Slashdot Mirror
AT&T Is Spying on Americans For Profit, New Documents Reveal (thedailybeast.com)
AT&T has been secretly spying on its own customers, the Daily Beast reports. The revelation comes days after the top carrier announced plans to purchase Time Warner. The report claims that AT&T ran a program called Project Hemisphere through which it analyzed cellular data from the company's call records to determine where a given individual is located and with whom they are speaking. The New York Times reported about the program's existence in 2013, but it was described as a "partnership" between A&T and the government for fighting narcotics trafficking. But today's report, which cites several classifed documents, claims that AT&T used Hemisphere for a range of other functions -- and always without a warrant. From the report:Hemisphere is a secretive program run by AT&T that searches trillions of call records and analyzes cellular data to determine where a target is located, with whom he speaks, and potentially why. [...] Hemisphere isn't a "partnership" but rather a product AT&T developed, marketed, and sold at a cost of millions of dollars per year to taxpayers. No warrant is required to make use of the company's massive trove of data, according to AT&T documents, only a promise from law enforcement to not disclose Hemisphere if an investigation using it becomes public. These new revelations come as the company seeks to acquire Time Warner in the face of vocal opposition saying the deal would be bad for consumers. While telecommunications companies are legally obligated to hand over records, AT&T appears to have gone much further to make the enterprise profitable, according to ACLU technology policy analyst Christopher Soghoian. "Companies have to give this data to law enforcement upon request, if they have it. AT&T doesn't have to data-mine its database to help police come up with new numbers to investigate," Soghoian said. AT&T has a unique power to extract information from its metadata because it retains so much of it. The company owns more than three-quarters of U.S. landline switches, and the second largest share of the nation's wireless infrastructure and cellphone towers, behind Verizon. AT&T retains its cell tower data going back to July 2008, longer than other providers. Verizon holds records for a year and Sprint for 18 months, according to a 2011 retention schedule obtained by The Daily Beast.
I hope we get more Senators like Al Franken in our government. We really need to move more toward a culture that values privacy. Google and Facebook profits be damned, we need to be more like Germany and a majority of Europe.
I'm guessing too big to fail also means too big for jail.
Sometimes I just lose faith.
I sure wish Obama was actually going to stop this kind of thing like he promised long ago :(
It is unlawful to use encryption on amateur radios for normal communication. If you are a ham radio operator you should know that.
1) It's illegal to encrypt ham radio transmissions.
2) Tin foil does nothing useful when it comes to this type of thing.
3) Wired transmissions are probably the most secure way to communicate.
The proverbial chickens are coming home to roost, aren't they?
Memo to all of you who are saying they're tired of the 'conspiracy theory' nuts: It's not a 'conspiracy theory' anymore, now is it? Also, don't allow yourself to think for a single moment that they're not collecting more data than even this article reveals, or that they're not doing more with all that data than it reveals.
Also, Memo to the 'I'm not doing anything wrong, so I have nothing to fear' idiots: You helped create this dystopia we're living in, you sons of bitches!
Now, recriminations aside: How do we start reversing this? It's bullshit, it's completely unacceptable, and it has to STOP.
"only a promise from law enforcement to not disclose Hemisphere if an investigation using it becomes public."
Aren't they required to disclose this kind of thing in the discovery phase of the prosecution? Anything less would be blatantly unconstitutional.
AT&T spies on its customers: I don't care.
AT&T spies on everyone else: Now I'm OUTRAGED!
This is 2016, I would have thought the very fact our telecommunications companies (and everyone else who has the ability to) are spying on us should be common knowledge, not news.
Here's a quick flow chart that applies to all big companies and organisations that you associate with.
Can they spy on you ------No-------> They're buying data about you from someone who can.
.|..
.|..
.|..
Yes.
\./.
They are spying on you.
"That's the way to do it" - Punch
Hey...those phone cops play hardball!!!
And just remember.....
When everyone is out to get you, paranoid is just....
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Then you have nothing to hide, citizen.
Have gnu, will travel.
Please use the SIgnal app instead of Whatsapp or the phone, then the morons will perhaps stop spying on us.
It seems more and more like the only method of wireless communication left is ham radio... and to protect what little is left of our privacy, encrypt it. I know that's not realistic, as the process requires shared keys, but such blatantly ridiculous methods do appear to be our last hope.
Tin foil is not a solution, but it may give a false sense of safety - which is all we have left.
"Cut the cable".. aka end one's subscription to cable TV... Time Warner stands out...
http://www.amateurradio.com/en...
Lets say I want a list of all cell phone customers who regularly commute to a certain location in Langley, Virginia. And a list of the numbers that they call. And then I want a list of all of the phones worldwide that call these same numbers. I now have a pretty good list of all of your agents*. And if I am the FSB, it's a hell of a lot cheaper to buy that data from AT&T, Verizon and others than try to collect it myself. Thanks a lot, useful idiots.
*It's a bit more complicated than this. But link analysis tools can dig down through quite a few nodes to recover useful information.
Have gnu, will travel.
Since when is this NEW? All major telcos keeps records of activity by their own customers. How the hell do you think they even bill you in the first place? They just arbitrarily make up numbers!? (oh wait, we're not talking about Comcast here, are we)
For every single person I've had to help service and get into their phone information through their carrier, the carrier's web site for that account has a full detailed history of every single incoming call, outgoing call, time of call, duration of call, and other various tidbits of metadata.
Now, some want to scream "HOLYSHIT, MASS DATA TRACKING!!" - Now compare this to the DEFAULT configuration within Apache or Nginx, which literally logs every single web site request to itself, along with IP address of requester, time of day, URL of request, etc...
And also, about physical location information. How the hell do you think the cell phone network works in the first place? Your wireless phone isn't some magical device that works EVERYWHERE. It is highly regionalized for communication. It has to connect to a base station somewhere close by (sometimes smaller than a quarter mile within a big city, upwards of 10-20 miles out in the open country). Each of these stations has a unique ID to them, too. Why is that needed? So the damn phone company knows how to route a call to you when you receive it!
They followed the money http://www.phonearena.com/news/Wiretapping-is-common-practice-heres-how-much-carriers-charge-law-enforcement-agencies-for-it_id28755
https://tech.slashdot.org/stor...
I mean when I pick up the phone I already say hi to the NSA person, speak my location, who I am talking to, and the purpose of the call. Doesn't everybody do this?
What is NEW here is not that they could collect that metadata or that they let government benefit from it. What is new that this time it is a BUSINESS plan, a service for sale where they do the government's work for them and then sell the results to whomever they can find to sell the service to.
Assuming they follow the law (like anybody would go to jail) do we even have any laws that would apply to a private corporation data mining their customers and then selling the analysis?
REMEMBER after Snowden when the government said they'd change practices of spying on everybody? Remember how they said they'd work with businesses to have them do more instead of just hand over complete access thru a backdoor? This sure seems like the result of those changes to me! So instead of bright NSA contractors data mining our lives we outsourced it to the companies (plus probably still have back doors we will not know about until the next Snowden type risks his life.)
Democracy Now! - uncensored, anti-establishment news
How is this not wiretapping... especially illegal wiretapping in a messload of states?
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
As stated well by a ham in the comments to the linked article... "Amateur radio is explicitly not for traffic that needs to remain private. It exists for limited purposes not including routine communication that can be served by other means (e.g. a phone or ordinary internet connection). It is chiefly for education and research/experimentation in radio. It is not for general personal communications or commercial use." http://www.kb6nu.com/if-gotenn...
IIRC wired is not safe either google found out the hard way that their leased point to point fiber lines weren't private.
Which is why they are now using encryption for traffic on even their own lines.
Minimum threshold fixed. Thanks!
He's been saying for years that our phones are being used as spying devices. Most wrote it off as an extreme view, even those who are sympathetic to Stallman's causes. Turns out he's been right all along.
That said it is difficult to say that any telecommunications device is actually secure. The hardware it-self could be configured to make breaking encryption performed on it easier. Simpler yet to allow access to any communication or storage pre-encryption.
Once we fall into that rabbit hole though you had best be prepared to make your own chips to put in your home brewed HAM equipment because it's turtles all the way down.
The perversity of the Universe tends towards a maximum. - O'Toole's Corollary
In case you thought you were safe, all of this is tied into the facial recognition systems.
Wear hoodies. Use reversible layered clothing with dazzle patterns.
Use burner phones.
Use a voice mod and talk in a different pitch and pattern than usual.
-- Tigger warning: This post may contain tiggers! --
Should start a crowdsource fund to entice those who work with or have direct access to information like this to " leak " it out for all to see.
Put bounties out on secret hardware, manuals, source code, etc.
Nothing kills secrets faster than large amounts of cash. Once the rewards are large enough, nothing is safe.
AT&T can determine where you are, and who you are talking to, and all sorts of super-spy stuff like that. But they can't figure out where robocalls are coming from and stop those? AT&T can find me, but they can't find fucking Rachel from Card Member Services?
Make it make sense to me, AT&T. I challenge you.
Weaselmancer
rediculous.
Cross-check the IMEI of the phone against store inventories for when it was sold; pull CCTV camera footage for the store; put your face through face-recognition
It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
Except AT&T uses corruption to push the competitors out of the so-called "free" market.
I am not a licensed ham. I cited the article to indicate that other people have also *thought* about the idea. I have no intention of doing this.
My original comment was a tongue in check.
It was a sarcastic attempt to portray such an act of desperation as the only option left; to place emphasis on how truly bad things have become that the only way to achieve a measure of privacy was to resort to encrypting a communication method not owned and controlled by a corporate entity.
This story isn't about AT&T knowing the content of your communication, but only with whom. The Metadata.
If you're concerned that the simple fact you exchange messages with another specific person or site could set the black helicopters on you (or them), then a wireless broadcast, decryptable only by your pre-arranged partner will protect you better than encrypted, wired communication.
"It is not for general personal communications or commercial use."
Sad, that this may be one of the few ways to communicate that is not controlled (via centralized servers and corporate interests). Obviously w/o encryption it's not secure. Shows how competently modern communication methods have all been turned into one massive surveillance operation to both provide profit and power to the 'ones behind the curtain'....in the name of public safety of course, it's for the children!
So long as communication is only one way I agree that it adds some protection. At least in this one case. Number stations are a prime example of this sort of thing. Assuming your partner responds to your broadcast with a wireless transmission of their own and that such transmissions are being monitored it wouldn't take long to establish communications patterns in the radio broadcast themselves however. If they are recording broadcasts from multiple locations (Hey, lets put all those emergency repeaters across the country to good use!) then triangulation becomes fairly simple. The people involved would need to use separate transmission mediums that can't be cross correlated to effectively isolate themselves from one another. Other wise if one of you becomes a target as soon as some one looks at the data and says "Hey, these two encrypted stations appear to be communicating in response to one another" the white vans start roaming your neighborhood.
The perversity of the Universe tends towards a maximum. - O'Toole's Corollary
Any device / service that CAN gather data about you IS gathering data about you. The profit motivation for doing so is just too high for any corporation to turn it down. Even if they aren't immediately monetizing is, they are gathering it. Doing so is like making a deposit into a bank account.
Seems like we just did this but in fact it was way back in 1984 that the US government broke up (the original) AT&T.
Then, like idiots, we allowed AT&T to gradually reconstruct itself. "It will be OK this time" we maybe thought. "They've learnt their lesson. No more abusing their position and size."
You'll take it up the ass and like it because we're fighting narcotics trafficking.
I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom I provide, then questions the manner in which I provide it! I'd rather you just said thank you and went on your way.
There are two types of people in the world: Those who crave closure
Did you expect them to spy on us out of prurient interest? It's not like AT&T is an actual person...
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
You must *assume* carriers aren't honest. You don't know everyone who has access to the data that profiles you. You don't know their intentions, their contacts, their back-room deals. Do you really *want* to know? Do you think it would make a bit of difference?
Use strong encryption wherever you can. Encrypt your phone storage. Use anonymous VPNs and Tor. Be vigilant. Do whatever defensive measures you can do to protect yourself and the privacy of you and those you care about. Laws are meant to be broken. They're broken much more often than technological defenses are.
It is pitch black. You are likely to be eaten by a grue.
Outside dense urban areas, AT & T can't get a signal through to save its life. Now if Verizon spied on us, I would be concerned.
New laws like the USA Freedom Act ensure every telco will collect data and have it ready for the US government.
The color of law, Foreign Intelligence Surveillance Act and past "partnerships" are back with new laws to get around the Fourth Amendment protections.
"NSA Can Access More Phone Data Than Ever" (Oct 20, 2016)
http://abcnews.go.com/US/nsa-p...
"The USA Freedom Act ended the NSA's bulk collection of metadata but charged the telecommunications companies with keeping the data on hand."
"... the percentage of available records has shot up from 30 percent to virtually 100."
Domestic spying is now "Benign Information Gathering"
Then they'll just link the numbers you call to your phone. They'll have your contacts mapped to your location. They'll also have your traveling behavior due to the path of cell towers you connect to.
This can't be true... I mean... AT&T!
This story isn't about AT&T knowing the content of your communication, but only with whom. The Metadata.
Just like the Yahoo story was only about metadata except that it wasn't and Yahoo has been searching content for the Feds. With parallel construction preventing court challenges, legislated telecom immunity, and lack of an exclusion remedy for most searches, internet and phone communications have no 4th amendment protection.
EAE - Encrypt Absolutely Everything