FBI Archives - Page 3 of 8

Posts

Tuesday Morning: Flip Off

January 19, 2016/29 Comments/in automobiles, Culture, Cybersecurity /by Rayne

Flip off a few caps; Death came for a few more well-loved artists. Rest well, Glenn Frey, Dale Griffin, Dallas Taylor. Gonna’ be one heck of a band on the other side. [Edit: Mic Gillette, too? Stop already, Grim Reaper, check your targeting.]

Hope the cull is done because obituaries are not my thing. Hard to type and sniffle copiously at the same time.

GM Opel dealers may be altering emissions control software on Zafira diesel cars
Great, just great. Like GM didn’t have enough on its plate with the ignition switch debacle. A Belgian news outlet reports GM Opel dealers have been changing the software on the 2014 Zafira 1.6l diesel engine passenger vehicles in what looks like a soft recall. This comes on the heels of an EU-mandated recall of Zafira B models due to fires caused by bad electronics repairs. Sorry, I don’t speak Dutch, can’t make out everything in this video report. What little I can see and read doesn’t look good. Wouldn’t be surprised if the EU puts the hurt on GM Opel diesel sales until all are fixed to meet EU emissions regulations. Should also note that a different electronics manufacturer may be involved; images online of ECUs for late model Zafiras appear to be made by Siemens — unlike Volkswagen’s passenger diesel ECUs, which are made by Bosch.

Texas manufacturer swindled out of cash by fraudulent email request, sues cyber insurer
AFGlobal, based in Houston, lost $480,000 in May 2014 after staff wired funds based on orders in emails faked by crooks overseas. The manufacturing company had a cyber insurance policy with a subsidiary of the Chubb Group, and filed a claim against it. The claim was denied and AFGlobal filed suit. This isn’t the first such loss nor the first such lawsuit. Companies need to create and publish policies documenting procedures for authorizing any online payments, including two-step authentication of identities, and review overall spending authorization processes with an eye on audit trails.

Ukrainian officials say Kiev’s main airport hacked
Hackers who attacked Ukrainian power companies in late December are believed to be responsible for the malware launched on Kiev’s airport servers. There are very few details — okay, none, zero details — about the attack and its affect on airport operations. A military spokesman only said “the malware had been detected early in the airport’s system and no damage had been done,” and that the malware’s point of origin was in Russia. Among the details missing are the date the attack was discovered and how it was detected as well as the means of removal.

Hold this thought: FBI still looking for info on cable cuts, with eye to Super Bowl link
Remember the post last summer about the 11 communications cable cuts in the greater San Francisco Bay Area near Silicon Valley? This is a hot issue again, given the impending Super Bowl 50 to be held at Levi’s Stadium in Santa Clara. But reports now mention 15 or 16 cuts, not 11 — have there been more since last summer, or were there more not included in the FBI’s request for information? I’ll do some digging and post about this in the near term.

All right, carry on, and don’t drink all the añejo at once.

To Talk of Many Things: Of Vandals, and Cuts, and Cables, and Pings

July 3, 2015/40 Comments/in Cybersecurity /by Rayne

The time has come,’ the Walrus said,
To talk of many things:
Of shoes — and ships — and sealing-wax —
Of cabbages — and kings —
And why the sea is boiling hot —
And whether pigs have wings.’

(Excerpt, Lewis Carroll’s The Walrus and the Carpenter)

Here’s an open information security topic worth examining more closely: the recent vandalization of yet another fiber optic cable on the west coast.

A total of eleven cuts have been made since last July on fiber optic cables in the greater San Francisco/Oakland area. The most recent cut occurred on June 30th. The FBI had already asked the public for help with information about the first ten cuts, made in these general locations at the time and date indicated here:

1) July 6, 2014, 9:44 p.m. near 7th St. and Grayson St. in Berkeley
2) July 6, 2014, 11:39 p.m. near Niles Canyon Blvd. and Mission Blvd. in Fremont
3) July 7, 2014, 12:24 a.m. near Jones Road and Iron Horse Trail in Walnut Creek
4) July 7, 2014, 12:51 a.m. near Niles Canyon Blvd. and Alameda Creek in Fremont
5) July 7, 2014, 2:13 a.m. near Stockton Ave. and University Ave. in San Jose
__________
6) February 24, 2015, 11:30 p.m. near Niles Canyon Blvd. and Mission Blvd. in Fremont
7) February 24, 2015 11:30 p.m. near Niles Canyon Blvd. and Alameda Creek in Fremont
__________
8) June 8, 2015, 11:00 p.m. near Danville Blvd. and Rudgear Road in Alamo
9) June 8, 2015, 11:40 p.m. near Overacker Ave and Mowry Ave in Fremont
__________
10) June 9, 2015, 1:38 p.m. near Jones Road and Parkside Dr. in Walnut Creek

The FBI presented these first ten cuts as a single, undivided list. After looking at the dates and times, one can see these cuts may have occurred not as discrete events, but as three separate clusters of cuts. The first cluster occurred within a five-hour span; the second occurred nearly simultaneously at two points; and the third cluster occurred within three hours. The three clusters took place after dark, during the same evening. The tenth cut may be a one-off, or it may be connected to the third cluster as it took place within 14 hours of the eighth and ninth cuts.

The most recent cable cut, occurring this week, did not fit a pattern like the previous ten cuts. Reports indicate the cut was near Livemore — a new location much farther to the south and east in comparison, and only one cut reported rather than two or more.

Is this latest cut an outlier, or were perpetrators interrupted before they could cut again?

Taking a closer look at the previous cut events, we can see there must have been more than one individual involved in the cuts, and they may have been coordinated. Read more →

Sony Pictures Postmortem Reveals Death by Stupid

June 26, 2015/12 Comments/in Culture, Cybersecurity /by Rayne

We already knew Sony Pictures Entertainment’s (SPE) hack was bad. We knew that the parent, Sony Group, had been exposed to cyber attacks of all kinds for years across its subsidiaries, and slow to effect real changes to prevent future attacks.

And we knew both Sony Group and SPE shot themselves in the feet, literally asking for trouble by way of bad decisions. Sony Electronics’ 2005 copy protection rootkit scandal and SPE’s utter lack of disregard for geopolitics opened the businesses to risk.

But FORTUNE magazine’s expose about the hacking of SPE — of which only two of three parts have yet been published — reveals a floundering conglomerate unable to do anything but flail ineffectively.

It’s impossible to imagine any Fortune 500 corporation willing to tolerate working with 1990s technology for any length of time, let alone one which had no fail-over redundancies or backup strategies, no emergency business continuity plan to which they could revert in the event of a catastrophe. But FORTUNE reports SPE had been reduced to using fax machines to distribute information, in large part because many of its computers had been completely wiped by malware used in the attack.

Pause here and imagine what you would do (or perhaps, have done) if your computer was completely wiped, taking even the BIOS. What would you do to get back in business? You’ve given more thought about this continuity challenge than it appears most of SPE’s management invested prior to last November’s hack, based on reporting to date.

A mind-boggling part of FORTUNE’s expose is the U.S. government’s reaction to SPE’s hack. The graphic above offers the biggest guffaw, a quote by the FBI’s then-assistant director of its cyber division. Knowing what we know now about the Office of Personnel Management hack, the U.S. government is a less-than-credible expert on hacking prevention. While the U.S. government maintains North Korea was responsible, it’s hard to take them seriously when they’ve failed so egregiously to protect their own turf. Read more →

Going Postal. And Digital. And Financial: The Dragnet Elephant

October 28, 2014/12 Comments/in EO 12333, FISA /by emptywheel

The NYT has a report on an IG Report from May that reveals the Postal Service has been doing a lot more “mail covers” (that is, tracking the metadata from letters) than it had previously revealed.

In a rare public accounting of its mass surveillance program, the United States Postal Service reported that it approved nearly 50,000 requests last year from law enforcement agencies and its own internal inspection unit to secretly monitor the mail of Americans for use in criminal and national security investigations.

The number of requests, contained in a little-noticed 2014 audit of the surveillance program by the Postal Service’s inspector general, shows that the surveillance program is more extensive than previously disclosed and that oversight protecting Americans from potential abuses is lax.

Among the most interesting revelations is that USPS previously lowballed the number of covers it does in response to a NYT FOIA by simply not counting most of the searches.

In information provided to The Times earlier this year under the Freedom of Information Act, the Postal Service said that from 2001 through 2012, local, state and federal law enforcement agencies made more than 100,000 requests to monitor the mail of Americans. That would amount to an average of some 8,000 requests a year — far fewer than the nearly 50,000 requests in 2013 that the Postal Service reported in the audit.

The difference is that the Postal Service apparently did not provide to The Times the number of surveillance requests made for national security investigations or those requested by its own investigation and law enforcement arm, the Postal Inspection Service. Typically, the inspection service works hand in hand with outside law enforcement agencies that have come to the Postal Service asking for investigations into fraud, pornography, terrorism or other potential criminal activity.

The report led Ben Wittes to engage in a thought experience, predicting the response to this revelation will be muted compared to that of the phone dragnet.

All of this raises the question: Will this program generate the sort of outrage, legal challenge, and feverish energy for legislative reform that the NSA program has? Or will it fall flat?

I have this feeling that the answer is the latter: The Postal Service’s looking at the outside of letters at the request of law enforcement just won’t have the same legs as does the big bad NSA looking at the routing information for telephone calls. The reason, I suspect, is not that there are profound legal differences between the two programs. Yes, one can certainly argue that the difference between a program that aspires to be totalizing and one that is notionally targeted, even if very large, is fundamental enough to justify regarding the former with great skepticism and tolerating the latter with a shrug. On the other hand, one could just as easily argue that a program that involves the active perusal of tens of thousands of people’s metadata without strict controls is far more threatening than one that involves tight procedures under judicial oversight and involves initial queries of only a few hundred people’s data.

The reason, I suspect, that this program will not excite the same sorts of passions as does the NSA’s program is that it involves old technology—paper—and it’s been going on for a long time.

I agree with Wittes that this won’t generate the same kind of outrage.

The fact that few noticed when Josh Gerstein reported on this very same report (and revealed that the USPS was trying to prevent the report’s release) back in June (I noticed, but did not write on it) supports Wittes’ point.

All that said, Wittes’ piece serves as an interesting example. Partly because he overstates the oversight of the phone dragnet program. Somehow Wittes doesn’t think the watchlisting of 3,000 presumed American persons with no First Amendment review until 2009 is not an example of abuse. Nor the preservation of 3,000 files worth of phone dragnet data on a research server, mixed in with Stellar Wind data, followed by its destruction before NSA had to explain what it was doing there (which is a more recent abuse than Joe Arpaio’s use of the mail dragnet to target a critic, reported in the NYT).

But also because Wittes misconstrues what a true comparison would entail.

To compare phone dragnet, generally, with the mail dragnet described by the NYT (now including both its national security and Postal Inspection searches), you’d have to compare Title III and local law enforcement phone metadata searches (which number in the hundreds of thousands and include the use of Stingrays to track phone location), Hemisphere (which must number in the 10s of thousands and not only undergo no court review, but are explicitly parallel constructed), the use of NSLs to obtain phone metadata (which number in the 10s of thousands, and which are not overseen by a court, have been subject to abuse, also miscount the most important requests, and access new kinds of data that probably aren’t really covered under the law), the Section 215 dragnet, the FBI bulk PRTT program, as well as the far far bigger EO 12333 phone dragnet.

That is, Wittes wants to compare the totality of the mail dragnet with a teeny segment of even the NSA phone dragnet, all while ignoring the state, local, and other federal agency (including at least FBI, USMS, and DEA) phone dragnets entirely, and declare the former roughly equivalent to the latter (better in some ways, worse in others). If you were to compare the totality of the mail dragnet (admittedly, you’d have to add Fedex and other courier dragnets) with the totality of the phone dragnet, the latter would vastly exceed the former in every way: in abuse, in lack of oversight, and in scale.

And to measure the “passions” mobilized against the phone dragnet, you’d have to measure it all. Attention to the various parts has been fleeting: today there’s more focus on Stingrays, for example, with comparatively less attention to the Section 215 phone dragnet, along with a focus on Hemisphere. There’s so much phone dragnet to go around, it’s like a never-ending game of whack-a-mole.

Or perhaps more appropriately, of that old fable of the 6 blind men and the elephant, where each of a series of blind men describe an elephant. These men each feel one part of the elephant and see a pillar, a rope, a tree branch, a hand fan, a wall, and a solid pipe. Together, they fail to conceive of the elephant in its entirety.

Wittes’ partial view of the phone dragnet describes just one part of one part of the dragnet elephant. At both the NSA, the FBI, and local JTTFs (at a minimum) you’re not conceiving the dragnet unless you understand the implications of matching your phone records and email records to your financial purchases and Internet search cookies — and, your snail mail, which is ultimately just a part of the larger dragnet. Each of those dragnets has several interlocking forms, too. More Title III orders, more NSLs, more Section 215 orders, and more EO 12333 collection. All dumped into a black box that — even for the Section 215 phone dragnet — undergoes no apparent oversight.

But Wittes is by no means alone in his partial view of the dragnet elephant. We all suffer from it. Since the very start of the Snowden leaks, I have been trying hard to track how NSA data gets shared with other agencies (see, for example, NCTC, FBI and CIA, “Team Sport,” ATF). I suspect I’ve got as good an understanding of how this data worms its way through the government as anyone outside of some corners of government, but it still looks like an elephant trunk to me.

That, to me, is the real lesson from the focus on yet another dragnet available to yet more intelligence and law enforcement agencies. None of us yet have a good sense of the scope of the dragnet. It is, quite literally, inconceivable. And we have even less of an idea of what happens after the dragnet feeds all that data into a series of black boxes, most subject to very little oversight.

With each new elephant body part identified, we’d do well to remember, it’s just one more body part.

FBI Will Now Videotape In Custody Interrogations

May 21, 2014/15 Comments/in Department of Justice, Drug War, Ideas and Ideology, Law, Obama Administration /by bmaz

[Significant Update Below]

My hometown paper, the Arizona Republic, broke some critically important news a few minutes ago. The story by Dennis Wagner, a superb reporter at the Republic for a very long time, tells of a monumental shift in the policy of DOJ agencies in relation to interrogations and confessions of those in custody.

There was no news release or press conference to announce the radical shift. But a DOJ memorandum —obtained by The Arizona Republic — spells out the changes to begin July 11.

“This policy establishes a presumption that the Federal Bureau of Investigation (FBI), the Drug Enforcement Administration (DEA) the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) and the United States Marshals Service (USMS) will electronically record statements made by individuals in their custody,” says the memo to all federal prosecutors and criminal chiefs from James M. Cole, deputy attorney general.

“This policy also encourages agents and prosecutors to consider electronic recording in investigative or other circumstances where the presumption does not apply,” such as in the questioning of witnesses.

This has been a long time coming and is notable in that it covers not just the FBI, but DEA, ATF and US Marshals. Calling it a monumental shift may be, in fact, a bit of an understatement. In the course of a series of false confession cases in the 90’s, attempts to get this instated as policy in the District of Arizona were fought by the DOJ tooth and nail. As other local agencies saw the usefulness of audio and/or video taping, DOJ authorities fought the notion like wounded and cornered dogs. That was not just their position in the 90’s, it has always been thus:

Since the FBI began under President Theodore Roosevelt in 1908, agents have not only shunned the use of tape recorders, they’ve been prohibited by policy from making audio and video records of statements by criminal suspects without special approval.

Now, after more than a century, the U.S. Department of Justice has quietly reversed that directive by issuing orders May 12 that video recording is presumptively required for interrogations of suspects in custody, with some exceptions.

What has historically occurred is an agent (usually in pairs) did interviews and then recounted what occurred in what is called a “302” report based on their memories, recollections and handwritten notes (which were then usually destroyed). This created the opportunity not just for inaccuracy, but outright fabrication by overly aggressive agents. Many defendants have been wrongfully convicted, and some who were guilty got off because competent defense attorneys made fools of agents, and their bogus process, in court.

In short, presumptive taping is smart for both sides, and absolutely in the interests of justice. It still remains inexplicable why the DOJ maintained this intransigence so long when every competent police procedures expert in the world has been saying for decades that taping should be the presumption.

Now it should be noted that the policy will only apply to “in custody” interrogations and not ones where there has been no formal arrest which is, of course, a gaping hole considering how DOJ agents blithely work suspects over under the ruse they are not yet in custody. There will also clearly be an exigent circumstances/public safety exception which are also more and more frequently abused by DOJ (See: here, here and here for example).

So, we will have to wait to see the formal written guidance, and how it is stated in the relevant operation manuals for agents and US Attorneys, to get a full bead on the scope of change. And, obviously, see how the written policies are implemented, and what exceptions are claimed, in the field.

But the shift in interrogation policy today is monumental and is a VERY good and positive step. Today is a day Eric Holder should be proud of, and it was far too long in arriving.

UPDATE: When I first posted this I did not see the actual memo attached to Dennis Wagner’s story in the Arizona Republic; since that time I have been sent the actual memo by another source, and it is also available as a link in the Republic story that broke this news. Here are a couple of critical points out of the actual memo dated May 12, 2014:

The policy establishes a presumption in favor o f electronically recording custodial interviews, with certain exceptions, and encourages agents and prosecutors to consider taping outside of custodial interrogations. The policy will go into effect on Friday, July 11, 2014.

By my information, the gap in implementation is because DOJ wanted to do some top down discussion and orientation on the new policy, which makes some sense given the quantum nature of this shift. My understanding is that this is already ongoing, so DOJ seems to be serious about implementation.

But, more important is the news about non-custodial situations. That was a huge question left unanswered initially, as I indicated in the original part of this post. That agents and attendant prosecutors will be encouraged to record these instances as well is, well, encouraging!

The exceptions, which are outlined is Section II of the memo are pretty much exactly as I indicated should be expected above.

Notable in the Presumptions contained in Section I of the memo is that the rule applies to ALL federal crimes. No exceptions, even for terrorism. Also, the recording may be either overt or covert, which is not different from that which I have seen in many other agencies that have long recorded interrogations. Section III specifically excludes extraterritorial situations from the rule. Frankly, I am not sure why that is necessary, the ability to record is pretty ubiquitous these days, extraterritorial should be no problem for presumptive recording.

Those are the highlights of the memo. It is short and worth a read on your own.

US Isn’t Collecting Only Electronic Data On You — Huge Biometric Database Under Construction, Too

October 18, 2013/9 Comments/in Intelligence, Terrorism /by Jim White

Edward Snowden’s revelations have shed much light on how secret government programs are collecting huge amounts of telephone, email and other electronic data generated by every US citizen even though, as Marcy has shown repeatedly, claims that collecting all of this data have enabled the capture of terrorists turn out to be significantly overblown. Sadly, it’s not just records of our communications that the government is collecting. The FBI is taking the lead in putting together what it calls Next Generation Identification. This program will expand the conventional FBI fingerprint database to include significant amounts of biological, or biometric data. From the FBI’s own description:

The future of identification systems is currently progressing beyond the dependency of a unimodal (e.g., fingerprint) biometric identifier towards multimodal biometrics (i.e., voice, iris, facial, etc.). The NGI Program will advance the integration strategies and indexing of additional biometric data that will provide the framework for a future multimodal system that will facilitate biometric fusion identification techniques. The framework will be expandable, scalable, and flexible to accommodate new technologies and biometric standards, and will be interoperable with existing systems. Once developed and implemented, the NGI initiatives and multimodal functionality will promote a high level of information sharing, support interoperability, and provide a foundation for using multiple biometrics for positive identification.

Wait. See that “etc.” in the “voice, iris, facial, etc”? Given the government’s behavior on electronic data, throwing in an “etc.” on biometric data is pretty unnerving. Impressive work is being done by the Electronic Privacy Information Center to shed light on just what the government is up to with Next Generation Identification. Here is their description of the program:

The Federal Bureau of Investigation is developing a biometric identification database program called “Next Generation Identification” (NGI). When completed, the NGI system will be the largest biometric database in the world. The vast majority of records contained in the NGI database will be of US citizens. The NGI biometric identifiers will include fingerprints, iris scans, DNA profiles, voice identification profiles, palm prints, and photographs. The system will include facial recognition capabilities to analyze collected images. Millions of individuals who are neither criminals nor suspects will be included in the database. Many of these individuals will be unaware that their images and other biometric identifiers are being captured. Drivers license photos and other biometric records collected by civil service agencies could be added to the system. The NGI system could be integrated with other surveillance technology, such as Trapwire, that would enable real-time image-matching of live feeds from CCTV surveillance cameras. The Department of Homeland Security has expended hundreds of millions of dollars to establish state and local surveillance systems, including CCTV cameras that record the routine activities of millions of individuals. There are an estimated 30 million surveillance cameras in the United States. The NGI system will be integrated with CCTV cameras operated by public agencies and private entities.

So just as the government has moved far beyond tapping communications only with a warrant to include the communications of innocent civilians, biometric identifiers of innocent civilians will be included in NGI alongside identifiers of known criminals. And what could possibly go wrong with our information being assembled in this way? Here’s how EPIC says the database will be built and maintained: Read more →

Half the LOVEINT Violations Committed by Non-NSA Employees

September 26, 2013/1 Comment/in FISA /by emptywheel

Chuck Grassley just released a summary of violations of NSA authority he requested back in August.

The data is pretty meaningless. As I have shown, NSA’s own internal reporting shows about 9% (and up to 20% in some categories) of its violations are “due diligence” violations, which are violations of rules that an analyst knows (human error, intelligence error, and training are treated as distinct violations). If today’s hearing was any indication, the Senate Intelligence Committee seems to have no understanding that 9% of all violations are willful violations of rules.

All that said, of the 12 incidents the NSA reported (there are 3 incidents still under investigation), fully half appear to be committed by members of different agencies (though one of those was a military person reported to NSA). That’s a lot of other agency personnel abusing SIGINT authorities they’re granted access to.

And note, DOJ has never prosecuted any of these. In just about all cases where DOJ gets a referral, the person resigns before being charged. The UCMJ does better — DOD has punished two people.

ACLU to Jim Comey: Welcome. Now Fix This.

September 17, 2013/7 Comments/in Fusion Centers, Intelligence /by emptywheel

Jim Comey has officially been in charge of the FBI for less than two weeks.

Today, in honor of Constitution Day, the ACLU just released a report showing how the FBI’s expanded mandate since 9/11 has led to Constitutional abuses.

Most of the details of the report have been reported here in depth. But the Big Data section includes some details I haven’t covered. It explains:

FBI collects Suspicious Activities Reports that duplicate — but lower the standard for — an existing database

Another major problem is that eGuardian effectively competes with another federal government SAR. The Intelligence Reform and Terrorism Prevention Act of 2004 established the Information Sharing Environment (ISE) to serve as the conduit for terrorism-related information sharing between state and local law enforcement and the federal government.114 A March 2013 Government Accountability Office report found that though the two programs share information between them, eGuardian uses a lower evidentiary threshold for inclusion of SARs, which creates risks and privacy problems.

The Government Accountability Office found that “many fusion centers have decided not to automatically share all of their ISE-SARs with eGuardian” because eGuardian doesn’t meet ISE standards.115 One fusion center said it would never provide SARs to eGuardian because of the fusion center’s privacy policy.116 The Government Accountability Office also found that the two systems “have overlapping goals and offer duplicative services.”117

FBI will soon have the equivalent of 20 pieces of intelligence on every American — and they share this broadly

An FBI budget request for fiscal year 2008 said the FBI had amassed databases containing 1.5 billion records, and two members of Congress described documents predicting the FBI would have 6 billion records by 2012, which they said would represent “20 separate ‘records’ for each man, woman and child in the United States.”119

[snip]

According to a 2012 Systems of Records Notice covering all FBI data warehouses, the information in these systems can be shared broadly, even with foreign entities and private companies, and for a multitude of law enforcement and non-law enforcement purposes.133

There’s far more in the report, chronicling the slow creep of abusive FBI techniques since 9/11.

Sadly, given that this has all been treated as legal, I doubt that Comey will do anything about it, even with ACLU’s demonstration that the dragnet has led FBI to miss real crimes.

Yellowcake In the Soles of His Shoes

August 23, 2013/8 Comments/in Intelligence, Terrorism /by Jim White

Splash page of alibaba.com, where it would appear that Patrick Campbell became Cassim and was unable to exit with his treasure.

Last night, The Smoking Gun and then CBS reported on the latest sting carried out by our government to keep us safe from people too stupid for their own good. This time, instead of the FBI setting up the security theater sting, it was an undercover agent for ICE, or Immigration and Customs Enforcement within the Department of Homeland Security. The criminal complaint (pdf) filed yesterday is written by an ICE Special Agent working out of Miami (I’ll return later to the ironic job position she holds).

Once again, as we see repeatedly in the government’s adventures in security theater, we appear to have ensared a small-time hustler but will undoubtedly play this up as a major interdiction of international terrorism. The hustler this time is one Patrick Campbell, who stands accused of brokering a deal to sell U₃O₈ to Iran. Campbell apparently was promising to ship 1000 tons of the processed uranium ore, but was arrested in New York ~~yesterday~~ Wednesday when he entered the country from Sierra Leone, where he reportedly lives.

How was Campbell caught? Here is how the complaint describes the elaborate trap ICE devised:

Yup. Everybody knows that Iran absolutely would go shopping for uranium on alibaba.com. Note that ICE does not appear to be able to get their high-tech document production equipment to produce subscripts. There really is no such thing as Uranium 308 or U308. Writing it that way makes it look like they are referring to a uranium isotope. The naturally occurring isotopes of uranium are listed here, where we see that the atomic masses range from 232 (= U-232) to 238 (=U-238). The isotope of interest is U-235, which occurs in nature as only 0.7% of the uranium atoms. Uranium is mined as raw ore which is chemically treated to produce U₃O₈, which is otherwise known as yellowcake. For further processing, the yellowcake is then converted to UF₆ gas and then put into gas centrifuges where the mixture is selectively enriched for the U-235 isotope. Low-grade enriched uranium has the U-235 enriched from the naturally occurring 0.7% to the range of 3-5%. Iran has also produced mid-grade uranium at 20% U-235 for its research reactor used to produce medical isotopes, but this still falls short of the 90% or so U-235 needed for a nuclear weapon.

It would appear that ICE ran this scam on such a short budget that they wouldn’t even front Campbell the money for travel to the US from Sierra Leone. In his negotiations with the undercover agent, Campbell demonstrated a pitiful level of awareness of operational security. The complaint notes many communications with Campbell by email, telephone and Skype. There is no indication that any of the communications were encrypted. The extent of his op-sec appears to be his brilliant use of an acronym to refer to the transaction:

Campbell finally made it to New York ~~yesterday~~ Wednesday, where he was promptly arrested. Here is how The Smoking Gun opened their report:

A foreigner who agreed to sell undercover Homeland Security agents 1000 tons of yellowcake uranium for shipment to Iran was arrested yesterday when he flew into the United States with uranium samples hidden inside the soles of shoes in his luggage, The Smoking Gun has learned.

Wow. He tried to hide his yellowcake samples in the soles of his shoes, which he then put into checked baggage.

This whole episode is stupid and wasteful on a wide range of levels.

First, Iran purchased huge stockpiles of yellowcake back in the days of the Shah. Read more →

Spying on Americans: A “Team Sport” Since 2004

July 11, 2013/8 Comments/in FISA, Leak Investigations, Terrorism /by emptywheel

One of the more colorful revelations in today’s Guardian scoop is the newsletter piece that describes increased sharing of PRISM (Section 702) data with FBI and CIA.

The information the NSA collects from Prism is routinely shared with both the FBI and CIA. A 3 August 2012 newsletter describes how the NSA has recently expanded sharing with the other two agencies.

The NSA, the entry reveals, has even automated the sharing of aspects of Prism, using software that “enables our partners to see which selectors [search terms] the National Security Agency has tasked to Prism”.

The document continues: “The FBI and CIA then can request a copy ofPrism collection of any selector…” As a result, the author notes: “these two activities underscore the point that Prism is a team sport!”

But that’s something that has actually been built into the program for years. While the Joint IG Report on the illegal wiretap program claimed,

NSA also was responsible for conducting the actual collection of information under the PSP and disseminating intelligence reports to other agencies such as the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), and the Office of the Director of National Intelligence (ODNI) National Counterterrorism Center (NCTC) for analysis and possible investigation.

The Draft NSA IG Report explained,

Coordination with FBI and CIA. By 2004, four FBI integrees and two CIA integrees, operating under SIGINT authorities in accordance with written agreements, were co-located with NSA PSP-cleared analysts. The purpose of co-locating these individuals was to improve collaborative analytic efforts.

And the minimization procedures released by the Guardian (which date to 2009), make it clear NSA can provided unminimized content to CIA and FBI on whatever selectors they request.

6(c)

(1) NSA may provide to the Central Intelligence Agency (CIA) unminimized communications acquired pursuant to section 702 of the Act. CIA will identify to NSA targets for which NSA may provide unminimized communications to CIA. CIA will process any such unminimized communications received from NSA in accordance with CIA minimization procedures adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

(2) NSA may provide to the FBI unminimized communications acquired pursuant to section 702 of the Act. FBI will identify to NSA targets for which NSA may provide unminimized communications to the FBI. FBI will process any such unminimized communications received from NSA in accordance with FBI minimization procedures adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

And none of that should be surprising, given the tasking slide — above — that was first published by the WaPo. FBI, at least, is solidly in the midst of this collection, for a program deemed to be foreign intelligence collection.

There have been a variety of claims about all this team sport participation. But I’m not convinced any of them explain how all this works.

And in perhaps related news, the Fifth Circuit today said that Nidal Hasan could not have access to the FISA material on him, in spite of the fact that William Webster published a 150 page report on it last year. Legally, that material should be utterly distinct from PRISM, since a wiretap on Anwar al-Awlaki would require a specific FISA warrant (and the latest Guardian scoop refers to expanded cooperation since 2012). But I suspect the reason Hasan, the FISA evidence against whom has already been extensively discussed, can’t see it is because we would see what this actually looks like from the FBI side.

DOJ has to protect its team, you know.