The user's guide for one of Aruba's recent software products states:
"The wireless network has a wealth of information about unassociated and
associated devices." That software includes "a location engine that
calculates associated and unassociated device location every 30 seconds
by default... The last 1,000 historical locations are stored for each
MAC address."
For now, Seattle's mesh network is concentrated in the downtown area.
But the SPD has indicated in PowerPoint presentations—also acquired by
The Stranger—that it hopes to eventually have "citywide deployment" of
the system that, again, has potential surveillance capabilities that the
SPD declined to answer questions about. That could give a whole new
meaning to the phrase "real-time situational awareness."
So how does Aruba's mesh network actually function?
Each of those off-white boxes you see downtown is a wireless access
point (AP) with four radios inside it that work to shove giant amounts
of data to, through, and around the network, easily handling
bandwidth-hog uses such as sending live, high-resolution video to or
from moving vehicles. Because this grid of APs forms a latticelike mesh,
it works like the internet itself, routing traffic around bottlenecks
and "self-healing" by sending traffic around components that fail.
As Brian Magnuson at Cascade Networks explains: "When you have 10 people
talking to an AP, no problem. If you have 50, that's a problem." Aruba's
mesh solution is innovative—instead of building a few high-powered,
herculean APs designed to withstand an immense amount of traffic, Aruba
sprinkles a broad area with lots of lower-powered APs and lets them
figure out the best way to route all the data by talking to each other.
Aruba's technology is considered cutting-edge because its systems are
easy to roll out, administer, and integrate with other systems, and its
operating system visualizes what's happening on the network in a simple,
user-friendly digital map. The company is one of many firms in the
networking business, but, according to the tech-ranking firm Gartner,
Aruba ranks second (just behind Cisco) in "completeness of vision" and
third in "ability to execute" for its clever ways of getting around
technical hurdles.
Take Candlestick Park, the San Francisco 49ers football stadium, which,
Magnuson says, is just finishing up an Aruba mesh network installation.
The stadium has high-intensity cellular service needs—70,000 people can
converge there for a single event in one of the most high-tech cities in
America, full of high-powered, newfangled devices. "Aruba's solution was
ingenious," Magnuson says. It put 640 low-power APs under the stadium's
seats to diffuse the data load. "If you're at the stadium and trying to
talk to an AP," Magnuson says, "you're probably sitting on it!"
Another one of Aruba's selling points is its ability to detect rogue
devices—strangers to the system. Its promotional "case studies" trumpet
this capability, including one report about Cabela's hunting and
sporting goods chain, which is an Aruba client: "Because Cabela's stores
are in central shopping areas, the company captures huge quantities of
rogue data—as many as 20,000 events per day, mostly from neighboring
businesses." Aruba's network is identifying and distinguishing which
devices are allowed on the Cabela's network and which are within the
coverage area but are just passing through. The case study also
describes how Cabela's Aruba network was able to locate a lost
price-scanner gun in a large warehouse by mapping its location, as well
as track employees by the devices they were carrying.
It's one thing for a privately owned company to register devices it
already owns with a network. It's another for a local police department
to scale up that technology to blanket an entire downtown—or an entire
city.
Aruba also sells a software product called "Analytics and Location
Engine 1.0." According to a document Aruba has created about the
product, ALE "calculates the location of associated and unassociated
wifi devices... even though a device has not associated to the network,
information about it is available. This includes the MAC address,
location, and RSSI information." ALE's default setting is anonymous,
which "allows for unique user tracking without knowing who the
individual user is." But, Aruba adds in the next sentence, "optionally
the anonymization can be disabled for richer analytics and user behavior
tracking." The network has the ability to see who you are—how deeply it
looks is up to whoever's using it. (The Aruba technology, as far as we
know, does not automatically associate a given MAC address with the name
on the device's account. But figuring out who owns the account—by asking
a cell-phone company, for example—would not be difficult for a
law-enforcement agency.)
Geo-location seems to be an area of intense interest for Aruba. Last
week, the Oregonian announced that Aruba had purchased a Portland
mapping startup called Meridian, which, according to the article, has
developed software that "pinpoints a smartphone's location inside a
venue, relying either on GPS technology or with localized wireless
networks." The technology, the article says, "helps people find their
way within large buildings, such as malls, stadiums, or airports and
enables marketing directed at a phone's precise location."
How does that geo-location work? Devices in the network's coverage area
are "heard" by more than one radio in those APs (the off-white boxes).
Once the network hears a device from multiple APs, it can compare the
strength and timing of the signal to locate where the device is. This is
classic triangulation, and users of Aruba's AirWave software—as in the
Cabela's example—report that their systems are able to locate devices to
within a few feet.
In the case of large, outdoor installations where APs are more spread
out, the ability to know what devices are passing through is
useful—especially, perhaps, to policing agencies, which could log that
data for long-term storage. As networking products and their uses
continue to evolve, they will only compound the "legal mystery" around
how this technology could and should be used that Pell and Soghoian
described in their Berkeley Technology Law Journal piece. Aruba's mesh
network is state-of-the-art, but something significantly smarter and
more sensitive will surely be on the market this time next year. And who
knows how much better the software will get.
An official spokesperson for Aruba wrote in an e-mail that the company
could not answer The Stranger's questions because they pertained "to a
new product announcement" that would not happen until Thanksgiving.
"Aruba's technology," the spokesperson added, "is designed for indoor
(not outdoor) usage and is for consumer apps where they opt in." This is
in direct contradiction to Aruba's own user's manuals, as well as the
fact that the Seattle Police Department installed an outdoor Aruba mesh
network earlier this year.
One engineer familiar with Aruba products and similar systems—who
requested anonymity—confirmed that the mesh network and its software are
powerful tools. "But like anything," the engineer said, it "can be used
inappropriately... You can easily see how a user might abuse this
ability (network admin has a crush on user X, monitors user X's location
specifically)." As was widely reported earlier this year, such alleged
abuses within the NSA have included a man who spied on nine women over a
five-year period, a woman who spied on prospective boyfriends, a man who
spied on his girlfriend, a husband who spied on his wife, and even a man
who spied on his ex-girlfriend "on his first day of access to the NSA's
surveillance system," according to the Washington Post. The practice was
so common within the NSA, it got its own classification: "LOVEINT."
Other Aruba clients—such as a university IT director, a university vice
president, and systems administrators—around the country confirmed it
wouldn't be difficult to use the mesh network to track the movement of
devices by their MAC addresses, and that building a historical database
of their movements would be relatively trivial from a data-storage
perspective.
As Bruce Burton, an information technology manager at the University of
Cincinnati (which uses an Aruba network), put it in an e-mail: "This
mesh network will have the capability to track devices (MAC addresses)
throughout the city."
Not that the SPD would do that—but we don't know. "We definitely feel
like the public doesn't have a handle on what the capabilities are,"
says Debelak of the ACLU. "We're not even sure the police department
does." It all depends on what the SPD says when it releases its
mesh-network protocols.
"They're long overdue," says Lee Colleton, a systems administrator at
Google who is also a member of the Seattle Privacy Coalition, a
grassroots group that formed in response to SPD's drone and
surveillance-camera controversies. "If we don't deal with this kind of
thing now, and establish norms and policies, we'll find ourselves in an
unpleasant situation down the road that will be harder to change."
The city is already full of surveillance equipment. The Seattle
Department of Transportation, for example, uses license-plate scanners,
sensors embedded in the pavement, and other mechanisms to monitor
individual vehicles and help estimate traffic volume and wait time. "But
as soon as that data is extrapolated," says Adiam Emery of SDOT, "it's
gone." They couldn't turn it over to a judge if they tried.
Not that license-plate scanners have always been so reliable. Doug Honig
of the ACLU remembers a story he heard from a former staffer a couple of
years ago about automatic license-plate readers on police cars in
Spokane. Automatic license-plate readers "will read a chain-link fence
as XXXXX," Honig says, "which at the time also matched the license plate
of a stolen car in Mississippi, resulting in a number of false alerts to
pull over the fence."
Seattle's mesh network is only one instance in a trend of Homeland
Security funding domestic surveillance equipment. Earlier this month,
the New York Times ran a story about a $7 million Homeland Security
grant earmarked for "port security"—just like the SPD's mesh-network
funding—in Oakland.
"But instead," the Times reports, "the money is going to a police
initiative that will collect and analyze reams of surveillance data from
around town—from gunshot- detection sensors in the barrios of East
Oakland to license plate readers mounted on police cars patrolling the
city's upscale hills."
The Oakland "port security" project, which the Times reports was
formerly known as the "Domain Awareness Center," will "electronically
gather data around the clock from a variety of sensors and databases,
analyze that data, and display some of the information on a bank of
giant monitors." The Times doesn't detail what kind of "sensors and
databases" the federally funded "port security" project will pay for,
but perhaps it's something like Seattle's mesh network with its ability
to ping, log, and visually map the movement of devices in and out of its
coverage area.
Which brings up some corollary issues, ones with implications much
larger than the SPD's ability to call up a given time on a given day and
see whether you were at work, at home, at someone's else home, at a bar,
or at a political demonstration: What does it mean when money from a
federal agency like the Department of Homeland Security is being
funneled to local police departments like SPD to purchase and use
high-powered surveillance gear?
For federal surveillance projects, the NSA and other federal spying
organizations have at least some oversight—as flawed as it may be—from
the Foreign Intelligence Surveillance Court (also known as the FISA
court) and the US Congress. But local law enforcement doesn't have that
kind of oversight and, in Seattle at least, has been buying and
installing DHS-funded surveillance equipment without explaining what
it's up to. The city council's surveillance ordinance earlier this year
was an attempt to provide local oversight on that kind of policing, but
it has proven toothless.
It's reasonable to assume that locally gleaned information will be
shared with other organizations, including federal ones. An SPD diagram
of the mesh network, for example, shows its information heading to
institutions large and small, including the King County Sheriff's
Office, the US Coast Guard, and our local fusion center.
Fusion centers, if you're unfamiliar with the term, are
information-sharing hubs, defined by the Department of Homeland Security
as "focal points" for the "receipt, analysis, gathering, and sharing"
of
surveillance information.
If federally funded, locally built surveillance systems with little to
no oversight can dump their information in a fusion center—think of it
as a gun show for surveillance, where agencies freely swap information
with little restriction or oversight—that could allow federal agencies
such as the FBI and the NSA to do an end-run around any limitations set
by Congress or the FISA court.
If that's their strategy in Seattle, Oakland, and elsewhere, it's an
ingenious one—instead of maintaining a few high-powered, herculean
surveillance agencies designed to digest an immense amount of traffic
and political scrutiny, the federal government could sprinkle an entire
nation with lots of low-powered surveillance nodes and let them figure
out the best way to route the data by talking to each other. By
diffusing the way the information flows, they can make it flow more
efficiently.
It's an innovative solution—much like the Aruba mesh network itself.
The Department of Homeland Security has not responded to requests for
comment.
--
Dan Staples
Open Technology Institute
https://commotionwireless.net
OpenPGP key:
http://disman.tl/pgp.asc
Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9
_______________________________________________
Commotion-discuss mailing list
Commotion-discuss(a)lists.chambana.net <javascript:_e({}, 'cvml',
'Commotion-discuss(a)lists.chambana.net');>
https://lists.chambana.net/mailman/listinfo/commotion-discuss
--
Preston Rhea
Field Analyst, Open Technology Institute
New America Foundation
+1-202-570-9770
Twitter: @prestonrhea
_______________________________________________
mesh mailing list
mesh(a)lists.sudoroom.org