[Mesh] Changing your MAC address
Jeremy Entwistle
jeremy.w.entwistle at gmail.com
Sun Nov 10 15:50:21 PST 2013
I looked into this awhile ago and it's very easy to change mac addresses.
Kali Linux Tutorials: How to Change or Spoof a MAC Address
https://www.youtube.com/watch?v=JyP8aGtPZpA
On Sun, Nov 10, 2013 at 3:03 PM, <mesh-request at lists.sudoroom.org> wrote:
> Send mesh mailing list submissions to
> mesh at lists.sudoroom.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.sudoroom.org/listinfo/mesh
> or, via email, send a message with subject or body 'help' to
> mesh-request at lists.sudoroom.org
>
> You can reach the person managing the list at
> mesh-owner at lists.sudoroom.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of mesh digest..."
>
>
> Today's Topics:
>
> 1. Re: Fwd: [Commotion-discuss] Seattle Police mesh network for
> surveillance? (rhodey)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 10 Nov 2013 15:03:01 -0800
> From: rhodey <rhodey at anhonesteffort.org>
> To: mesh at lists.sudoroom.org
> Subject: Re: [Mesh] Fwd: [Commotion-discuss] Seattle Police mesh
> network for surveillance?
> Message-ID: <528010A5.8030704 at anhonesteffort.org>
> Content-Type: text/plain; charset=UTF-8
>
> Police, govt, and other evil adversaries are free to setup their own
> hardware, their own mesh, the idea is not to prevent this but to prevent
> the use of good mesh networks for evil. I want to give more thought to
> this subject sometime in the near future but for now this is what I have...
>
> The major concern here (as I see it) is the persistence of MAC
> addresses. The average user does not know how to change their MAC
> address and in the case of most mobile devices it is not possible to
> change the MAC address. We can ensure that IP addresses are cycled
> frequent enough because we'll have control over a majority of the DHCP
> servers on the mesh so I'll be focusing on MAC addresses.
>
> In any local network a MAC address can be associated with network
> traffic, the obvious solution here is to use encryption. The problem
> with MAC addresses in a mesh network is that they could also be
> associated with a location.
>
> On any layer 2 network it is possible for any connected host to
> determine the route to any other host using a MAC address as an
> identifier. Because mesh nodes have a fixed (and likely known) physical
> location it can be assumed that the last hop in the route corresponds to
> the physical location of the specific host.
>
> It is important to realize that only mesh nodes (access points) have
> *potential* knowledge of signal strength and other 802.11 broadcast type
> frames-- sure Oakland PD can setup a device to listen to all 802.11
> traffic, but remember we're only focusing on how existing hardware can
> be abused. So, one host *cannot* triangulate the location of another
> host. *From the perspective of a host on the mesh, a host can only be
> connected to one mesh node or disconnected from the network.* In the
> context of physical location, the privacy of a host on the mesh is a
> function of the area covered by the mesh node it is connected to.
>
> To increase user privacy I would like to experiment with a MAC address
> spoofing service that could run on mesh nodes or volunteer hosts. The
> service would basically pretend to be just another host on the network
> identified by some MAC address. The service could intelligently spawn
> fake hosts depending on the number of other hosts connected to the
> shared mesh node. Mesh nodes with fewer connected hosts need more
> spoofed hosts to increase privacy, etc. But it is not that simple of
> course, because spoofed MAC addresses need to persist just as legitimate
> MAC addresses do, and move about in the physical world (connect to
> different mesh nodes) just as other legitimate users will. I've thought
> some of this through but it is a large undertaking that needs further
> planning.
>
> Another thing to keep in mind is that although MAC addresses could be
> used as a persistent identifier *they alone do not represent any
> identity.* It is not until an adversary obtains additional information
> that a MAC address could be used to identify an individual person. Not
> to say the surveillance of pseudo-anonymous individual and group
> movement is negligible, just pointing this out.
>
> In conclusion (for now) by keeping our software and build processes open
> we can convince reasonable users that it is not possible for us to track
> them with more than neighborhood level accuracy. If we go further and
> deploy something like the MAC spoofing service it could be possible to
> extend this guarantee further. I think it is also likely that this MAC
> spoofing service could be designed to prevent/degrade 802.11 style
> surveillance by hardware outside our control.
>
> --
> -- rhodey ?????
>
> On 11/10/2013 11:44 AM, Steve Berl wrote:
> > Couldn't a community mesh network be suspected of having the same sort
> > of tracking abilities?
> > How do we convince potential mesh network users that we aren't
> > collecting location data on them?
> >
> > Steve
> >
> >
> > On Friday, November 8, 2013, Jenny Ryan wrote:
> >
> >
> >
> > ---------- Forwarded message ----------
> > From: *Preston Rhea* <prestonrhea at opentechinstitute.org
> > <javascript:_e({}, 'cvml', 'prestonrhea at opentechinstitute.org');>>
> > Date: Thu, Nov 7, 2013 at 6:49 AM
> > Subject: Fwd: [Commotion-discuss] Seattle Police mesh network for
> > surveillance?
> > To: Jenny Ryan <jenny at thepyre.org <javascript:_e({}, 'cvml',
> > 'jenny at thepyre.org');>>, Shaun Houlihan <shaunhoulihan at gmail.com
> > <javascript:_e({}, 'cvml', 'shaunhoulihan at gmail.com');>>
> >
> >
> > Thought this would interest y'all, I don't know if you are already on
> > the Commotion listserv Jenny.
> >
> >
> > ---------- Forwarded message ----------
> > From: Dan Staples <danstaples at opentechinstitute.org
> > <javascript:_e({}, 'cvml', 'danstaples at opentechinstitute.org');>>
> > Date: Wed, Nov 6, 2013 at 9:32 PM
> > Subject: [Commotion-discuss] Seattle Police mesh network for
> > surveillance?
> > To: commotion-discuss <commotion-discuss at lists.chambana.net
> > <javascript:_e({}, 'cvml', 'commotion-discuss at lists.chambana.net
> ');>>
> >
> >
> >
> http://www.thestranger.com/seattle/you-are-a-rogue-device/Content?oid=18143845
> >
> > You Are a Rogue Device
> > A New Apparatus Capable of Spying on You Has Been Installed
> Throughout
> > Downtown Seattle. Very Few Citizens Know What It Is, and Officials
> Don?t
> > Want to Talk About It.
> >
> > by Matt Fikse-Verkerk and Brendan Kiley
> >
> > If you're walking around downtown Seattle, look up: You'll see
> off-white
> > boxes, each one about a foot tall with vertical antennae, attached to
> > utility poles. If you're walking around downtown while looking at a
> > smartphone, you will probably see at least one?and more likely two or
> > three?Wi-Fi networks named after intersections: "4th&Seneca,"
> > "4th&Union," "4th&University," and so on. That is how you can see the
> > Seattle Police Department's new wireless mesh network, bought from a
> > California-based company called Aruba Networks, whose clients include
> > the Department of Defense, school districts in Canada, oil-mining
> > interests in China, and telecommunications companies in Saudi Arabia.
> >
> > The question is: How well can this mesh network see you?
> >
> > How accurately can it geo-locate and track the movements of your
> phone,
> > laptop, or any other wireless device by its MAC address (its "media
> > access control address"?nothing to do with Macintosh?which is
> analogous
> > to a device's thumbprint)? Can the network send that information to a
> > database, allowing the SPD to reconstruct who was where at any given
> > time, on any given day, without a warrant? Can the network see you
> now?
> >
> > The SPD declined to answer more than a dozen questions from The
> > Stranger, including whether the network is operational, who has
> access
> > to its data, what it might be used for, and whether the SPD has used
> it
> > (or intends to use it) to geo-locate people's devices via their MAC
> > addresses or other identifiers.
> >
> > Seattle Police detective Monty Moss, one of the leaders of the
> > mesh-network project?one part of a $2.7 million effort, paid for by
> the
> > Department of Homeland Security?wrote in an e-mail that the
> department
> > "is not comfortable answering policy questions when we do not yet
> have a
> > policy." But, Detective Moss added, the SPD "is actively
> collaborating
> > with the mayor's office, city council, law department, and the ACLU
> on a
> > use policy." The ACLU, at least, begs to differ: "Actively
> > collaborating" is not how they would put it. Jamela Debelak,
> technology
> > and liberty director of the Seattle office, says the ACLU submitted
> > policy-use suggestions months ago and has been waiting for a
> response.
> >
> > Detective Moss also added that the mesh network would not be used for
> > "surveillance purposes... without City Council's approval and the
> > appropriate court authorization." Note that he didn't say the mesh
> > network couldn't be used for the surveillance functions we asked
> about,
> > only that it wouldn't?at least until certain people in power say it
> can.
> > That's the equivalent of a "trust us" and a handshake.
> >
> > His answer is inadequate for other reasons as well. First, the city
> > council passed an ordinance earlier this year stating that any
> potential
> > surveillance equipment must submit protocols to the city council for
> > public review and approval within 30 days of its acquisition and
> > implementation. This mesh network has been around longer than that,
> as
> > confirmed by Cascade Networks, Inc., which helped install it. Still,
> the
> > SPD says it doesn't have a policy for its use yet. Mayor McGinn's
> office
> > says it expects to see draft protocols sometime in December?nearly
> nine
> > months late, according to the new ordinance.
> >
> > Second, and more importantly, this mesh network is part of a whole
> new
> > arsenal of surveillance technologies that are moving faster than the
> > laws that govern them are being written. As Stephanie K. Pell (former
> > counsel to the House Judiciary Committee) and Christopher Soghoian
> > (senior policy analyst at the ACLU) wrote in a 2012 essay for the
> > Berkeley Technology Law Journal:
> >
> > The use of location information by law enforcement agencies is
> > common and becoming more so as technological improvements enable
> > collection of more accurate and precise location data. The legal
> mystery
> > surrounding the proper law enforcement access standard for
> prospective
> > location data remains unsolved. This mystery, along with conflicting
> > rulings over the appropriate law enforcement access standards for
> both
> > prospective and historical location data, has created a messy,
> > inconsistent legal landscape where even judges in the same district
> may
> > require law enforcement to meet different standards to compel
> location
> > data.
> >
> > In other words, law enforcement has new tools?powerful tools. We
> didn't
> > ask for them, but they're here. And nobody knows the rules for how
> they
> > should be used.
> >
> > This isn't the first time the SPD has purchased surveillance
> equipment
> > (or, as they might put it, public-safety equipment that happens to
> have
> > powerful surveillance capabilities) without telling the rest of the
> > city. There was the drones controversy this past winter, when the
> public
> > and elected officials discovered that the SPD had bought two unmanned
> > aerial vehicles with the capacity to spy on citizens. There was an
> > uproar, and a few SPD officers embarked on a mea culpa tour of
> community
> > meetings where they answered questions and endured (sometimes
> raucous)
> > criticism. In February, Mayor Mike McGinn announced he was grounding
> the
> > drones, but a new mayor could change his mind. Those SPD drones are
> > sitting somewhere right now on SPD property.
> >
> > Meanwhile, the SPD was also dealing with the port-camera surveillance
> > scandal. That kicked off in late January, when people in West Seattle
> > began wondering aloud about the 30 cameras that had appeared
> unannounced
> > on utility poles along the waterfront. The West Seattle neighborhood
> > blog (westseattleblog.com <http://westseattleblog.com>) sent
> > questions to city utility companies, and
> > the utilities in turn pointed at SPD, which eventually admitted that
> it
> > had purchased and installed 30 surveillance cameras with federal
> money
> > for "port security." That resulted in an additional uproar and
> another
> > mea culpa tour, much like they did with the drones, during which
> > officers repeated that they should have done a better job of
> educating
> > the public about what they were up to with the cameras on Alki.
> > (Strangely, the Port of Seattle and the US Coast Guard didn't seem
> very
> > involved in this "port security" project?their names only appear in a
> > few cursory places in the budgets and contracts. The SPD is clearly
> the
> > driving agency behind the project. For example, their early tests of
> > sample Aruba products?beginning with a temporary Aruba mesh network
> set
> > up in Pioneer Square for Mardi Gras in 2009?didn't have anything to
> do
> > with the port whatsoever.)
> >
> > The cameras attracted the controversy, but they were only part of the
> > project. In fact, the 30 pole-mounted cameras on Alki that caused the
> > uproar cost $82,682?just 3 percent of the project's $2.7 million
> > Homeland Security?funded budget. The project's full title was "port
> > security video surveillance system with wireless mesh network."
> People
> > raised a fuss about the cameras. But what about the mesh network?
> >
> > Detective Moss and Assistant Chief Paul McDonagh mentioned the
> downtown
> > mesh network during those surveillance-camera community meetings,
> saying
> > it would help cops and firefighters talk to each other by providing a
> > wireless network for their exclusive use, with the potential for
> others
> > to use overlaid networks handled by the same equipment. (Two-way
> radios
> > already allow police officers to talk to each other, but officers
> still
> > use wireless networks to access data, such as the information an
> officer
> > looks for by running your license plate number when you've been
> pulled
> > over.)
> >
> > As Brian Magnuson of Cascade Networks, Inc., which helped install the
> > Aruba system, explained the possible use of such a system: "A normal
> > cell-phone network is a beautiful thing right up until the time you
> > really need it?say you've just had an earthquake or a large storm,
> and
> > then what happens? Everybody picks up their phone and overloads the
> > system." The network is most vulnerable precisely when it's most
> needed.
> > A mesh network could be a powerful tool for streaming video from
> > surveillance cameras or squad car dash-cams across the network,
> allowing
> > officers "real-time situational awareness" even when other
> communication
> > systems have been overloaded, as Detective Moss explained in those
> > community meetings.
> >
> > But the Aruba mesh network is not just for talking, it's also for
> > tracking.
> >
> > After reviewing Aruba's technical literature, as well as talking to
> IT
> > directors and systems administrators around the country who work with
> > Aruba products, it's clear that their networks are adept at seeing
> all
> > the devices that move through their coverage area and visually
> mapping
> > the locations of those devices in real time for the system
> > administrators' convenience. In fact, one of Aruba's major selling
> > points is its ability to locate "rogue" or "unassociated"
> devices?that
> > is, any device that hasn't been authorized by (and maybe hasn't even
> > asked to be part of) the network.
> >
> > Which is to say, your device. The cell phone in your pocket, for
> > instance.
> >
> > The user's guide for one of Aruba's recent software products states:
> > "The wireless network has a wealth of information about unassociated
> and
> > associated devices." That software includes "a location engine that
> > calculates associated and unassociated device location every 30
> seconds
> > by default... The last 1,000 historical locations are stored for each
> > MAC address."
> >
> > For now, Seattle's mesh network is concentrated in the downtown area.
> > But the SPD has indicated in PowerPoint presentations?also acquired
> by
> > The Stranger?that it hopes to eventually have "citywide deployment"
> of
> > the system that, again, has potential surveillance capabilities that
> the
> > SPD declined to answer questions about. That could give a whole new
> > meaning to the phrase "real-time situational awareness."
> >
> > So how does Aruba's mesh network actually function?
> >
> > Each of those off-white boxes you see downtown is a wireless access
> > point (AP) with four radios inside it that work to shove giant
> amounts
> > of data to, through, and around the network, easily handling
> > bandwidth-hog uses such as sending live, high-resolution video to or
> > from moving vehicles. Because this grid of APs forms a latticelike
> mesh,
> > it works like the internet itself, routing traffic around bottlenecks
> > and "self-healing" by sending traffic around components that fail.
> >
> > As Brian Magnuson at Cascade Networks explains: "When you have 10
> people
> > talking to an AP, no problem. If you have 50, that's a problem."
> Aruba's
> > mesh solution is innovative?instead of building a few high-powered,
> > herculean APs designed to withstand an immense amount of traffic,
> Aruba
> > sprinkles a broad area with lots of lower-powered APs and lets them
> > figure out the best way to route all the data by talking to each
> other.
> >
> > Aruba's technology is considered cutting-edge because its systems are
> > easy to roll out, administer, and integrate with other systems, and
> its
> > operating system visualizes what's happening on the network in a
> simple,
> > user-friendly digital map. The company is one of many firms in the
> > networking business, but, according to the tech-ranking firm Gartner,
> > Aruba ranks second (just behind Cisco) in "completeness of vision"
> and
> > third in "ability to execute" for its clever ways of getting around
> > technical hurdles.
> >
> > Take Candlestick Park, the San Francisco 49ers football stadium,
> which,
> > Magnuson says, is just finishing up an Aruba mesh network
> installation.
> > The stadium has high-intensity cellular service needs?70,000 people
> can
> > converge there for a single event in one of the most high-tech
> cities in
> > America, full of high-powered, newfangled devices. "Aruba's solution
> was
> > ingenious," Magnuson says. It put 640 low-power APs under the
> stadium's
> > seats to diffuse the data load. "If you're at the stadium and trying
> to
> > talk to an AP," Magnuson says, "you're probably sitting on it!"
> >
> > Another one of Aruba's selling points is its ability to detect rogue
> > devices?strangers to the system. Its promotional "case studies"
> trumpet
> > this capability, including one report about Cabela's hunting and
> > sporting goods chain, which is an Aruba client: "Because Cabela's
> stores
> > are in central shopping areas, the company captures huge quantities
> of
> > rogue data?as many as 20,000 events per day, mostly from neighboring
> > businesses." Aruba's network is identifying and distinguishing which
> > devices are allowed on the Cabela's network and which are within the
> > coverage area but are just passing through. The case study also
> > describes how Cabela's Aruba network was able to locate a lost
> > price-scanner gun in a large warehouse by mapping its location, as
> well
> > as track employees by the devices they were carrying.
> >
> > It's one thing for a privately owned company to register devices it
> > already owns with a network. It's another for a local police
> department
> > to scale up that technology to blanket an entire downtown?or an
> > entire city.
> >
> > Aruba also sells a software product called "Analytics and Location
> > Engine 1.0." According to a document Aruba has created about the
> > product, ALE "calculates the location of associated and unassociated
> > wifi devices... even though a device has not associated to the
> network,
> > information about it is available. This includes the MAC address,
> > location, and RSSI information." ALE's default setting is anonymous,
> > which "allows for unique user tracking without knowing who the
> > individual user is." But, Aruba adds in the next sentence,
> "optionally
> > the anonymization can be disabled for richer analytics and user
> behavior
> > tracking." The network has the ability to see who you are?how deeply
> it
> > looks is up to whoever's using it. (The Aruba technology, as far as
> we
> > know, does not automatically associate a given MAC address with the
> name
> > on the device's account. But figuring out who owns the account?by
> asking
> > a cell-phone company, for example?would not be difficult for a
> > law-enforcement agency.)
> >
> > Geo-location seems to be an area of intense interest for Aruba. Last
> > week, the Oregonian announced that Aruba had purchased a Portland
> > mapping startup called Meridian, which, according to the article, has
> > developed software that "pinpoints a smartphone's location inside a
> > venue, relying either on GPS technology or with localized wireless
> > networks." The technology, the article says, "helps people find their
> > way within large buildings, such as malls, stadiums, or airports and
> > enables marketing directed at a phone's precise location."
> >
> > How does that geo-location work? Devices in the network's coverage
> area
> > are "heard" by more than one radio in those APs (the off-white
> boxes).
> > Once the network hears a device from multiple APs, it can compare the
> > strength and timing of the signal to locate where the device is.
> This is
> > classic triangulation, and users of Aruba's AirWave software?as in
> the
> > Cabela's example?report that their systems are able to locate
> devices to
> > within a few feet.
> >
> > In the case of large, outdoor installations where APs are more spread
> > out, the ability to know what devices are passing through is
> > useful?especially, perhaps, to policing agencies, which could log
> that
> > data for long-term storage. As networking products and their uses
> > continue to evolve, they will only compound the "legal mystery"
> around
> > how this technology could and should be used that Pell and Soghoian
> > described in their Berkeley Technology Law Journal piece. Aruba's
> mesh
> > network is state-of-the-art, but something significantly smarter and
> > more sensitive will surely be on the market this time next year. And
> who
> > knows how much better the software will get.
> >
> > An official spokesperson for Aruba wrote in an e-mail that the
> company
> > could not answer The Stranger's questions because they pertained "to
> a
> > new product announcement" that would not happen until Thanksgiving.
> > "Aruba's technology," the spokesperson added, "is designed for indoor
> > (not outdoor) usage and is for consumer apps where they opt in."
> This is
> > in direct contradiction to Aruba's own user's manuals, as well as the
> > fact that the Seattle Police Department installed an outdoor Aruba
> mesh
> > network earlier this year.
> >
> > One engineer familiar with Aruba products and similar systems?who
> > requested anonymity?confirmed that the mesh network and its software
> are
> > powerful tools. "But like anything," the engineer said, it "can be
> used
> > inappropriately... You can easily see how a user might abuse this
> > ability (network admin has a crush on user X, monitors user X's
> location
> > specifically)." As was widely reported earlier this year, such
> alleged
> > abuses within the NSA have included a man who spied on nine women
> over a
> > five-year period, a woman who spied on prospective boyfriends, a man
> who
> > spied on his girlfriend, a husband who spied on his wife, and even a
> man
> > who spied on his ex-girlfriend "on his first day of access to the
> NSA's
> > surveillance system," according to the Washington Post. The practice
> was
> > so common within the NSA, it got its own classification: "LOVEINT."
> >
> > Other Aruba clients?such as a university IT director, a university
> vice
> > president, and systems administrators?around the country confirmed it
> > wouldn't be difficult to use the mesh network to track the movement
> of
> > devices by their MAC addresses, and that building a historical
> database
> > of their movements would be relatively trivial from a data-storage
> > perspective.
> >
> > As Bruce Burton, an information technology manager at the University
> of
> > Cincinnati (which uses an Aruba network), put it in an e-mail: "This
> > mesh network will have the capability to track devices (MAC
> addresses)
> > throughout the city."
> >
> > Not that the SPD would do that?but we don't know. "We definitely feel
> > like the public doesn't have a handle on what the capabilities are,"
> > says Debelak of the ACLU. "We're not even sure the police department
> > does." It all depends on what the SPD says when it releases its
> > mesh-network protocols.
> >
> > "They're long overdue," says Lee Colleton, a systems administrator at
> > Google who is also a member of the Seattle Privacy Coalition, a
> > grassroots group that formed in response to SPD's drone and
> > surveillance-camera controversies. "If we don't deal with this kind
> of
> > thing now, and establish norms and policies, we'll find ourselves in
> an
> > unpleasant situation down the road that will be harder to change."
> >
> > The city is already full of surveillance equipment. The Seattle
> > Department of Transportation, for example, uses license-plate
> scanners,
> > sensors embedded in the pavement, and other mechanisms to monitor
> > individual vehicles and help estimate traffic volume and wait time.
> "But
> > as soon as that data is extrapolated," says Adiam Emery of SDOT,
> "it's
> > gone." They couldn't turn it over to a judge if they tried.
> >
> > Not that license-plate scanners have always been so reliable. Doug
> Honig
> > of the ACLU remembers a story he heard from a former staffer a
> couple of
> > years ago about automatic license-plate readers on police cars in
> > Spokane. Automatic license-plate readers "will read a chain-link
> fence
> > as XXXXX," Honig says, "which at the time also matched the license
> plate
> > of a stolen car in Mississippi, resulting in a number of false
> alerts to
> > pull over the fence."
> >
> > Seattle's mesh network is only one instance in a trend of Homeland
> > Security funding domestic surveillance equipment. Earlier this month,
> > the New York Times ran a story about a $7 million Homeland Security
> > grant earmarked for "port security"?just like the SPD's mesh-network
> > funding?in Oakland.
> >
> > "But instead," the Times reports, "the money is going to a police
> > initiative that will collect and analyze reams of surveillance data
> from
> > around town?from gunshot- detection sensors in the barrios of East
> > Oakland to license plate readers mounted on police cars patrolling
> the
> > city's upscale hills."
> >
> > The Oakland "port security" project, which the Times reports was
> > formerly known as the "Domain Awareness Center," will "electronically
> > gather data around the clock from a variety of sensors and databases,
> > analyze that data, and display some of the information on a bank of
> > giant monitors." The Times doesn't detail what kind of "sensors and
> > databases" the federally funded "port security" project will pay for,
> > but perhaps it's something like Seattle's mesh network with its
> ability
> > to ping, log, and visually map the movement of devices in and out of
> its
> > coverage area.
> >
> > Which brings up some corollary issues, ones with implications much
> > larger than the SPD's ability to call up a given time on a given day
> and
> > see whether you were at work, at home, at someone's else home, at a
> bar,
> > or at a political demonstration: What does it mean when money from a
> > federal agency like the Department of Homeland Security is being
> > funneled to local police departments like SPD to purchase and use
> > high-powered surveillance gear?
> >
> > For federal surveillance projects, the NSA and other federal spying
> > organizations have at least some oversight?as flawed as it may
> be?from
> > the Foreign Intelligence Surveillance Court (also known as the FISA
> > court) and the US Congress. But local law enforcement doesn't have
> that
> > kind of oversight and, in Seattle at least, has been buying and
> > installing DHS-funded surveillance equipment without explaining what
> > it's up to. The city council's surveillance ordinance earlier this
> year
> > was an attempt to provide local oversight on that kind of policing,
> but
> > it has proven toothless.
> >
> > It's reasonable to assume that locally gleaned information will be
> > shared with other organizations, including federal ones. An SPD
> diagram
> > of the mesh network, for example, shows its information heading to
> > institutions large and small, including the King County Sheriff's
> > Office, the US Coast Guard, and our local fusion center.
> >
> > Fusion centers, if you're unfamiliar with the term, are
> > information-sharing hubs, defined by the Department of Homeland
> Security
> > as "focal points" for the "receipt, analysis, gathering, and
> sharing" of
> > surveillance information.
> >
> > If federally funded, locally built surveillance systems with little
> to
> > no oversight can dump their information in a fusion center?think of
> it
> > as a gun show for surveillance, where agencies freely swap
> information
> > with little restriction or oversight?that could allow federal
> agencies
> > such as the FBI and the NSA to do an end-run around any limitations
> set
> > by Congress or the FISA court.
> >
> > If that's their strategy in Seattle, Oakland, and elsewhere, it's an
> > ingenious one?instead of maintaining a few high-powered, herculean
> > surveillance agencies designed to digest an immense amount of traffic
> > and political scrutiny, the federal government could sprinkle an
> entire
> > nation with lots of low-powered surveillance nodes and let them
> figure
> > out the best way to route the data by talking to each other. By
> > diffusing the way the information flows, they can make it flow more
> > efficiently.
> >
> > It's an innovative solution?much like the Aruba mesh network itself.
> >
> > The Department of Homeland Security has not responded to requests for
> > comment.
> >
> > --
> > Dan Staples
> >
> > Open Technology Institute
> > https://commotionwireless.net
> > OpenPGP key: http://disman.tl/pgp.asc
> > Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9
> > _______________________________________________
> > Commotion-discuss mailing list
> > Commotion-discuss at lists.chambana.net <javascript:_e({}, 'cvml',
> > 'Commotion-discuss at lists.chambana.net');>
> > https://lists.chambana.net/mailman/listinfo/commotion-discuss
> >
> >
> >
> > --
> > Preston Rhea
> > Field Analyst, Open Technology Institute
> > New America Foundation
> > +1-202-570-9770 <tel:%2B1-202-570-9770>
> > Twitter: @prestonrhea
> >
> >
> >
> > --
> > -steve
> >
> >
> > _______________________________________________
> > mesh mailing list
> > mesh at lists.sudoroom.org
> > http://lists.sudoroom.org/listinfo/mesh
> >
>
>
> ------------------------------
>
> _______________________________________________
> mesh mailing list
> mesh at lists.sudoroom.org
> http://lists.sudoroom.org/listinfo/mesh
>
>
> End of mesh Digest, Vol 10, Issue 16
> ************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://sudoroom.org/lists/private/mesh/attachments/20131110/74ae19e8/attachment.html>
More information about the mesh
mailing list