Surveillance Story Turns Into a Warning About Employer Monitoring

rtfa-troll writes "The story from yesterday about the Feds monitoring Google searches has turned into a warning about how work place surveillance could harm you. It turns out that Michele Catalano's husband's boss tipped off the police after finding 'suspicious' searches (including 'pressure cooker bombs') in his old work computer's search history. Luckily for the Catalanos, who even allowed a search of their house when they probably didn't have to, it seems the policemen and FBI agents were professional and friendly. Far from being imperiled by a SWAT raid, Catalano spoke to some men in black cars who were polite and even mentioned to Catalano that 99 times out of 100, these tip-offs come to nothing. Perhaps the lesson is to be a bit more careful about your privacy, so that what you do on the internet remains between you and the professionals at the NSA."

Alright then. Carry On.

[ObsessiveMathsFreak]

Oh I see. The man searched thinks it was all just a misunderstanding. I guess that makes it OK then.

I guess it also covers the costs in time, money, equipment and paperwork spent on a search that should never have happened. I guess it also makes up for any useful work the men involved could have been engaged in like looking for actual terrorists or investigating organised crime in the banks. I would worry about how the NSA's Ur-dragnet/Informer hotline is throwing up so many false flags that law enforcement is now too busy to deal with actual problem, but this splendidly chipper blog post had allayed all of my concerns.

I'm glad that's all cleared up then.

Re:Alright then. Carry On.

[Somebody+Is+Using+My]

Even scarier is the acceptance of NSA monitoring as evidenced by the last line:

Perhaps the lesson is to be a bit more careful about your privacy, so that what you do on the internet remains between you and the professionals at the NSA."

It's not just /known/ that the NSA is monitoring everyone's conversation, it is seen as a good thing. Of course these "professionals" are listening. It's for the good of the country that the every citizen is monitored, after all.

The bar is being set ever lower and comments like these train people to see it as perfectly alright. Increasingly I am of the opinion that this is not accidental.

Re:Alright then. Carry On.

[girlintraining]

I'm glad that's all cleared up then.

Snarking is my job on slashdot. If you called up the police and reported suspicious activity, wouldn't you feel better if they showed up and looked around? Of course you would -- that's a stupid question. Emblazoned on the side of almost every police car is the words "protect and serve". A lot of times, that means going out on a wild goose chase, or knocking on the door of a neighbor who doesn't realize his TV's turned up too loud, or even conducting a health and welfare check because some over-protective mother didn't get a call back from her daughter right away and insists "it's not normal". Most of the time, it's nothing -- but that is not time and resources wasted.

It's the job of the police to investigate, and I'm pretty sure you and most everyone else would be blowing fuses left, right, and forward, if you rang up 911 and they said "Yeah, we could come out and have a look around, but you know how expensive gas is right now, so we're gonna pass." Well, I don't know about you, but if the police show up, act in a courteous and polite fashion, ask a few questions, and then leave satisfied nothing bad is going on, I consider that a job well done. They're out in the community, flying the flag, and helping people feel safe.

That's equally important to stopping actual crime; A reputation of a helpless and inadequate police force costs a lot more than a few gallons of gas and some time spent filing a report that says nothing of interest was found. If only every police investigation could be like that...

Re:Alright then. Carry On.

Yeah. It's called INFO-OPS. Read Richard Tomlinson's book (google it) on how the spooks try to control public conscience.

Re: Alright then. Carry On.

[Immerman]

Nope. Other, actually useful services just keep getting the axe instead.

Re:Alright then. Carry On.

[odigity]

If you called up the police and reported suspicious activity, wouldn't you feel better if they showed up and looked around?

I never feel better around police. They're the predominant remaining natural predator of humans.

Re:Alright then. Carry On.

[Sarten-X]

Have we become nothing more than paranoid cowards who watch everyone else's moves just because there is a 0.000000000000001% chance that they could be terrorists?

Yes, we have. Not just out of paranoia, but because of the imbalance of our perceived risk. Schneier explains it well.

Re:Alright then. Carry On.

[kilfarsnar]

Even scarier is the acceptance of NSA monitoring as evidenced by the last line:

Perhaps the lesson is to be a bit more careful about your privacy, so that what you do on the internet remains between you and the professionals at the NSA."

It's not just /known/ that the NSA is monitoring everyone's conversation, it is seen as a good thing. Of course these "professionals" are listening. It's for the good of the country that the every citizen is monitored, after all.

The bar is being set ever lower and comments like these train people to see it as perfectly alright. Increasingly I am of the opinion that this is not accidental.

I took that last line as being sarcastic. Maybe professionals should have been in scare quotes.

You make a good point though. Various organizations actively try to influence the perceptions and attitudes of the public; from advertisers and marketers to political parties and the CIA. And people in the media are trained to use euphemisms and mild language to shape perception. So we get "enhanced interrogation" and "extraordinary rendition" instead of torture and abduction, and "detainee" instead of prisoner. Just last night I had to laugh when Brian Williams described Edward Snowden as having exposed a "massive data-mining effort" by the NSA. Really Brian, is it just a data-mining effort, or is it spying? How something is described matters quite a bit in how it is perceived. Just ask Frank Luntz, he's made a career out of it.

Re:Alright then. Carry On.

[girlintraining]

I never feel better around police. They're the predominant remaining natural predator of humans.

Well, if that's how you feel, consider this: Who's better qualified to hunt down other predators than a predator? -_- Not that I agree with your assertion, but logically, your statements aren't consistent.

Re:Alright then. Carry On.

[93+Escort+Wagon]

Even scarier is the acceptance of NSA monitoring as evidenced by the last line:

Perhaps the lesson is to be a bit more careful about your privacy, so that what you do on the internet remains between you and the professionals at the NSA."

Perception is everything.

You took this quite literally, while I interpreted it as a sarcastic statement by the author.

Re:Alright then. Carry On.

[rtfa-troll]

You may want to look at my signature and posting history (not to mention the recommendation that everyone start's using Tor from the original submission). I guess maybe you could say that the editors deleted the part at the end because they didn't get the comment, but I assume they did it because they thought it was obvious.

Generally though I agree people who just accept this are beyond scary to the extent of being a serious threat. There is a definite space for some limited secret monitoring and much police work couldn't be done without it. Mass gathering of data just has so much opportunity for abuse that it's unreal.

Then again, maybe I'm recommending Tor as an INFO-OP muaaahhaaahahahaha. Or even better as a counter INFO-OP (you'll stop using it if you see it in an obvious INFO-OP like this one) ha.

Re:Alright then. Carry On.

[TheCarp]

> Well, I don't know about you, but if the police show up, act in a courteous and polite fashion, ask a
> few questions, and then leave satisfied nothing bad is going on, I consider that a job well done.
> They're out in the community, flying the flag, and helping people feel safe.

You should try living next door to my old neighbour. The problem here is the assumption that people who report things are reasonable and sane people.

The fact is, they should investigate if there is a reason to investigate and it should be more than perfectly normal behaviour (ie shopping and reading material related to recent news articles) to be suspected of anything.

The bigger problem, I think, is this notion that a terrorist attack happening is a failure of the police and intelligence services. In the end, its such a needle in a haystack sort of problem that its entirely unreasonable to think they can ever be prevented, therefore any acceptance of that reasoning that starts with they should be able to catch it, inevitably leads to excessive measures, and guarantees more excessive measures later WHEN the next one happens.

Re:Alright then. Carry On.

[0111+1110]

This comment really surprises me coming from you. Usually you seem to be on the side of good, and of liberty and privacy and presumption of innocence. You seem to be looking at things from the POV of society. I look at things from the POV of the individual, of the innocent victim of such searches. Of course in this particular case the victim was complicit in the violation of their own rights. So I have little sympathy for them.

But in a case where a search warrant is granted when it should not have been because the probably cause was pretty slight I think the victims should be compensated for the mistake. A google search should never, ever, ever be probable cause for a search of someone's home or car. The lack of permission in the constitution itself, as well as the first and fourth amendments should be protecting us from overly suspicious people invading our privacy because of something we said or wrote. An important part of the freedom of speech is that what we say, especially in an environment with at least some expectation of privacy, should not result in persecution by our government. The NSA could easily set up a system to send FBI agents with a signed search warrant, to the home of everyone who searched google for something like, "how to build a nuclear weapon". That is not the kind of society I want to live in.

The fact that it was a work associate who contacted the FBI instead of the NSA does not improve matters in my view. Such calls should simply be ignored. I have little doubt that millions of people every day search for things that other people would find suspicous. The fact that another citizen is suspicious of me does not give the government any additional rights to violate my rights. Unfortunately American society is becoming a place where we are all each other's enemies, working as government informants against each other, potentially bringing down the wrath of government agents down on us with their groundless suspicions. This case should never have happend. The FBI should never have searched anything based on a google search. That is just stupid and a huge waste of resources that would be better spent protecting citizens from real crimes. Ones with actual victims. The government agents in this case should be fired or at least demoted.

Re:Alright then. Carry On.

[chihowa]

She works with cops. All of her otherwise spot-on insight goes completely out the window when the discussion shifts to law enforcement. It's the cognitive dissonance one must have to work with monsters and still maintain that you are not a monster.

The cops she works with are probably OK guys to her. They're OK guys to each other, too. But then, Mafia thugs drink and play cards together as well. How a group treats its own is not the measure of how good the members are, especially when they can ruin the lives of others without any consequences.

Re:Alright then. Carry On.

[girlintraining]

Of course in this particular case the victim was complicit in the violation of their own rights. So I have little sympathy for them.

You aren't required to excercise your rights. Nobody puts a gun to your head to demand you vote, for example. It wouldn't be a right if it didn't confer a choice of some kind. Your lack of sympathy here is distressing; What the police did here was not substantially different from a door to door salesman. They showed up, rang the bell, had a conversation, and left. There was no excercise of police authority other than showing credentials, nothing that any other citizen couldn't have done.

But in a case where a search warrant is granted when it should not have been because...

Because what? A search warrant wasn't granted in this case. There wasn't any evidence other than the heresay of an overzealous manager, but the police being responsible about an allegation of terrorism, took the reasonable step of discussing the matter with the accused -- confidentially -- and then left.

I think the victims should be compensated for the mistake.

I see no victim here. No gun holes in the property, no kicked in doors, no being put in handcuffs. Polite, but serious, words were exchanged. How is this victimization? This is how the police should behave. If we're going to accuse anyone of a crime, it should be the manager who went through somebody's personal effects. This wasn't the NSA and FBI rifling through their computer; It was a manager. A citizen. A Joe Average. With no police authority whatsoever. He's the one that screwed up, if we're going to assign any blame.

A google search should never, ever, ever be probable cause for a search of

That's nice. That didn't happen here. The police didn't search without a warrant... they didn't conduct a search under any authority except that granted to them by "the victim" (as you've taken to calling him). If and when this does happen to someone, and that's the only evidence the police used to justify a forced search, then I'll be hollering and kicking up a storm. But I'm not going to condemn these officers for doing a good job because they could have done a bad job, anymore than I'm going to tell you that you can't own a gun just because you might go out and murder someone with it.

The lack of permission in the constitution itself, as well as the first and fourth amendments should be protecting us...

Again, any evidence these amendments were slacking on the job? Was this person somehow denied the right to choose between talking (1st amendment) and not talking (5th amendment), and then as a direct consequence of that choice, a violation of their right not be subjected to an unreasonable search (4th amendment) occurred? As you already admitted; This didn't happen. You disagree with "the victim", but "the victim" was perfectly within his rights at all times, and by all accounts, those boundaries were respected in this case. So the police did their job exactly how we all want them to: With professionalism and respect. And you're upset with them because of an imagined scenario that might have happened, but didn't. This makes sense, how exactly?

An important part of the freedom of speech is...

Well thank you for that Civics 101 lesson. Where is this going again?

The NSA could easily set up a system to send FBI agents...

Again, more of this "what if" logic from you. Is there actual evidence you would like to present that such a system is (a) in use right now and was (b) used in the case currently under discussion? Short answer: No, you don't.

...to the home of everyone who searched google for something like, "how to build a nuclear weapon".

The first result is

Re:Alright then. Carry On.

[girlintraining]

You should try living next door to my old neighbour. The problem here is the assumption that people who report things are reasonable and sane people.

Umm, there's no assumption being made by any experienced law enforcement officer. They're trained investigators -- they don't just take people at their word. If they did, the prisons would be empty. The police are well aware of the problem children in the community -- the people who call their neigbor for every little thing. They see it all the time.

But yes, of course they still come out and investigate the report: It's good customer service. Your neighbor might be a paranoid jerkwad, but he's still a tax payer, and like every tax payer, has the expectation that when you call the police about a problem, the police investigate said problem. I lived next to a neighbor that liked to complain. I was once sitting on the back step of our apartment complex having a smoke with a friend, and a police cruiser snuck out of the shadows with the lights off. As he pulled into view, the headlights came on and the window was down. He shouts from across the alleyway, "Got a noise complaint here. Let me guess, no noise?" And me and my friend just nodded and thumbed in the direction of Sir Nosey, our upstairs neighbor. He nodded solemly, rolled up the window, and drove off. I didn't exactly feel like my rights were being trampled on... it's his job to investigate all complaints, even ones that are most likely bogus and stupid. They can't cherry pick their calls anymore than I can just hangup on stupid people who call me for tech support.

In the end, its such a needle in a haystack sort of problem that its entirely unreasonable to think they can ever be prevented, therefore any acceptance of that reasoning that starts with they should be able to catch it, inevitably leads to excessive measures...

And so we should take the nilhist view that it's an impossible problem to fix and therefore make no attempt at all, because any attempt would be an excessive attempt?! This is learned helplessness, not insightful social commentary. I don't go fishing expecting to catch all the fish in the lake, but that doesn't mean I starve to death instead.

You're marrying two separate concepts: The political reality that when there's a perceived or actual harm inflicted, there's a strong emotional reaction. It's called vengance, and while it's not politically popular to admit, it's one of the foundations of the modern justice system. Something must be done! The perpetrators must be punished! But these emotions are transitory; and the only problem is in giving into populist demands for action. Law enforcement practices should change gradually, after much deliberation, and without consideration of the current political climate. If it isn't, it's partly your responsibility to become politically active and have your elected officials redress that greviance. But you'll have to wait in line behind the hundred other people that don't think the same way.

If you feel this is inconvenient, I agree. It may even be unfair. But blaming the government for doing what the people are demanding it do is silly: A government that doesn't listen to its citizens is a tyranny. A government that does... well, at least it is representing the will of the people. Such is life that you can lead with the best intentions and wind up in the worst places.

A different lesson

[mvdwege]

I take away a different lesson from this: maybe it's a good idea to wait until you have more facts before starting to run around screaming "The sky is falling!!!!111".

The fact that some real shady things in terms of corporate and governmental surveillance do go on is no reason to just give up being rational.

Re:A different lesson

[girlintraining]

I take away a different lesson from this: maybe it's a good idea to wait until you have more facts before starting to run around screaming "The sky is falling!!!!111".

Clearly, this middle manager only watches CNN and FoxNews. And let's be honest: It's the only thing playing in most break rooms, and middle managers aren't known for their critical thinking and investigative talents.

The fact that some real shady things in terms of corporate and governmental surveillance do go on is no reason to just give up being rational.

Neither is it a reason to ignore the fact that the police showed up, were polite and courteous, asked a few questions, and left satisfied. Now look, I'm no more happy having the police show up at my door than anyone else -- but by and far, the experiences have been professional, as this person learned. I've had people call in all kinds of things to the police about me; I know because they keep records of that kind of thing and I know the right people to ask to get them.

Every one of you past the age of 30 has something in their police file from a "concerned citizen." All of you. Yes, even you, Mr. Above Average Driver who pays all his bills on time and even helps his land lady carry out the garbage. But most of you don't know about it because the police conducted their search discreetly, found nothing, and moved on. Which is exactly how surveillance should work. And most of the time, that is how it works; you guys only hear about the 1 in 10,000 case where they screw it up, not the other 9,999 where nothing newsworthy happened because they did it right.

This wouldn't be news if it wasn't for the news agencies creating a story where there really isn't one to sell more advertising. "Over-zealous middle manager of questionable technical ability reports ex-employee after searching internet history and finding a few keywords and deciding it's a matter of national security..." is not exactly interesting to me, and it wouldn't be if not for the drum beat of "NSA... NSA... NSA..." all over the news right now. Please. Former employers are like ex-boyfriends -- take everything they say with a biiiig grain of salt.

Malign

[Pino+Grigio]

Perhaps the lesson is to be a bit more careful about your privacy, so that what you do on the internet remains between you and the professionals at the NSA.

So, this story turns out to be nothing to do with the NSA but you think what the hell, I'll add a sarcastic sentence about the NSA to the summary to make it look like its malign.

Re:Private browsing

[crafty.munchkin]

Not sure if you realise... but when you're on a work computer, all your internet requests usually go through some form of proxy server - which is how your IT department finds out what you access regularly and blocks it. Clearing your browser history is useless since every request is logged in a centralised server before it goes out to the net.

Re:Devices which have only one purpose

[Impy+the+Impiuos+Imp]

Oh I get it. Now I see why "chicks with dicks" never turned up funny pictures of girls with their boyfriends.

Er, no, that isn't the story

[girlintraining]

Perhaps the lesson is to be a bit more careful about your privacy, so that what you do on the internet remains between you and the professionals at the NSA.

I know you're being snarky, Slashdot, but I'd trust the professionals at the NSA over middle management any day of the week. The NSA doesn't ruin your life if it goes through your google history and finds a few keywords. It doesn't assume the worst. The NSA gathers up the data, forwards it to a team of analysts, and, seeing this kind of thing every day, make an informed and reasoned decision to either forward it up the chain, or bin it. And as your own article says: 99 times out of 100, it's nothing. That's probably a conservative estimate; There have only been a few dozen acts of bona fide terrorism in the past year or so, and if the tin foil hat crowd is right, the NSA is monitoring everyone pervasively, so it's more like 999,999 times out of a 1,000,000.

The moral of the story here is that people who aren't law enforcement are really, really, epic bad at being judges of character. Especially when you're dealing with someone whose job is often earned on something other than critical thinking skills, investigative talent, and attention to detail... three things I think most will agree you don't find in most mid-level managers. It's like how during the midst of the Boston bombing, the internet armchair sleuth crowd wrongly identified many innocent people and forced the police to divert valuable resources to take those people into protective custody while the real bomber was left unidentified. The professionals, meanwhile, correctly identified them hours later, and then took them down without any innocent people getting caught in the cross fire.

I know it's politically popular right now to say law enforcement is a bunch of clueless, authoritarian, surveillance-happy asshats, but that's a slanted view. On the whole, they know what they're doing, and most of the time they get it right. You only hear about the times when they screw up. Now, considering how low of esteem they're held in for that track record, ask yourselves about the track record of middle managers, internet armchair pundits, and vigilantes have had doing the same things... and I'm betting their reputation with you is a lot better.

Chew on that for a bit.

Re:Er, no, that isn't the story

[Mitreya]

The NSA gathers up the data, forwards it to a team of analysts, and, seeing this kind of thing every day, make an informed and reasoned decision to either forward it up the chain, or bin it.

Your cute and idealistic assessment is at odds with (at least) the fact that the gathered NSA data was dumped into a huge database where a low-level outside contractor could access all of it. I'd feel better if the data went to a team of professional analysts and not into an easily abusable database which may or may not be studied by analysts.

There have only been a few dozen acts of bona fide terrorism in the past year or so, and if the tin foil hat crowd is right, the NSA is monitoring everyone pervasively, so it's more like 999,999 times out of a 1,000,000.

It is more likely to be nothing 1,000,000 out of 1,000,000 times. A "terrorist" that relies on google and pressure cookers to plan their act is a pathetic basement dweller that lacks the resources to actually do anything. I'd be interested in hearing about that 1 out of 1,000,000 where they caught someone credible, who could have succeeded. And (in TFA case) that same person would have to lack the capacity to not answer the door and move to another city after a visit from government agents.

Boston bombing ... The professionals, meanwhile, correctly identified them hours later, and then took them down without any innocent people getting caught in the cross fire.

However, they were neither able to prevent the act, nor have they used the years and years of indiscriminately stored data. They used current recordings from volunteers, I believe. So the result of the Boston bombing would have been the same without preventative surveillance.
They are competent, but NSA's total surveillance has not improved their ability to do their job.

Re:Er, no, that isn't the story

[girlintraining]

And, they've never caught a single terrorist. Pretty impressive results.

Yup. They're going to track you down personally and inform you of the results of any investigation that results in finding a terrorist straight away! The fact that they didn't is proof that no terrorists have ever been found.

What makes you think that law enforcement would advertise every capture of a terrorist, thus turning him/her into a martyr for his/her cause? If it were me, I wouldn't be making a press release on every terrorist I caught... I'd quietly take them into custody and interrogate the shit out of them to find their friends, and then rinse, wash, repeat. I'd be more interested in actual national security than consoling some armchair internet pundit's hurt feelings that he wasn't given access to high-level intelligence assets.

Re:Er, no, that isn't the story

[Mitreya]

Sure, a "low-level outside contractor" has been given access to a database which is of critical importance to national security. As well, this fictional contractor also has the keys to Fort Knox and sleeps in the President's bed at the White House. Or, perhaps, since there's no evidence any of this has actually happened

I meant Snowden. The fact that Bolivian president got grounded on a suspicion that he is smuggling Snowden, is quite a bit of evidence that Snowden is not simply lying.
I don't know what exactly is true or isn't, but the manhunt is a rather blatant piece of evidence that cannot be ignored.

If it was100%, then pray tell how have we managed to catch any terrorists?

I have no evidence that we have. There is plenty of anti-terrorism activity and vague announcement of hundreds of terror plots having been stopped. Some, mostly unidentified people were also killed by drones, but I am not aware of any "caught terrorists"

I know you are not a troll, but are you just assuming that we have caught dozens of terrorists?

I'd be interested in hearing about that 1 out of 1,000,000 where they caught someone credible, who could have succeeded.

Yeah... that big story this past April in Boston... something about a bomb... asleep the whole month?

You are taking my sentence out of context. Interested in 1/1,000,000 where surveillance could prevent the terrorist act. Yes, terrorist acts happen (rarely), and law enforcement reacts to them just as they would in previous, less-insane, decades.

However, they were neither able to prevent the act, nor have they used the years and years of indiscriminately stored data.

Tell me, when you go fishing in a lake, do you catch all the fish?

If I bought a fancy lake-scanning sonar, I would expect it to improve my odds. If it didn't, the sonar is a failure.

Look, I am not arguing against hunting terrorists. I am saying that the new monitoring activities do not have any demonstrable benefit (that I am aware of).

Re:Er, no, that isn't the story

[russotto]

I guess I'd better give up that whole civilization thing too. It was a pretty silly idea. We should just go back to roaming bands of vigilantes and forget the whole "rule of law" business. It's clearly a failed experiment. Thank you, anonymous internet pundit, for helping me see the error of my ways.

Supporters of the government can validly use the "rule of law" argument when and only when the government actually starts following the law. That includes, in the US, the Bill of Rights. If the government is following the Nixonian mantra of "If the President does it, that means it is not illegal", that's the opposite of rule of law.

Re:Er, no, that isn't the story

[sjames]

My tiger^Wterrorist repelling rock has prevented thousands of deaths in the U.S. this year alone. I need funding to maintain it though, 5 mil a year should cover it. Contact your Congressman now and urge him to fund my tiger^Wterrorist repelling rock now before it's too late!

Prediction

[swillden]

Prediction: this article will not get 850 comments, and many people will continue pointing to this story as proof that Google lets the federal government rifle through all of everyone's data.

99 out of 100

[gsslay]

99 times out of 100, these tip-offs come to nothing

That's not quite what was said. From the original blog ; "they mentioned that they do this about 100 times a week. And that 99 of those visits turn out to be nothing."

So we have three possibilities;

1/ this statistic is a bullshit overstatement, talking up a minimal danger
2/ they are arresting terrorist bombers at a rate of 1 a week
3/ they are prosecuting 1 person a week on an unrelated matter, after gaining access to their house on the pretext of "war against terrorism".

Which do we think it is?

Re:99 out of 100

[bws111]

None of the above. It is the equivalent of Columbo's 'oh, you know, headquarters makes me ask these questions, nothing to worry about'. It puts the person at ease, and maybe they let their guard down a bit.

It did seem a little peculiar.

[gallondr00nk]

If there was some sort of massive sifting of google terms by local law enforcement, or the NSA were passing on every single combination of "pressure cooker + backpack", there wouldn't be an isolated incident, there would be tens of thousands of these investigations. How many other terms would get similar scrutiny? Would local police act on all of the millions of searches that would throw up a red flag?

The police might be increasingly militarized, but they aren't limitless in either manpower or funding, as much as they would have you believe otherwise.

What I'd like to know from all this is why the police are now so frequently travelling around in armed units just to conduct inquiries.

Re:Devices which have only one purpose

Some people might want to search for news stories pressure cooker bombs, or information about what they look like so they might be able to identify one if they see it on the sidewalk.

This could well be search suggestions.

[jaseuk]

Typing "pressure cooker" lists pressure cooker bomb as the 3rd suggestion in Google.

Jason.

Re:This could well be search suggestions.

[blueg3]

It's his boss nosing around on his old computer. It doesn't really matter which one of a dozen completely reasonable explanations it is. Hell, the guy could have been innocently looking up pressure cooker bombs. Certainly a lot of people did when it was in the news. But his boss has no clue what he's doing. He's not a trained investigator or analyst of any kind. He sees some things that look to him like a search for a "pressure cooker bomb" and he calls the police.

Non story is still a story

[onyxruby]

A surveillance society is still a surveillance society and this story simply reveals how this is done in the real world. While lots of people have fantasies about the NSA reading their email or looking at their porn habits in the real world this is done by peoples employers day in day out.

Put down the tin foil hats, have a wake up call and realize that your employers are the ones performing the real world surveillance on the contents of your browsing, email and other habits.

Re:Non story is still a story

[Proudrooster]

No. Even if the employer submitted half of the search info, the info on the backpacks had to be provided by another source and then had to to matched. Where did that info come from? Google? NSA backdoors on home computers? The interesting part of the story (if indeed true) is the other half of the info.

Re:Private browsing

[MtHuurne]

If your work browser is configured to accept certificates from the proxy server, SSL might not give you privacy.

Re:Devices which have only one purpose

[nine-times]

The devices might only have one purpose, but there might be other purposes for searching for it other than to build one. Reading this story made me want to google "pressure cooker bomb" just to see what it is. So then I would be searching for simple curiosity. A week from now, if I were trying to find a link to this story about a man being investigated for terrorism, I might google "pressure cooker bomb" because it's a detail I remember from the story. So then my interest might be in electronic privacy, and not bombs at all. In fact, I've now written the word "bomb" several times in this post. It's a suspicious word, but what I'm talking about here actually has very little to do with actual bombs. I just made a "bomb" related google search, just now, looking for information to support my arguments.

Aside from that, I'm not even sure I agree that bombs have no practical use other than terrorism. Maybe he wanted to build a small bomb, under safe conditions, as a method of learning about science/chemistry/construction. Maybe he wanted to blow something up, out in the middle of nowhere, for entertainment. Maybe he had a tree stump on some rural patch of property that he wanted to remove, and he got it into his head that he wanted to blow it up with a bomb. Maybe this guy is interested, not for terrorism, but for the purposes of general idiocy.

I don't necessarily blame the employer for reporting it, since he may have had legitimate reasons for concern. I don't blame the FBI for investigating it, because they kind of have to investigate something like this once it's reported. But I do blame you for implying that there's no valid reason to ever search for "bomb" unless you're a terrorist.

Re:Private browsing

[datavirtue]

A good proxy server is going to allow your system administrators to decrypt your SSL connection. The proxy feature works for SSL but not before exposing all of the information in your connection to the administrators. So using an external proxy and SSL is not going to provide any security. You are going to have to be a little more savvy than that which will also be obvious to your system admins that you are subverting their tracking/logging system.

Re:Private browsing

[hippo]

You should run an ssh tunnel through the corporate proxy to your own installation of an apache proxy running on your home server. Then use that as your proxy for firefox. At least then you'll be spared the embarrassment of a SWAT team turning up at work.

Re:How will they be compensated?

[Kelbear]

Key points you're missing:

1) Suffolk county police claim the wife searched for pressure cooker bombs, and the husband searched for backpacks.

2) According to the wife, she was shopping for pressure cookers, and the husband was shopping for backpacks.

The important detail missing is that the couple wasn't searching for bombs. It appears the police added the word "bombs" to cover up their amateur-hour faux pas so that an investigation sounds reasonable.

Now, perhaps the wife is just bullshitting people to say that she wasn't researching how to build a pressure cooker bomb, but I find it far more likely that she was shopping for a pressure cooker (a common activity), than researching how to build a pressure cooker bomb (an uncommon activity), and all parties involved concede that the wife wasn't actually doing anything that should give cause for concern.

Re:How will they be compensated?

[jemenake]

Hm? RTFS... the boss sees someone searching for bombs, thinks "hey, this could be bad", tip the police, turns out it is nothing.,,

From the aricle, they specify that it's a former boss, and there's no mention of how amicable the termination was. So, it's also possible that the employer, due to a grudge, discovered the suspicious searches and decided that it would be an easy way to make their life difficult for a little bit.

Actually, we'll probably never know they entire story. The employer, no matter what their motivation, is going to stick to "Hey... if you see something, say something...".

Re:Private browsing

Exactly! So, shut the fuck up, slaves. Employers pay for your time, not your work. Employers OWN you for the duration of that time. You have no rights beyond that which your employer affords you. You should act like the good little worker machines that you are unless your employer gives you permission to do otherwise.

God damn these lazy employees these days, thinking they can be human on an employer's dime.

Re:How will they be compensated?

[cold+fjord]

The important detail missing is that the couple wasn't searching for bombs. It appears the police added the word "bombs" to cover up their amateur-hour faux pas so that an investigation sounds reasonable.

That doesn't appear to be correct according to the fine article:

The former employee’s computer searches took place on this employee’s workplace computer. On that computer, the employee searched the terms ‘pressure cooker bombs’ and ‘backpacks.’

A question worth asking, other half of Google info

[Proudrooster]

So dad searched pressure cookers at work and the employer allegedly turned this over to the cops, but who turned in mom's Google search history? How was the match made? Was there a request made too Google? Did the Feds hack the computers using a MS-NSA or Apple-NSA backdoor? According to the article, the task force didn't even look at the computers or confiscate them.

This is only half a story, (if it is indeed true about the employer turning over the suspicious weblogs). How did the Feds/Police/Joint Task Force get the other half of the info.

And according to the article this occurs 100 times per week and we are just hearing about it.

There is more to this story and this simple explanation is only half of it.

Re:Private browsing

[BrokenHalo]

Agreed, there is a certain amount of totalitarianism raging about the use of corporate networks, but nevertheless, there is a case to be made that if there's something you don't want your boss to know (regardless of whether or not you're doing anything wrong), then you don't use his network to talk about it.

In these times, where trust between employer and employee is largely a one-way-street, it's a simple matter of common-sense and self-preservation. Sure, a monthly data traffic allowance on your phone bill has a monetary cost, but for peace of mind, it makes sense to use that rather than put your life in your boss's hands.

Use discretion before calling the police

[davidwr]

You CAN be too careful.

Before calling the police in a non-urgent situation, ask yourself

"If everyone in my exact situation called the police, a few crimes may be prevented but a lot of lives would be intruded on and a lot of police resources and taxpayer money would be spent. Would it be better for society if, as a rule, the police were called in this exact situation or if, as a rule, they were not?"

This goes not just for bombs but for thinks like someone unfamiliar walking around your neighborhood at 3AM, your kid's friend sporting frequent unexplained bruises, and the guy who who hangs round the local kiddie park without kids in tow.

Each of these "no matter what I do, there's a good chance that I could wind up doing the wrong thing" cases and many others like it require a gut-check and a realistic assessment of the situation before calling the police. Sometimes the "best answer" is to call the cops. Sometimes the "best answer" is to talk to the person acting suspicious or get friends and neighbors together and talk to the person. Sometimes the "best answer" is to do nothing.

Finally, if you do make a well-thought-out decision and it turns out to be wrong - if you DON'T turn in the guy who searches for pressure cookers and he turns out to be a bomber, or if you DO turn him in and as a result the police are busy interviewing the person and can't get to an armed-robber-in-progress call in time to avoid bloodshed, don't feel guilty about your decision.

Re:Private browsing

[davidwr]

A good proxy server is going to allow your system administrators to decrypt your SSL connection.

Yes and no. Yes, a proxy can do MITM attacks, but no, barring a key compromise, it can't do so undetectably. A computer-savvy employee who is concerned about a MITM attack can do some testing beforehand and on an ongoing basis to assess his risk.

Some things an employee who doesn't 0wn his own box probably cannot check for is a keyboard logger. Employees probably cannot check for other things like hidden cameras and other off-the-computer surveillance.

Re:Private browsing

[spacepimp]

I'm not certain if you're trolling... Expectations are a two way street. Within reason, there is a right of the employee to receive a personal call or to send a personal email during work hours. This is doubly true considering the work day no longer ends when you leave the office. Since the work life pours into our personal, the personal has to pour into our work.

End Run

[Phoenix666]

This is why when in the past I worked for others I always surfed via my own personal hotspot, not the corporate network. Yes, it does not help you with the NSA, but it at least avoids the entire issue of corporate IT.

Re:Private browsing

One or two rules in the firewall and no OpenVPN for you.

Seriously, do your private shit from your home - or at least from your phone with your own data plan - instead of wasting your and sysadmin's time playing tag with network policies.

Re:Devices which have only one purpose

[spacepimp]

This is the bigger issue with the surveillance state. In a free society you can read what you want, think what you want and say what you feel: WITHOUT FEAR OF RETRIBUTION. The chilling effect that occurs, that even searching for a news item such as this flags you and puts you on a watch list. It is a direct assault on personal liberties.
When you say that "aside from self-educating concerned citizens, no one other than an engineer should be searching for such a thing" I find it truly offensive. No one has the right to tell you what you should think, what you can read or what can be said. There is no humanity or dignity in a world where the level of control and power has shifted to allowing for this. No person should be afraid of retribution for free thinking, learning or reading what they want for whatever reason they want. The mere fact that you can justify the infringement of these liberties shows how far the ideals this country was founded upon have slipped away.

Re:Private browsing

[Digital+Vomit]

I'm not certain if you're trolling...

That is a truly frightening testimony against the American employer culture.

(Assuming you are an American, which is probably a safe bet here).

If it's not your PC, nothing on it is private.

[couchslug]

I don't use work PCs for anything but that. If I want personal connectivity I can pay for it.

Jobs which do not use computers don't pay for me to surf on their time, either.

A computer is like any other tool, for example a milling machine or a welder. If I want to borrow one of those for a bit, I ASK the shop owner.

Re:How will they be compensated?

[CanHasDIY]

Someone once called the fire department thinking I had recklessly left my kids in a hot car without supervision.

Unless they mistook some inanimate object in your car for children, then you fucking did.

Everyone should see this PSA about leaving kids in cars.

Re:How will they be compensated?

[cellocgw]

The former employeeâ(TM)s computer searches took place on this employeeâ(TM)s workplace computer. On that computer, the employee searched the terms âpressure cooker bombsâ(TM) and âbackpacks.â(TM)

Yeah, because there's zero chance he was just searching for news stories about the Marathon bombing and possible copycats. Or because he was just plain interested, as an intellectual exercise, in the relative efficacy of pressure cookers as a bomb containment device vs., say, a layer of ball bearings embedded in a core of C4.

Come and get me, you NSA assholes.

Re:Private browsing

[Salgak1]

When you're using your company's computer and your company's network, there is exactly ZERO expectation of privacy. No doubt, you've signed an "acceptable use policy". . . . Read it next time. . . .

Re:How will they be compensated?

[hacker]

It doesn't matter if she was searching for 'pressure cooker bombs', because that is not illegal!

She has not committed any crime, nor should she be suspected of one. In fact, she shouldn't have let them in the house, because they have no warrant, nor any valid reason to suspect her of doing anything against the law.

Since when was curiosity or knowledge seeking a crime? Is that where we are now? Living in fear of learning more, because those who think they're holding the power, are looking at everything we do?

Re:How will they be compensated?

[Kelbear]

That "fine article" is paraphrasing other sites, which are paraphrasing other sites. They're claiming the searches were for pressure cooker bombs based on statement from the police, which conflicts with that of the couple, but their slapdash editor didn't even notice.

This is the site owned by the wife, where she explains from her perspective: https://medium.com/something-like-falling/2e7d13e54724

This is the original breaking story from Gizmodo that Wired is just paraphrasing:
http://whitenoise.gizmodo.com/yes-the-fbi-is-tracking-americans-google-searches-981986667

Re:Private browsing

[spacepimp]

An employer needs to follow the guidelines outlined in the Human Rights Act and respect the private life of an employee. This means that throughout the working day, employees are allowed by law to use telephone and email for private purposes, not only during break times but throughout the day. I am not a lawyer, but when recently writing a new IT Policy/Employee handbook we employed legal counsel to guarantee all employee rights were respected and protected.

Re:Private browsing

[RoknrolZombie]

He's not lying (or even fibbing, not even a little). The last 3 jobs I've had as a tech required 10+ hour days Mon/Fri, and if I wanted to do anything on the weekend that would take more than a few hours I had to notify my boss (in case they tried to reach me and I was unavailable). I'm no manager or lead or anything like that...I'm just the guy that they want to make sure is available in case a computer breaks.

Once upon a time those jobs were restricted to the heads of the company and they were awarded accordingly. Now those jobs are everywhere unless you're literally the bottom rung on the ladder.

The working climate in the US is dismal.

Re:Private browsing

[Adrian+Lopez]

"A good proxy server is going to allow your system administrators to decrypt your SSL connection. The proxy feature works for SSL but not before exposing all of the information in your connection to the administrators. So using an external proxy and SSL is not going to provide any security."

This is true, but only if your employer has or otherwise gains access to your computer's certificate store and installs a root certificate whose private key is known by the proxy. The proxy can then sign fake SSL certificates which it uses to decrypt, capture and re-encrypt the connection.

and if they were Muslim?

[almechist]

Well, I don't know about you, but if the police show up, act in a courteous and polite fashion, ask a few questions, and then leave satisfied nothing bad is going on, I consider that a job well done.

As a thought experiment, imagine that the couple had been Muslim, but otherwise exactly the same people. Does anyone honestly still think the visit by police would have been so courteous and polite? And yet in the USA we supposedly have freedom of religion, which should guarantee equal treatment by law enforcement whatever one's beliefs.

And it doesn't matter where the tip came from, this kind of thing is wrong, potentially dangerous, and not the way I want my Country to be. So it's just civilians spying on other civilians, that somehow makes it OK for a squad of armed police to show up at someone's home on the basis of a Google search term? Seriously??? Is this really the kind of society you want to live in? This is simply NOT acceptable police behavior, and never will be, regardless of who sends in the tip. A society in which an online search for anything at all, legal or otherwise, causes the police to knock on the door is simply not a free society, no matter how you want to spin it.