DHS Funds Installation of White Boxes That Can Track Population of Entire City

Mick West

Administrator
Staff member
It's the Seattle PD's new wireless mesh network. There are lots of stories about it:
https://www.google.com/search?q=aruba mesh seattle PD

This is the most detailed:
http://www.thestranger.com/seattle/you-are-a-rogue-device/Content?oid=18143845

Essentially it's just a WiFi network. Just like you'd get at an airport, or actually in many cities (where municipal WiFi is available). It's designed to be robust (so fast moving cop cars don't lose their connections), and private. It's specifically intended to support video streaming, but will also be used for generic network connections to mobile units.

The "Mesh" nature of it means it's not just a collection of hard-wired access points - the network connections can actually pass though multiple nodes before they get to a hard-wired connection. It allows them to cover a much wider area without having to dig up the street or string cables.

Theoretically it could be used to track WiFi devices, but there's no evidence that they will, and they have said they will not. Seems like it would be illegal, like when Google accidentally snooped on WiFi data.

Any public or private WiFi network could track WiFi devices. There are many thousands of such networks, including several cities. In California for example, the following cities have been supplying free WiFi for years.

http://ca.gov/WiFi/

Content from External Source
 
Last edited:

dunbar

Active Member
Theoretically it could be used to track devices, but there's no evidence that they will, and they have said they will not.

There is much precedent that says it will be used in that way and that they are being less than honest when they say they will not.



The SPD declined to answer more than a dozen questions from The Stranger, including whether the network is operational, who has access to its data, what it might be used for, and whether the SPD has used it (or intends to use it) to geo-locate people's devices via their MAC addresses or other identifiers.

Seattle Police detective Monty Moss, one of the leaders of the mesh-network project—one part of a $2.7 million effort, paid for by the Department of Homeland Security—wrote in an e-mail that the department "is not comfortable answering policy questions when we do not yet have a policy." But, Detective Moss added, the SPD "is actively collaborating with the mayor's office, city council, law department, and the ACLU on a use policy." The ACLU, at least, begs to differ: "Actively collaborating" is not how they would put it. Jamela Debelak, technology and liberty director of the Seattle office, says the ACLU submitted policy-use suggestions months ago and has been waiting for a response.

Detective Moss also added that the mesh network would not be used for "surveillance purposes... without City Council's approval and the appropriate court authorization." Note that he didn't say the mesh network couldn't be used for the surveillance functions we asked about, only that it wouldn't—at least until certain people in power say it can. That's the equivalent of a "trust us" and a handshake.

[...]

this mesh network is part of a whole new arsenal of surveillance technologies that are moving faster than the laws that govern them are being written. As Stephanie K. Pell (former counsel to the House Judiciary Committee) and Christopher Soghoian (senior policy analyst at the ACLU) wrote in a 2012 essay for the Berkeley Technology Law Journal: The use of location information by law enforcement agencies is common and becoming more so as technological improvements enable collection of more accurate and precise location data. The legal mystery surrounding the proper law enforcement access standard for prospective location data remains unsolved. This mystery, along with conflicting rulings over the appropriate law enforcement access standards for both prospective and historical location data, has created a messy, inconsistent legal landscape where even judges in the same district may require law enforcement to meet different standards to compel location data.
In other words, law enforcement has new tools—powerful tools. We didn't ask for them, but they're here. And nobody knows the rules for how they should be used.

[...]

This isn't the first time the SPD has purchased surveillance equipment (or, as they might put it, public-safety equipment that happens to have powerful surveillance capabilities) without telling the rest of the city. There was the drones controversy this past winter, when the public and elected officials discovered that the SPD had bought two unmanned aerial vehicles with the capacity to spy on citizens. There was an uproar, and a few SPD officers embarked on a mea culpa tour of community meetings where they answered questions and endured (sometimes raucous) criticism. In February, Mayor Mike McGinn announced he was grounding the drones, but a new mayor could change his mind. Those SPD drones are sitting somewhere right now on SPD property.

Meanwhile, the SPD was also dealing with the port-camera surveillance scandal. That kicked off in late January, when people in West Seattle began wondering aloud about the 30 cameras that had appeared unannounced on utility poles along the waterfront. The West Seattle neighborhood blog (westseattleblog.com) sent questions to city utility companies, and the utilities in turn pointed at SPD, which eventually admitted that it had purchased and installed 30 surveillance cameras with federal money for "port security." That resulted in an additional uproar and another mea culpa tour, much like they did with the drones, during which officers repeated that they should have done a better job of educating the public about what they were up to with the cameras on Alki. (Strangely, the Port of Seattle and the US Coast Guard didn't seem very involved in this "port security" project—their names only appear in a few cursory places in the budgets and contracts. The SPD is clearly the driving agency behind the project. For example, their early tests of sample Aruba products—beginning with a temporary Aruba mesh network set up in Pioneer Square for Mardi Gras in 2009—didn't have anything to do with the port whatsoever.)

The cameras attracted the controversy, but they were only part of the project. In fact, the 30 pole-mounted cameras on Alki that caused the uproar cost $82,682—just 3 percent of the project's $2.7 million Homeland Security–funded budget. The project's full title was "port security video surveillance system with wireless mesh network."

Content from External Source

Seems like it would be illegal

Warrantless wiretapping was illegal until it became routine, torture was illegal until it became official policy, indefinite detention without due process was illegal until they just went ahead and did it, extrajudicial killing was illegal until it wasn't.
 

JRBids

Senior Member.
Does that mean you think they will listen to every wireless conversation in Seattle? Seems like a daunting task.
 

dunbar

Active Member
The Panopticon is a type of institutional building designed by English philosopher and social theorist Jeremy Bentham in the late 18th century. The concept of the design is to allow a watchman to observe (-opticon) all (pan-) inmates of an institution without them being able to tell whether they are being watched or not. The name is also a reference to Panoptes from Greek mythology; he was a giant with a hundred eyes and thus was known to be a very effective watchman.
http://en.wikipedia.org/wiki/Panopticon
Content from External Source
 

dunbar

Active Member
Mass surveillance is the pervasive surveillance of an entire or a substantial fraction of a population. The surveillance is usually carried out by governments, often surreptitiously, but may also be done by corporations at the behest of governments or at their own initiative. It may or may not be legal and may or may not require authorization from a court or other independent agency.

Mass surveillance is often justified as necessary to fight terrorism, to prevent social unrest, to protect national security, to fight child pornography and protect children.

Mass surveillance is widely criticized as a violation of privacy rights, for limiting civil and political rights and freedoms, and for being illegal under some legal or constitutional systems. There is a fear that ever increasing mass surveillance will ultimately lead to a totalitarian state where political dissent is crushed by COINTELPRO-like programs. Such a state may also be referred to as a surveillance state or an electronic police state.

A surveillance state is a country where the government engages in pervasive surveillance of large numbers of its citizens and visitors. Such widespread surveillance is usually justified as being necessary to prevent crime or terrorism, but may also be used to stifle criticism of and opposition to the government.

Examples of early surveillance states include the former Soviet Union and the former East Germany, which had a large network of informers and an advanced technology base in computing and spy-camera technology.[79] But these states did not have today's technologies for mass surveillance, such as the use of databases and pattern recognition software to cross-correlate information obtained by wire tapping, including speech recognition and telecommunications traffic analysis, monitoring of financial transactions, automatic number plate recognition, the tracking of the position of mobile telephones, and facial recognition systems and the like which recognize people by their appearance, gait, etc.
Electronic police state
An electronic police state is a state in which the government aggressively uses electronic technologies to record, collect, store, organize, analyze, search, and distribute information about its citizens.[81][82] Electronic police states also engage in mass government surveillance of landline and cellular telephone traffic, mail, email, web surfing, Internet searches, radio, and other forms of electronic communication as well as widespread use of video surveillance. The information is usually collected in secret.

Electronic police states may be either dictatorial or democratic. The crucial elements are not politically based, so long as the government can afford the technology and the populace will permit it to be used, an electronic police state can form. The continual use of electronic mass surveillance can result in constant low-level fear within the population, which can lead to self-censorship and exerts a powerful coercive force upon the populace.[83]

Seventeen factors for judging the development of an electronic police state were suggested in The Electronic Police State: 2008 National Rankings:[82]

  • Daily documents: Requirement for the use and tracking of state-issued identity documents and registration.
  • Border and travel control: Inspections at borders, searching computers and cell phones, demanding decryption of data, and tracking travel within as well as to and from a country.
  • Financial tracking: A state’s ability to record and search all financial transactions: checks, credit cards, wires, etc.
  • Gag orders: Restrictions on and criminal penalties for the disclosure of the existence of state surveillance programs.
  • Anti-crypto laws: Outlawing or restricting cryptography and/or privacy enhancing technologies.
  • Lack of constitutional protections: A lack of constitutional privacy protections or the routine overriding of such protections.
  • Data storage: The ability of the state to store the data gathered.
  • Data search: The ability to organize and search the data gathered.
  • Data retention requirements: Laws that require Internet and other service providers to save detailed records of their customers’ Internet usage for a minimum period of time.
  • Telephone data retention requirements: Laws that require telephone companies to record and save records of their customers’ telephone usage.
  • Cell phone data retention requirements: Laws that require cellular telephone companies to record and save records of their customers’ usage and location.
  • Medical records: Government access to the records of medical service providers.
  • Enforcement: The state’s ability to use force to seize anyone they want, whenever they want.
  • Lack of habeas corpus: Lack of a right for a person under arrest to be brought before a judge or into court in a timely fashion or the overriding of such rights.
  • Lack of a police-intel barrier: The lack of a barrier between police organizations and intelligence organizations, or the overriding of such barriers.
  • Covert hacking: State operatives collecting, removing, or adding digital evidence to/from private computers without permission or the knowledge of the computers' owners.
  • Loose or no warrants: Arrests or searches made without warrants or without careful examination and review of police statements and justifications by a truly independent judge or other third-party.
The list includes factors that apply to other forms of police states, such as the use of identity documents and police enforcement, but go considerably beyond them and emphasize the use of technology to gather and process the information collected.

http://en.wikipedia.org/wiki/Mass_surveillance

Content from External Source
 

AluminumTheory

Senior Member.
One point taken.

Technology is advancing faster than the rate at which legislative bodies can enact laws and restrictions regarding it's use. The bottom line is that the American people and the citizens of other democratic nations need to start having a serious discussion about where electronic surveillance ends and our privacy begins.
 
Last edited:

AluminumTheory

Senior Member.
This nation was founded on concpects like checks and balances. Right now the people are complacent in regards to what our lawmakers are doing. People are very ready and willing to complain about and frequently overstate the extent to which modern surveillance is being used . But not very willing to take action. Your local officials have a much greater effect on what happens in your local community than what most people honestly realise, and yet local elections consistently have by far the lowest voter participation across the board. Contact your congressman, go to town council meetings, contact the ACLU... There are lots of things that people can do to enact change, but people simply aren't doing them.


I heard Alex Jones talk about this for the last couple of days. He claimed that he got those documents from his infowars insider and of course as per Alex Jones style; he changes the story from being that 'this technology could potentially be utilized to spy on you' to 'this technology is being used to spy on you'. Just like how he says that your dishwasher is spying on you and the X Box Kinect can scan 1000ft through walls. It's all about spreading fear and paranoia, and not at all about looking for real world solutions. I'll be honest, I don't know whether or not this wireless mesh network will be used for surveillance, but the fact of the matter is that any internet capable device that has a camera, microphone, and/or gps sensor can potentially be used to spy on and track you. So why freak out about this?

But on the brighter side...
http://www.komonews.com/news/local/...ersial-WiFi-network-in-Seattle-231692161.html

SEATTLE -- In what's being called a "gesture of good will," the Seattle Police Department has agreed to deactivate a WiFi network in downtown Seattle that some worried could be used to spy on residents.

Last week, the ACLU of Washington raised concerns about a number of white boxes that recently showed up in parts of downtown Seattle.

The boxes are part of a wireless mesh network that was installed by the Seattle Police Department to improve communication. However, there were immediate concerns about the network being used to track people's movements.

"In a democratic society you should be able to move freely without law enforcement tracking your movements unless they have reason to believe you're doing something wrong," ACLU communications director Doug Honig said last week.

In an effort to allay those fears, interim Seattle Police Chief Jim Pugel decided on Tuesday to deactivate the system, according to police spokesman Sean Whitcomb.

The system was installed using money from a Homeland Security grant related to another controversial waterfront surveillance system. Whitcomb said the police department will pay to have the system deactivated, though he doesn't yet know how much that task will cost.

The City council requires equipment that can be used for surveillance to be approved by ordinance before it's installed. Whitcomb said the wireless mesh system will not be reactivated until the City Council takes up the plan and allows for "a vigorous public debate."

There's no timetable for when the system will be fully offline.
Content from External Source
You see that's how you enact real change. But I'd be willing to bet that the vainglorious Alex Jones will be taking credit for this if he hasn't already.
 
Last edited:

dunbar

Active Member
Who cares about alex jones? He's a hard right john birch society reject with a strong dose of libertarian imbecile/nutjob. Regardless of what he has to say about it, the surveillance state is a matter of serious concern.
 

MikeC

Closed Account
Indeed it is - and that is why the ACLU, Police and City Council are all over this in various ways.

Lots of people care about Alex jones...unfortunately....enough to make him a good living.
 

dunbar

Active Member
Lots of people care about ancient aliens and believe in "chemtrails"... lots of people are idiots. I'm less concerned with debunking alien abductions and yeti rape than I am with debunking and exposing propagandists and apologists of the mass surveillance state. There's always going to be the kind of idiots who stare up at jet exhaust believing it to be a vast sinister government plot, alex jones is small potatoes.
 

Mick West

Administrator
Staff member
I'm less concerned with debunking alien abductions and yeti rape than I am with debunking and exposing propagandists and apologists of the mass surveillance state.

Then concisely debunk it, under the posting guidelines. Don't just post a bunch of speculation.
https://www.metabunk.org/threads/posting-guidelines.2064/

particularly:

  1. Focus on individual claims of evidence, not broader theories
Content from External Source
 
Last edited:

moderateGOP

Active Member
Interesting after getting through the bunk in this article. I figured out that it was only a Mesh Wireless network. From my limited knowledge of computer networks I figured that it was basically a more stable city wide network. Lo and Behold, a simple Wikipedia search confirmed my suspicions.

The self-healing capability enables a routing based network to operate when one node breaks down or a connection goes bad. As a result, the network is typically quite reliable, as there is often more than one path between a source and a destination in the network. Although mostly used in wireless situations, this concept is also applicable to wired networks and software interaction. http://en.wikipedia.org/wiki/Mesh_networking

It's actually a really smart way to set up a network. These people (CTs and most right wing types- Though I wouldn't label Alex Jones right wing) do not know how networks or even computers work. So if WiFi signals, means that the gov't is tracking you...Then that's just another rehash of the microwave/tinfoil conspiracy. The kicker here is that Tinfoil actually increases wifi capabilities in some cases :D
 

AluminumTheory

Senior Member.
You know I was looking at those 'leaked' documents and trying to figure out what was so special about them. Alex Jones claimed that it was 'proof' that this network was set up to spy on Seattle. All these documents show are some project details and a network configuration diagram. I wonder if they just saw "Watchgaurd 5x"and assumed that is some kind of spy device when it's actually just a commercial grade firewall router.
 

moderateGOP

Active Member
You know I was looking at those 'leaked' documents and trying to figure out what was so special about them. Alex Jones claimed that it was 'proof' that this network was set up to spy on Seattle. All these documents show are some project details and a network configuration diagram. I wonder if they just saw "Watchgaurd 5x"and assumed that is some kind of spy device when it's actually just a commercial grade firewall router.

Probably, good find.
 

dunbar

Active Member
just saw "Watchgaurd 5x"and assumed that is some kind of spy device when it's actually just a commercial grade firewall router.

Doesn't look like anybody assumed anything at all, it is "some kind of spy device".


After reviewing Aruba’s technical literature, as well as talking to IT directors and systems administrators around the country who work with Aruba products, it’s clear that their networks are adept at seeing all the devices that move through their coverage area and visually mapping the locations of those devices in real time for the system administrators’ convenience. In fact, one of Aruba’s major selling points is its ability to locate “rogue” or “unassociated” devices—that is, any device that hasn’t been authorized by (and maybe hasn’t even asked to be part of) the network.

Which is to say, your device. The cell phone in your pocket, for instance.

The user’s guide for one of Aruba’s recent software products states: “The wireless network has a wealth of information about unassociated and associated devices.” That software includes “a location engine that calculates associated and unassociated device location every 30 seconds by default… The last 1,000 historical locations are stored for each MAC address.”
Content from External Source
Council member Bruce Harrell pointed out the need for SPD to be able to collect some of this information: “While I understand that a lot of people have concerns about the government having access to this information, when we have large public gatherings like the situation like in Boston and something bad happens, the first thing we want to know is how are we using technology to capture that information,” Harrell told KIRO-TV.
Content from External Source
The network includes 160 wireless access points that are mounted on poles across Seattle. Every time a device looks for a Wi-Fi signal and the access point recognizes it, it can store that data. The manufacturer of the network points out in a manual that the mesh network can store IP addresses, device types, applications used by the devices, current location, and historical location.
Content from External Source
This information can be stored and connected for the last 1,000 times a person is connected with a specific device. The network shows up online in public places usually as intersections in the city such as, "4th&Pike," "4th&University" and "3rd&Union."

"Even if we assume that the mesh network was installed by good people for good reasons, there's no reason to believe that the people controlling the network in the future will use it for the public good," said Brendan Kiley of alternative news weekly the Stranger. "We need to have a serious public conversation and establish some very clear rules about how new surveillance technologies should and shouldn't be used -- with very real penalties for breaking those rules." Kiley first reported on the technology Wednesday in The Stranger.
Content from External Source
"We believe that people should be free to move about without having the government track their movements unless there really is reason to believe they're engaged in some criminal activity," said Debelak. Seattle police could not explain why the network appears to be online.
Content from External Source

"They now own a piece of equipment that has tracking capabilities so we think that they should be going to City Council and presenting a protocol for the whole network that says they won't be using it for surveillance purposes," said Jamela Debelak of the American Civil Liberties Union.
Content from External Source
http://www.kirotv.com/news/news/seattle-police-have-wireless-network-can-track-you/nbmHW/
 

MikeC

Closed Account
Doesn't look like anybody assumed anything at all, it is "some kind of spy device".


After reviewing Aruba’s technical literature, as well as talking to IT directors and systems administrators around the country who work with Aruba products, it’s clear that their networks are adept at seeing all the devices that move through their coverage area and visually mapping the locations of those devices in real time for the system administrators’ convenience. In fact, one of Aruba’s major selling points is its ability to locate “rogue” or “unassociated” devices—that is, any device that hasn’t been authorized by (and maybe hasn’t even asked to be part of) the network.

Which is to say, your device. The cell phone in your pocket, for instance.

The user’s guide for one of Aruba’s recent software products states: “The wireless network has a wealth of information about unassociated and associated devices.” That software includes “a location engine that calculates associated and unassociated device location every 30 seconds by default… The last 1,000 historical locations are stored for each MAC address.”
Content from External Source

Groan - my cell phone does this too - if I open it up now I can find.....23 networks currently in range.

that is what WiFi does - it checks devices and networks in range to see if they are authorized and compatible. Your phone would note the existence of any such network too - you would be spying on IT!!

If you have a phone that has WiFi then according to your definition you are carrying "come sort of spy device"

that's just silly.....
 

dunbar

Active Member
I don't know what kind of phone you're carrying but my phone doesn't snatch and store the "last 1,000 historical locations for each MAC address” that comes into proximity.

Nor does my phone provide a real time spatial map of every wireless device in the area.

This is just silly....
 

dunbar

Active Member
Any public or private WiFi network could track WiFi devices. There are many thousands of such networks, including several cities. In California for example, the following cities have been supplying free WiFi for years.

This is very different from public wifi. Public wifi will only register the MAC address if a device connects to the network, this system registers all devices in range whether they are associated with the network or unassociated. Public wifi does not track and store location data every 30 seconds across the network, this system does.Public wifi does not provide a real time spatial map of all devices within its area, the Aruba system does.

There is a legitimate concern over this and I don't think the citizens of Seattle and the ACLU are paranoid conspiracy theorists who can't tell the difference between public wifi and the Aruba system.
 

moderateGOP

Active Member
1. I don't know what kind of phone you're carrying but my phone doesn't snatch and store the "last 1,000 historical locations for each MAC address” that comes into proximity.

2. Nor does my phone provide a real time spatial map of every wireless device in the area.

1. Most phones actually have this capability in a limited sense, but you have to think of a city wide network! It's what a city network has to do to function. Otherwise you'd have to enter in a bunch of numbers each time you want to connect to the wifi, and I'm not just talking about wifi passwords. I'm talking about Mac Addresses Gateway addresses IP addresses etc...

2. Really? Bing Maps does this pre-installed on Windows Phones. I'm 100% positive Apple Maps does this too. Not sure about google, but they are doing amazing things with real time updating so it wouldn't shock me at all. This feature on my phone reveals, the location of wifi hotspots and anybody who wants to share their location. It can be turned on and off, but don't think for a second that the corporations aren't "storing" this information and "spying on you."

Oh and I'm sure you can download or create more powerful apps that do much more than what you are freaking out about here!

It's the sad state of the technology illiteracy that created the NSA "spying" scandal and this is directly out of the libertarian fear machine playbook, only on a smaller state-side method. What exactly do you think is going on in Seattle? Do you think a bunch of federal agents are sitting around watching computers log Mac Addresses? What a boring job.... You can't really do that much with a Mac Address anyway. This website probably monitors the same information. There are analytics programs that people run on their websites to "spy on you." What exactly is so horrifying about that? Is it Irony, to anybody that one of the very cores of libertarian principles is to "leave it to the states?" Wouldn't a real libertarian, not care what Seattle does in it's own city?
 

dunbar

Active Member
1. Most phones actually have this capability in a limited sense, but you have to think of a city wide network! It's what a city network has to do to function. Otherwise you'd have to enter in a bunch of numbers each time you want to connect to the wifi, and I'm not just talking about wifi passwords. I'm talking about Mac Addresses Gateway addresses IP addresses etc...

Most phones do not have this capability in any sense, neither do city wide public wifi networks.

2. Really? Bing Maps does this pre-installed on Windows Phones. I'm 100% positive Apple Maps does this too. Not sure about google, but they are doing amazing things with real time updating so it wouldn't shock me at all. This feature on my phone reveals, the location of wifi hotspots and anybody who wants to share their location. It can be turned on and off, but don't think for a second that the corporations aren't "storing" this information and "spying on you."

Wrong, phones can sniff hotspots but they absolutely do not reveal the location of every wireless device and cellphone in a given area. You don't know what you're talking about. You cannot opt out of the aruba system, there is no "off and on" there's just on

Oh and I'm sure you can download or create more powerful apps that do much more than what you are freaking out about here!

First, I'm not "freaking out", I'm just not casually dismissing an issue that raises legitimate concerns for reasonable people.

I'm sure you can create many illegal apps that sniff and track all kinds of things, doesn't mean it's not a problem. I don't get your logic.

It's the sad state of the technology illiteracy that created the NSA "spying" scandal and this is directly out of the libertarian fear machine playbook

"Technology illiteracy" didn't create the NSA spying scandal, illegitimate mass spying created the NSA spying scandal. Again, don't get your logic.


only on a smaller state-side method

It's another level of intrusive illegitimate electronic spying by law enforcement without public democratic sanction.

What exactly do you think is going on in Seattle? Do you think a bunch of federal agents are sitting around watching computers log Mac Addresses? What a boring job....

And I'm the technological illiterate? I think the system is probably automated, don't you?

You can't really do that much with a Mac Address anyway. This website probably monitors the same information. There are analytics programs that people run on their websites to "spy on you." What exactly is so horrifying about that?


It’s not a big leap to also track the MAC addresses that are more mobile. Get enough data points over a couple of months or years and the database will certainly contain many repeat detections of mobile MAC addresses at many different locations, with a decent chance of being able to identify a home or work address to go with it. Kim Cameron describes the start of this cascade effect in his most recent post, mapping the attendees at a conference to home addresses even when they’ve never consented to any such tracking is not going to be hard if you’ve gone to the trouble of scanning every street in every city in the country. With a minor bit of further analysis the same techniques could be used to get a good idea of the travel or shopping habits of almost everyone sitting in an airport departure lounge or the home addresses of everyone participating in a Stop The War protest.

And remember that even though you can only effectively use WiFi to send and receive data over a range of a few 10’s to maybe a 100m you can detect and read WiFi signals easily from 100’s to 1000’s of metres away without any special equipment.

The plans to blanket London with “Free WiFi” start to sound quite disturbing when you think about those possibilities.

To answer my own title question – MAC addresses can tell far more about you than you think and keeping databases of where and when they’ve been seen can be extremely dangerous in terms of privacy.
http://www.identityblog.com/?p=1131
Content from External Source
Is it Irony, to anybody that one of the very cores of libertarian principles is to "leave it to the states?" Wouldn't a real libertarian, not care what Seattle does in it's own city?

I'm not a libertarian, so no. I think mixed economies and social democracy is where it's at.
 

AluminumTheory

Senior Member.
Doesn't look like anybody assumed anything at all, it is "some kind of spy device".


After reviewing Aruba’s technical literature, as well as talking to IT directors and systems administrators around the country who work with Aruba products, it’s clear that their networks are adept at seeing all the devices that move through their coverage area and visually mapping the locations of those devices in real time for the system administrators’ convenience. In fact, one of Aruba’s major selling points is its ability to locate “rogue” or “unassociated” devices—that is, any device that hasn’t been authorized by (and maybe hasn’t even asked to be part of) the network.

Which is to say, your device. The cell phone in your pocket, for instance.

The user’s guide for one of Aruba’s recent software products states: “The wireless network has a wealth of information about unassociated and associated devices.” That software includes “a location engine that calculates associated and unassociated device location every 30 seconds by default… The last 1,000 historical locations are stored for each MAC address.”
Content from External Source
Council member Bruce Harrell pointed out the need for SPD to be able to collect some of this information: “While I understand that a lot of people have concerns about the government having access to this information, when we have large public gatherings like the situation like in Boston and something bad happens, the first thing we want to know is how are we using technology to capture that information,” Harrell told KIRO-TV.
Content from External Source
The network includes 160 wireless access points that are mounted on poles across Seattle. Every time a device looks for a Wi-Fi signal and the access point recognizes it, it can store that data. The manufacturer of the network points out in a manual that the mesh network can store IP addresses, device types, applications used by the devices, current location, and historical location.
Content from External Source
This information can be stored and connected for the last 1,000 times a person is connected with a specific device. The network shows up online in public places usually as intersections in the city such as, "4th&Pike," "4th&University" and "3rd&Union."

"Even if we assume that the mesh network was installed by good people for good reasons, there's no reason to believe that the people controlling the network in the future will use it for the public good," said Brendan Kiley of alternative news weekly the Stranger. "We need to have a serious public conversation and establish some very clear rules about how new surveillance technologies should and shouldn't be used -- with very real penalties for breaking those rules." Kiley first reported on the technology Wednesday in The Stranger.
Content from External Source
"We believe that people should be free to move about without having the government track their movements unless there really is reason to believe they're engaged in some criminal activity," said Debelak. Seattle police could not explain why the network appears to be online.
Content from External Source

"They now own a piece of equipment that has tracking capabilities so we think that they should be going to City Council and presenting a protocol for the whole network that says they won't be using it for surveillance purposes," said Jamela Debelak of the American Civil Liberties Union.
Content from External Source
http://www.kirotv.com/news/news/seattle-police-have-wireless-network-can-track-you/nbmHW/
I have a $50 wireless g router that is 7 years old. And it is capable of storing mac addresses for an indefinite period of time.
Generally speaking, features like identifying rogue (unauthorized) network devices can be done to an extent even on a home network. The difference is that Aruba seems to be able to set up a network that can do this automatically which they are most likely accomplishing via software. Watchgaurd is a brand of hardware firewall/network router. The Watchguard 5x is prbably a reference to the Watchgaurd XTM 5 series. Here is a Watchgaurd XTM 525 that you can buy for only $2,109.99. The router/firewall itself is not the spy device. Your 'spy devices' are the WAP management and the access points (the white boxes). They know your general location when you access a wireless access point because they know where the access point it is. A mac address isn't even private data by an measurable standard. Anytime you access the internet through a router whether basic or commercial grade, your mac address is revealed and stored.
This is very different from public wifi. Public wifi will only register the MAC address if a device connects to the network, this system registers all devices in range whether they are associated with the network or unassociated. Public wifi does not track and store location data every 30 seconds across the network, this system does.
What they mean by 'unassociated' is basically network devices that are connects, but aren't supposed to access the network
one of Aruba’s major selling points is its ability to locate “rogue” or “unassociated” devices—that is, any device that hasn’t been authorized by (and maybe hasn’t even asked to be part of) the network.
Content from External Source
Every system is capable of registering rogue devices, but not necessarily capable of locating it.

Another one of Aruba's selling points is its ability to detect rogue devices—strangers to the system. Its promotional "case studies" trumpet this capability, including one report about Cabela's hunting and sporting goods chain, which is an Aruba client: "Because Cabela's stores are in central shopping areas, the company captures huge quantities of rogue data—as many as 20,000 events per day, mostly from neighboring businesses." Aruba's network is identifying and distinguishing which devices are allowed on the Cabela's network and which are within the coverage area but are just passing through. The case study also describes how Cabela's Aruba network was able to locate a lost price-scanner gun in a large warehouse by mapping its location, as well as track employees by the devices they were carrying.
Content from External Source
Here is a good explanation of what rogue devices are.


Definition - What does Rogue Wireless Device mean?
A rogue wireless device is a wireless device that remains connected to a system but does not have permission to access and operate in a network. Rogue wireless devices may be access points (rogue access points or rogue APs) or end user computers (rogue peers). If left connected, both types can pose security threats to networks and organizations.
Techopedia explains Rogue Wireless Device
A rogue wireless device is one of the leading security threats in wireless networking. It has the ability to disclose confidential system information that is potentially damaging to an organization.
Access point (AP)-based rogue devices are wireless access points (WAP) installed in a network without authorization. These routers may be installed by an employee for work purposes, or by a hacker for the collection of private records. In most cases, the use of such devices conflicts with network security policies, and the devices are not managed by the network administrator (NA). Additionally, rogue APs may allow other unauthorized end user devices to connect to the network and consume network bandwidth.

Computer-based rogue threats, or rogue peers, are end user computers that are connected to a network without permission. These devices are usually laptops and netbooks that can serve as APs. Rogue peers pose more risks than rogue APs, given that laptops have little to no security features. This can allow other unauthorized devices to connect to the device and network.

Rogue wireless device threats can be prevented by using strict network security policies. All APs and end user computers should be mapped in the network, allowing easy detection of new devices. Rogue wireless devices are easily detectable but difficult to eliminate.
Content from External Source
A way that a user might unintentionally become a rogue device (or peer) is by someone connecting a rogue wireless access point and naming the SSID (wifi network name) something like Panera or Starbucks so that smartphones and laptops may automatically connect to it if they are set to automatically connect to that network. This poses and obvious security threat and the need to detect and locate rogue devices is a necessity for large wifi networks.

Here are some other ways that client mis-associations may occur:

http://en.wikipedia.org/wiki/Wireless_security


Modes of unauthorized access
The modes of unauthorised access to links, to functions and to data is as variable as the respective entities make use of program code. There does not exist a full scope model of such threat. To some extent the prevention relies on known modes and methods of attack and relevant methods for suppression of the applied methods. However, each new mode of operation will create new options of threatening. Hence prevention requires a steady drive for improvement. The described modes of attack are just a snapshot of typical methods and scenarios where to apply.

Accidental association
Violation of the security perimeter of a corporate network can come from a number of different methods and intents. One of these methods is referred to as “accidental association”. When a user turns on a computer and it latches on to a wireless access point from a neighboring company’s overlapping network, the user may not even know that this has occurred. However, it is a security breach in that proprietary company information is exposed and now there could exist a link from one company to the other. This is especially true if the laptop is also hooked to a wired network.

Accidental association is a case of wireless vulnerability called as "mis-association".[6] Mis-association can be accidental, deliberate (for example, done to bypass corporate firewall) or it can result from deliberate attempts on wireless clients to lure them into connecting to attacker's APs.

Malicious association
“Malicious associations” are when wireless devices can be actively made by attackers to connect to a company network through their cracking laptop instead of a company access point (AP). These types of laptops are known as “soft APs” and are created when a cyber criminal runs some software that makes his/her wireless network card look like a legitimate access point. Once the thief has gained access, he/she can steal passwords, launch attacks on the wired network, or plant trojans. Since wireless networks operate at the Layer 2 level, Layer 3 protections such as network authentication and virtual private networks (VPNs) offer no barrier. Wireless 802.1x authentications do help with some protection but are still vulnerable to cracking. The idea behind this type of attack may not be to break into a VPN or other security measures. Most likely the criminal is just trying to take over the client at the Layer 2 level.

Ad hoc networks
Ad hoc networks can pose a security threat. Ad hoc networks are defined as peer-to-peer networks between wireless computers that do not have an access point in between them. While these types of networks usually have little protection, encryption methods can be used to provide security.

The security hole provided by Ad hoc networking is not the Ad hoc network itself but the bridge it provides into other networks, usually in the corporate environment, and the unfortunate default settings in most versions of Microsoft Windows to have this feature turned on unless explicitly disabled. Thus the user may not even know they have an unsecured Ad hoc network in operation on their computer. If they are also using a wired or wireless infrastructure network at the same time, they are providing a bridge to the secured organizational network through the unsecured Ad hoc connection. Bridging is in two forms. A direct bridge, which requires the user actually configure a bridge between the two connections and is thus unlikely to be initiated unless explicitly desired, and an indirect bridge which is the shared resources on the user computer. The indirect bridge provides two security hazards. The first is that critical organizational data obtained via the secured network may be on the user's end node computer drive and thus exposed to discovery via the unsecured Ad hoc network. The second is that a computer virus or otherwise undesirable code may be placed on the user's computer via the unsecured Ad hoc connection and thus has a route to the organizational secured network. In this case, the person placing the malicious code need not "crack" the passwords to the organizational network, the legitimate user has provided access via a normal and routine log-in. The malefactor simply needs to place the malicious code on the unsuspecting user's end node system via the open (unsecured) Ad hoc networks.

Non-traditional networks
Non-traditional networks such as personal network Bluetooth devices are not safe from cracking and should be regarded as a security risk. Even barcode readers, handheld PDAs, and wireless printers and copiers should be secured. These non-traditional networks can be easily overlooked by IT personnel who have narrowly focused on laptops and access points.

Identity theft (MAC spoofing)
Identity theft (or MAC spoofing) occurs when a cracker is able to listen in on network traffic and identify the MAC address of a computer with network privileges. Most wireless systems allow some kind of MAC filtering to allow only authorized computers with specific MAC IDs to gain access and utilize the network. However, programs exist that have network “sniffing” capabilities. Combine these programs with other software that allow a computer to pretend it has any MAC address that the cracker desires,[7] and the cracker can easily get around that hurdle.

MAC filtering is effective only for small residential (SOHO) networks, since it provides protection only when the wireless device is "off the air". Any 802.11 device "on the air" freely transmits its unencrypted MAC address in its 802.11 headers, and it requires no special equipment or software to detect it. Anyone with an 802.11 receiver (laptop and wireless adapter) and a freeware wireless packet analyzer can obtain the MAC address of any transmitting 802.11 within range. In an organizational environment, where most wireless devices are "on the air" throughout the active working shift, MAC filtering provides only a false sense of security since it prevents only "casual" or unintended connections to the organizational infrastructure and does nothing to prevent a directed attack.

Man-in-the-middle attacks
A man-in-the-middle attacker entices computers to log into a computer which is set up as a soft AP (Access Point). Once this is done, the hacker connects to a real access point through another wireless card offering a steady flow of traffic through the transparent hacking computer to the real network. The hacker can then sniff the traffic. One type of man-in-the-middle attack relies on security faults in challenge and handshake protocols to execute a “de-authentication attack”. This attack forces AP-connected computers to drop their connections and reconnect with the cracker’s soft AP (disconnects the user from the modem so they have to connect again using their password which one can extract from the recording of the event). Man-in-the-middle attacks are enhanced by software such as LANjack and AirJack which automate multiple steps of the process, meaning what once required some skill can now be done by script kiddies. Hotspots are particularly vulnerable to any attack since there is little to no security on these networks.

Denial of service
A Denial-of-Service attack (DoS) occurs when an attacker continually bombards a targeted AP (Access Point) or network with bogus requests, premature successful connection messages, failure messages, and/or other commands. These cause legitimate users to not be able to get on the network and may even cause the network to crash. These attacks rely on the abuse of protocols such as the Extensible Authentication Protocol (EAP).

The DoS attack in itself does little to expose organizational data to a malicious attacker, since the interruption of the network prevents the flow of data and actually indirectly protects data by preventing it from being transmitted. The usual reason for performing a DoS attack is to observe the recovery of the wireless network, during which all of the initial handshake codes are re-transmitted by all devices, providing an opportunity for the malicious attacker to record these codes and use various "cracking" tools to analyze security weaknesses and exploit them to gain unauthorized access to the system. This works best on weakly encrypted systems such as WEP, where there are a number of tools available which can launch a dictionary style attack of "possibly accepted" security keys based on the "model" security key captured during the network recovery.

Network injection
In a network injection attack, a cracker can make use of access points that are exposed to non-filtered network traffic, specifically broadcasting network traffic such as “Spanning Tree” (802.1D), OSPF, RIP, and HSRP. The cracker injects bogus networking re-configuration commands that affect routers, switches, and intelligent hubs. A whole network can be brought down in this manner and require rebooting or even reprogramming of all intelligent networking devices.

Caffe Latte attack
The Caffe Latte attack is another way to defeat WEP. It is not necessary for the attacker to be in the area of the network using this exploit. By using a process that targets the Windows wireless stack, it is possible to obtain the WEP key from a remote client.[8] By sending a flood of encrypted ARP requests, the assailant takes advantage of the shared key authentication and the message modification flaws in 802.11 WEP. The attacker uses the ARP responses to obtain the WEP key in less than 6 minutes.[9]
Modes of unauthorized access
The modes of unauthorised access to links, to functions and to data is as variable as the respective entities make use of program code. There does not exist a full scope model of such threat. To some extent the prevention relies on known modes and methods of attack and relevant methods for suppression of the applied methods. However, each new mode of operation will create new options of threatening. Hence prevention requires a steady drive for improvement. The described modes of attack are just a snapshot of typical methods and scenarios where to apply.

Accidental association
Violation of the security perimeter of a corporate network can come from a number of different methods and intents. One of these methods is referred to as “accidental association”. When a user turns on a computer and it latches on to a wireless access point from a neighboring company’s overlapping network, the user may not even know that this has occurred. However, it is a security breach in that proprietary company information is exposed and now there could exist a link from one company to the other. This is especially true if the laptop is also hooked to a wired network.

Accidental association is a case of wireless vulnerability called as "mis-association".[6] Mis-association can be accidental, deliberate (for example, done to bypass corporate firewall) or it can result from deliberate attempts on wireless clients to lure them into connecting to attacker's APs.

Malicious association
“Malicious associations” are when wireless devices can be actively made by attackers to connect to a company network through their cracking laptop instead of a company access point (AP). These types of laptops are known as “soft APs” and are created when a cyber criminal runs some software that makes his/her wireless network card look like a legitimate access point. Once the thief has gained access, he/she can steal passwords, launch attacks on the wired network, or plant trojans. Since wireless networks operate at the Layer 2 level, Layer 3 protections such as network authentication and virtual private networks (VPNs) offer no barrier. Wireless 802.1x authentications do help with some protection but are still vulnerable to cracking. The idea behind this type of attack may not be to break into a VPN or other security measures. Most likely the criminal is just trying to take over the client at the Layer 2 level.

Ad hoc networks
Ad hoc networks can pose a security threat. Ad hoc networks are defined as peer-to-peer networks between wireless computers that do not have an access point in between them. While these types of networks usually have little protection, encryption methods can be used to provide security.

The security hole provided by Ad hoc networking is not the Ad hoc network itself but the bridge it provides into other networks, usually in the corporate environment, and the unfortunate default settings in most versions of Microsoft Windows to have this feature turned on unless explicitly disabled. Thus the user may not even know they have an unsecured Ad hoc network in operation on their computer. If they are also using a wired or wireless infrastructure network at the same time, they are providing a bridge to the secured organizational network through the unsecured Ad hoc connection. Bridging is in two forms. A direct bridge, which requires the user actually configure a bridge between the two connections and is thus unlikely to be initiated unless explicitly desired, and an indirect bridge which is the shared resources on the user computer. The indirect bridge provides two security hazards. The first is that critical organizational data obtained via the secured network may be on the user's end node computer drive and thus exposed to discovery via the unsecured Ad hoc network. The second is that a computer virus or otherwise undesirable code may be placed on the user's computer via the unsecured Ad hoc connection and thus has a route to the organizational secured network. In this case, the person placing the malicious code need not "crack" the passwords to the organizational network, the legitimate user has provided access via a normal and routine log-in. The malefactor simply needs to place the malicious code on the unsuspecting user's end node system via the open (unsecured) Ad hoc networks.

Non-traditional networks
Non-traditional networks such as personal network Bluetooth devices are not safe from cracking and should be regarded as a security risk. Even barcode readers, handheld PDAs, and wireless printers and copiers should be secured. These non-traditional networks can be easily overlooked by IT personnel who have narrowly focused on laptops and access points.

Identity theft (MAC spoofing)
Identity theft (or MAC spoofing) occurs when a cracker is able to listen in on network traffic and identify the MAC address of a computer with network privileges. Most wireless systems allow some kind of MAC filtering to allow only authorized computers with specific MAC IDs to gain access and utilize the network. However, programs exist that have network “sniffing” capabilities. Combine these programs with other software that allow a computer to pretend it has any MAC address that the cracker desires,[7] and the cracker can easily get around that hurdle.

MAC filtering is effective only for small residential (SOHO) networks, since it provides protection only when the wireless device is "off the air". Any 802.11 device "on the air" freely transmits its unencrypted MAC address in its 802.11 headers, and it requires no special equipment or software to detect it. Anyone with an 802.11 receiver (laptop and wireless adapter) and a freeware wireless packet analyzer can obtain the MAC address of any transmitting 802.11 within range. In an organizational environment, where most wireless devices are "on the air" throughout the active working shift, MAC filtering provides only a false sense of security since it prevents only "casual" or unintended connections to the organizational infrastructure and does nothing to prevent a directed attack.

Man-in-the-middle attacks
A man-in-the-middle attacker entices computers to log into a computer which is set up as a soft AP (Access Point). Once this is done, the hacker connects to a real access point through another wireless card offering a steady flow of traffic through the transparent hacking computer to the real network. The hacker can then sniff the traffic. One type of man-in-the-middle attack relies on security faults in challenge and handshake protocols to execute a “de-authentication attack”. This attack forces AP-connected computers to drop their connections and reconnect with the cracker’s soft AP (disconnects the user from the modem so they have to connect again using their password which one can extract from the recording of the event). Man-in-the-middle attacks are enhanced by software such as LANjack and AirJack which automate multiple steps of the process, meaning what once required some skill can now be done by script kiddies. Hotspots are particularly vulnerable to any attack since there is little to no security on these networks.

Denial of service
A Denial-of-Service attack (DoS) occurs when an attacker continually bombards a targeted AP (Access Point) or network with bogus requests, premature successful connection messages, failure messages, and/or other commands. These cause legitimate users to not be able to get on the network and may even cause the network to crash. These attacks rely on the abuse of protocols such as the Extensible Authentication Protocol (EAP).

The DoS attack in itself does little to expose organizational data to a malicious attacker, since the interruption of the network prevents the flow of data and actually indirectly protects data by preventing it from being transmitted. The usual reason for performing a DoS attack is to observe the recovery of the wireless network, during which all of the initial handshake codes are re-transmitted by all devices, providing an opportunity for the malicious attacker to record these codes and use various "cracking" tools to analyze security weaknesses and exploit them to gain unauthorized access to the system. This works best on weakly encrypted systems such as WEP, where there are a number of tools available which can launch a dictionary style attack of "possibly accepted" security keys based on the "model" security key captured during the network recovery.

Network injection
In a network injection attack, a cracker can make use of access points that are exposed to non-filtered network traffic, specifically broadcasting network traffic such as “Spanning Tree” (802.1D), OSPF, RIP, and HSRP. The cracker injects bogus networking re-configuration commands that affect routers, switches, and intelligent hubs. A whole network can be brought down in this manner and require rebooting or even reprogramming of all intelligent networking devices.

Caffe Latte attack
The Caffe Latte attack is another way to defeat WEP. It is not necessary for the attacker to be in the area of the network using this exploit. By using a process that targets the Windows wireless stack, it is possible to obtain the WEP key from a remote client.[8] By sending a flood of encrypted ARP requests, the assailant takes advantage of the shared key authentication and the message modification flaws in 802.11 WEP. The attacker uses the ARP responses to obtain the WEP key in less than 6 minutes.[9]
Content from External Source
Hopefully you'll be able to understand why being able to automatically locate rogue devices would be a desirable functionality for large and sophisticated network. The use of many smaller low powered access points as opposed to the more traditional method of fewer, high powered access points allows for some redundancy in the event that one or a few devices fail. This in turn also makes it easier to locate rogue devices by determining which access point the device is associated with.



The bottom line is that if you are concerned about these network systems tracking you, you can just not use public wifi.
 

Mick West

Administrator
Staff member
It's just WiFi.

It's just potential WiFi sniffing. Any municipal WiFi network could already do this. All it would tell you is what devices were in range of what access points at what time (providing they had WiFi switched on, and were transmitting).

The phone companies can do it already at a vastly more detailed level. This is a storm in a teacup.
 

AluminumTheory

Senior Member.
I would suppose the only difference is that most large scale public wifis seem to use higher powered APs which will serve alot of clients over a broad range. Using lower powered APs to serve a smaller area enables the network admin to get a more specific location of the client such as "300 block of Market st." Which is useful, but far from what I would call pin point accuracy.
 

moderateGOP

Active Member
1.Most phones do not have this capability in any sense, neither do city wide public wifi networks.
Wrong, phones can sniff hotspots but they absolutely do not reveal the location of every wireless device and cellphone in a given area.

2. I'm just not casually dismissing an issue that raises legitimate concerns for reasonable people.

3. It's another level of intrusive illegitimate electronic spying by law enforcement without public democratic sanction.

4.And I'm the technological illiterate? I think the system is probably automated, don't you?

5. I think mixed economies and social democracy is where it's at.

1. What do you think, seeing wifi hotspots evolves into? That's what I mean by in a limited sense. Basically this network seems to boost, fix itself, and gives itself more power based on how many devices are connected to it or are trying to connect to it.

2. Only if they don't research into how networks actually work and believes everything Alex Jones and the ACLU tells them! Then, they'll realize its nothing to worry about and its actually really useful for large city networks.

3. So the basic functionality of networks are illegitimate and intrusive?

4. You obviously didn't read my sentence, I said they sit and watch computers log mac addresses... Again, you never did quite explain to me why this is so horrifying. You just believe that I should think it is and agree with you.

5. The same Mixed economy and social democracy that created this technology that you are freaking out about.
 

dunbar

Active Member
It's just WiFi.

It's just potential WiFi sniffing. Any municipal WiFi network could already do this.

Public networks could do this but do not, that's the difference. And btw, do you maybe think that all of this data might possibly be relayed to DHS threat fusion centers? After all, DHS is the agency that funded this system.

All it would tell you is what devices were in range of what access points at what time (providing they had WiFi switched on, and were transmitting).

the mesh network can store IP addresses, device types, applications used by the devices, current location, and historical location.
Content from External Source
A lot of useful information can be extrapolated from that data with sufficient analysis.

The phone companies can do it already at a vastly more detailed level. This is a storm in a teacup.

And the incestuous relationship between telecoms and intelligence agencies is fairly disturbing in and of itself. I understand that this data is unavoidably going to be generated, but what is done with it and to it and who should have access to it and under which circumstances are vitally important issues that concern us all.
 

Mick West

Administrator
Staff member
Public networks could do this but do not, that's the difference.

This one does not either - like the public WiFi, it's simply something that it could do. Any WiFi network could do the things you list.

Your phone could be transmitting everything you say to the CIA, even though it seems to be shut off. Does that mean it is?
 

moderateGOP

Active Member
I understand that this data is unavoidably going to be generated, but what is done with it and to it and who should have access to it and under which circumstances are vitally important issues that concern us all.

I am perfectly content that the telecom companies know what they are doing! I don't want people like Alex Jones anywhere near this stuff
 

dunbar

Active Member
This one does not either - like the public WiFi, it's simply something that it could do. Any WiFi network could do the things you list.

The default on this system is read, store, and track, every other public wifi would have to be reconfigured in order to do it. This system is specifically programmed to do exactly this.
 

dunbar

Active Member
No it's not. That's just something it can do.

That software includes “a location engine that calculates associated and unassociated device location every 30 seconds by default… The last 1,000 historical locations are stored for each MAC address.”
Content from External Source
 

dunbar

Active Member
3. So the basic functionality of networks are illegitimate and intrusive?

The basic functionality of networks is to facilitate communication, not to read, track, and store the types, locations and movement of all devices within the network area regardless of whether they are connected to the network or not.
 

dunbar

Active Member
And btw, do you maybe think that all of this data might possibly be relayed to DHS threat fusion centers? After all, DHS is the agency that funded this system.


It's reasonable to assume that locally gleaned information will be shared with other organizations, including federal ones. An SPD diagram of the mesh network, for example, shows its information heading to institutions large and small, including the King County Sheriff's Office, the US Coast Guard, and our local fusion center.

Fusion centers, if you're unfamiliar with the term, are information-sharing hubs, defined by the Department of Homeland Security as "focal points" for the "receipt, analysis, gathering, and sharing" of surveillance information.

If federally funded, locally built surveillance systems with little to no oversight can dump their information in a fusion center—think of it as a gun show for surveillance, where agencies freely swap information with little restriction or oversight—that could allow federal agencies such as the FBI and the NSA to do an end-run around any limitations set by Congress or the FISA court.
Content from External Source
 

AluminumTheory

Senior Member.
It's a public wifi. And as it has been pointed out any public or open network is capable of doing what this system does to one extent or another. From logging mac addresses to viewing internet traffic, to even getting a general location on the user. Security similar to what this system has would most certainly be used on any large scale public wifi, and is necessary as the larger the network, the greater the threats. And if you're worried about personal data being downloaded from your smartphone, than perhaps you should install a software firewall.

The fact of the matter is that there is an inherit danger to using public and open wifi networks regardless of how you look at it. From hackers spoofing SSIDs with rougue devices to the sophisticated security measures needed to prevent such occurrences, it can potentially pose a threat to individual privacy. And that's just unavoidable.

If it bothers you or anyone else that the DHS funded this project,, than don't use it. Nobody in anyway is required to utilize this public network.
 

moderateGOP

Active Member
It's reasonable to assume that locally gleaned information will be shared with other organizations, including federal ones. An SPD diagram of the mesh network, for example, shows its information heading to institutions large and small, including the King County Sheriff's Office, the US Coast Guard, and our local fusion center.

Fusion centers, if you're unfamiliar with the term, are information-sharing hubs, defined by the Department of Homeland Security as "focal points" for the "receipt, analysis, gathering, and sharing" of surveillance information.

If federally funded, locally built surveillance systems with little to no oversight can dump their information in a fusion center—think of it as a gun show for surveillance, where agencies freely swap information with little restriction or oversight—that could allow federal agencies such as the FBI and the NSA to do an end-run around any limitations set by Congress or the FISA court.
Content from External Source


can you make arguments without quoting huge blocks of text from an infowars article?
 

moderateGOP

Active Member
It's a public wifi. And as it has been pointed out any public or open network is capable of doing what this system does to one extent or another. From logging mac addresses to viewing internet traffic, to even getting a general location on the user. Security similar to what this system has would most certainly be used on any large scale public wifi, and is necessary as the larger the network, the greater the threats. And if you're worried about personal data being downloaded from your smartphone, than perhaps you should install a software firewall.

The fact of the matter is that there is an inherit danger to using public and open wifi networks regardless of how you look at it. From hackers spoofing SSIDs with rougue devices to the sophisticated security measures needed to prevent such occurrences, it can potentially pose a threat to individual privacy. And that's just unavoidable.

If it bothers you or anyone else that the DHS funded this project,, than don't use it. Nobody in anyway is required to utilize this public network.

remember this would only affect him if he loves in Seattle. I highly doubt that
 

Mick West

Administrator
Staff member
That software includes “a location engine that calculates associated and unassociated device location every 30 seconds by default… The last 1,000 historical locations are stored for each MAC address.”
Content from External Source

It's a fairly standard feature of network topology management for the network to remember where each device is, so it can better route packets. Your own WiFi router and phone probably have a log of nearby devices in them. It's a network optimization, troubleshooting, and security tool.

It's described here:

http://www.arubanetworks.com/pdf/products/AB_AW_RAPIDS.pdf

It could be used for surveillance of individuals. But you'd have to do a lot more work on top of that. For a start, you'd have to know what that person's MAC address was. It's not designed to monitor people, which is what Infowars is suggesting. Nor can it inspect the contents of your phone.
 

AluminumTheory

Senior Member.
It's a fairly standard feature of network topology management for the network to remember where each device is, so it can better route packets. Your own WiFi router and phone probably have a log of nearby devices in them. It's a network optimization, troubleshooting, and security tool.

It's described here:

http://www.arubanetworks.com/pdf/products/AB_AW_RAPIDS.pdf

It could be used for surveillance of individuals. But you'd have to do a lot more work on top of that. For a start, you'd have to know what that person's MAC address was. It's not designed to monitor people, which is what Infowars is suggesting. Nor can it inspect the contents of your phone.

Also worth mentioning, MAC addresses can be spoofed. And your smartphone's MAC address to your phones wifi chip (which is different from the chip that receives your cell network signal) could possibly be traced back to the owner. But even that it's probably more difficult than sounds.
A mac address lookup is only going to tell you the manufacturer of the wireless chipset, NOT the manufacturer of the device itself. Sow when you look up a mac address, you aren't going to see descriptions like: Samsung Galaxy S4, iPhone 5s. Youre going to things more like: Atheros, Realtek, Broadcom and varous other chipmakers. And your wireless chipset is hardly unique to your device and is very likely to be a common chipset used in numerous devices.
Law enforcement (with a warrant) could contact a cell provider and determine the serial number and other information about your smartphone be possibly the mac address. But they would have to know who you are first. And this only applies to phones mac address in laptops, tablets etc have no documented association with their owners so it would be impossible to determine every Mac addres associated with person's device.
If you had somebody mac address and you wanted to find out who they were, you would have to hope that all providers keep a record of the wifi mac address to their subscriber's smartphones (I'm not sure that they do), and then you would have to ask every wireless provider in the area to search that Mac address. And then you would have to hope this person is using a smartphone on a plan because if they're not, the mac address will absolutely not be traceable to anyone.
it would seem extraordinarily difficult to actually identify someone using just a mac address.
The I read into this, the more I think its completely overblown. I respect the ACLU and what they do and I can see how someone unfamiliar with networking may think that this system has the potential to spy on people, but if that was the intent, then this would honestly be a very poor method of doing so. I would ex expect a real spy grid to be much more dialed down and be designed to intercept cellular signals and capture IMEI information. It was a massive stretch to call any of these 'Snowden level documents', and I think we can mark this debunked.
 
Top