July 25, 2016
The Data Hackers
Posted on Oct 11, 2013
By Pratap Chatterjee, TomDispatch
This piece first appeared at TomDispatch. Read Tom Engelhardt’s introduction here.
Big Bro is watching you. Inside your mobile phone and hidden behind your web browser are little known software products marketed by contractors to the government that can follow you around anywhere. No longer the wide-eyed fantasies of conspiracy theorists, these technologies are routinely installed in all of our data devices by companies that sell them to Washington for a profit.
That’s not how they’re marketing them to us, of course. No, the message is much more seductive: Data, Silicon Valley is fond of saying, is the new oil. And the Valley’s message is clear enough: we can turn your digital information into fuel for pleasure and profits—if you just give us access to your location, your correspondence, your history, and the entertainment that you like.
Ever played Farmville? Checked into Foursquare? Listened to music on Pandora? These new social apps come with an obvious price tag: the annoying advertisements that we believe to be the fee we have to pay for our pleasure. But there’s a second, more hidden price tag—the reams of data about ourselves that we give away. Just like raw petroleum, it can be refined into many things—the high-octane jet fuel for our social media and the asphalt and tar of our past that we would rather hide or forget.
We willingly hand over all of this information to the big data companies and in return they facilitate our communications and provide us with diversions. Take Google, which offers free email, data storage, and phone calls to many of us, or Verizon, which charges for smartphones and home phones. We can withdraw from them anytime, just as we believe that we can delete our day-to-day social activities from Facebook or Twitter.
Square, Site wide
But there is a second kind of data company of which most people are unaware: high-tech outfits that simply help themselves to our information in order to allow U.S. government agencies to dig into our past and present. Some of this is legal, since most of us have signed away the rights to our own information on digital forms that few ever bother to read, but much of it is, to put the matter politely, questionable.
This second category is made up of professional surveillance companies. They generally work for or sell their products to the government—in other words, they are paid with our tax dollars—but we have no control over them. Harris Corporation provides technology to the FBI to track, via our mobile phones, where we go; Glimmerglass builds tools that the U.S. intelligence community can use to intercept our overseas calls; and companies like James Bimen Associates design software to hack into our computers.
There is also a third category: data brokers like Arkansas-based Acxiom. These companies monitor our Google searches and sell the information to advertisers. They make it possible for Target to offer baby clothes to pregnant teenagers, but also can keep track of your reading habits and the questions you pose to Google on just about anything from pornography to terrorism, presumably to sell you Viagra and assault rifles.
Edward Snowden has done the world a great service by telling us what the National Security Agency does and how it has sweet-talked, threatened, and bullied the first category of companies into handing over our data. As a result, perhaps you’ve considered switching providers from AT&T to T-Mobile or Dropbox to the more secure SpiderOak. After all, who wants some anonymous government bureaucrat listening in on or monitoring your online and phone life?
Missing from this debate, however, have been the companies that get contracts to break into our homes in broad daylight and steal all our information on the taxpayer’s dime. We’re talking about a multi-billion dollar industry whose tools are also available for those companies to sell to others or even use themselves for profit or vicarious pleasure.
So just what do these companies do and who are they?
The simplest form of surveillance technology is an IMSI catcher. (IMSI stands for International Mobile Subscriber Identity, which is unique to every mobile phone.) These highly portable devices pose as mini-mobile phone towers and can capture all the mobile-phone signals in an area. In this way, they can effectively identify and locate all phone users in a particular place. Some are small enough to fit into a briefcase, others are no larger than a mobile phone. Once deployed, the IMSI catcher tricks phones into wirelessly sending it data.
By setting up several IMSI catchers in an area and measuring the speed of the responses or “pings” from a phone, an analyst can follow the movement of anyone with a mobile phone even when they are not in use.
One of the key players in this field is the Melbourne, Florida-based Harris Corporation, which has been awarded almost $7 million in public contracts by the Federal Bureau of Investigation (FBI) since 2001, mostly for radio communication equipment. For years, the company has also designed software for the agency’s National Crime Information Center to track missing persons, fugitives, criminals, and stolen property.
Harris was recently revealed to have designed an IMSI catcher for the FBI that the company named “Stingray.” Court testimony by FBI agents has confirmed the existence of the devices dating back to at least 2002. Other companies like James Bimen Associates of Virginia have allegedly designed custom software to help the FBI hack into people’s computers, according to research by Chris Soghoian of the American Civil Liberties Union (ACLU).
The FBI has not denied this. The Bureau “hires people who have hacking skill, and they purchase tools that are capable of doing these things,” a former official in the FBI’s cyber division told the Wall Street Journal recently. “When you do, it’s because you don’t have any other choice.”
New and Improved Comments