• Categories

  • Pages

  • Archives

New Audio Technology Registers Gunshots – And Conversations.

shotspotterLast month, cops in New York City started testing a system that alerts them almost instantly to the location of where a gun was fired to within an accuracy of 25 meters (82 feet).   The ‘ShotSpotter’ technology utilizes strategically placed audio sensors that relay gunshot location information to nearby cops, enabling a rapid response.  ShotSpotter is used in major cities including Washington, Boston, Oakland, San Francisco and Minneapolis, as well as smaller cities like East Chicago, Ind.

The system is also smart enough to predict where subsequent shots may take place, providing officers with additional caution and backup to a “shots fired” situation.

The system was activated in the Bronx on March 18, 2015 and Shotspotter picked up gunshots in just an hour of going live.

Brooklyn Shotspotter went live several days after the Bronx, with the remaining boroughs following later if  the system proves effective.

The results thus far in these two NYC boroughs are disturbing; of the 55 gunshot incidents detected from March 16, 2015 – April 2, 2015, only 12 were called in to 911 – a poor 22% of the time someone called the emergency number to report the gunfire. Comments on the woeful reporting rate,  from the NY Daily News:

Police Commissioner Bill Bratton said he knew from other cities that up to 80% of all gunplay never gets reported, but he thought New York City’s density would mean more people would report gunshots.

“I’ll be quite frank — I’m surprised that we’ve had so few calls to 911 for those shots that have been identified,” Bratton said.

Going forward, cops will make more arrests based on evidence gathered through the technology, he predicted. Police expect to expand ShotSpotter citywide after it analyzes the results of its $1.5 million pilot program.

 

What the Shotspotter technology does (according to the eponymously named company’s website):

ShotSpotter (SST) instantly notifies officers of gunshot crimes in progress with real-time data delivered to dispatch centers, patrol cars and even smart phones. This affordable, subscription-based service enhances officer safety and effectiveness through:

  • Real-time access to maps of shooting locations and gunshot audio,
  • Actionable intelligence detailing the number of shooters and the number of shots fired,
  • Pinpointing precise locations for first responders aiding victims, searching for evidence and interviewing witnesses.

How the Shotspotter technology works: 

Best explained: Unlike counter-sniper sensors which can only measure a limited range of sounds—the supersonic signature of a sniper’s round with a known ballistic coefficient—SST’s wide area protection system measures the full range of impulsive sounds (sounds which are explosive in nature) found in urban weaponry, from sub and supersonic impulses to explosions.

So basically, the SST technology – given that it is subsonic – can admittedly (by the company) pick up on anything – including conversations – that it is calibrated to monitor.

I was good with the range of Shotspotter functions until the last item.  That of audio recording of the general public’s conversations.  How long before “exceptions” allowing speech monitoring are employed in sensitive places like surrounding courthouse areas, prison courtyards, college campuses??, etc.  The incident scenes themselves.  The argument that could be made in favor of open-air audio recordings would probably be along the lines of expectation of privacy – that presumably, there is none in public areas.

The application of technology and relevant law will be interesting to follow in the coming years.

Pass notes.

BNI Operatives: Situationally aware.

As always, stay safe.

(Afterthought: Why would PC Bratton refer to gun shots fired as “gunplay”???)

Stuck In A Florida Hurricane or Mexican Jail? Five Essential Nationwide and Global Emergency Apps

Emergency app

GLOBAL APPS:

1.  !Emergency!  (Featured above.)  Imagine yourself in a disaster situation – in a foreign country. You have no clue where the closest embassy is, or the 911 equivalent in Germany or Mexico or Japan.   The !Emergency! app automatically detects the country you’re in and then directs you to the proper authorities. (Given that you are allowed to make that one call if you’ve been arrested in a foreign country.)

 

germany

2. UbAlert:  a global social network where users share reports – and graphic accounts – of natural disasters (tsunami) and those man-made (Kenya terrorist attack).

 

UNITED STATES:

3. Re-Unite: the lost family finder from the U.S. National Library of Medicine, helps to update the NLM’s People Locator for natural disasters. Information about missing (and found) family members is posted immediately.

4. Official FEMA app: Can be used to set up a family meeting place and get the latest emergency updates.

5. Life360: Immediately locates a family member. (You can turn off the location feature at any time.)

 

In any emergency, I know it’s easy to stay calm but it really is important to do just that and trust that you are not alone and help is as close as a click away.

BNI Operatives: Situationally aware.

As always, be safe.

Happy Easter and Happy Passover, 2015

happy holidays

 

I take this opportunity to thank our readers and clients for their support and to wish all happiness, peace, prosperity and all of the joys of the holiday.

Throughout each year, there are wonderful days and challenging times.  May your strong and heartfelt advocacy efforts be greatly rewarded.

Happy Easter, Happy Passover,

 

Lina M. Maini

Digital Evidence Degrading or Inaccessible? Slow Computer? Spring PC Tune-Up.

slow pc

Few things in one’s workday are as frustrating as trying to open up a hard-stored document/graphic – that is, an item reposited on the hard drive or a removable storage device such as a thumb drive or external hard drive – and getting nowhere.  Either you receive an open document command fail message or the spinning wheel of document retrieval whirls forever.  This situation becomes even more aggravating when the item is a necessary piece of evidence (email, e-documents, incriminating photos or videos…) that you needed yesterday.

Most often, storage degradation or inability to retrieve stored items results from poor PC maintenance.  (The other main causes of a slow-running pc are: inadvertent computer ingestion of morning joe, internal dust bunnies or a pre- ehistoric model PC/laptop.)

In this week’s Bulletin, we will provide you with eight clean-up tips on boosting your PC’s performance in an effort to lessen the likelihood of negative retrieval events.

1) Uninstall unused programs

New PCs come with a boatload of programs you will never use, or even know exist.

To remove unwanted programs, open the Control Panel’s Programs feature and uninstall those you do not need.

If you are unsure about which programs to uninstall and those which are critical to system operation, try a third-party called such as PC Decrapifier – it’s free for non-commercial use – which, despite its funky name,  should tell you which programs you don’t need.

2) Delete temporary files

Temporary files pile up on your computer through everyday tasks and can remain on your hard drive, slowing the computer down. Get rid of these files:

a – Open “My Computer”, and select your local drive (usually C:\). Select the “Windows” folder and then open the folder titled “Temp”.

b – Open your browser’s History option and delete temp files and finally,

c – Empty the Recycle Bin.

All of these tasks can easily be scheduled to occur automatically through the same access options listed above.

3) Install a solid state drive

Hard drives are the biggest cause of slow speeds and especially slow startup speeds on your PC.

Installing a solid state drive, which have extremely fast read times, can speed up your startup considerably.

What is a solid state drive, you might intelligently ask?  From Wikipedia (not a source for actual news or validated history but we see no reason why they would mislead on us on a simple hardware definition):

A solid-state drive (SSD) (also known as a solid-state disk though it contains no actual disk, nor a drive motor to spin a disk) is adata storage device that uses integrated circuit assemblies as memory to store data persistently.

SSDs have no moving (mechanical) components. This distinguishes them from traditional electro-mechanicalmagnetic disks such as hard disk drives (HDDs) or floppy disks, which contain spinning disks and movable read/write heads.  Compared with electromechanical disks, SSDs are typically more resistant to physical shock, run silently, have lower access time, and less latency.

Got it? Okay.

4) More hard drive storage

Even if you diligently clean out all your temporarily files, bottom line, if your hard drive becomes 85 per cent full, it’s going to affect your computer’s speed.

If you regularly film videos or use your PC for recording television or video monitoring purposes, you will want as big a hard drive as you can get, up to 1TB in size.

5) Prevent unnecessary start-ups

The number of programs launched at Start Up will primarily affect how long it takes for your laptop or PC to startup, but often these programs continue to run and use up your computer’s memory.

From the Start Up menu, deselect the programs you do not need or want to operate as your computer is starting up or even as it is in use.

6) More RAM

RAM, which stands for Random Access Memory, is the temporary storage memory used by your computer and is in use when tasks are being executed by different programs.  Logically, therefore, the more programs you use, the more RAM you need, and the slower your computer will be if you don’t have enough.

A clear indicator of not having enough RAM is if your computer slows down every time you try to process large files, or it freezes will carrying out several different actions at once.

You can either add more RAM with an extra memory stick or two or getting completely new memory if all the slots are taken. There is –  theoretically – no upper limit on the amount of RAM that you can have with a 64-bit operating system.

If you don’t know which type RAM to buy for your computer, (or if you do and are ready to order), we highly recommend Crucial.com which offers two ways to upgrade your system’s RAM: and Advisor tool in which you enter your computer’s relevant data or Crucial’s Scanner option: a downloadable system analyst which returns manufacturer RAM suggestions. (Crucial can also provide you with these same options regarding hard drive and solid state drives.)

You can also find out how many RAM your computer is using in the Task Manager’s Performance tab (hit Ctrl-Shift-Esc and then More Details to bring this up).

7) Run a disk defragment

Disk defragment basically reconfigures how your hard drive stores information for optimum efficiency.

Go to “My Computer”, right-click on the hard drive (usually C) and select “Properties”. Under the “Tools” tab there should be an option to “Defragment Now”.

8) Run disk clean up

Windows also includes a built-in disk de-cluttering tool called “Disk Cleanup”.

It searches through the system for unnecessary large files such as temporary Internet files, program installers, and so on.

Access Disk Cleanup by clicking “Start > All Programs > Accessories > System Tools > Disk Cleanup”.

*******************

If after doing all, most or some of the above, you find no discernible improvement in your computer’s speed, talk to us about debugging.

BNI Operatives: Situationally aware; info savvy.

As always, stay safe.

Clintonemail.com: How It Is Routed. The Fallout Gets Serious.

UPDATE: 17 MARCH 2015   Dvorak.org

Not often do we break news on Dvorak News but today we do. Hillary Clinton used a spam filtering service MxLogic to filter her spam and viruses. What this means is – employees at MxLogic, now owned byMcAfee – had full access to all her classified state department email in unencrypted form.

Here’s the MX records for clintonemail.com.

clintonemail.com. 7200 IN MX 10 clintonemail.com.inbound10.mxlogicmx.net.
clintonemail.com. 7200 IN MX 10 clintonemail.com.inbound10.mxlogic.net.

I’m Marc Perkel – I’m an email expert and I run a competing spam filtering service Junk Email Filter. (yes – I’m jealous) So I know how email system work. Email from the Internet is routed by DNS records called MX records what are used to look up where to deliver email destined for a recipient. When someone uses a Spam Filtering service they point their MX records to that service and all email for that domain goes to the spam filtering service first – they clean it – and forward the good email on to the recipient server which is secret to the world.

Internet —–> MxLogic ——> Hillary’s Server

What this means is that when Obama or anyone in the State Department emailed Hillary, the email went to MxLogic. It was then decrypted, checked for spam and viruses, and then reencrypted and sent over the open internet to Hillary’s server. While it was at MxLogic it could be read, tapped, archived, or forwarded to anyone in the world without anyone knowing.

This system has serious security implications. Email to McAfee’s servers might be encrypted and email out of McAfee might be encrypted, but while it’s at McAfee any employee who has access to the filtering system can tap and read any email going to that domain. So – for example – if I’m a Russian spy, ISIS, North Korea, or Fox News, or a 14 year old hacker, all I have to do is bribe someone at McAfee or hack their work login,  and they get to read all the email of the Secretary of State. WooHoo!

And – this is one of many reasons they have a rule at the State Department that you have to use their servers.

For what it’s worth I was imagining that I was the email security tech at the State Department and I’m aware that Hillary isn’t playing by the rules. What do I do? If I confront her about it do I get fired? Or does the State Department even have email security? How does this get past the tech guys.

So if I’m in the job I’m thinking that I would require VPN tunnels with SSL down the tunnel. Might even wrap the SSL inside an SSH tunnel creating 3 layers. Might even require PGP keys on top of that. I mean – I have the ability to do that – so why not the State Department?

But – maybe she’s super stealth? While the Russians are trying to hack her state department account, which doesn’t exists, no one would ever think she’s stupid enough to have her email on a private server in her home. Security through obscurity. And that is assuming that she’s telling the truth about that.

Although we don’t know what IP address Clinton’s real email is on. It’s interesting to note IP addresses in the DNS for the clintonemail.com domain. Most host names like http://www.clintonemail.com all map to some holding page of no importance. However that host mail.clintonemail.com maps to a different IP address 64.94.172.146, which is in a data center in the New York area, Internap.com. Interesting that her “home server” resolves to a data center. Seems worth investigating to me. mail.presidentclinton.com resolves to the same IP address and also uses MxLogic.

So I thought, what if she has web mail? And sure enough – I GOT A LOGIN PROMPT! https://mail.clintonemail.com And I have verified by the SSL certificate that this is indeed the clintonemail.com server – still online! Click here and type in mail.clintonemail.com

I already tried hillary2016 for the password and that didn’t work. But I’m looking at this and thinking WTF!

Is Hillary’s server secure? It get’s a B rating here. Only supports weak protocols. Uses only SHA1. TLS 1.0.

Another SSL testing site. https://www.whynopadlock.com/check.php – type in mail.clintonemail.com.  In contrast type in mail.junkemailfilter.com. My server passes – Hillary’s doesn’t.

Shouldn’t the Secretary of State of the United States of America use a server that isn’t weak?

What email went through this system that could have been tapped? Emails about Libya, Syria, Egypt, Israel, Putin, ISIS, the Bin Laded raid, and Chelsea’s wedding guest list!  OMG!

I have been a Clinton supporter. Here’s a pic with me and Hillary in 1992.

If she’s the candidate I would still vote for her in the general election over any Republican. But in the primary – I still dream of Elizabeth Warren, but I’ll settle for Biden. And isn’t that just a little sad.

And – for those of you who make this argument, “Republicans did it too! (Therefore Hillary should get away with it.)” My response – “Are you F…ing kidding me!”

The bottom line – none of this would have happened if she had just played by the rules.

The ICE-man cometh… Gaming the SSA.

 The situation U.S. employers now face regarding hiring is bearing the legal onus to the question, “Is this person allowed to legally work in the United States?”

The United States  Citizenship and Immigration Services (USCIS) has now fully implemented (commenced in 2011) an online services program in which one can immediately check his/her immigration work status, such site under the law enforcement jurisdiction of U.S. Immigration and Customs Enforcement (ICE).   The program Self-Check allows an individual to review his information and research the  information that federal agencies such as the SSA, Homeland Security, USCIS

Self-Check comes on the heels of regulation being pushed by legislators that requires  all employers to verify the immigration status of employees via an online program, Verify.  (We have major reservations [still] about E-Verify in that there are so  many ways to get around its confirmation process [as has been reported lately on the use of the SSNs of dead folks by illegal immigrants] and on a more serious note, makes employers a de facto arm of law enforcement is an abhorrent concept.)

To review,  prior to an employee with a potential “glitch” in his employment status applying for a job, (wherein the employer would have to validate his legal standing to work), he can check his own status online by himself.  Within that self-check, s/he can then determine the appropriate corrections necessary, if any. There are enough loop holes in this 2-tiered program to run a circus through.

Step One:  Check hirability.  The answers to the Self-Check questions are based primarily on the address history of the person applying.   Once someone has obtained a SSN or a TIN (taxpayer identification number), running a reverse address check is very easy and often free online.  (We’re not going to tell people how to do it but given our experience, take our word for it that acquiring address histories is a cake walk, especially for a determined person.)

Step Two: Establish an E-Verify’d account.  In this portion of the Self-Check process, once an applicant has been given clearance by USCIS as being hirable – via Step One above –  that individual then sets up an E-Verify account in which information will be stored for access by potential employers.   So anyone with an SSN or TIN and birth and address history can legitimize his/her identity.   How do future employers know then who is really showing up for work?  S/he won’t.

The major issue with Self-Check and  E-Verify then is of identity verification.  (Note:   E-Verify claims that in the future, it will  include a photo comparison – courtesy of Homeland Security – but they won’t release the collection data criteria.)  Will the Social Security Administration continue to issue the harder-to-track TINs? Will the IRS verify the jobs held and dates of employment assigned to each SSN? As we found out last week when millions of illegal aliens were discovered to be using the SSNs of dead people, not likely.)

Self-Check and E-Verify are good starts in the effort in removing the unwanted competition between legally hirable employees and undocumented immigrants for work but,  where employers part with these government plans is on the issue of liability.  If a person desires  to “get over” on the system, they will.  If an employer has complied with E-Verify and other hiring regulations (which obviously to date have not really turned out all that well), why should the employer be held responsible to a system in which she had no input in designing?  And the employer will face penalties for hiring errors regardless of compliance with E-Verify. The obvious work facility access requirement – a retinal scan , fingerprint, non-invasive DNA monitor, appears logical  but then we have to consider the “privacy” issues these suggestions will undoubtedly raise.

Trust, but E-Verify.  We’ve reached that point.

BNI Operatives: Situationally aware.

As always, stay safe.

Clintonemail.com; The Emails and The Private Server Controversy.

hillary email main

The optics aside, (those of former Secretary of State Hillary Clinton forming a de facto separate central office of a government agency in her Chappaqua, NY home or elsewhere),  how private email operates has come to the forefront of the nation’s awareness, especially as most of us use a form of personal email.  Most private email operates through a hosting service (e.g., GoDaddy, Gmail, Yahoo Mail, etc.) on host servers.  Many buisnesses, however, or those requiring an extra layer of security and discretion, purchase and disseminate email via their own servers.  As is the case with Hillary Clinton and clintonemail.com as it relates to official Department of State (and other governmental agencies with which she emailed), she owns her server and it is physically located… where exactly?  Initial AP reports on March 4, 2015, stated that the Clinton server was located in her private home in Chappaqua, NY, but – and the MSM seriously dropped the ball here – there has been no independent confirmation of such.   The possibilities are very limited but they are:

  • It was, in fact, located in the Clinton home in Chappaqua, though no evidence has been provided that it was.
  • It was located in a private office somewhere near Chappaqua, although again there is no evidence to that extent.
  • It was hosted by an external hosting firm — based on network records, first at ThePlanet.com and then at Confluence Networks. There are strong indications that the actual hardware would be in Texas.

By way of explaining how private email (Part I/II) and servers (Part II) work, we will deconstruct the recent/current Hillary Clinton use of private email from her own server for official electronic communications brouhaha.

The Situation:

Hillary Clinton (or someone presumably on her behalf and direction) purchased a private domain, clintonemail.com, from GoDaddy, the world’s largest domain registrar.  All domain purchases come with at least one email address. (Most often,  that one initial email address is the owner’s identification@ that domain, e.g., jim@jimdesserts.com or a general email, info@jimsdesserts.)  The domain buyer can also purchase bulk email@that domain.    The registration is then either maintained publicly or privately (a fee based add-on).  The registration is viewed through WHOis.   From the WHOis site:

What’s in the WHOIS?
The WHOIS database is a searchable list of every single domain currently registered in the world. To find out who owns a particular domain name, all you have to do is type it into the box above.The Internet Corporation of Assigned Names and Numbers (ICANN) requires accredited registrars like GoDaddy.com to publish the registrant’s contact information, domain creation and expiration dates and other information in the WHOIS listing as soon as a domain is registered.
So everyone can see my information?
The short answer is, yes. The name, address and phone number you submit when you register your domain is publicly accessible by anyone at any time. This may be good news if you have a domain name you’d like to sell. Or it may be bad news if your name and contact info is collected by a spammer, hacker or other cyber-criminal.
How can I protect my privacy?
To keep your personal data from falling into the wrong hands, GoDaddy.com offers Private Registration through our partner, Domains By Proxy®. Instead of displaying your personal information in the WHOIS database for all to see, Domains By Proxy® will replace it with their own. The domain will still belong to you – except now, you and Domains By Proxy® will be the only ones who know it.
The Email Registration for Clintonemail.com:
Prior to March 4, 2015:  The clintonemail.com was publicly registered to an IP address that returned to the Clinton Chappaqua, NY home.  NOTE: That is the registration, not a physical confirmation of the actual server location. (Nonetheless, as a matter of respect for privacy rights, we don’t publish home addresses.)
On and after March 4, 2015: (from the WHOis database):
Domain Name: CLINTONEMAIL.COM
Registry Domain ID: 1537310173_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Updated Date: 2015-01-29T00:44:01Z
Creation Date: 2009-01-13T20:37:32Z
Registrar Registration Expiration Date: 2017-01-13T05:00:00Z
Registrar: NETWORK SOLUTIONS, LLC.
Registrar IANA ID: 2
Registrar Abuse Contact Email: abuse@web.com
Registrar Abuse Contact Phone: +1.8003337680
Reseller:
Domain Status:
Registry Registrant ID:
Registrant Name: PERFECT PRIVACY, LLC
Registrant Organization:
Registrant Street: 12808 Gran Bay Parkway West
Registrant City: Jacksonville
Registrant State/Province: FL
Registrant Postal Code: 32258
Registrant Country: US
Registrant Phone: +1.5707088780
Registrant Email: kr5a95v468n@networksolutionsprivateregistration.com
Registry Admin ID:
Admin Name: PERFECT PRIVACY, LLC
Admin Organization:
Admin Street: 12808 Gran Bay Parkway West
Admin City: Jacksonville
Admin State/Province: FL
Admin Postal Code: 32258
Admin Country: US
Admin Phone: +1.5707088780
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: kr5a95v468n@networksolutionsprivateregistration.comRegistrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Creation Date: 13-JAN-2009
Updated Date: 04-MAR-2015
Expiration Date: 13-JAN-2017

(Interesting note in the Clintonemail.com registration transfer after the matter became public, is that the domain is now registered privately with Network Solutions, LLC.  We believe this is an entirely cosmetic change as the association to GoDaddy is viewed as a less secure domain registrar when, in fact, GD domains are as secure as Network Solutions’ and so are the respective privacy settings.)

While some partisan-leaning people may try to state that HRC’s unusual private protocol is “no big deal”, well, yes it really is as we’ve seen how easily our Pentagon – and private-sector business, SONY – emails have been very successful hacked.

BNI Operatives: Situationally aware.
As always, stay safe.

How ISIS Recruits Jihadi Brides From Within The U.S.


surespot image

isis girls

The enemy is here and it is us.

I’m not sure if many people caught the news blip this week (our sources are: Fox News and Colorado Newsday) that clearly identified the primary recruiting  communication method used ISIS/ISIL terrorists.  Having learned from the Navy Seal-induced demise of their Satanic idol, OSL, that cell phones (when used for speaking) and couriers are ultimately trackable, this new terror blight on the planet channels contact through an open source app – SureSpot.

Potential jihadi recruits and brides are being groomed online using a phone app run by privacy and drug legislation campaigners in Boulder, Colorado by environmentalist, Cherie Berdovich and alleged hacker, Adam Patacchia. SureSpot is designed so messages are totally encrypted and cannot be intercepted by authorities.

When messages are deleted by the IS member, they automatically also erase from the phones used by the new recruitee so no trace of the incriminating conversation is left.  (SureSpot was used by jihadi recruiters and the recent three ISIS-bound British teen-aged schoolgirls.)

We tried SureSpot here at BNI (Julia and Ed) and it works as well, if not better than advertised.  We downloaded the app from Apple’s App Store and Google Play (to test ease of OS [operating system] cross-platform use) and easily employed not traceable communication in under a minute.  Scarily fast and vapor-like. It was just as easy to permanently delete our messages (which were in print, voice and via graphics) as they are not collected and maintained on any server.

The app is available for free on internet stores run by Apple and Google and known jihadists direct teenagers to download the software using public profiles on Twitter.

Yet none of the technology giants appear to have acted to crack down on people using the app to speak to jihadists.

Let’s begin by breaking down how their encryption works: (We’re using SureSpot’s explanation.)

Traditional IM , SMS, etc. communications send messages in “plain text”. This means that the information is sent without anything done to protect the information from being read by anyone else. It is akin to sending a postcard.

Imagine you are on vacation in Italy, Florence to be precise, and you send a postcard to your sister in London. As the postcard travels anyone that touches it can read it. Typically you do not send information like a credit card number or your pin number or an intimate thought using the postcard format. Today this is what sending an email or a text message or an instant message or a picture is like. The message is the postcard which travels along many hops until it reaches its destination. At every one of these “hops” the message could potentially be read.

For example you, are reading an email at Starbucks. To read this email the information travels from the server (gmail) through their (Google’s) ISP, to Starbuck’s ISP, to the Starbucks location you are at. At any one of these points the email can be read. To illustrate this we can run the traceroute command which shows the hops your data is taking to reach its destination.

for example the traceroute from my house to mail.google.com looks like this:

  • [adam@monkey ~]$ traceroute mail.google.com
  • traceroute to mail.google.com (74.125.225.213), 30 hops max, 60 byte packets
  • 1 DD-WRT.mugello (192.168.10.1) 0.506 ms 0.598 ms 0.794 ms
  • 2 24.9.100.1 (24.9.100.1) 16.723 ms 17.837 ms 32.677 ms
  • 3 ge-1-39-sr01.summit.co.denver.comcast.net (68.85.220.81) 17.710 ms 17.711 ms 17.828 ms
  • 4 te-0-3-0-5-ar02.denver.co.denver.comcast.net (68.86.179.13) 21.140 ms 22.087 ms 22.145 ms
  • 5 pos-0-7-0-0-ar02.aurora.co.denver.comcast.net (68.86.128.246) 25.333 ms 25.334 ms 25.448 ms
  • 6 he-3-4-0-0-cr01.denver.co.ibone.comcast.net (68.86.90.149) 24.116 ms 20.657 ms 20.689 ms
  • 7 * * *
  • 8 173.167.57.206 (173.167.57.206) 17.512 ms 18.328 ms 18.402 ms
  • 9 72.14.234.57 (72.14.234.57) 16.190 ms 16.218 ms 16.160 ms
  • 10 209.85.251.111 (209.85.251.111) 16.674 ms 20.817 ms 21.715 ms
  • 11 den03s06-in-f21.1e100.net (74.125.225.213) 17.238 ms 18.200 ms 18.152 ms

We can see that to get to Google’s server at mail.google.com, the data is being routed through at least 11 hops, anyone of which could have a chance to intercept the information. Now if you controlled the routing and could make the data on your network always pass through a certain one of these hops, you could monitor all of the “plain text” data being sent on your network. Not exactly “secure”.

enter surespot…

Surespot solves these problems by using end to end encryption so that only the end users can decipher it. No one along the network route the message takes from one client to another, not any of the hops, not even the surespot server, can view the contents of the data. (Only Julia and Ed can see their messages.) 

how does this work?

Encryption is an electronic lock and key system. You take a plain text message and encrypt it using a key (secret). You can then decrypt the message using the same key. Pretty simple. You encrypt data at one end using the key, send it over all the network’s hops and servers, and at the other end it can be read because the key is known. None of the hops and servers in-between can read it because they don’t know the key.

So Julia encrypts a message for Ed with a key, then Ed decrypts it using the same key. Simple right, except for the fact that Ed needs to know the key! Somehow we need to get the key to Ed but how can we send it over the network? We can’t encrypt it because we need a key to encrypt so we have a catch 22. Or a chicken and egg situation. The answer is we don’t send the key over the network.

public key encryption

When a user is created in surespot an associated key pair is generated. A key pair consists of a public key and a private key. These keys allow us to do magical things. So now Julia has a key pair and Ed has a key pair. The private key is stored on the device, the surespot server does not need and never will have access to it. The public key is given to the user that you wish to exchange messages with. So surespot ensures that Julia gives Ed her public key and vice versa.  Now the brilliance of shared key derivation can shine. The key pair algorithm that surespot is using allows the following mathematics to happen: Julia can now take Ed’s public key and with his private key can derive a secret. Ed takes Julia’s public key and with his private key derives the same secret! Re-read that part a few times. This shared secret is unique to Julia and Ed, only they know, and assuming their private keys remain private, only they will ever know. This shared secret has never been and never will be exposed to the surespot server or any other hops along the network route that the message takes. This shared secret can now be used to exchange information securely. This is the crux of what makes surespot work.

 

In that SureSpot does not maintain information on a server anywhere, there are no records.  

So, why haven’t our federal intelligence and law enforcement agencies shut down SureSpot?? Surespot’s owners insist that they are protecting an ‘essential liberty’ and have no responsibility to block IS.  Is this app not directly providing material aid to the enemy?  While I am a strong supporter of capitalism, today, technological advances need to also be balanced with security needs. Someone is dropping the ball in a very dangerous way but not addressing this perverted use of an otherwise great communication technology.

BNI Operatives: Street smart; info savvy.

As always, stay safe.

GPS Tracking; Legal?

gps

Recently a judge in New Jersey ruled that use of a GPS device to track a cheating spouse is not an invasion of privacy.  The premise for the ruling is that both parties shared the family vehicle and therefore, either could place the monitoring device on said vehicle. In an attempt to clarify the states’ position on GPS tracking, we held an informal study amongst our peers and researched existing legislation (including that also connected to wiretapping and privacy laws).

As best we can ascertain, there appears to be no definitive list of  state by state rulings on GPS devices and their placement on personal vehicles. Many states require the consent of the vehicle’s registered owner. Although the Supreme Court of the United States has ruled that law enforcement agencies’ use of a GPS monitoring device constitutes an “illegal search” and that the potential surveillance subject is therefore protected against this type of monitoring under the Fourth Amendment, that clarity of use as of GPS tracking has not yet been legally defined for private sector use.

According to our knowledgeable friends at Brick House Security (NYC), it is  generally considered to be fair and legal usage of a GPS tracking device if:

  • You or your company own the vehicle.
  • You or your company do not own the vehicle, but you place the GPS device on the outside of the car — (e.g., under the rear bumper).
  • The vehicle is visible to the public — (e.g., in a parking lot or on a public street).
  • You could obtain the same information by physically trailing the vehicle.
  • The vehicle is not situated on someone else’s private property.

It’s generally illegal to use a GPS tracking device if:

  • You need to break into the vehicle to situate the device.
  • You need to physically hardwire the device inside the vehicle.
  • The vehicle is in a place where its owner has a reasonable expectation of privacy — in a private garage.

My suggestion for those wishing to engage in GPS surveillance of a subject, is to contact local police in the desired area of surveillance and ask within.

For additional GPS tracking related information, please read one of our  earlier articles on the subject, below linked.

Our Operatives: Street smart: info savvy.

As always, stay safe.

Honoring Our Presidents, Fun Facts and Trivia Quiz.

president's day

 

An appropriate, interesting and thankfully, brief, written piece for today: The Five Strangest US Presidential Elections.  (In one election, the President received 100% of the electoral vote and in another, the opponent was a corpse.)

Also, a very unique presidential trivia quiz, What did they do before becoming presidents. (Not as easy as one might think.) : Before They Were Presidents.

As we commemorate our Presidents today, let’s be very careful in this record-setting brutal cold and winter weather.

(We’ll return to our regular weekly post on Wednesday, Feb 18, 2015.)

BNI Operative; Street smart, info savvy.

As always, stay safe.

 

Follow

Get every new post delivered to your Inbox.

Join 214 other followers

%d bloggers like this: