spied on prospective boyfriends, a man who
>> spied on his girlfriend, a husband who spied on his wife, and even a man
>> who spied on his ex-girlfriend "on his first day of access to the NSA's
>> surveillance system," according to the Washington Post. The practice was
>> so common within the NSA, it got its own classification: "LOVEINT."
>>
>> Other Aruba clients—such as a university IT director, a university vice
>> president, and systems administrators—around the country confirmed it
>> wouldn't be difficult to use the mesh network to track the movement of
>> devices by their MAC addresses, and that building a historical database
>> of their movements would be relatively trivial from a data-storage
>> perspective.
>>
>> As Bruce Burton, an information technology manager at the University of
>> Cincinnati (which uses an Aruba network), put it in an e-mail: "This
>> mesh network will have the capability to track devices (MAC addresses)
>> throughout the city."
>>
>> Not that the SPD would do that—but we don't know. "We definitely feel
>> like the public doesn't have a handle on what the capabilities are,"
>> says Debelak of the ACLU. "We're not even sure the police department
>> does." It all depends on what the SPD says when it releases its
>> mesh-network protocols.
>>
>> "They're long overdue," says Lee Colleton, a systems administrator at
>> Google who is also a member of the Seattle Privacy Coalition, a
>> grassroots group that formed in response to SPD's drone and
>> surveillance-camera controversies. "If we don't deal with this kind of
>> thing now, and establish norms and policies, we'll find ourselves in an
>> unpleasant situation down the road that will be harder to change."
>>
>> The city is already full of surveillance equipment. The Seattle
>> Department of Transportation, for example, uses license-plate scanners,
>> sensors embedded in the pavement, and other mechanisms to monitor
>> individual vehicles and help estimate traffic volume and wait time. "But
>> as soon as that data is extrapolated," says Adiam Emery of SDOT, "it's
>> gone." They couldn't turn it over to a judge if they tried.
>>
>> Not that license-plate scanners have always been so reliable. Doug Honig
>> of the ACLU remembers a story he heard from a former staffer a couple of
>> years ago about automatic license-plate readers on police cars in
>> Spokane. Automatic license-plate readers "will read a chain-link fence
>> as XXXXX," Honig says, "which at the time also matched the license plate
>> of a stolen car in Mississippi, resulting in a number of false alerts to
>> pull over the fence."
>>
>> Seattle's mesh network is only one instance in a trend of Homeland
>> Security funding domestic surveillance equipment. Earlier this month,
>> the New York Times ran a story about a $7 million Homeland Security
>> grant earmarked for "port security"—just like the SPD's mesh-network
>> funding—in Oakland.
>>
>> "But instead," the Times reports, "the money is going to a police
>> initiative that will collect and analyze reams of surveillance data from
>> around town—from gunshot- detection sensors in the barrios of East
>> Oakland to license plate readers mounted on police cars patrolling the
>> city's upscale hills."
>>
>> The Oakland "port security" project, which the Times reports was
>> formerly known as the "Domain Awareness Center," will "electronically
>> gather data around the clock from a variety of sensors and databases,
>> analyze that data, and display some of the information on a bank of
>> giant monitors." The Times doesn't detail what kind of "sensors and
>> databases" the federally funded "port security" project will pay for,
>> but perhaps it's something like Seattle's mesh network with its ability
>> to ping, log, and visually map the movement of devices in and out of its
>> coverage area.
>>
>> Which brings up some corollary issues, ones with implications much
>> larger than the SPD's ability to call up a given time on a given day and
>> see whether you were at work, at home, at someone's else home, at a bar,
>> or at a political demonstration: What does it mean when money from a
>> federal agency like the Department of Homeland Security is being
>> funneled to local police departments like SPD to purchase and use
>> high-powered surveillance gear?
>>
>> For federal surveillance projects, the NSA and other federal spying
>> organizations have at least some oversight—as flawed as it may be—from
>> the Foreign Intelligence Surveillance Court (also known as the FISA
>> court) and the US Congress. But local law enforcement doesn't have that
>> kind of oversight and, in Seattle at least, has been buying and
>> installing DHS-funded surveillance equipment without explaining what
>> it's up to. The city council's surveillance ordinance earlier this year
>> was an attempt to provide local oversight on that kind of policing, but
>> it has proven toothless.
>>
>> It's reasonable to assume that locally gleaned information will be
>> shared with other organizations, including federal ones. An SPD diagram
>> of the mesh network, for example, shows its information heading to
>> institutions large and small, including the King County Sheriff's
>> Office, the US Coast Guard, and our local fusion center.
>>
>> Fusion centers, if you're unfamiliar with the term, are
>> information-sharing hubs, defined by the Department of Homeland Security
>> as "focal points" for the "receipt, analysis, gathering, and sharing" of
>> surveillance information.
>>
>> If federally funded, locally built surveillance systems with little to
>> no oversight can dump their information in a fusion center—think of it
>> as a gun show for surveillance, where agencies freely swap information
>> with little restriction or oversight—that could allow federal agencies
>> such as the FBI and the NSA to do an end-run around any limitations set
>> by Congress or the FISA court.
>>
>> If that's their strategy in Seattle, Oakland, and elsewhere, it's an
>> ingenious one—instead of maintaining a few high-powered, herculean
>> surveillance agencies designed to digest an immense amount of traffic
>> and political scrutiny, the federal government could sprinkle an entire
>> nation with lots of low-powered surveillance nodes and let them figure
>> out the best way to route the data by talking to each other. By
>> diffusing the way the information flows, they can make it flow more
>> efficiently.
>>
>> It's an innovative solution—much like the Aruba mesh network itself.
>>
>> The Department of Homeland Security has not responded to requests for
>> comment.
>>
>> --
>> Dan Staples
>>
>> Open Technology Institute
>> https://commotionwireless.net
>> OpenPGP key: http://disman.tl/pgp.asc
>> Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9
>> _______________________________________________
>> Commotion-discuss mailing list
>> 'Commotion-discuss@lists.chambana.net');>
>> https://lists.chambana.net/mailman/listinfo/commotion-discuss> _______________________________________________
>>
>>
>>
>> --
>> Preston Rhea
>> Field Analyst, Open Technology Institute
>> New America Foundation
>> +1-202-570-9770
>> Twitter: @prestonrhea
>>
>>
>
>
>
> mesh mailing list
> mesh@lists.sudoroom.org
> http://lists.sudoroom.org/listinfo/mesh
>
--
http://mitar.tnode.com/
https://twitter.com/mitar_m