Slashdot Mirror
Canadian Spy Agency Snooped Travelers With Airport Wi-Fi
Walking The Walk writes: "It seems the NSA isn't the only agency doing illegal domestic spying. According to a Snowden document obtained by the CBC, Communications Security Establishment Canada (CSEC) has apparently been tracking domestic travelers, starting from when they first use free Wi-Fi at an airport, and continuing for days after they left the terminal. From the article: 'The document indicates the passenger tracking operation was a trial run of a powerful new software program CSEC was developing with help from its U.S. counterpart, the National Security Agency. In the document, CSEC called the new technologies "game-changing," and said they could be used for tracking "any target that makes occasional forays into other cities/regions."' The CBC notes early in the article that the spy agency 'is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.' Predictably, CSEC's chief is quoted saying that they aren't allowed to spy on Canadians, so therefore they don't. As observed by experts consulted for the story, that claim is equivalent to saying that they collect the data but we're to trust that they don't look at it."
And I thought you were so nice and polite.
I guess you were spying, but politely.
Welcome to the Panopticon. Used to be a prison, now it's your home.
They spent a lot of time on this story last night and let the privacy comissioner speak her mind about it. I didn't expect such unbiased open coverage of this topic by our state broadcaster.
Don't design wireless protocols to use static unique identifiers in the clear. All identification should be encrypted, and connections which don't require authentication should not use static identifiers at all.
We'll send this junk back, up to 221K, so far.
A feeling of having made the same mistake before: Deja Foobar
The spying was never meant to be legal, it was meant to be secret. If all the secrets were made known, you wouldn't put up with the illegality of the governance.
They will never come clean, there will always be additional layers behind what they tell the public. Until we force their hand.
The question is does the public really want to do that.
Why bother doing this? I mean, I have to surrender every possible bit of personally identifiable information to get a plane ticket anyway, so haven't you already figured out where I'm going, what hotel I'm staying at, etc, etc, etc before I even leave my home?
RANDOM MAC ADDRESSES.
Chances are they're tracking people by MAC. Set up a cron job on your device to *ahem* adjust your MAC address with some regularity. You need to maintain a connection, so perhaps every hour? Or tie it to GPS coordinates or SSID names and when they change, update the MAC to something random...
The trick will be to make sure you don't repeat MAC's - probably want to keep an encrypted DB of hashs of the MAC's so you can verify you haven't used it previously before assigning a new one...
Effectively turn your token into a one-time pad... Fuck 'em.
If you use someone else's free WiFi, and expect the same level of privacy you'd have on your own network, you're too trusting.
Not that my Verizon 4G hotspot is exactly NSA proof (becuase Verizon), or that WiFi in general is secure. But knowingly connecting through an unknown third party's pipe and expecting them not to look seems naive. Why invite the snooping?
I'm sure the NSA has already thought of this. The only airport that I have been through that has free WiFi is in New Orleans. Everywhere else you pay if you want access. What a country.
But they can likely track you with airport wifi whether you're using it or not.
At least they apologized.
I would like to know CSEC would get from YVR WiFi. It is so slow that it is useless except for slow surfing on internet web pages.
(from the summary) ...they collect the data but we're to trust that they don't look at it
That's the wrong way of evaluating the situation. The correct way is to realize that IF they were trustworthy, then they wouldn't be spying on innocent people (you) in the first place.
It seems the fact you travel internationally is a great reason to keep tabs on you. Add mobile phones and laptops to the list of things you shouldn't carry when traveling internationally if you wish to avoid security hassle, along with explosives, guns, drugs, knives, scissors, nail clippers, tweezers, breast milk, toothpicks, sports equipment, medicines, tent pegs, children, people named Mohammed....
Democratic governments the world over are in a classic catch-22: they're damned if they do and they're damned if they don't. Prior to 9-11, we had pretty good safeguards in place against domestic spying. Watergate and the revelations of what J. Edgar Hoover did put a bad taste in everyone's mouth in the US about domestic spying. Then a bunch of nihilistic apostate Saudis flew airplanes into the Twin Towers, and over 3000 Americans died in the space of a single morning. The entire world watches in shock and horror--and then following America's lead, immediately begins investigating how this could have happened. And as the US discovers very quickly, it happened due to intentional inefficiencies and silo-ization of intelligence.
If there is one thing we Americans cannot stand more than anything else, it's inefficiency. We want our government/society/economy to WORK, dammit! Make it effective and efficient! The families of 9/11, and the politicians discover to their horror that this all could have easily been prevented, had we made our internal counterintelligence and domestic crime monitoring more efficient. The worst part is that 9/11 really could have been prevented --so easily--, and that's what led to the Patriot Act, the NSA, all of it. And it's not just America that learns this lesson.
So now the Canadians are following in America's footsteps, because no government, Liberal or Conservative, wants to be blamed for the next attack. And, there always will be a next attack. Maybe not from Islamists, maybe not from brown-skinned people, but there always will be. No one wants to be the one person on the news who's faced with the "Why didn't you stop this!" question. Imagine if you will what would have happened if John Ashcroft and President Bush had stepped up together following 9/11 and said "We understand that this could have been prevented if the FBI, CIA, and NSA had shared their information, but we're not about to dismantle federal policy to facilitate that because we don't want to turn America into a police state". Just imagine for a moment, the response that would have come to that statement from an enraged nation--let alone the entire state of New York.
What's really, really funny is that on /., we are all pro-privacy, pro-dismantling of the security apparatus. But none of us ever stop to consider if we'd change our tune, if one of our family or loved ones was suddenly, inexplicably killed in a horrible way--and then discover that said death could have been easily prevented if only X and Y agencies had bothered to share their information. And here's why this problem will never be solved--most of us have never been confronted with the desire for justice/vengeance, the anger of being a victim of system failure, and then understanding that there was a reason for the inefficiencies in the first place. Knowing what we know now, can any of us truly say that we'd face 300 million people (or 20 million if you're Canadian) and say "I know we could have easily prevented this tragedy, but we're not going to put in place the fixes that would prevent a future tragedy like this because we believe the outcome would be worse than the disease." And if you are willing to do so, are you willing to face a lifetime of condemnation and excommunication from everything you hold dear?
Nah, the biggest joke is that this shit HAS to happen, and then we have to go through years of rollbacks and abuses and fighting to undo all the damage, only to have it happen all over again and a new generation has to relearn the lessons. This is life, people. This is human nature. There is no answer, there is only the cycle.
Here's to hot beer, cold women, and Glaswegian kisses for all.
"the spy service was provided with information captured from unsuspecting travellers' wireless devices by the airport's free Wi-Fi system over a two-week period."
Like what? Mac addresses? Mac address + IPs it connected to?
"The document shows the federal intelligence agency was then able to track the travellers for a week or more as they — and their wireless devices — showed up in other Wi-Fi "hot spots" in cities across Canada and even at U.S. airports."
How? Did CSEC have a deal with companies providing wifi?
"free" airport wifi is a vacuum operation. Interesting note: we were heading out on a vacation a couple of weeks ago. I plugged my iPad into the USB charger in the plane and got a nice popup (typing this from the screen shot I took):
So charging on planes is another thing to avoid for me.
Trolling is a art,
I no longer expect outrage, as that seems to be beyond our capacity anymore, but it feels like we treat this kind of news as if it's just trivial bullshit. Has it come to that? Doesn't anyone call their representatives, no matter how deaf they might be? Anyone write letters to their local newspaper about this kind of erosion of personal liberties? Anyone trying to get someone to listen and pay attention, or are we all just willing to head blindly to the kill-floor, tweeting and texting the latest lolcat?
It seems to me that we are giving our lives away for nothing.
"Life is not magic." Dr. Ron Weiss - "If we don't play God, who will?" Dr. James Watson
Governments of the day would love us to have a "state broadcaster", and might also prefer to have a pliant privacy commissioner, but neither report directly to the PM. It's admittedly hard for them to honour and defend our constitution (to borrow a U.S. phrase) but they manage somehow.
davecb@spamcop.net
But you're completely correct. The world is going back to a bi-polar state, with the democratic westernized economies on one side, and authoritarian non-democratic countries on another (Russia, Iran, China ect...). To the victor goes the spoils. For there to be victory, the USA (and her many allies) must stay on top of the game.
"How's that 'hopey-change' stuff workin' out for ya?"
"Whoops! Wrong country! They don't have a guy who pals around with terrorists for a President! Nevermind!"
By the very nature of these 'joint security' efforts; it may be illegal for say the Canadian side to look at Canadians but the same data is "legally" accessed by joint nation who can freely spying on foreigners. ie: they spy on everyone.
Becoming Amish is growing more tempting every day, except for the religious part of it.
P.S. What is this 'new game-changing' tech? what exploit is it using', tracking how. If not a direct exploit, I would guess its collaboration on ISPs that relay MAC/CPU-ID with communications that is consolidated by the Orwellians .
"If you're not doing anything wrong, you have nothing to hide" in 3.....2.....1......
with the democratic westernized economies on one side, and authoritarian non-democratic countries
Say what again? I do not see a huge difference these days between Russia and over-regulated western countries controlled by what is essentially a permanent ruling class of government workers. Russia is just a tiny bit more brazen about what it does... a TINY bit more.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
If you do not think every major country is not engaging in this sort of activity you are living in a cave or something
Why exactly are you entitled to free WiFi in airports?
Last time I use the free wifi at Pearson. Wifi adapter disabled from now on!
"When information is power, privacy is freedom" - Jah-Wren Ryel
If you are using an Airport's WiFi without connecting to your trusted VPN, you'll get what you deserve. Airports are a wonderful place to play "Yes, I am that AP" and other fun games while bored hackers wait for their flights.
The Xbox One is ALWAYS examining the contents of the room, ESPECIALLY when the light is low or off. Low light triggers the "sexual movement" algorithms of the Kinect 'Human motion aware' sensor system, the one that uses a military grade 'time of flight' depth camera that Bill Gates spent multiple billions of dollars to develop.
You were so close to a successful troll attempt until that paragraph.
Your furious rhetoric is invalid.
If anything, the NSA probably let it fucking happen as justification for even more power.
Selling point to compete with American airports. In Canada the airports are financed by ticket surcharges so many people cross the line to fly out of American airports as the whole airport is free.
https://en.wikipedia.org/wiki/Inverted_totalitarianism
How much gas are you burning to avoid $5 of WiFi fees?
How much gas are you burning to avoid $5 of WiFi fees?
If your flight goes US->Canada->Europe (for example), you can often save hundreds of dollars by driving to America and catching the flight there rather than joining the flight at your local airport when it lands in Canada.
No, it doesn't make sense to Canadians, either.
Just don't use Wifi at Tim Horton's
As the sibling post says, it is much cheaper to catch a flight from an American airport, not just to Europe either but pretty well anywhere. This is (at least partly) due to Canadian airports having to be self-financing and people expect some perks like free WIFI after paying the extra charges.
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Excuse me sir, but I believe that based you accidentally overpaid for your timbits and coffee, can you report back to Tim Horton's.
Oh, and this long cylindrical object with a fuse that was in your check-on, you can have this back now, thanks.
My conscience pinged me on this one -- you are also right about each cycle getting a little better. My biggest desire is that people would step back, consider the cycle, realize that they cannot *solve* the problem, but considerate amelioration and solutions do work in the long term.
Here's to hot beer, cold women, and Glaswegian kisses for all.
Until he's in the custody of the government and facing trial for his crimes, however certain his guilt may be, these documents mean nothing more than another charge against him. One could reasonably come up with something out of thin air, attribute it to him, blame a government agency, and people would believe it faster than they would believe the truth.
Some people side with Snowden and the foreign countries that aid and abet him. I side with the US, and the institutions, including the necessary NSA, and the efforts to bring the wayward ex-contractor to justice.
That said:
Hindering the NSA does no good when it comes to finding terrorists since it provides a convenient blindspot for them to stand in. Remove the blind spot and you give no place to hide.
(Of course, this goes against standard /. groupthink, and will be sent down the memory hole by virtue of modbombing anything that opposes the One True Snowden Opinion)
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
while true generate-spoof-new-mac-address connect-to-airport-access-point disconnect-after-3-seconds Someone should write a FREE app to flood their database to render their data useless :-)
http://washingtonexaminer.com/...
Is there any place the people of the World are not being data-raped?
"If any question why we died, Tell them because our fathers lied."
It`s developed with the NSA. Do you for a moment believe they`re not getting all the info you are, and also anything else on your computers running this?
I know harper would kneel to pleasure any of our presidents at a moment`s notice, but surely you can do something about it?
Canada`s not as fat, complacent and freedom-hating as we are, right?
Right?
9/11 was an inside job, the world is ran by rich powerful white men who want total control, and that every single conflict in the history of man has been a doctored farce in order for bankers and industrialists and the powers that be to get rich then everything become much more simple, much more crystal clear.
Blackmail is the main device used in order to maintain this power, and having dirt on any potential "threat" (ex: not a CIA created boogyman terrorist, we're talking people who threaten their precious power) is critical for maintaining power. It doesn't matter who that person is. Just having that data on file to blackmail anyone is what the powers that be need to stay in power.
See Snowden for more info on this. But fuckwits such as yourself are the cancer fucking up the world - thinking conservative and liberals are different. Categorizing stances in this way. Shut the fuck up with your conservative liberal islam sandmen in a cave boogeyman theories. The CIA and FBI create the next attacks. From the Bostom bombing to every single mainstream media reported conflict "Amerka" gets into.
We don't track Canadians, we track unknown targets at Canadian airports. Inevitably that includes some Canadians, if not mostly Canadians, but of course we'll neglect that detail until we actually match them up with the copious amounts of other data that would specifically identify them, which is a switch we can throw in an instant if we decided to do so. No, they're just a huge number of unidentified people, "not Canadians".
No, that is not why it happened but framing it that way is seductively authoritarian and one of the main reasons for the creation of the modern surveillance state. Having spent billions to stop more attacks, what do we have to show for it? The Boston bombers plus a whole host of "white" attacks like mass shootings and the NSA's "official" record of having stopped precisely zero attacks on USA soil.
That's ~50 attacks short of the total, not counting ones they can't disclose due to classification rules.
...businesses and people spending time and money to shield themselves from the surveillance...
While those threats are mitigated by responsible citizens that render those efforts useless, as well as architectural efforts that make it too costly to implement the rest. Integrate deeply enough and betrayal won't matter.
The only way to win is not to play the game.
Then you leave room for terrorism to happen in the Constitutionally-mandated blind spot. The military and intelligence departments do ugly-but-necessary things that are not meant for the public to know until it is no longer a threat. Not playing the game puts the US at a disadvantage versus other nations that do so.
The way to win is to be ahead of the others in surveillance and to do it more cleanly. Then take care of the loose ends like Snowden and his associates in ways that prevent repeat occurrences.
We need to get away with from the authoritarian framing of the problem of our society being constantly vulnerable and change from a surveillance state
Not going to happen, and the risk calculations in the rest of your paragraph are compatible with the current surveillance posture. The NSA has outlasted its detractors, including this generation.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
With this giant dick on my forehead.
http://beta.slashdot.org/submi... Police brutality too: http://www.mtlblog.com/2013/11...
MAC addresses on computers and blue tooth tracking on cellphones is nothing new. Road construction signs us blue tooth signals to broadcast the time it takes to travel through traffic. If you are a spy/criminal you always ditch your electronics when traveling to provide a false trail.That's spy 101!
Come on guys, you're like the Chief of Police in Casablanca who is surprised gambling is going on in the casino? Someone still has an expectation of privacy?
You spy on my people & I'll spy on yours. After all, we're not allowed to spy on our own people.
Back when I was in Canada, CBC was routinely reporting on various fuck-ups by the government. They didn't seem to be in any way biased in favor of the latter.
It's what convinced me that state-funded media can be objective (I hail from a country where it is very much not the case, and assumed it to be universal).