Archive for the ‘redacted documents’ Category

Thanks to TransPartisan guy who sent this info c/o Threat Level @ Wired.com

The U.S. military monitored Planned Parenthood and a white supremacist group as part of the government’s security preparations for the 2002 Olympics in Utah, according to new documents released by the Department of Defense.

The U.S. Joint Forces Command liaison collected and disseminated information on U.S. citizens who were members of Planned Parenthood and the white supremacist group National Alliance regarding their involvement in protests and distributing literature, according to an intelligence-oversight report released by the Pentagon. The documents indicate that the JFC liaison was working with the FBI’s Olympic Intelligence Center at the time.

This and other intelligence-activity disclosures appear in heavily redacted documents that were released to the Electronic Frontier Foundation. They came in response to an ongoing Freedom of Information Act project the organization is conducting to obtain oversight information from intelligence agencies.

EFF received more than 800 pages from intelligence oversight reports created by the Defense Department inspector general that examine actions, conducted by various branches of the department, that are believed to be illegal.

The reports cover the years 2001 to 2008 and were submitted to the Intelligence Oversight Board and cover the U.S. Army, the Joint Chiefs of Staff and other military entities. The board is composed of private citizens with security clearances who are supposed to submit to the office of the president any reports describing activities that are believed to be illegal.

The reports provide little context for the information that’s disclosed, leaving the public to wonder about the nature and extent of the information and surveillance revealed in them.

Pertaining to the Planned Parenthood members, for example, the oversight report provides no explanation about how the information was collected. Nor does it indicate why the information was collected and notes only that military intelligence is not allowed to collect and disseminate information on U.S. persons unless the information constitutes “foreign intelligence.” The report indicates that the collection was therefore “clearly outside the purview of military intelligence” and should have been handled by law enforcement. ::MORE HERE::

Advertisements

Yahoo Issues Takedown Notice for Spying Price List

Wired.com


BTC – Cryptome.org needs an award.

Yahoo isn’t happy that a detailed menu of the spying services it provides law enforcement agencies has leaked onto the web.

IN OTHER WIRED ACCOUNTS: YAHOO! , VERIZON: “Our spy capabiltes would “shock”, “confuse” customers

Shortly after Threat Level reported this week that Yahoo had blocked the FOIA release of its law enforcement and intelligence price list, someone provided a copy of the company’s spying guide to the whistleblower site Cryptome.

The 17-page guide describes Yahoo’s data retention policies and the surveillance capabilities it can provide law enforcement, with a pricing list for these services. Cryptome also published lawful data-interception guides for Cox Communications, SBC, Cingular, Nextel, GTE and other telecoms and service providers.

But of all those companies, it appears to be Yahoo’s lawyers alone who have issued a DMCA takedown notice to Cryptome demanding the document be removed. Yahoo claims that publication of the document is a copyright violation, and gave Cryptome owner John Young a Thursday deadline for removing the document. So far, Young has refused.

Yahoo’s letter was sent on Wednesday, within hours of the posting of Yahoo’s Compliance Guide for Law Enforcement at Cryptome. In addition to copyright infringement, the letter accuses the site of revealing Yahoo’s trade secrets and engaging in “business interference.” According to the letter, disclosure of its surveillance services (.pdf) would help criminals evade surveillance.

The Compliance Guide reveals, for example, that Yahoo does not retain a copy of e-mails that an account holder sends unless that customer sets up the account to store those e-mails. Yahoo also cannot search for or produce deleted e-mails once they’ve been removed from a user’s trash file.

The guide also reveals that the company retains the IP addresses from which a user logs in for just one year. But the company’s logs of IP addresses used to register new accounts for the first time go back to 1999. The contents of accounts on Flickr, which Yahoo also owns, are purged as soon as a user deactivates the account.

Chats conducted through the company’s Web Messenger service may be saved on Yahoo’s server if one of the parties in the correspondence set up their account to archive chats. This pertains to the web-based version of the chat service, however. Yahoo does not have the content of chats for consumers who use the downloadable Web Messenger client on their computer.

Instant message logs are retained 45 to 60 days and includes an account holder’s friends list, and the date and times the user communicated with them.

Young responded to Yahoo’s takedown request with a defiant note:

I cannot find at the Copyright Office a grant of copyright for the Yahoo spying document hosted on Cryptome. To assure readers Yahoo’s copyright claim is valid and not another hoary bluff without substantiation so common under DMCA bombast please send a copy of the copyright grant for publication on Cryptome.

Until Yahoo provides proof of copyright, the document will remain available to the public for it provides information that is in the public interest about Yahoo’s contradictory privacy policy and should remain a topic of public debate on ISP unacknowledged spying complicity with officials for lucrative fees.

—–

Note: Yahoo’s exclamation point is surely trademarked so omitted here.

The company responded that a copyright notice is optional for works created after March 1, 1989 and repeated its demand for removal on Thursday. For now, the document remains on the Cryptome site.

Threat Level reported Tuesday that muckraker and Indiana University graduate student Christopher Soghoian had asked all agencies within the Department of Justice, under a Freedom of Information Act (FOIA) request, to provide him with a copy of the pricing list supplied by telecoms and internet service providers for the surveillance services they offer government agencies. But before the agencies could provide the data, Verizon and Yahoo intervened and filed an objection on grounds that the information was proprietary and that the companies would be ridiculed and publicly shamed were their surveillance price sheets made public.

Yahoo wrote in its objection letter that if its pricing information were disclosed to Soghoian, he would use it “to ’shame’ Yahoo! and other companies — and to ’shock’ their customers.”

“Therefore, release of Yahoo!’s information is reasonably likely to lead to impairment of its reputation for protection of user privacy and security, which is a competitive disadvantage for technology companies,” the company added.

The price list that Yahoo tried to prevent the government from releasing to Soghoian appears in one small paragraph in the 17-page leaked document. According to this list, Yahoo charges the government about $30 to $40 for the contents, including e-mail, of a subscriber’s account. It charges $40 to $80 for the contents of a Yahoo group.

c/o Jaunted.com


A few years ago, the TSA was forced to acknowledge that print-at-home boarding passes represented a huge airport security loophole, since terrorists on the no-fly list could use a fake boarding pass at the kiosks and a legitimate one at ID stations. But it’s OK, TSA assured us, because the no-fly is only the first line of defense and the metal detectors were the real security.

Then it was announced—on the very same weekend—that TSA missed 20 out of 22 hidden weapons at the metal detectors during a Newark security drill. Now take all that and fast forward to this weekend, when the TSA accidentally posted the entirety of their screening procedures on the Internet.

it’s pretty bad…

According to Boing Boing, the TSA was instructed to release their screening procedures on the Internet, which is an extremely delicate and risky process. Releasing too much information would allow someone to reverse engineer screening criteria—who TSA looks for, how they look for them, and who gets a pass—and maximize their chances of slipping contraband into the terminal.

So TSA staffers, because they’re security-minded, redacted the sensitive parts. But TSA staffers, because they’re ferrets, did the redacting by drawing big black boxes all over the PDF, which can be removed. Suffice to say that as of this morning the screening procedures protecting airports in the United States are available to the planet.

We’ll avoid the political angles on this story, if only because they’ll be available on other blogs. But just to give you a small sense of what a monumental national security clusterfark this is: there’s a list of 12 countries where if you have those passports you’re automatically selected for additional screening. So now if you want to avoid additional screening, you know which passports not to forge. And if you’re a big terrorist organization looking for hijackers, you know which citizens not to send.

There are also sections on how instruments are calibrated and, maybe best of all, on what kinds of credentials people have to present to get exemptions from screening.

Obviously some of these procedures can’t be altered and some of this damage can’t be repaired. But let’s imagine none of that was true and that all the sensitive policies could be changed. It would still be the undeniable case that our safety has been entrusted to morons.