they know what you are doing

space otter · September 24, 2015, 04:01:33 AM

http://www.msn.com/en-us/news/world/cyber-sleuths-track-hacker-to-chinas-military/ar-AAeGSl7?li=AAa0dzB
The Wall Street Journal.
Josh Chin
5 hrs ago

Cyber Sleuths Track Hacker to China's Military

KUNMING, China—The email attachment would tempt anyone following the diplomatic standoff between China and other countries in the South China Sea. The Microsoft Word document contained text and photos depicting Thai naval personnel capturing Vietnamese fishermen and forcing them to kneel at gunpoint.

But the attachment was a decoy: Anyone who opened it inadvertently downloaded software that searched their computers for sensitive information and sent it to an obscure corner of the Internet. Manning that corner, according to a new report from U.S. security researchers, was Ge Xing, a member of a Chinese military reconnaissance unit.

The growing reach of China's army of cyberwarriors has become a flash point in relations between Beijing and Washington that President Barack Obama says will be a focus during Chinese President Xi Jinping 's state visit to the U.S. this week.

Cyberspace is the newest domain in warfare, and China's relentless testing of its boundaries has flustered the U.S. The story of the Chinese military staffer's alleged involvement in hacking provides a detailed look into Beijing's sprawling state-controlled cyberespionage machinery.

Mr. Ge doesn't appear to fit the hacker stereotype. His published academic papers identify him as an expert in a nontechnical subject: Thai politics. Frequent posts on Chinese social media that researchers have linked to him show him to be a new father and avid bicyclist who drives a white Volkswagen Golf sedan and occasionally criticizes the government.

But his activity elsewhere on the Internet links him to a Chinese hacker collective that attacks targets in an area of strategic interest to the U.S., according to the report by cybersecurity concern ThreatConnect and security consulting firm Defense Group Inc.

The U.S. has been caught flat-footed in recent months by a string of cyberintrusions in which Chinese state-sponsored hackers are the leading suspects. They include the theft of sensitive personal data on millions of government employees from computers at the U.S. Office of Personnel Management, and similar network breaches at health insurers and other companies.

Under pressure to respond, the White House has begun preparing a list of sanctions against Chinese companies that U.S. officials believe have benefited from cybertheft of U.S. corporate secrets, Mr. Obama said last week. Those sanctions, if implemented, wouldn't address state-to-state hacking.

Beijing has bristled at U.S. finger-pointing on cybersecurity and portrayed itself as a victim of hacking, pointing to disclosures by former U.S. security contractor Edward Snowden of U.S. government cyberspying on China. "Cybertheft of commercial secrets and hacking attacks against government networks are both illegal," Mr. Xi told the Journal in a written interview prior to embarking on his U.S. visit. "Such acts are criminal offenses and should be punished according to law and relevant international conventions."

The ThreatConnect-DGI report helps throw new light on a still little-understood aspect of China's cyber operations: the relationship between the country's military and an aggressive corps of Chinese-speaking hackers that appear to be pressing the country's interests abroad.

Through accounts allegedly tied to Mr. Ge, the report draws a direct link between his unit, People's Liberation Army Unit 78020, a military intelligence arm based in China's southwest, and a hacker collective known as Naikon that security researchers say has successfully penetrated key computer networks in countries competing with China for control over the South China Sea.

"What we see from Chinese intrusions is that they have a very grass roots, bottom-up kind of model," said James Mulvenon, director of DGI's Center for Intelligence Research and Analysis. "They have a lot of groups that are encouraged with relatively vague guidance to go out and develop hundreds of accesses and bring back lots of data."

Two academic papers on Thailand's political situation Mr. Ge published in 2008 identify him as working for Unit 78020, a technical reconnaissance bureau based in the southwestern Chinese city of Kunming. It is one of more than two dozen such bureaus within the PLA tasked with intelligence gathering, analysis and computer network defense and exploitation, according to Mark Stokes, executive director at Virginia think tank Project 2049 Institute and an authority on the role of China's military in signals intelligence like cyberspying.

Unit 78020 is controlled by the PLA's Chengdu Military Region, which is responsible for securing Tibet as well as China's borders with Vietnam, Myanmar and India. Another reconnaissance bureau under the Chengdu Military Region was responsible for the hacking of computer networks connected to exiled Tibetan spiritual leader the Dalai Lama, Mr. Stokes said. Given the region's focus on the border, "it also makes sense that they would do collections related to the South China Sea," he said.

Staff with Unit 78020's propaganda office declined requests for an interview. A spokesman for Chengdu Military Region referred questions to the defense ministry, which didn't respond to requests for comment. The foreign ministry also didn't respond to requests for comment.

The ThreatConnect-DGI report makes the connection between the unit and the hacking group by matching Mr. Ge's alleged activity on social media, where he uses the name greensky27, with activity on a part of Naikon's network that also uses the greensky27 name. The Wall Street Journal reviewed the report before its publication, verifying its observations of Mr. Ge's social-media activity and other evidence linking him to Unit 78020 and Naikon.

Researchers at PassiveTotal, a U.S. cybersecurity threat analysis company that provided some of the data for the report, said the report offered fair insight into how data about the use of hackers' infrastructure can be used to track and identify potential threats.

In a brief phone conversation with the Journal in August, Mr. Ge confirmed he uses the greensky27 name on social media but declined to speak further when told he was the subject of a report. "If you publish, I'll call the police," he said and hung up before hearing the substance of the report. He didn't answer subsequent phone calls or questions later sent by text message.

The greensky27 Naikon domain went dormant within an hour of the Journal's phone conversation with Mr. Ge, according to ThreatConnect. Recent visits to the domain show it is still offline.

Named by experts after a piece of code found in malware it once used, Naikon sends well-crafted emails to trick recipients into opening attachments infected with malicious software, according to researchers. Infected attachments they have used include a calendar of Laotian beauty contestants, news stories and memos on strategic topics in English and local languages, and memos that appear to be based on classified information, according to a May report by Russian antivirus maker Kaspersky Lab.

Relying on this technique—known as spearphishing—Naikon has penetrated the networks of governments, military, media and energy companies in Vietnam, the Philippines and other countries throughout Southeast Asia, Kaspersky said. "Their success rate has been high," said Kurt Baumgartner, principal security researcher at Kaspersky. "When they want to get in, they get in."

China's claims to sovereignty over vast swaths of the South China Sea—one of the world's busiest shipping routes—have sparked conflict with many of its neighbors, including U.S. ally the Philippines. Beijing has rejected U.S. criticisms of its claims, saying territorial disputes should be settled bilaterally between those directly affected. It has also pressed ahead with island-building in disputed areas, raising tensions the U.S. fears could destabilize the region.

The malicious software Naikon uses to spy on its targets is "stone age" compared with what Russian hackers use, said Richard Barger, chief intelligence officer at ThreatConnect, but it doesn't necessarily need to be advanced. "The targets they're most likely going up against, this would be sophisticated for them," he said.
ThreatConnect said it found Mr. Ge through a break in Naikon's usual pattern. To siphon off stolen information without being detected, Naikon uses hundreds of special Internet domains—akin to Web addresses—that are able to connect at various places around the Internet. The names of most of those domains appear to refer to targets or are designed to mimic legitimate websites in target countries, but the greensky27 domain didn't fit either of those criteria, ThreatConnect said.

Looking at the greensky27 domain's activity over a five-year period, researchers found it making an unusually large number of long-lasting connections to Internet addresses in the southwestern Chinese city of Kunming, according to the report. Chinese-language analysts at DGI followed that lead and discovered multiple Internet accounts making references to Kunming that used the same greensky27 name.

Comparing the domain with the social-media accounts, the researchers found a pattern. In February 2012, for example, the domain made a series of connections to Internet servers in Beijing on the same dates a user posting under greensky27 on Tencent Holdings Ltd.'s microblogging platform indicated that he was visiting the city. The domain went dormant for more than a week in November that same year, starting the day a user named greensky27 posted a message announcing the birth of a boy surnamed Ge on a discussion board maintained by Chinese search giant Baidu Inc., the report said.

DGI said it found a clue to Mr. Ge's identity in photos posted on the greensky27 Tencent account in 2013 that showed a visit to what it called the Ge family ancestral temple in Yuxi county, about 50 miles south of Kunming. Digging around further online, DGI said it found Mr. Ge's full name and phone number, as well as the academic papers listing Mr. Ge as working for Unit 78020. Mr. Ge's rank in the military and specific role within the unit are unclear, the researchers said.

A series of skyline snapshots Mr. Ge allegedly posted online during work hours between 2011 and 2013 confirm an affiliation with the military. Taken from the same vantage point, they show a view of a tall apartment tower that could have been captured only from inside a military complex located in downtown Kunming.

Another series of photos showed snow-covered cars in a parking lot with a water tower in the background that also indicated they were shot from inside the military compound, the report said. "Little Golf and his buddies," he wrote, in apparent reference to his car and to those parked around it.

On a recent visit to the complex by a Journal reporter, security personnel confirmed the compound belongs to Unit 78020 of the People's Liberation Army. Staff with the unit's propaganda office wouldn't say whether Mr. Ge worked there.

The user was coy about discussing his military background on social media. The Tencent account listed him as having attended PLA International Studies University in 1998. In 2014, he posted photos of a visit to the university's campus in the city of Nanjing with a short message: "Just posting photos, not explaining, look for yourself." A couple of weeks later he posted photos of a PLA firefighter demonstration and from an event celebrating the PLA's 87th anniversary. "Not explaining," he wrote again.

Some of his early posts contained cryptic political and social commentary. "Faith = Whatever the party tells me to do, I do," he wrote in a post in July 2012. In another post the previous fall, he repeated a common joke about China's state TV broadcaster's tendency to emphasize the positive in its nightly news show: "I have a dream—to always live inside Xinwen Lianbo."

After the birth of his son in late 2012, his posts focused on family life, the weather and travel. One post early the following year featured a picture of a cluster of villas. "Ten year goal," he wrote. The Tencent account was deleted within a day of the Journal's call to Mr. Ge.

Activity on the greensky27 domain indicates a relatively regular work schedule. The domain connected to the Naikon network around 9 a.m., went quiet around lunch and typically signed off around 6 p.m., according to the report.

The domain also tended to go dormant around China's annual Spring Festival holiday, the report said, but there were exceptions. In early 2012, according to ThreatConnect, the domain went silent for Spring Festival only to suddenly come to life the weekend of Jan. 27, a day after news broke that a delegation from the Philippines had launched talks in Washington over military cooperation with the U.S.

Data collected by ThreatConnect show frequent connections between the hacker domain and Internet addresses in Thailand beginning in 2012. Those connections began to tail off in May 2014, after the U.S. indictments of five PLA officers on charges of commercial cybertheft. China has denied the allegations.

The social-media feeds attributed to Mr. Ge indicate he spends much of his time either playing with his son or riding, repairing and talking about his mountain bike. Xiong Junwu, a bike shop owner and founder of Kunming's Fattire Fun Bike Club, recognized a photo of Mr. Ge and said he occasionally joined the club's weekly rides in the Kunming area.

Like many Chinese outdoors enthusiasts, Mr. Ge sometimes turned wistful when contemplating polluted skies. "Today's air is only average," he wrote next to a photo of a gray sky taken from inside the Unit 78020 compound. "Wishing peace to everyone and tranquility to the world."

space otter · September 29, 2015, 04:41:06 AM

I am sooo glad to be outta the work thing..well work for pay thing..i'ld be bustin the robots..sigh

http://www.huffingtonpost.com/entry/the-age-of-surveillance-at-work-is-upon-us_56098494e4b0768126fe7a96

Shane Ferro
Business Reporter, The Huffington Post
Posted: 09/28/2015 04:17 PM EDT

The Age Of Surveillance At Work Is Upon Us

Thanks a lot, technology.

The scariest part of the automated workplace is probably not that robots are coming to take your job -- it's that the robots are coming to measure your job.

Economist Tyler Cowen explains in the recently released 2015 edition of MIT Technology Review's Future of Work report, the real economic threat of automation is constant measurement of employees' performance. In the future, no small amount of slacking off at your desk will go unnoticed.

Worse, this doesn't even really fall under "the future of work." It's already the reality:

Insofar as workers type at a computer, everything they do is logged, recorded, and measured. Surveillance of workers continues to increase, and statistical analysis of large data sets makes it increasingly easy to evaluate individual productivity, even if the employer has a fairly noisy data set about what is going on in the workplace.

According to Cowen, the most productive employees are likely to see huge benefits, and everyone else will be left behind. That will create great inequality, but also likely great stress in the workplace. Constant measurement can equate to constant criticism.

"Individuals don't in fact enjoy being evaluated all the time, especially when the results are not always stellar: for most people, one piece of negative feedback outweighs five pieces of positive feedback," writes Cowen.

He also point out points out that we've already seen this in journalism. The young writers who were able to command huge audiences just when the technology appeared to track those audiences (think Ezra Klein and Nate Silver) were able to turn their popularity into paydays, even as many of their colleagues saw the journalism landscape getting bleaker post-2008.

So what's next? More measurement, of course!

Looking further ahead, and more speculatively, employers might request genetic information from workers. Anyone who doesn't want to turn it over might be seen as having something to hide," Cowen writes.

Good luck out there, less-than-perfectly-productive brethren. It's probably time to get back to work.

space otter · September 29, 2015, 04:47:39 AM

"Today over half the people on this planet don't have access

http://www.huffingtonpost.com/entry/facebook-mark-zuckerberg-internet-un-refugees_5609bb7ee4b0768126fecfe8

Matt Ferner
National Reporter, The Huffington Post
Posted: 09/28/2015 09:40 PM EDT

Mark Zuckerberg: Facebook To Bring Internet Access To UN Refugee Camps

The project appears to dovetail with a Facebook partnership to provide Internet access to the entire planet.

Facebook will help provide Internet access to United Nations refugee camps around the world, Mark Zuckerberg, CEO and founder of the social media giant, said over the weekend.

Zuckerberg provided limited details about the plan, which will be in partnership with the U.N. High Commissioner for Refugees, the world body's refugee agency. He made the announcement Saturday at the U.N. Private Sector Forum at U.N. headquarters in New York.

"Connectivity will help refugees better access support from the aid community and maintain their links to family and loved ones," Zuckerberg said. "And Facebook is in a unique position to help maintain this lifeline."

The number of people forcibly displaced from their homes as a result of persecution, violence or human rights violations has surpassed 50 million -- a first since World War II. Millions of those people are temporarily staying in more than 100 U.N. refugee camps.

The number of refugees continues to rise, in part due to the conflict in Syria that makes life there a daily threat. About 4 million people have fled Syria into neighboring countries in what the U.N. says is the largest refugee crisis in a quarter-century. Millions more have been displaced within the country.

Facebook's plan to connect refugees with loved ones appears to coincide with the goals of a partnership the company has forged with ONE Campaign, a global nonprofit advocacy group fighting extreme poverty. The partnership has said it will support a goal U.N.partner nations pushed forward last week as part of their Agenda for Sustainable Development to provide Internet access to the entire planet by 2020.

Zuckerberg and Bono, the U2 frontman and ONE founder, called for increased support for global connectivity from the private sector, and laid out challenges of actually achieving the goal, in a New York Times op-ed published the same day as Zuckerberg's U.N. remarks.

"Today over half the people on this planet don't have access," Zuckerberg and Bono wrote. "That is not good for anyone -- not for the disempowered and disconnected, and not for the other half, whose commerce and security depend on having stable societies." They said access to the Internet is a key pathway to increased global cooperation and equality.

Zuckerberg, of course, has a business interest in increasing the Internet's user base -- and Facebook users. But he has said he's deeply committed to helping lift people out of poverty, which he says can be helped by Internet access.

"It's not all altruism," Zuckerberg said, according to The New York Times. "We all benefit when we are more connected."

The project to provide Internet access to refugee camps appears to be in the early stages. A Facebook spokesperson declined to elaborate in an email to The Huffington Post.

54 sec vid at link

space otter · October 17, 2015, 03:29:00 AM

well the Chinese and now the Russians.. and it seems others in the u.s. hacking the u.s.
doesn't anyone else get hacked..lol
and why do we only hear about it a year or so later...geeeeeeeeeezeeeeeee

http://www.bloomberg.com/news/articles/2015-10-16/russian-hackers-of-dow-jones-said-to-have-sought-trading-tips

by
Michael Riley
Jordan Robertson
Keri Geiger
October 16, 2015 — 2:20 PM EDT
Updated on October 16, 2015 — 4:33 PM EDT

Russian Hackers of Dow Jones Said to Have Sought Trading Tips

Russian Hacker Group Infiltrated Dow Jones Servers

FBI, Secret Service and SEC said to be probing incursion

Hacking investigation said to have begun at least a year ago

A group of Russian hackers infiltrated the servers of Dow Jones & Co., owner of the Wall Street Journal and several other news publications, and stole information to trade on before it became public, according to four people familiar with the matter.

The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission are leading an investigation of the infiltration, according to the people. The probe began at least a year ago, one of them said.

Dow Jones, in a statement, said: "To the best of our knowledge, we have received no information from the authorities about any such alleged matter, and we are looking into whether there is any truth whatsoever to this report by a competitor news organization."

The breach is described by the people familiar with it as far more serious than a lower-grade intrusion disclosed a week ago by Dow Jones, a unit of Rupert Murdoch's News Corp. The company said last week that it is working with a cybersecurity firm and law enforcement after learning that hackers had sought contact and payment information of about 3,500 customers.

It is unclear if the incursions are related. It is also unclear whether the company's news-gathering operations were affected in the insider-trading matter. Two of the people familiar with the investigation said the hackers sought information including stories being prepared for publication.

Kelly Langmesser, a spokeswoman for the FBI New York office, confirmed the office is investigating a breach at Dow Jones but declined to comment further. Jim Margolin, a spokesman for the U.S. Attorney's Office for the Southern District of New York, declined to comment, as did spokesmen for the Secret Service and the SEC.

The White House was briefed on the investigation and the FBI and SEC have spent months trying to determine exactly how the hackers could profit from what they took, consulting financial and market experts among other specialists, the people said.

Information embargoed by companies and the government for release at a later time could be valuable to traders looking to gain an edge over other market participants, as could stories being prepared on topics like mergers and acquisitions that move stock prices.

Dow Jones publishes the Wall Street Journal and Barron's and provides information through a number of services including Dow Jones Newswires. Bloomberg LP, the parent of Bloomberg News, competes with News Corp. in providing financial news and services.

New Front

The hack investigation shows how quickly law enforcers are shifting to a new front in insider trading: cyberspace. Market-moving, nonpublic information used to trade hands in secret meetings. Hackers are now stealing sensitive information and selling it to traders. This new vulnerability in the financial markets is challenging law-enforcement officials who are trying to keep pace with cyber-criminals' rapidly evolving moneymaking schemes.

For would-be inside traders, business journalists and data providers are a rich target. Potentially market-moving scoops often develop in-house for days or weeks, promising intruders a long pre-publication window to mine information and execute trades. Data being held for public release at a specified time can also be a gold mine in markets where the profitably of a trade is determined in a fraction of a second.

Dow Jones says in its annual report that its Factiva service provides global business content to about 1.1 million active users. "More than 4,000 sources make information available via Factiva on or before the date of publication by the source," according to the report. Dow Jones Newswires publishes more than 16,000 news items each day to financial professionals and investors.

Hacking for Tips

U.S. authorities are ramping up their pursuit of hackers after a series of high-profile attacks on corporations.

In August, federal authorities made several arrests in what they called a years-long scheme that fused insider trading and hacking. In that matter, Russian-speaking hackers working from Ukraine were indicted along with traders for siphoning more than 150,000 press releases, including corporate earnings containing data that could be used to anticipate stock market moves, prosecutors said.

Those hackers broke into the servers of PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett's Berkshire Hathaway Inc., over a five-year period, according to prosecutors. The group allegedly made more than $100 million in trades using unreleased earnings releases of companies such as Panera Bread Co., Boeing Co., Caterpillar Inc. and Oracle Corp., through retail brokerage accounts.

For more, read this next:

QuickTake: Cybersecurity

Information companies are regularly bombarded by hackers. When he disclosed the customer-data breach on Oct. 9, Dow Jones Chief Executive Officer William Lewis said the incursion was part of a "broader campaign involving a number of other victim companies." Dow Jones learned of the hack from law enforcement officials, Lewis wrote, saying it had determined its system was breached at times between August 2012 to July 2015 by hackers whose goal appeared to be gathering contact information for customers so it could send them fraudulent solicitations. The company said it had no direct evidence that information was stolen.

space otter · October 20, 2015, 10:59:15 PM

ah yes we are all so better off with everything on computers....sigh

http://www.msn.com/en-us/news/itinsider/teen-who-hacked-cia-director%e2%80%99s-email-tells-how-he-did-it/ar-AAfFmTh?li=AAa0dzB

Wired
Kim Zetter
6 hrs ago

Teen Who Hacked CIA Director's Email Tells How He Did It

A hacker who claims to have broken into the AOL account of CIA Director John Brennan says he obtained access by posing as a Verizon worker to trick another employee into revealing the spy chief's personal information.

Using information like the four digits of Brennan's bank card, which Verizon easily relinquished, the hacker and his associates were able to reset the password on Brennan's AOL account repeatedly as the spy chief fought to regain control of it.

News of the hack was first reported by the New York Post after the hacker contacted the newspaper last week. The hackers described how they were able to access sensitive government documents stored as attachments in Brennan's personal account because the spy chief had forwarded them from his work email.

The documents they accessed included the sensitive 47-page SF-86 application that Brennan had filled out to obtain his top-secret government security clearance. Millions of SF86 applications were obtained recently by hackers who broke into networks belonging to the Office of Personnel Management. The applications, which are used by the government to conduct a background check, contain a wealth of sensitive data not only about workers seeking security clearance, but also about their friends, spouses and other family members. They also include criminal history, psychological records and information about past drug use as well as potentially sensitive information about the applicant's interactions with foreign nationals—information that can be used against those nationals in their own country.

The hacker, who says he's under 20 years old, told WIRED that he wasn't working alone but that he and two other people worked on the breach. He says they first did a reverse lookup of Brennan's mobile phone number to discover that he was a Verizon customer. Then one of them posed as a Verizon technician and called the company asking for details about Brennan's account.

"[W]e told them we work for Verizon and we have a customer on scheduled callback," he told WIRED. The caller told Verizon that he was unable to access Verizon's customer database on his own because "our tools were down."

After providing the Verizon employee with a fabricated employee Vcode—a unique code the he says Verizon assigns employees—they got the information they were seeking. This included Brennan's account number, his four-digit PIN, the backup mobile number on the account, Brennan's AOL email address and the last four digits on his bank card.

"[A]fter getting that info, we called AOL and said we were locked out of our AOL account," he said. "They asked security questions like the last 4 on [the bank] card and we got that from Verizon so we told them that and they reset the password." AOL also asked for the name and phone number associated with the account, all of which the hackers had obtained from Verizon.

On October 12, they gained access to Brennan's email account, where they read several dozen emails, some of them that Brennan had forwarded from his government work address and that contained attachments. The hacker provided WIRED with both Brenann's AOL address and the White House work address used to forward email to that account.

Among the attachments was a spreadsheet containing names and Social Security numbers—some of them for US intelligence officials—and a letter from the Senate asking the CIA to halt its use of harsh interrogation techniques—that is, its controversial use of torture tactics.

These documents appear to come from 2009. The Associated Press has speculated that the spreadsheet might be a list of guests who were visiting the White House that year when Brennan was President Obama's counter-terrorism adviser.

The hackers posted screenshots of some of the documents on their Twitter account, @phphax. Among the items posted were links to a file the hackers say contained portions of Brennan's contact list as well as a log of phone calls by former CIA deputy director Avril Haines. They also posted a reduced page from the spreadsheet.

The hackers were in Brennan's account for three days before it was disabled last Friday.

"It does not appear that any classified information was accessed" meanwhile.. pic.twitter.com/tOSlMtS3Ly
— cracka (@phphax) October 19, 2015

On October 16, the hacker Tweeted that Brennan had deleted his AOL account after they had notified him of the breach.

Well, John Brennan deleted his email because we kept jacking it LOL pic.twitter.com/1QbGblEPQz
— cracka (@phphax) October 16, 2015

The hacker told WIRED that Brennan had tried to access the account and couldn't.

He told WIRED that Brennan re-set the password, and they hijacked it again. "[H]e took back access and we re-jacked it. That happened 3 times," he said.

So they called Brennan's mobile number, using VoIP, and told him he'd been hacked. The conversation was brief.

"t was like 'Hey,.... its CWA.' He was like 'What do you want?' We said '2 trillion dollars hahhaa, just joking,'" the hacker recounted to WIRED.

Brennan, the hacker says, replied, "How much do you really want?"

They told Brennan "We just want Palestine to be free and for you to stop killing innocent people."

In addition to Brennan's AOL account, the hackers also broke into the Comcast account of Homeland Security Secretary Jeh Johnson.

The news of the breach, of course, comes in the midst of another email scandal involving Hillary Clinton who has been under fire for months over a private server and email account she maintained to do official work. Clinton has been accused of maintaining the server to bypass public records requests involving her government email address.

It's unclear if Brennan was using his personal email to conduct government business or if he simply used it to occasionally store email and documents from his work account.

The hack, using social-engineering techniques to pull information from tech support, is reminiscent of the epic hack that targeted former WIRED writer Mat Honan. In that case, Apple tech support gave a hacker named Cosmo access to Honan's iCloud account, and Amazon tech support gave him the ability to see the last four digits of Honan's credit card number. which the hacker then used to gain access to Honan's iCloud account, and that in turn led to the hacker obtaining access to a series of other accounts.

space otter · October 21, 2015, 09:49:34 PM

if anyone is the least bit interested in the e-mails..check these links out

https://wikileaks.org/cia-emails/

CIA Director John Brennan emails

Today, 21 October 2015 and over the coming days WikiLeaks is releasing documents from one of CIA chief John Brennan's non-government email accounts. Brennan used the account occasionally for several intelligence related projects.

John Brennan became the Director of the Central Intelligence Agency in March 2013, replacing General David Petraeus who was forced to step down after becoming embroiled in a classified information mishandling scandal. Brennan was made Assistant to the President for Homeland Security and Counterterrorism on the commencement of the Obama presidency in 2009--a position he held until taking up his role as CIA chief.

According to the CIA Brennan previously worked for the agency for a 25 year stretch, from 1980 to 2005.

Brennan went private in 2005-2008, founding an intelligence and analysis firm The Analysis Corp (TAC). In 2008 Brennan became a donor to Obama. The same year TAC, led by Brennan, became a security advisor to the Obama campaign and later that year to the Obama-Biden Transition Project. It is during this period many of the Obama administration's key strategic policies to China, Iran and "Af-Pak" were formulated. When Obama and Biden entered into power, Brennan was lifted up on high, resulting in his subsequent high-level national security appointments.

If you have similar official documents that have not been published yet, send them to WikiLeaks.

....................................

http://www.huffingtonpost.com/entry/john-brennan-emails-wikileaks_5627ba31e4b08589ef4a1364

Here Are John Brennan's Emails, Just Released By Wikileaks

Help us read through them, and tell us what you find.

Sam Stein
Senior Politics Editor, The Huffington Post
Posted: 10/21/2015 03:14 PM EDT | Edited: 1 hour ago

Wikileaks on Wednesday released the contents of CIA Director John Brennan's private email account

https://wikileaks.org/cia-emails/

space otter · October 27, 2015, 09:01:55 PM

http://www.huffingtonpost.com/entry/senate-to-approve-controversial-cybersecurity-bill_562f7a9ae4b06317990f50db
Reuters
By Dustin Volz
Posted: 10/27/2015 09:55 AM EDT

Senate To Approve Controversial Cybersecurity Bill

Critics fear it'll give the NSA more power to snoop on everyday Americans.

WASHINGTON, Oct 27 (Reuters) - Sharing of computer data on cyber threats between the private sector and U.S. government would increase under legislation expected to win Senate approval on Tuesday despite objections of privacy advocates who fear excessive government surveillance.

Two related measures won approval in the House of Representatives earlier this year and must be reconciled with the Senate bill before final legislation goes to President Barack Obama.

Some House leaders have said the Senate language is unlikely to be accepted by the House, suggesting a conference is likely.

Civil libertarians have opposed information-sharing legislation for years, with many warning it will give the National Security Agency and other agencies more access to snoop on Americans' personal data without improving cyber defenses.

The Senate's Cybersecurity Information Sharing Act (CISA) is important to help detect and minimize cyber intrusions, according to the bill's bipartisan backers.

It would make it easier for corporations to share information about cyber attacks with each other or the government without fear of lawsuits.
After numerous failed starts, the long-stalled measure was seen as likely to win easy approval. Senators have been eager to address cyber security in the wake of recent high-profile hacks of companies such as Sony Pictures and the pilfering of troves of employee data from the federal Office of Personnel Management.

The Obama administration endorsed the Senate measure last week after the bill's sponsors worked to improve privacy protections. The White House, however, noted some remaining reservations with the bill's language.

Senate passage would represent a whiplash for digital privacy advocates buoyed earlier this year by adoption of legislation effectively terminating the NSA's bulk collection of U.S. phone metadata.

(Editing by Kevin Drawbaugh and Paul Simao)

zorgon · October 27, 2015, 09:04:37 PM

Just a question...

95% of Americans lead dull and mindless lives, talking about nothing of any importance on the social media sites

WHY are they so worried about the NSA snooping on stuff they post publicly on FB and Twitter anyway?

zorgon · October 27, 2015, 09:05:46 PM

If the NSA didn't snoop on Pegasus members...

... how would they find out what is really going on in the world?

space otter · October 27, 2015, 09:06:21 PM

maybe just the idea that there really isn't any privacy.....we think we have it even though it's long gone

space otter · October 27, 2015, 09:06:37 PM

http://thehill.com/policy/cybersecurity/258189-senate-kills-privacy-advocates-final-effort-to-edit-cyber-bill

Senate kills privacy advocates' bid to change cyber bill

The Senate on Tuesday dismissed a last-ditch effort from privacy-minded senators to change a controversial cybersecurity bill that is quickly headed for a final vote.

The Cybersecurity Information Sharing Act (CISA) — which would encourage businesses to share more data on hackers with the government — is now expected to pass without any of the amendments desired by privacy advocates, despite a months-long campaign from a number of lawmakers.

Before the vote, Senate Minority Leader Dick Durbin (D-Ill.) told his colleagues the edits were needed to help strike the appropriate balance between ensuring security and protecting civil liberties.

"We are always going to be faced with that challenge," he said. "Are we going too far? Are we giving too much to the government? That, in fact, is the debate we have today."
But Sen. Dianne Feinstein (D-Calif.), a CISA co-sponsor, cautioned the edits would "undo the careful compromises we have made on this bill."

Many industry groups, a bipartisan group of lawmakers, and the White House argue CISA is needed to help the country better defend itself against cyberattacks. But privacy advocates criticized the bill as a surveillance measure that will simply shuttle more of Americans' personal data to the government.

In recent days, leading CISA critic Sen. Ron Wyden (D-Ore.) made a vocal bid to win over enough votes to get through several privacy-focused amendments from himself and four other senators.

These amendments, "seek to achieve the same goal ... to reduce the unnecessary sharing of Americans' private and personal information," he said on the Senate floor Monday.

Wyden was pushing his own amendment that would have injected stricter requirements for companies to remove personal information from their cyber threat data before handing it to the government. The proposal fell by a 41-55 vote.

His change, he argued, would have provided CISA with "a straightforward standard that could give consumers real confidence that their privacy is actually being protected."

As it stands now, "the message behind this bill is, when in doubt, hand it over," Wyden added.

Feinstein shot back just before the vote Tuesday, arguing that Wyden's language would create "a very unclear requirement" for businesses.

Sen. Dean Heller (R-Nev.) offered a similar amendment that would have also raised the personal data scrubbing standard for the government.

"I believe that my amendment does strike a balance, increasing privacy, but still providing that real-time information sharing," Heller said on the Senate floor Tuesday.

Senate Intelligence Committee Chairman Richard Burr (R-N.C.), CISA's other co-sponsor, pushed back.

"It changes [CISA] in a way that would either cause companies to choose not to participate, or it may change it in a way that delays notification to the federal government," he said.

Heller's proposal went down in a 47-49 vote.

Casting his 15,001th Senate vote, Sen. Patrick Leahy (D-Vt.) tried but failed to strip the bill of what he believes are detrimental exemptions to a vital public transparency law, the Freedom of Information Act (FOIA).

"We should not be passing legislation that weakens this critical law," Leahy insisted Monday.

Under CISA, businesses sharing data on hackers with the government would receive some protections from having the details of this information revealed through a FOIA request.

"While the bill seeks to share information about the nature of cyber threats and suggestions on how to defend networks, this information should not be made widely available to hackers and cyber criminals who could use it for their own purposes," Feinstein argued on the floor Tuesday.

The Leahy measure garnered only 37 votes.

Sen. Al Franken (D-Minn.) also failed in his effort to restrict the volume and type of data the government would receive under CISA.

His offering, which received 35 votes with 60 against, would have narrowed the definition of "cybersecurity threat" in the bill.

"These changes will help ensure that CISA's broad authorities are not triggered in circumstances where no real cyber threats are present," he said in a final pitch to his colleagues Monday night. "This makes the bill more privacy protective and more likely to work effectively."

But Feinstein warned it would inject uncertainty into the bill, and possibly even stop companies from sharing vital cyber threat data.

Privacy advocates got one final bid at altering the bill Tuesday afternoon, with an amendment from Sen. Chris Coons. The Delaware Democrat wanted to add more stringent data scrubbing requirements specifically for the Department of Homeland Security (DHS), which would receive most of the cyber threat shared under CISA.

Like his fellow privacy-minded colleagues, Coons' effort fell short, receiving 41 votes.

Even though Coons didn't get his language approved, a variation of his desired changes was included in a manager's package from the bill's co-sponsors, Burr and Feinstein.

Their package contains nearly two dozen edits from various senators, including some of Coons's language merged with a proposal from Sen. Tom Carper (D-Del.). That package is expected to pass Tuesday evening.

While privacy groups did urge the upper chamber to adopt each of the amendments, the alterations stood no chance of fully winning over staunch CISA supporters.

Greg Nojeim, senior counsel at the Center for Democracy & Technology, said the amendments were "important" and could have lessened the likelihood that personal data will be transferred to the government, "but at the end of the day, the world that we'll face is one in which instead of minimizing the flow of user information to the NSA, the bill will mandate it."

— Katie Bo Williams contributed.

— This story was updated at 4:39 p.m.

space otter · October 27, 2015, 09:14:34 PM

they start with something you think you want and go on from there...sigh

space otter · November 09, 2015, 10:39:39 PM

http://www.msn.com/en-us/news/us/the-nsa-school-how-the-intelligence-community-gets-smarter-secretly/ar-CC8A7Q?li=AAa0dzB
The Washington Post
Susan Svrluga
1 hr ago

The NSA school: How the intelligence community gets smarter, secretly

Leonard Reinsfelder's wife found a note on her car as she was leaving a shopping center one day: "Have your husband give us a call. We think we could use him."

There was a phone number, and nothing else.

So began Reinsfelder's career at the National Cryptologic School, which functions as a sort of college for the National Security Agency and the intelligence community.

Reinsfelder, a high-school Spanish teacher with multiple graduate degrees, took the job not knowing what it would be; they couldn't tell him until he got inside and got security clearance.

The National Cryptologic School is a school unlike any other. It's extremely carefully guarded, for starters, with a series of checkpoints to get to class.

Some of the students' identities are secret.

There's no homework to take home. (It's classified.)

No cell phones or computers can be brought inside, so the break areas have a surreal, throwback feel. There are landlines, some secure, for checking in on work. Some are not, for checking in on family.

And it has a most unusual mission: Teaching people whose jobs protecting the nation require them to stay ahead of rapidly evolving threats and technology.

The NSA has been sharply criticized in recent years for its efforts to collect all sorts of data, and it also is feared by some; it's a flashpoint in the debate over privacy and national security.

[Federal appeals court allows NSA phone data collection to run through November]

It's also huge — the NSA is the Washington region's largest employer. And all those people need to keep learning.

Reinsfelder, now the commandant of the National Cryptologic School, led a celebration of its 50th year this week, reflecting on a history that mirrors that of the country, as its instructors adapted curricula to respond to a changing world.

The school plays a critical role in keeping the country safe, said Frank Cilluffo, associate vice president and director of the Center for Cyber and Homeland Security at George Washington University. In a speech marking the school's anniversary, he talked of how much impact intelligence information has on policy decisions at the highest levels. "It is greatly and deeply appreciated."

"You are the silent warriors, those of you in uniform as well as the civilians," he said. "You save lives."

The National Cryptologic School's roots go back even further than 1965 — all the way to the American Revolution, Cilluffo argued.

"George Washington was America's first spy master," he said, with Washington's men learning to intercept messages from the British soldiers, and to deceive them. "He deployed sophisticated trade craft, including ciphers and codes."

After the war, Washington declared that intelligence was key to victory, Cilluffo said, adding that that also was true for both world wars as well.

It was after the World War II that some people realized they were in a unique job that required skills no one else had, said David Hatch, the NSA's historian, who joined the agency as an analyst decades ago. As the NSA grew, its director realized the agency needed a more formalized training and education program for employees as disparate as soldiers not long out of high school and scholars with multiple doctorates.

They also need classes for people who are just joining the shadowy agency: NSA 101.

In the early days, there were just eight curricula. Analysts used a pencil, a sheet of paper, and a simple straight-edged tool with three holes – big circle, smaller circle, rectangle – to diagram communication networks.

The "textbooks" were heavy binders with type-written or hand-written pages on radio wave propagation, signal analysis, or languages.

The school was an early leader in computer technology, Hatch said, most of which is now obsolete.

Legendary (to insiders) cryptologists taught classes, like the man who had been a world-famous flute player until WWII made his hobby – ciphers, codes – critically important. Lambros Callimahos worked hard at being eccentric, Hatch said, wearing a beret and a Paris policeman's cape, taking a proper British tea, encouraging his students to use snuff. He made up an entire mythical country, complete with its own history, politics, language, and dozens of crypt systems the students would have to crack. He had a portrait painted of the prime minister — who just happened to resemble Callimahos, in a resplendent military uniform. He would ask questions such as: "What is the cryptological meaning of December 16th?"

The class was incredibly difficult. A friend of Hatch's once told him if he dropped a pencil he didn't dare pick it up or he would have missed three cryptosystems.

Callimahos understood how serious the mission is, Hatch said. "He also knew a lot of what we do can be fun."

Former students talked about how the classes didn't just teach them new skills; they learned entirely new ways to think. One described his head literally throbbing by the end of the day.

The National Cryptologic School has always had to be nimble, adapting to the demands of the mission from the Cold War to Vietnam to tensions in Central America in the early 1980s — that's when Reinsfelder was brought in to launch the school's Spanish-language program – to the fall of the Berlin Wall to 9/11 to ISIS. Now the changes happen much more quickly.

In 2006, while the school had information technology classes, there was nothing there called "cyber." Now it has a separate college focused on cyber security and cyber operations.

School leaders ensured that most of their more than 1,300 courses can be taught not only at their satellite campuses but online worldwide through secure connections.

They began regular meetings with their youngest employees, James Aldrich, the school's deputy commandant, said, because they realized students were learning in constantly evolving ways. Sometimes they were learning on apps that didn't exist a week ago.

And they have to keep thinking ahead. The school formed a partnership with Dakota State University so that employees, often young service members who joined the military straight out of high school, could earn significant academic credit toward a college degree in cyber operations. (Some classes at the National Cryptologic School have transferable academic credits, so students can continue on to degrees elsewhere. The school has been accredited by the Council on Occupational Education for 25 years; some courses are certified by the American Council on Education.)

The school works with colleges and schools across the country to encourage language programs in areas of critical need, such as Arabic, Chinese, Dari, Hindi, Persian, Farsi, Portuguese, Russian, Swahili, Turkish, Urdu, Korean. That's how Reinsfelder found himself in a first-grade classroom in Delaware one day, listening to small children speaking Mandarin.

The NSA wants to ensure young students are getting science, technology, engineering and math skills; at a camp in California this summer, one of dozens of camps across the country, girls from low-income communities "went home with little Raspberry Pis, a $65 computer that actually works," Reinsfelder said. They also learned how to hack drones.

And classes go on, of course, at the National Cryptologic School's headquarters in Maryland, an old warehouse converted into an academic building with a bland uniformity inside (and an incongruous fountain out front, with a plastic duck bobbing along through the splashing water.)

One day this week, men and women in camouflage uniforms and civilian clothes passed through security, striding purposefully down identical corridors with identical gray doors.

Students?

It's possible. It might even be probable. But that's on a need-to-know basis.

space otter · November 11, 2015, 09:39:09 PM

I wonder if the Chinese will do due process with the drug guys

http://www.msn.com/en-us/news/us/justice-officials-fear-nations-biggest-wiretap-operation-may-not-be-legal/ar-CCfF61?li=AAa0dzB

USA Today
Brad Heath and Brett Kelman
2 hrs ago

Justice officials fear nation's biggest wiretap operation may not be legal

RIVERSIDE, Calif. — Federal drug agents have built a massive wiretapping operation in the Los Angeles suburbs, secretly intercepting tens of thousands of Americans' phone calls and text messages to monitor drug traffickers across the United States despite objections from Justice Department lawyers who fear the practice may not be legal.

Nearly all of that surveillance was authorized by a single state court judge in Riverside County, who last year signed off on almost five times as many wiretaps as any other judge in the United States. The judge's orders allowed investigators — usually from the U.S. Drug Enforcement Administration — to intercept more than 2 million conversations involving 44,000 people, federal court records show.

The eavesdropping is aimed at dismantling the drug rings that have turned Los Angeles' eastern suburbs into what the DEA says is the nation's busiest shipping corridor for heroin and methamphetamine. Riverside wiretaps are supposed to be tied to crime within the county, but investigators have relied on them to make arrests and seize shipments of cash and drugs as far away as New York and Virginia, sometimes concealing the surveillance in the process.

The surveillance has raised concerns among Justice Department lawyers in Los Angeles, who have mostly refused to use the results in federal court because they have concluded the state court's eavesdropping orders are unlikely to withstand a legal challenge, current and former Justice officials said .

"It was made very clear to the agents that if you're going to go the state route, then best wishes, good luck and all that, but that case isn't coming to federal court," a former Justice Department lawyer said. The lawyer and other officials described the situation on the condition of anonymity because they were not authorized to discuss the department's internal deliberations.

Federal agents often prefer to seek permission to tap phones from state courts, instead of federal courts, because the process is generally faster and less demanding than seeking approval through the Justice Department. In addition, California law allows them to better conceal the identities of confidential informants they rely on to help investigate drug rings. Over the past decade, drug agents have more than tripled their use of wiretaps, mostly by using state court orders.

Wiretaps — which allow the police to secretly monitor Americans' communications — are among the most intrusive types of searches the police can conduct, and federal law imposes strict limits on when and how they can be used. The law requires that police use wiretaps only after they have run out of other tools to build a case.

In Riverside, the authorities' use of that last-ditch tool quadrupled over the past four years. Last year alone, Riverside County prosecutors and a local judge approved 624 wiretaps, far more than any other jurisdiction in the United States, according to records compiled by the federal court system. Nearly all were tied to drug investigations.

"Those numbers — the totals, and just the size of some of those wiretaps — are huge red flags for us," said Dave Maass, an investigative researcher for the Electronic Frontier Foundation. "When there's this amount of secrecy it starts to raise serious concerns about accountability for electronic interceptions."

Because wiretap orders are sealed, there is no way to know precisely how many of them were sought by the DEA and the local officers it deputized to work on a drug task force. Some of the taps were sought by local police officers and officers in neighboring counties. Prosecutors acknowledged, however, that the drug agency plays a leading role in the wiretapping. The county's former district attorney, Paul Zellerbach, who presided over the rapid rise in wiretapping before there he left office in January, said the drug agency was "a significant player."

Riverside County's new district attorney, Mike Hestrin, said he found out about the county's wiretap numbers not long after taking office after other prosecutors approached him to suggest he look into the matter. He was concerned by what he found.

Hestrin said in an interview that he made a "series of reforms" to how wiretaps are handled, which he said will lead to fewer taps in the future. He said he personally evaluates new wiretap requests and insists that each one now must "have a strong investigative nexus" to the county. Asked if that had been the case in previous years, Hestrin replied: "You're going to have to extrapolate that."

Hestrin said prosecutors "follow the law to the letter" when seeking wiretaps, but he would not discuss the details. "This is an area of our law, an area of our law enforcement, where we can't be totally transparent, in the same way that the federal government can't be totally transparent about the massive intelligence operations they run," he said.

DEA officials said it should not come as a surprise that so much of their surveillance work happens in the area around Riverside — a vast expanse of suburbs and desert east of Los Angeles, crisscrossed by freeways that have become key shipping routes for drugs moving from Mexico to the United States and for cash making the return journey.

"There are organizations here and we're working these organizations and we're trying to stay abreast of the technology and all the different ways these organizations are operating," said Stephen Azzam, the associate special agent in charge of DEA's Los Angeles division.

On paper, agents' choice of state court over federal should not matter: Federal law sets a minimum standard for police to obtain a wiretap, even when they are seeking one from a state-court judge. And California courts have repeatedly said the state's wiretaps are sufficient.

But current and former Justice Department officials said prosecutors in Los Angeles repeatedly told the drug agency that they would not accept cases based on state-court wiretaps – and those from Riverside County in particular – because they believed the applications being approved by state judges fell short of what the federal law requires. Prosecutors were particularly concerned that the DEA was seeking state-court wiretap orders without adequately showing that it had first tried other, less intrusive, investigative techniques.

"They'd want to bring these cases into the U.S. Attorney's Office, and the feds would tell them no (expletive) way," a former Justice Department official said.

The result was that even seemingly significant drug cases stayed out of federal court.

In December, for example, court records show DEA agents and local detectives in South Gate, Calif., near Los Angeles, used a state-court wiretap to target a man named Omar Salazar, who the DEA suspected was tied to a Mexican drug trafficking group. Between searches of Salazar's car and his house, officers seized $76,869.94, a gun and a cache of illegal drugs, including 36 pounds of methamphetamine and 5 pounds of heroin. Investigators found some of the drugs in a safe in Salazar's garage, along with a box of ammunition and probation paperwork from one of his previous arrests.

That should have been enough to build a significant federal case with a long mandatory prison sentence, but that was not what happened. Court records show the Justice Department prosecuted the $76,869.94 in a civil asset seizure case. But it did not prosecute Salazar. Instead, Salazar was booked into jail and released the same day; his lawyer, John Passanante, said he has not been charged as a result of the search. Neither the DEA nor prosecutors would explain why.

PROLIFIC WIRETAPPING

Perhaps the only outward sign that Riverside has become America's most wiretapped place can be found on a deserted floor of the city's courthouse. On a recent Friday afternoon, a handful of officers in scruffy jeans and baseball caps waited there with sealed manila envelopes in their hands. After a few minutes, they disappeared inside Judge Helios Hernandez's locked courtroom for hearings that are closed to the public.

No judge in the United States has been so prolific in authorizing eavesdropping.

Records compiled by the federal courts' administrative office show Hernandez authorized 624 wiretaps that ended last year, and another 339 that ended the year before. Hernandez approved three times more taps than all of the federal judges in California combined last year, and once received more wiretap applications in a day, 17, than most courts do in a year. (The court office counts wires based on when they end, rather than when they begin, to avoid revealing ongoing investigations.) The next-closest court was in Las Vegas, where judges approved 177 wiretaps that ended last year.

California law generally requires that each county court appoint one judge to handle wiretaps. For the past three years, that job fell to Hernandez, who was Riverside's chief narcotics prosecutor before he became a judge. The records do not indicate how many wiretaps, if any, Hernandez turned down.

Hernandez declined to comment through a spokesman.

Riverside County's presiding judge, Harold Hopp, said judges do not decide how many eavesdropping applications are submitted to them; "they have to consider each one on its merits."

The county's wiretap numbers are so high that even investigators who helped supervise eavesdropping there were taken aback. "This can't be right," said Anthony Valente, who, until 2012, commanded the Inland Crackdown Allied Task Force, which uses wiretaps to investigate drug trafficking and gangs in Southern California.

Nearly all of Riverside's wiretaps – about 96% – were related to drug investigations.

Federal records show the taps that ended in 2014 cost more than $18 million. The records do not indicate who paid for them.

The figures are based on reports that judges and prosecutors are required to submit each year to the federal courts' administrative office. The reports include the number of wiretaps judges authorize, and the number of communications – including telephone calls, text messages and other electronic conversations – that investigators intercepted.

Those reports show the overwhelming majority of the more than 2 million communications investigators intercepted last year as a result of Riverside wiretaps had nothing to do with crime. Police are not supposed to record conversations that are not relevant to their investigations.

DEA officials said that the agency conducts its wiretaps wherever their investigations lead them. Its Riverside field office, which covers Riverside and neighboring San Bernardino counties, was responsible for a large share of the agency's methamphetamine and heroin last year; therefore, it's only natural that investigators would focus there. "We don't pick a jurisdiction. We take the enforcement action where it's warranted and where we can do it effectively," DEA spokesman Timothy Massino said.

Nonetheless, Hernandez approved 20 times as many wiretaps as his counterparts in San Bernardino County. DEA officials said they could not explain that difference.

Zellerbach said Riverside's wiretaps multiplied during his tenure because prosecutors and the county's court became more "efficient and effective" in handling surveillance applications and word spread throughout the law enforcement community, bringing still more applications. Eventually, Zellerbach said, he learned the county was among the nation's wiretap leaders. "I thought we were doing a hell of a job," he said.

Zellerbach said the taps yielded significant arrests and seizures. And they paid other dividends. "We liked it because in these difficult economic times, my budget was being cut, and that was a way to somewhat supplement funding for my office," he said in an interview. Prosecutors would not say how much money they received.

Zellerbach said the operation grew under the leadership of an aggressive new lawyer, Deena Bennett, who still heads the wiretap unit today.

Bennett, a one-time contestant on the reality show Survivor, rebuffed attempts to contact her, telling a reporter that "the fact that you have my cellphone number is really harassment, and I'm going to report it."

WIDESPREAD ARRESTS AND SEIZURES

Investigators have used wiretaps in Riverside to seize hundreds of pounds of drugs and millions of dollars in cash. The taps have helped agents pinpoint smuggling tunnels dug beneath the Mexican border and map the inner workings of South American trafficking groups.

But if the taps also produce arrests, they are difficult to find.

Prosecutors seldom make use of state-court wiretaps in the federal courts around Los Angeles. And defense lawyers in Riverside said they only rarely encounter cases with disclosed wiretaps in state court. The county's public defenders handle 40,000 criminal cases a year; no more than five involve disclosed wiretaps, said Steve Harmon, the head of that office.

Instead, court records and interviews with DEA officials and prosecutors show the drug agency has used the fruits of its Riverside wiretaps to help stop and seize shipments of drugs and cash elsewhere in the United States. In some of those cases, agents used wiretaps to identify drug couriers, then tipped off other investigators, who were told to find their own independent evidence to conduct a search. That practice, known within the agency as "parallel construction," is now the subject of an investigation by the Justice Department's inspector general.

"That approach ends up insulating dubious police practices from any kind of judicial review. That's what so pernicious about it," American Civil Liberties union lawyer Nathan Wessler said.

Riverside's District Attorney's Office reported approximately one arrest for every three wiretaps that concluded last year, among the lowest rates of any jurisdiction that conducted more than a handful of taps. That's a sign, Hestrin acknowledged, that many of the wiretaps may be leading to prosecutions in other jurisdictions.

One surfaced last year after a state trooper stopped a tractor trailer on a remote stretch of interstate highway outside Harrisonburg, Va., ostensibly because some of the tiny LED bulbs around its cab had burned out. The trooper, Keith Miller, summoned a drug-sniffing dog, and within minutes, officers had pulled 32 kilograms of heroin and cocaine from compartments in the truck's cab. Federal prosecutors indicted the driver, George Covarrubaiz, on drug possession charges.

Miller testified during a court hearing – later described by a prosecutor as "a high-wire act" – that he had been tipped off by the DEA that the truck might be carrying drugs, but that the burnt-out lights were his "sole reason" for stopping the truck. The problem for prosecutors was that driving without those lights is not illegal in Virginia. The judge hearing the case warned that he was inclined to bar prosecutors from using the seized drugs as evidence because, if driving without the lights was legal, Miller had no valid reason to stop the truck.

So seven months after Covarrubaiz was stopped and sent to jail, the Justice Department returned to court and acknowledged there was more to its investigation. Covarrubaiz, a government lawyer wrote, had been picked up in a "wiretap investigation of a significant California-based drug trafficking organization." Investigators had been monitoring his calls using a tap approved by Hernandez in Riverside County, and agents from the DEA's secretive Special Operations Division had been tracking his truck across the United States. During a 4 a.m. meeting at a nearby hotel, the agents directed Miller to find a reason to stop the truck and search it.

The agents' reports referred to the episode merely as a traffic stop because "that way they didn't have to provide the information for the directed stop later," agent Gregg Mervis later testified.

Justice Department lawyers later said they had intended to reveal the wire all along but had not done so sooner because police had not yet locked up some of the investigation's key targets. In particular, Assistant U.S. Attorney Grayson Hoffman pointed to the truck's owner, Everardo Amador Sr., who he described as "a grave threat to the safety and well-being of the people of the United States."

That's hardly how California police treated Amador, though. Agents arrested him last year on charges that he had illegally possessed drug money – a far less serious charge than the federal narcotics case his driver faced in Virginia. A judge freed him the next day on $5,000 bail, at the prosecutor's request.

Amador's lawyer, Niicolas Estrada, called the Justice Department's characterization "an exaggeration."

Covarrubaiz's lawyer, Randy Cargill, accused the Justice Department in a court filing of an "extraordinary strategy of doling out truth as it sees fit."

In the end, U.S. District Court Judge Michael Urbanski declared himself "singularly unhappy with the way the government has conducted this case." And in March, the Justice Department abandoned it altogether, dismissing the charges against Covarrubaiz. Assistant U.S. Attorney Heather Carlton told Urbanski that prosecutors had "re-evaluated the evidence" and concluded that "it would be best to terminate the investigation."

The rest of her explanation is sealed.

Kelman also reports for The (Palm Springs, Calif.) Desert Sun. Contributing: Mark Hannan in McLean, Va.

space otter · November 15, 2015, 03:01:43 AM

tons of embedded links though out the article..sorry computer acting nasty can't copy

http://www.msn.com/en-us/news/technology/the-astonishing-amount-of-data-being-collected-about-your-children/ar-BBmVxqN?li=AAa0dzB

The Washington Post
Valerie Strauss
12 hrs ago

The astonishing amount of data being collected about your children

Remember that ominous threat from your childhood, "This will go down on your permanent record?" Well, your children's permanent record is a whole lot bigger today and it may be permanent. Information about your children's behavior and nearly everything else that a school or state agency knows about them is being tracked, profiled and potentially shared.

During a February 2015 congressional hearing on "How Emerging Technology Affects Student Privacy," Rep. Glenn Grothman of Wisconsin asked the panel to "provide a summary of all the information collected by the time a student reaches graduate school." Joel Reidenberg, director of the Center on Law & Information Policy at Fordham Law School, responded:

"Just think George Orwell, and take it to the nth degree. We're in an environment of surveillance, essentially. It will be an extraordinarily rich data set of your life."

Most student data is gathered at school via multiple routes; either through children's online usage or information provided by parents, teachers or other school staff. A student's education record generally includes demographic information, including race, ethnicity, and income level; discipline records, grades and test scores, disabilities and Individual Education Plans (IEPs), mental health and medical history, counseling records and much more.

Under the federal Family Educational Rights and Privacy Act (FERPA), medical and counseling records that are included in your child's education records are unprotected by HIPAA (the Health Insurance Portability and Accountability Act passed by Congress in 1996). Thus, very sensitive mental and physical health information can be shared outside of the school without parent consent.
Many parents first became aware of how widely their children's personal data is being shared with third parties of all sorts when the controversy erupted over inBloom in 2012, the $100 million corporation funded by the Gates Foundation. Because of intense parent opposition, inBloom closed its doors in 2014, but in the process, parents discovered that inBloom was only the tip of the iceberg, and that the federal government and the Gates Foundation have been assisting the goal of amassing and disclosing personal student data in many other ways.

Ten organizations joined together, funded by the Gates Foundation, to create the Data Quality Campaign in 2005, with the following objectives:
Fully develop high-quality longitudinal data systems in every state by 2009;
Increase understanding and promote the valuable uses of longitudinal and financial data to improve student achievement; and
Promote, develop, and use common data standards and efficient data transfer and exchange.

Since that time, the federal government has mandated that every state collect personal student information in the form of longitudinal databases, called Student Longitudinal Data Systems or SLDS, in which the personal information for each child is compiled and tracked from birth or preschool onwards, including medical information, survey data, and data from many state agencies such as the criminal justice system, child services, and health departments.

A state's SLDS, or sometimes called a P20 database (pre-K to 20 years of age), P12, or B-20 (data tracking from birth), have been paid for partly through federal grants awarded in five rounds of funding from 2005-2012. Forty-seven of 50 states, as well as the District of Columbia, Puerto Rico, and the Virgin Islands, have received at least one SLDS grant.

Although Alabama, Wyoming and New Mexico are not included on the site linked to above, Alabama's governor recently declared by executive order that "Alabama P-20W Longitudinal Data System is hereby created to match information about students from early learning through postsecondary education and into employment." Wyoming uses a data dictionary, Fusion, that includes information from birth. New Mexico's technology plan shows that they moved their P-20 SLDS to production status in 2014 and will expand in 2015. This site run by the Data Quality Campaign tracks each state's SLDS.

Every SLDS has a data dictionary filled with hundreds of common data elements, so that students can be tracked from birth or pre-school through college and beyond, and their data more easily shared with vendors, other governmental agencies, across states, and with organizations or individuals engaged in education-related "research" or evaluation — all without parental knowledge or consent,.

Every SLDS uses the same code to define the data, aligned with the federal CEDS, or Common Education Data Standards, a collaborative effort run by the US Department of Education, "to develop voluntary, common data standards for a key set of education data elements to streamline the exchange, comparison, and understanding of data within and across P-20W institutions and sectors."

Every few months, more data elements are "defined" and added to the CEDS, so that more information about a child's life can be easily collected, stored, shared across agencies, and disclosed to third parties. You can check out the CEDS database yourself, including data points recently added, or enter the various terms like "disability," "homeless" or "income" in the search bar.

In relation to discipline, for example, CEDS includes information concerning student detentions, letters of apology, demerits, warnings, counseling, suspension and expulsion records, whether the student was involved in an incident that involved weapons, whether he or she was arrested, whether there was a court hearing and what the judicial outcome and punishment was, including incarceration.

This type of information is obviously very sensitive and prejudicial, and often in juvenile court, records are kept sealed or destroyed after a certain period of time, especially if the child is found innocent or there is no additional offense; yet all this information can now be entered into his or her longitudinal record with no particular restriction on access and no time certain when the data would be destroyed.

Expanding and Linking Data across States

Nearly every state recently applied for a new federal grant to expand its existing student longitudinal data system, including collection, linking and sharing abilities. You can see the federal request for proposals. Pay special attention to Section V, the Data Use section of the grant proposal, requiring states to collect and share early childhood data, match students and teachers for the purpose of teacher evaluation, and promote inter-operability across institutions, agencies, and states.

The 15 states and one territory, American Samoa, that won the grants were announced Sept. 17, 2015, and are posted here. President Obama's 2016 budget request has a number of additional data related provisions, including a near tripling in funding for State Longitudinal Data Systems ($70 million) and Department of Labor Workforce Data Quality Initiative ($37 million) aimed at attaching adult workforce personal data with his or her student records.

Though the federal government is barred by law from creating a national student database, the U.S. Department of Education has evaded this restriction by means of several strategies, including funding multi-state databases, which would have been illegal before FERPA's regulations and guidance were rewritten by the Department in 2012.

The federal grants encourage participation in these multi-state data exchanges. One existing multi-state database is WICHE, the Western Interstate Commission for Higher Education, which includes the 15 Western states that recently received an additional $3 million from the federal government. This WICHE document explains that the project was originally funded by the Gates Foundation, and that the foundation's goal of sharing personal student data across state lines and across state agencies without parental consent was impermissible under FERPA until it was weakened in 2012:

Upon approval of WICHE's proposal by the Gates Foundation, the pilot MLDE (Multistate Longitudinal Data Exchange) project began in earnest in June, 2010, and the initial meeting to begin constructing the MLDE was held in Portland, Oregon, in October, 2010. It is worth placing the launch of the MLDE pilot within an historical timeline of events bearing on the development and use of longitudinal data. As the project got underway, the federal government's guidance on the application of the Family Educational Rights and Privacy Act (FERPA) was still fairly restrictive. Indeed, based on a subsequent conversation with a member of the Washington State Attorney General's office, our plans to actually exchange personally identifiable data among the states would be impermissible under the FERPA guidance in effect at that time. Though we were told we would have been able to assemble and use a de-identified dataset, which would have shown much of the value of combining data across states, not being able to give enhanced data back to participating states would have been a serious setback. Changes in the federal government's guidance on FERPA that went into effect in January, 2012 resolved this problem.

The new guidance permitted the participating states to designate WICHE as an authorized representative for the purposes of assembling the combined data, while also allowing the disclosure of data across state lines and between state agencies.

Since 2010, the Gates Foundation has funded WICHE with more than $13 million. Just to underscore how powerful this organization has become, Colorado Lieutenant Governor Joe Garcia just stepped down from his post to head WICHE. Here is a helpful chart showing how student personal data is to be shared, among state agencies and across state lines.

Existing multi-state databases include not just WICHE, but also SEED, formerly Southeastern Education Data Exchange, now called the State Exchange of Education Data, including Alabama, Colorado, Florida, Georgia, Kentucky, North Carolina, Oklahoma, and South Carolina.

This North Carolina PowerPoint from 2013 describes what detailed information is to be shared among the states participating in SEED: data aligned with CEDS, including demographic information, academic and test score data, and disciplinary records. Here is a Georgia document, explaining how SEED will be "CEDs compliant" and describes in even more detail the sort of information that will be exchanged.

In addition, the two Common Core testing multi-state consortia funded by the federal government, PARCC and Smarter Balanced, are accumulating a huge amount of personal student data across state lines, and potentially sharing that information with other third parties. Under pressure, PARCC released a very porous privacy policy last year; Smarter Balanced has so far refused to provide any privacy policy, even after requests from parents in many of the participating states.

What Parents Can Do

Ask your State Education Department if they applied for this new grant to expand their SLDS, and if so, ask to see the grant proposal. You can also make a Freedom of Information request to the U.S. Department of Education to see the grant application. Ask what methods your state is using to protect the data that the SLDS already holds, and if the data is kept encrypted, at rest and in transit. Ask what categories of children's data they are collecting, which agencies are contributing to it, and what third parties, including vendors and other states, may have gained access to it. Ask to see any inter-agency agreements or MOUs allowing the sharing education data with other state agencies. Ask if any governance or advisory body made up of citizen stakeholders exists to oversee its policies.

You should also demand to see the specific data the SLDS holds for your own child, and to challenge it if it's incorrect – and the state cannot legally deny you this right nor charge you for this information under FERPA.

This was conclusively decided when a father named John Eppolito requested that the Nevada Department of Education provide him with a copy of his children's SLDS records, and the state demanded $10,000 in exchange. He then filed a complaint with the US Department of Education, which responded with a letter on July 28, 2014, stating that the state must provide him with the data it holds for his child, as well as a record of every third party who has received it; and that they cannot charge a fee for this service.

Parents also have the right to correct their child's data if it is in error. Apparently Mr. Eppolito found many errors in his children's data. Even if it is accurate, the data that follows your child through life and across states could diminish his or her future prospects. As this Department of Education study points out,

"...imagine a student transferring from another district into a middle school that offers three levels of mathematics classes. If school staff associate irrelevant personal features with mathematics difficulties, the representativeness bias could influence the student's placement... educators have been found to have a tendency to pay more attention to data and evidence that conform to what they expect to find."

Schools could use this data to reject students, push them out, or relegate them to remedial classes or vocational tracks.

There is also abundant research that shows that a teacher's expectations play a significant role in how a student performs – especially for marginalized groups. This is called the Pygmalion effect in the case of a teacher's positive expectations, and the Golem effect in the case of negative expectations. These studies reveal that if teachers are provided with positive or negative information about their students before having a chance to form their own opinions based upon actual experience, this prior information often tends to bias their judgments and perceptions of that student, creating self-fulfilling prophecies. Parents should be legitimately fearful that positive or negative data may be used to profile their children, and potentially damage their chance of success.

What Else Can You Do?

If you send your children to a public school, under current federal law you have no way of opting out of the P20 profile that has been created by your state and potentially shared with others. You also have no right to refuse to have your child's data disclosed to testing companies and other corporations in the name of evaluation and research. Researchers have legitimate interests in being able to analyze and evaluate educational programs, but any sensitive personal data should be properly de-identified and there must be strict security provisions to safeguard its access and restrict further disclosures, as well as a time certain when it will be destroyed. You do have the right to see that data, and challenge it if it is inaccurate.

You should also advocate for stronger state and federal laws to protect your child's data and laws that give parents and students the right of ownership, including the ability to decide with whom it will be shared. You should urge your state Education Department to create advisory or governance boards that include stakeholder members, to provide input on restrictions on access and security requirements.

Any federal and state student privacy legislation should embrace five basic principles of student privacy, transparency and security, developed by the Parent Coalition for Student Privacy. Ask your elected officials to support TRUE data privacy and transparency legislation, to protect children. Parents deserve to know the data collected and shared about their children, and they should be guaranteed that their children's data is safe from breaches and misuse.

some of the embedded links re worth checking out

Pegasus Research Consortium

News:

they know what you are doing

space otter

space otter

space otter

space otter

space otter

space otter

space otter

zorgon

zorgon

space otter

space otter

space otter

space otter

space otter

space otter