Canadian Spy Agency Snooped Travelers With Airport Wi-Fi

← Back to Stories (view on slashdot.org)

Canadian Spy Agency Snooped Travelers With Airport Wi-Fi

Posted by Soulskill on Friday January 31, 2014 @03:54AM from the mapping-everyone's-hockey-allegiances dept.

Walking The Walk writes: "It seems the NSA isn't the only agency doing illegal domestic spying. According to a Snowden document obtained by the CBC, Communications Security Establishment Canada (CSEC) has apparently been tracking domestic travelers, starting from when they first use free Wi-Fi at an airport, and continuing for days after they left the terminal. From the article: 'The document indicates the passenger tracking operation was a trial run of a powerful new software program CSEC was developing with help from its U.S. counterpart, the National Security Agency. In the document, CSEC called the new technologies "game-changing," and said they could be used for tracking "any target that makes occasional forays into other cities/regions."' The CBC notes early in the article that the spy agency 'is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.' Predictably, CSEC's chief is quoted saying that they aren't allowed to spy on Canadians, so therefore they don't. As observed by experts consulted for the story, that claim is equivalent to saying that they collect the data but we're to trust that they don't look at it."

43 of 159 comments (clear)

Min score:

Reason:

Sort:

Et tu, Canada? by idontgno · 2014-01-31 04:01 · Score: 4, Funny

And I thought you were so nice and polite.
I guess you were spying, but politely.

--
Welcome to the Panopticon. Used to be a prison, now it's your home.
1. Re:Et tu, Canada? by ackthpt · 2014-01-31 04:05 · Score: 5, Funny
  
  It's "eh! tu" eh!
  former resident of the Great White North
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
2. Re:Et tu, Canada? by cold+fjord · 2014-01-31 04:07 · Score: 2
  
  Take off, eh! ;)
  
  --
  much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
3. Re:Et tu, Canada? by cold+fjord · 2014-01-31 04:11 · Score: 3, Informative
  
  And I thought you were so nice and polite.
  Not everyone in Canada is polite, and the Canadian government has its own security concerns of many types.
  
  --
  much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
4. Re:Et tu, Canada? by Oysterville · 2014-01-31 04:45 · Score: 2
  
  They are being polite. You have to voluntarily join a public and un-trusted network to allow them to snoop. At that point, you are practically leaving your doors and windows wide open for someone to break into your home, so to speak.
5. Re:Et tu, Canada? by davecb · 2014-01-31 04:49 · Score: 2
  
  According to a former boss, CSE is a really polite bunch of folks. They seem be be polite evil this week, though.
  
  --
  davecb@spamcop.net
6. Re:Et tu, Canada? by Hamsterdan · 2014-01-31 05:22 · Score: 2
  
  And if You and I were to setup the same kind of snooping network, we would be jailed. But the laws don't apply the same when you're powerful/rich/government.
  
  --
  I've got better things to do tonight than die.
7. Re:Et tu, Canada? by ackthpt · 2014-01-31 06:27 · Score: 2
  
  Don't be a hozzer eh?
  That's hoser, you hoser and eh is affirmative, in this case, so more properly it would be:
  
  Don't be a hoser, eh!
  Now take off hosehead, eh!
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
I was surprised to see such good coverage by CBC by Anonymous Coward · 2014-01-31 04:02 · Score: 3, Informative

They spent a lot of time on this story last night and let the privacy comissioner speak her mind about it. I didn't expect such unbiased open coverage of this topic by our state broadcaster.
That's OK, we'll get even by ackthpt · 2014-01-31 04:04 · Score: 4, Informative

We'll send this junk back, up to 221K, so far.

--

A feeling of having made the same mistake before: Deja Foobar
1. Re:That's OK, we'll get even by ackthpt · 2014-01-31 04:18 · Score: 2
  
  But he doesn't have a green card, he's here on an O-1B visa. Gotta watch for those technicalities when drafting something with the full weight and force of an online petition.
  Interesting bit about begin here on an Artistic visa is they're a bit easier to revoke.
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
Three words by Anonymous Coward · 2014-01-31 04:07 · Score: 2, Insightful

RANDOM MAC ADDRESSES.
Chances are they're tracking people by MAC. Set up a cron job on your device to *ahem* adjust your MAC address with some regularity. You need to maintain a connection, so perhaps every hour? Or tie it to GPS coordinates or SSID names and when they change, update the MAC to something random...
The trick will be to make sure you don't repeat MAC's - probably want to keep an encrypted DB of hashs of the MAC's so you can verify you haven't used it previously before assigning a new one...
Effectively turn your token into a one-time pad... Fuck 'em.
1. Re: Three words by Anonymous Coward · 2014-01-31 05:20 · Score: 2, Interesting
  
  The use of tracking MAC addresses is nothing new. In Sydney, Australia, there are traffic lights fitted with surveillance equipment. This information came out during a television story on ABC tv. What the government is doing is targeting bluetooth/wifi enabled devices, logging them into a database then the owners are tracked around the city. The government claimed that MAC addresses were not personally identifying so it's not a concern. The fact is that MAC addresses are identifiable and can be linked to whatever individual. If you have ever been arrested by sydney police and had to surrender your device, chances are that they will record the IMEI and MAC address. And for all those arm chair IT experts here: how the hell is the average user supposed to generate a new MAC address for their phones or tablets?! LOL
Re:That's impolite by dreamchaser · 2014-01-31 04:27 · Score: 2

How do you propose not using a MAC address with any network protocol?
Here's what's funny about all of this by Xaedalus · 2014-01-31 04:38 · Score: 5, Insightful

Democratic governments the world over are in a classic catch-22: they're damned if they do and they're damned if they don't. Prior to 9-11, we had pretty good safeguards in place against domestic spying. Watergate and the revelations of what J. Edgar Hoover did put a bad taste in everyone's mouth in the US about domestic spying. Then a bunch of nihilistic apostate Saudis flew airplanes into the Twin Towers, and over 3000 Americans died in the space of a single morning. The entire world watches in shock and horror--and then following America's lead, immediately begins investigating how this could have happened. And as the US discovers very quickly, it happened due to intentional inefficiencies and silo-ization of intelligence.
If there is one thing we Americans cannot stand more than anything else, it's inefficiency. We want our government/society/economy to WORK, dammit! Make it effective and efficient! The families of 9/11, and the politicians discover to their horror that this all could have easily been prevented, had we made our internal counterintelligence and domestic crime monitoring more efficient. The worst part is that 9/11 really could have been prevented --so easily--, and that's what led to the Patriot Act, the NSA, all of it. And it's not just America that learns this lesson.
So now the Canadians are following in America's footsteps, because no government, Liberal or Conservative, wants to be blamed for the next attack. And, there always will be a next attack. Maybe not from Islamists, maybe not from brown-skinned people, but there always will be. No one wants to be the one person on the news who's faced with the "Why didn't you stop this!" question. Imagine if you will what would have happened if John Ashcroft and President Bush had stepped up together following 9/11 and said "We understand that this could have been prevented if the FBI, CIA, and NSA had shared their information, but we're not about to dismantle federal policy to facilitate that because we don't want to turn America into a police state". Just imagine for a moment, the response that would have come to that statement from an enraged nation--let alone the entire state of New York.
What's really, really funny is that on /., we are all pro-privacy, pro-dismantling of the security apparatus. But none of us ever stop to consider if we'd change our tune, if one of our family or loved ones was suddenly, inexplicably killed in a horrible way--and then discover that said death could have been easily prevented if only X and Y agencies had bothered to share their information. And here's why this problem will never be solved--most of us have never been confronted with the desire for justice/vengeance, the anger of being a victim of system failure, and then understanding that there was a reason for the inefficiencies in the first place. Knowing what we know now, can any of us truly say that we'd face 300 million people (or 20 million if you're Canadian) and say "I know we could have easily prevented this tragedy, but we're not going to put in place the fixes that would prevent a future tragedy like this because we believe the outcome would be worse than the disease." And if you are willing to do so, are you willing to face a lifetime of condemnation and excommunication from everything you hold dear?
Nah, the biggest joke is that this shit HAS to happen, and then we have to go through years of rollbacks and abuses and fighting to undo all the damage, only to have it happen all over again and a new generation has to relearn the lessons. This is life, people. This is human nature. There is no answer, there is only the cycle.

--
Here's to hot beer, cold women, and Glaswegian kisses for all.
1. Re:Here's what's funny about all of this by wasteoid · 2014-01-31 05:01 · Score: 4, Insightful
  
  You don't have to track everyone's movements and monitor all calls to stop terrorist attacks. Having less porous security would be a much easier way to stop attacks without dialing up the police state to Orwellian levels.
  
  Putting locks on cockpit doors and doing better background checks of airport personnel have far better impacts and don't require obscene surveillance.
2. Re:Here's what's funny about all of this by oodaloop · 2014-01-31 05:05 · Score: 2
  
  Pretty much agree. Intelligence Analyst here, since before 9/11, and I've seen the increased emphasis on data-sharing and data collection in order to prevent future attacks, which we've done multiple times contrary to slashdot groupthink. I don't like the direction our country is going any more than anyone else. I wonder what's happened to the 4th amendment, among other amendments. But the focus on gathering data and sharing it with other agencies is not a power grab by nature (some bad eggs not withstanding), but a well-intentioned plan to prevent the next 9/11, or worse attack.
  
  --
  Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
3. Re:Here's what's funny about all of this by Anonymous Coward · 2014-01-31 05:16 · Score: 2, Insightful
  
  What's really, really funny is that on /., we are all pro-privacy, pro-dismantling of the security apparatus. But none of us ever stop to consider if we'd change our tune, if one of our family or loved ones was suddenly, inexplicably killed in a horrible way--and then discover that said death could have been easily prevented if only X and Y agencies had bothered to share their information.
  That much is true. But then, your narrative is that you fix sharing problems by collecting more information. That fails to parse. Especially when, post 9/11, you have both this expanded collection program and specific information that was ignored and did exactly zero to prevent the Boston bombing. But no matter, I'm sure there is some use this information vacuuming program is good for. If it happens to have some overlap with preventing terrorism, well, it's nothing that can't be fixed. </sarcasm>
4. Re:Here's what's funny about all of this by Suffering+Bastard · 2014-01-31 05:19 · Score: 2
  
  What's really, really funny is that on /., we are all pro-privacy, pro-dismantling of the security apparatus. But none of us ever stop to consider if we'd change our tune, if one of our family or loved ones was suddenly, inexplicably killed in a horrible way--and then discover that said death could have been easily prevented if only X and Y agencies had bothered to share their information.
  Hard for me to see any humor here. Sounds like a rather tragic state of affairs.
  A problem with your argument is that it assumes that the current security apparatuses would have prevented 9/11, and there's no way to know that. It doesn't seem like the NSA is at all concerned with stopping "terrorism," they're more hell bent on spying for their own power initiatives. Are we really any more secure now than we were in 2000? I'd submit not. And if, after proclaiming the actions of the NSA and national security legislation as crimes against the American people, an attack occurred on American soil that killed innocent Americans, I would not back down but fortify my arguments against fear and vengeance as motivation for public security policy.
  
  Knowing what we know now, can any of us truly say that we'd face 300 million people..."I know we could have easily prevented this tragedy, but we're not going to put in place the fixes that would prevent a future tragedy like this because we believe the outcome would be worse than the disease."
  I would, and did, advocate actual fixes, not the sham of security theater we have today.
  
  This is human nature. There is no answer, there is only the cycle.
  No. Human nature evolves. Each cycle we get a little better, even if barely perceptibly. Defeatist attitudes only hold us all back.
  
  --
  "Molest me not with this pocket calculator stuff."
  - Deep Thought
5. Re:Here's what's funny about all of this by Jah-Wren+Ryel · 2014-01-31 05:31 · Score: 5, Insightful
  
  And as the US discovers very quickly, it happened due to intentional inefficiencies and silo-ization of intelligence.
  No, that is not why it happened but framing it that way is seductively authoritarian and one of the main reasons for the creation of the modern surveillance state. Having spent billions to stop more attacks, what do we have to show for it? The Boston bombers plus a whole host of "white" attacks like mass shootings and the NSA's official record of having stopped precisely zero attacks on USA soil.
  The reason these things happen is because the real world is an immensely complex system - to say that significant acts of violence are "easily prevented" is to indulge in the fallacy of perfect knowledge after the fact.
  The real inefficiency here is the futile attempt to model the real world through "collect it all" surveillance. It's been a huge bust for its stated purpose and it's had the knock-on effect of jamming up everybody trying to get on with the business of living their lives - businesses and people spending time and money to shield themselves from the surveillance as well as the psychological toll on the entire populace that in the back of their heads they are evaluating if their actions might be misinterpreted by the invisible and unaccountable watchers.
  The only way to win is not to play the game. We need to get away with from the authoritarian framing of the problem of our society being constantly vulnerable and change from a surveillance state to a resilience state - where we accept life has risks, where we will take precautions proportional to the risks and spend the rest of our resources on living productive lives instead of lives of irrational fear.
  
  --
  When information is power, privacy is freedom.
6. Re:Here's what's funny about all of this by Gr8Apes · 2014-01-31 05:38 · Score: 2
  
  This exactly. Reinforced cockpit doors, not a new thing since El Al instituted them decades ago would probably alone have stopped 9/11 all by themselves. But it was "too expensive" and airlines didn't want them or the regulations regarding their use.
  
  --
  The cesspool just got a check and balance.
7. Re:Here's what's funny about all of this by 0123456 · 2014-01-31 06:44 · Score: 4, Interesting
  
  It's worth nothing that reinforced cockpit doors appear to have caused at least one plane crash where the pilot decided to commit suicide and take the rest of the passengers along for the ride.
  So they're not a cost-free option.
  It's also worth noting that, if the passengers had known what the hijackers had planned, they wouldn't have got anywhere near the cockpit doors before being beaten to death. The real flaw was the expectation that the hijackers would let them off in a day or two so they should just sit back and wait.
  If we'd been beating the crap out of hijackers for decades instead of going along with them, 9/11 would never have happened.
8. Re:Here's what's funny about all of this by nicolasgoddone · 2014-01-31 07:11 · Score: 2
  
  9/11 would have never been stopped as there was, clearly, many loopholes so gracefully exploited by the so called perpetrators, too much miss information and mixed intelligence reports about the actual events and extremely suspicious lack debris in pentagon crash (plus nearby surveillance footage confiscation of alleged pentagon plane crash for no reason, hey no turbine/jet engine remains but they did find al-qaeda member passports!) and none of the airforce response systems protocols kicked in blah blah ... i'm no conspiracy theorist, but 9/11 was full of shit, so was the SEC commissions report. It just was too convenient of an excuse to enforce the patriot act and stat f*cking up everyone's privacy. I avoid travelling through the US just to avoid the goddamned TSA.
9. Re:Here's what's funny about all of this by Xaedalus · 2014-01-31 07:27 · Score: 2
  
  Your points are well taken. I would argue that the NSA initially began with good intentions. I can also say that in the weeks and months following 9/11, there was a lot of attention suddenly given to the inadequacies of our intelligence network, both foreign and domestic. We as a nation decried the lack of Arabic speakers, we demanded more & better domestic surveillance because it boggled everyone's mind how the CIA and FBI failed to connect the dots regarding 19 Saudi nationals enrolling at different flight schools after being flagged as potential terrorists by the CIA. I'll also give you credit for your word that you advocated actual fixes--you have courage and I can't imagine how much hate and flack you must have gotten.
  
  --
  Here's to hot beer, cold women, and Glaswegian kisses for all.
10. Re:Here's what's funny about all of this by Solandri · 2014-01-31 07:34 · Score: 2
  
  The reason these things happen is because the real world is an immensely complex system - to say that significant acts of violence are "easily prevented" is to indulge in the fallacy of perfect knowledge after the fact.
  Exactly. With perfect hindsight, it's "easy" to come up with a solution which would have caught the 9/11 hijackers when applied to that specific problem.
  
  But you can't just look at the true positives. You also have to consider false positives, false negatives, and true negatives. The huge security framework that's been developed since 9/11 is justifiable if you look only at the true positives. But when you consider the damage caused by the false positives, the still very-large possibility of missing an attack via a false negative, the violations of privacy you do to the huge number of true negatives, and compare to the small benefit gained from the handful of true positives you catch, it is simply not worth it. You have to consider all the effects of the security measures, not just the effects when the measures work and catch a terrorist.
11. Re:Here's what's funny about all of this by Gr8Apes · 2014-01-31 07:39 · Score: 2
  
  It's worth nothing that reinforced cockpit doors appear to have caused at least one plane crash where the pilot decided to commit suicide and take the rest of the passengers along for the ride.
  Only one incident that I know of: LAM Mozambique. Since there are quite a few other recorded pilot suicides, I'd posit the door isn't the cause. The pilot can always just do a full powered dive, door or no door.... no one's going to stop them at that point.
  Note that passengers beating up wannabe hijackers is greatly enhanced by not being able to get into the cockpit...
  
  --
  The cesspool just got a check and balance.
12. Re:Here's what's funny about all of this by Mashiki · 2014-01-31 07:49 · Score: 2
  
  So now the Canadians are following in America's footsteps, because no government, Liberal or Conservative, wants to be blamed for the next attack.
  Haha no. We've been doing this up in Canada long before the American letter agencies did. If you need to see why, look up when the RCMP had the "national security" mandate ripped away and a new spy agency created(CSIS). We've had plenty of terrorist attacks up here, in a few cases by the RCMP. The rest by: Extremist Quebeckers, militant sikh's, muslims(prior to 9/11), indians(or natives if you prefer), eco-terrorists(decades of those), etc, etc, etc.
  The difference between what was happening in the past and today is what? If you guess that it's more out in the open you'd be correct. And really in Canada, that's the only difference, the governments of Canada left or right have generally taken a very hard line on ensuring national sovereignty and protection from any enemy.
  
  --
  Om, nomnomnom...
Airport wifi by grub · 2014-01-31 04:40 · Score: 4, Interesting

"free" airport wifi is a vacuum operation. Interesting note: we were heading out on a vacation a couple of weeks ago. I plugged my iPad into the USB charger in the plane and got a nice popup (typing this from the screen shot I took):

Trust This Computer? Your settings and data will be accessible from this computer when connected. [Trust] [Don't Trust]

So charging on planes is another thing to avoid for me.

--
Trolling is a art,
1. Re:Airport wifi by Anonymous Coward · 2014-01-31 04:48 · Score: 2, Insightful
  
  Use a condom.
2. Re:Airport wifi by AmiMoJo · 2014-01-31 05:01 · Score: 2
  
  To be fair the reason the "charger" on the aircraft appears to be a computer is because it is, in fact, a computer. On some versions you can browse flash drives for media to play, on others the functionality isn't enabled and you can only charge. Even when they are charge only though it's a normal USB port and does a handshake to negotiate how much current to supply, as per the spec.
  Moral of the story is you need to get a charging only USB cable, if such a thing exists for Apple devices. The data lines are physically disconnected.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
3. Re:Airport wifi by 0123456 · 2014-01-31 05:14 · Score: 2
  
  This was on an Air Canada flight heading south. I don't recall the type of plane, sorry. Heading back on WestJet had no USB port.
  Every Air Canada plane I've flown on in the last few years that had in-flight entertainment also had USB ports for charging. They also have 110V power, though that's only for one seat in two back in cattle class.
Don't we even care anymore? by ah.clem · 2014-01-31 04:40 · Score: 2

I no longer expect outrage, as that seems to be beyond our capacity anymore, but it feels like we treat this kind of news as if it's just trivial bullshit. Has it come to that? Doesn't anyone call their representatives, no matter how deaf they might be? Anyone write letters to their local newspaper about this kind of erosion of personal liberties? Anyone trying to get someone to listen and pay attention, or are we all just willing to head blindly to the kill-floor, tweeting and texting the latest lolcat?
It seems to me that we are giving our lives away for nothing.

--
"Life is not magic." Dr. Ron Weiss - "If we don't play God, who will?" Dr. James Watson
Re:That's impolite by davecb · 2014-01-31 04:44 · Score: 2

Same way as early PCs and IBM token-rings did it: broadcast("I'd like to be user %d", id=rand(seed)); and see if anyone already has that number.
(Never ask a factual question sarcastically on a nerd site: someone will probably know the answer (:-))

--
davecb@spamcop.net
Re:That's impolite by SuricouRaven · 2014-01-31 04:55 · Score: 2

Statistically.
MAC addresses are six bytes long. Even minus the multicasts, that's still a lot of combinations. The solution is obvious:
1. Client generates random MAC for the session, connects, starts doing stuff.
2. Client listens for a couple of minutes for a matching MAC. If found, goto 1.
A collision is possible, yes, if the previous user of that address happens to be quiet at the time. But it's also very unlikely, and can be resolved by simply reconnecting. No modification to the network hardware is required, nor to other clients.
Re:Nevermind that spy behind the curtain... by dcw3 · 2014-01-31 04:56 · Score: 3, Insightful

Secret != illegal
Not that I'm agreeing with what their doing, but I do believe there need to be secrets.l

--
Just another day in Paradise
Re:Very few technical details in this story by SuricouRaven · 2014-01-31 05:02 · Score: 2

Quite possibly, actually. In order to avoid legal issues (mostly being falsely accused of any crimes committed from their hotspot), many businesses don't run their own. They instead pay a specialist to administer it, handle legal defense and deal with the hassle of authenticating users (typically via a captive portal) to prevent abuse. Hundreds of shops and restaurants might run APs in a city, but only a couple of companies actually administer them all. So it's plausible that CSEC could have arrangements with them.
Re:Nevermind that spy behind the curtain... by Anonymous Coward · 2014-01-31 05:09 · Score: 2

When two kids start arguing over a toy, we take the toy away. When someone drives while drunk, we confiscate their car. When governments start abusing their secret work, we must take away their abilities to keep secrets.
In all cases everybody gets hurt a little, but the alternative is to let things escalate and then somebody will get hurt a lot more.
Re:Why? by compro01 · 2014-01-31 05:36 · Score: 4, Insightful

Just because you're in an airport doesn't mean you're getting on a plane.

--
upon the advice of my lawyer, i have no sig at this time
More like uno-polar by SuperKendall · 2014-01-31 05:39 · Score: 2

with the democratic westernized economies on one side, and authoritarian non-democratic countries
Say what again? I do not see a huge difference these days between Russia and over-regulated western countries controlled by what is essentially a permanent ruling class of government workers. Russia is just a tiny bit more brazen about what it does... a TINY bit more.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Re:YVR (Vancouver Airport) WiFi is so useless. by davester666 · 2014-01-31 05:40 · Score: 2

and they don't have the budget of the NSA...they only have a single computer with a Core2Duo to do all the computers in the airport

--
Sleep your way to a whiter smile...date a dentist!
Re:Why? by Nyder · 2014-01-31 06:54 · Score: 2

Just because you're in an airport doesn't mean you're getting on a plane.
Ya, I was using the airport for free wifi, but now I'm going to reconsider...

--
Be seeing you...
Re:We're paying for the privilege of being spied o by dryeo · 2014-01-31 07:16 · Score: 2

As the sibling post says, it is much cheaper to catch a flight from an American airport, not just to Europe either but pretty well anywhere. This is (at least partly) due to Canadian airports having to be self-financing and people expect some perks like free WIFI after paying the extra charges.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Polite spying by phorm · 2014-01-31 07:30 · Score: 2

Excuse me sir, but I believe that based you accidentally overpaid for your timbits and coffee, can you report back to Tim Horton's.
Oh, and this long cylindrical object with a fuse that was in your check-on, you can have this back now, thanks.