[Commotion-discuss] Seattle Police mesh network for surveillance?

Thu Nov 7 03:31:00 UTC 2013

A mesh backhaul for video cameras, along with miscellaneous data services,
seems the the only probable use for this mesh.

I'm unclear about how dual-band 802.11n outdoor radios can accomplish much
along the lines of meaningful surveillance all by itself, unless the APs
offer unencrypted WiFi with Internet access as a sort of honey pot.  Client
devices like smart phones are indeed sampling the air for whatever SSIDs
are currently in range, but they're not transmitting unless the user
selects an AP connect to, or unless the phones are configured to
automatically associate with open APs.  Is this actually still the default
configuration of most smart phones, or do enough phones still do it to
justify building a $2.7M mesh network to exploit that?

If anything, the decision to use a mesh of small devices with omni dipoles
might indicate some progress.  The police-funded video surveillance system
going up here in St. Louis are relying on gangly rooftop masts studded with
lots of Firetide radios and 2.4GHz panels pointed every which direction,
for what probably eats up more taxpayer $$$ per unit than the Aruba gear
used by the SPD.

Besides, phone tracking is conventionally done using the IMEI; the MAC of
the device's 802.11 chipset is irrelevant.  On the post-Snowden assumption
that any carrier data on your phone's whereabouts can readily be handed
over (or has already been handed over) to nosy intelligence services,
having such a mesh network purpose-built to that end seems redundant.

On Wed, Nov 6, 2013 at 8:32 PM, Dan Staples <
danstaples at opentechinstitute.org> wrote:

>
> http://www.thestranger.com/seattle/you-are-a-rogue-device/Content?oid=18143845
>
> You Are a Rogue Device
> A New Apparatus Capable of Spying on You Has Been Installed Throughout
> Downtown Seattle. Very Few Citizens Know What It Is, and Officials Don’t
> Want to Talk About It.
>
> by Matt Fikse-Verkerk and Brendan Kiley
>
> If you're walking around downtown Seattle, look up: You'll see off-white
> boxes, each one about a foot tall with vertical antennae, attached to
> utility poles. If you're walking around downtown while looking at a
> smartphone, you will probably see at least one—and more likely two or
> three—Wi-Fi networks named after intersections: "4th&Seneca,"
> "4th&Union," "4th&University," and so on. That is how you can see the
> Seattle Police Department's new wireless mesh network, bought from a
> California-based company called Aruba Networks, whose clients include
> the Department of Defense, school districts in Canada, oil-mining
> interests in China, and telecommunications companies in Saudi Arabia.
>
> The question is: How well can this mesh network see you?
>
> How accurately can it geo-locate and track the movements of your phone,
> laptop, or any other wireless device by its MAC address (its "media
> access control address"—nothing to do with Macintosh—which is analogous
> to a device's thumbprint)? Can the network send that information to a
> database, allowing the SPD to reconstruct who was where at any given
> time, on any given day, without a warrant? Can the network see you now?
>
> The SPD declined to answer more than a dozen questions from The
> Stranger, including whether the network is operational, who has access
> to its data, what it might be used for, and whether the SPD has used it
> (or intends to use it) to geo-locate people's devices via their MAC
> addresses or other identifiers.
>
> Seattle Police detective Monty Moss, one of the leaders of the
> mesh-network project—one part of a $2.7 million effort, paid for by the
> Department of Homeland Security—wrote in an e-mail that the department
> "is not comfortable answering policy questions when we do not yet have a
> policy." But, Detective Moss added, the SPD "is actively collaborating
> with the mayor's office, city council, law department, and the ACLU on a
> use policy." The ACLU, at least, begs to differ: "Actively
> collaborating" is not how they would put it. Jamela Debelak, technology
> and liberty director of the Seattle office, says the ACLU submitted
> policy-use suggestions months ago and has been waiting for a response.
>
> Detective Moss also added that the mesh network would not be used for
> "surveillance purposes... without City Council's approval and the
> appropriate court authorization." Note that he didn't say the mesh
> network couldn't be used for the surveillance functions we asked about,
> only that it wouldn't—at least until certain people in power say it can.
> That's the equivalent of a "trust us" and a handshake.
>
> His answer is inadequate for other reasons as well. First, the city
> council passed an ordinance earlier this year stating that any potential
> surveillance equipment must submit protocols to the city council for
> public review and approval within 30 days of its acquisition and
> implementation. This mesh network has been around longer than that, as
> confirmed by Cascade Networks, Inc., which helped install it. Still, the
> SPD says it doesn't have a policy for its use yet. Mayor McGinn's office
> says it expects to see draft protocols sometime in December—nearly nine
> months late, according to the new ordinance.
>
> Second, and more importantly, this mesh network is part of a whole new
> arsenal of surveillance technologies that are moving faster than the
> laws that govern them are being written. As Stephanie K. Pell (former
> counsel to the House Judiciary Committee) and Christopher Soghoian
> (senior policy analyst at the ACLU) wrote in a 2012 essay for the
> Berkeley Technology Law Journal:
>
>     The use of location information by law enforcement agencies is
> common and becoming more so as technological improvements enable
> collection of more accurate and precise location data. The legal mystery
> surrounding the proper law enforcement access standard for prospective
> location data remains unsolved. This mystery, along with conflicting
> rulings over the appropriate law enforcement access standards for both
> prospective and historical location data, has created a messy,
> inconsistent legal landscape where even judges in the same district may
> require law enforcement to meet different standards to compel location
> data.
>
> In other words, law enforcement has new tools—powerful tools. We didn't
> ask for them, but they're here. And nobody knows the rules for how they
> should be used.
>
> This isn't the first time the SPD has purchased surveillance equipment
> (or, as they might put it, public-safety equipment that happens to have
> powerful surveillance capabilities) without telling the rest of the
> city. There was the drones controversy this past winter, when the public
> and elected officials discovered that the SPD had bought two unmanned
> aerial vehicles with the capacity to spy on citizens. There was an
> uproar, and a few SPD officers embarked on a mea culpa tour of community
> meetings where they answered questions and endured (sometimes raucous)
> criticism. In February, Mayor Mike McGinn announced he was grounding the
> drones, but a new mayor could change his mind. Those SPD drones are
> sitting somewhere right now on SPD property.
>
> Meanwhile, the SPD was also dealing with the port-camera surveillance
> scandal. That kicked off in late January, when people in West Seattle
> began wondering aloud about the 30 cameras that had appeared unannounced
> on utility poles along the waterfront. The West Seattle neighborhood
> blog (westseattleblog.com) sent questions to city utility companies, and
> the utilities in turn pointed at SPD, which eventually admitted that it
> had purchased and installed 30 surveillance cameras with federal money
> for "port security." That resulted in an additional uproar and another
> mea culpa tour, much like they did with the drones, during which
> officers repeated that they should have done a better job of educating
> the public about what they were up to with the cameras on Alki.
> (Strangely, the Port of Seattle and the US Coast Guard didn't seem very
> involved in this "port security" project—their names only appear in a
> few cursory places in the budgets and contracts. The SPD is clearly the
> driving agency behind the project. For example, their early tests of
> sample Aruba products—beginning with a temporary Aruba mesh network set
> up in Pioneer Square for Mardi Gras in 2009—didn't have anything to do
> with the port whatsoever.)
>
> The cameras attracted the controversy, but they were only part of the
> project. In fact, the 30 pole-mounted cameras on Alki that caused the
> uproar cost $82,682—just 3 percent of the project's $2.7 million
> Homeland Security–funded budget. The project's full title was "port
> security video surveillance system with wireless mesh network." People
> raised a fuss about the cameras. But what about the mesh network?
>
> Detective Moss and Assistant Chief Paul McDonagh mentioned the downtown
> mesh network during those surveillance-camera community meetings, saying
> it would help cops and firefighters talk to each other by providing a
> wireless network for their exclusive use, with the potential for others
> to use overlaid networks handled by the same equipment. (Two-way radios
> already allow police officers to talk to each other, but officers still
> use wireless networks to access data, such as the information an officer
> looks for by running your license plate number when you've been pulled
> over.)
>
> As Brian Magnuson of Cascade Networks, Inc., which helped install the
> Aruba system, explained the possible use of such a system: "A normal
> cell-phone network is a beautiful thing right up until the time you
> really need it—say you've just had an earthquake or a large storm, and
> then what happens? Everybody picks up their phone and overloads the
> system." The network is most vulnerable precisely when it's most needed.
> A mesh network could be a powerful tool for streaming video from
> surveillance cameras or squad car dash-cams across the network, allowing
> officers "real-time situational awareness" even when other communication
> systems have been overloaded, as Detective Moss explained in those
> community meetings.
>
> But the Aruba mesh network is not just for talking, it's also for tracking.
>
> After reviewing Aruba's technical literature, as well as talking to IT
> directors and systems administrators around the country who work with
> Aruba products, it's clear that their networks are adept at seeing all
> the devices that move through their coverage area and visually mapping
> the locations of those devices in real time for the system
> administrators' convenience. In fact, one of Aruba's major selling
> points is its ability to locate "rogue" or "unassociated" devices—that
> is, any device that hasn't been authorized by (and maybe hasn't even
> asked to be part of) the network.
>
> Which is to say, your device. The cell phone in your pocket, for instance.
>
> The user's guide for one of Aruba's recent software products states:
> "The wireless network has a wealth of information about unassociated and
> associated devices." That software includes "a location engine that
> calculates associated and unassociated device location every 30 seconds
> by default... The last 1,000 historical locations are stored for each
> MAC address."
>
> For now, Seattle's mesh network is concentrated in the downtown area.
> But the SPD has indicated in PowerPoint presentations—also acquired by
> The Stranger—that it hopes to eventually have "citywide deployment" of
> the system that, again, has potential surveillance capabilities that the
> SPD declined to answer questions about. That could give a whole new
> meaning to the phrase "real-time situational awareness."
>
> So how does Aruba's mesh network actually function?
>
> Each of those off-white boxes you see downtown is a wireless access
> point (AP) with four radios inside it that work to shove giant amounts
> of data to, through, and around the network, easily handling
> bandwidth-hog uses such as sending live, high-resolution video to or
> from moving vehicles. Because this grid of APs forms a latticelike mesh,
> it works like the internet itself, routing traffic around bottlenecks
> and "self-healing" by sending traffic around components that fail.
>
> As Brian Magnuson at Cascade Networks explains: "When you have 10 people
> talking to an AP, no problem. If you have 50, that's a problem." Aruba's
> mesh solution is innovative—instead of building a few high-powered,
> herculean APs designed to withstand an immense amount of traffic, Aruba
> sprinkles a broad area with lots of lower-powered APs and lets them
> figure out the best way to route all the data by talking to each other.
>
> Aruba's technology is considered cutting-edge because its systems are
> easy to roll out, administer, and integrate with other systems, and its
> operating system visualizes what's happening on the network in a simple,
> user-friendly digital map. The company is one of many firms in the
> networking business, but, according to the tech-ranking firm Gartner,
> Aruba ranks second (just behind Cisco) in "completeness of vision" and
> third in "ability to execute" for its clever ways of getting around
> technical hurdles.
>
> Take Candlestick Park, the San Francisco 49ers football stadium, which,
> Magnuson says, is just finishing up an Aruba mesh network installation.
> The stadium has high-intensity cellular service needs—70,000 people can
> converge there for a single event in one of the most high-tech cities in
> America, full of high-powered, newfangled devices. "Aruba's solution was
> ingenious," Magnuson says. It put 640 low-power APs under the stadium's
> seats to diffuse the data load. "If you're at the stadium and trying to
> talk to an AP," Magnuson says, "you're probably sitting on it!"
>
> Another one of Aruba's selling points is its ability to detect rogue
> devices—strangers to the system. Its promotional "case studies" trumpet
> this capability, including one report about Cabela's hunting and
> sporting goods chain, which is an Aruba client: "Because Cabela's stores
> are in central shopping areas, the company captures huge quantities of
> rogue data—as many as 20,000 events per day, mostly from neighboring
> businesses." Aruba's network is identifying and distinguishing which
> devices are allowed on the Cabela's network and which are within the
> coverage area but are just passing through. The case study also
> describes how Cabela's Aruba network was able to locate a lost
> price-scanner gun in a large warehouse by mapping its location, as well
> as track employees by the devices they were carrying.
>
> It's one thing for a privately owned company to register devices it
> already owns with a network. It's another for a local police department
> to scale up that technology to blanket an entire downtown—or an entire
> city.
>
> Aruba also sells a software product called "Analytics and Location
> Engine 1.0." According to a document Aruba has created about the
> product, ALE "calculates the location of associated and unassociated
> wifi devices... even though a device has not associated to the network,
> information about it is available. This includes the MAC address,
> location, and RSSI information." ALE's default setting is anonymous,
> which "allows for unique user tracking without knowing who the
> individual user is." But, Aruba adds in the next sentence, "optionally
> the anonymization can be disabled for richer analytics and user behavior
> tracking." The network has the ability to see who you are—how deeply it
> looks is up to whoever's using it. (The Aruba technology, as far as we
> know, does not automatically associate a given MAC address with the name
> on the device's account. But figuring out who owns the account—by asking
> a cell-phone company, for example—would not be difficult for a
> law-enforcement agency.)
>
> Geo-location seems to be an area of intense interest for Aruba. Last
> week, the Oregonian announced that Aruba had purchased a Portland
> mapping startup called Meridian, which, according to the article, has
> developed software that "pinpoints a smartphone's location inside a
> venue, relying either on GPS technology or with localized wireless
> networks." The technology, the article says, "helps people find their
> way within large buildings, such as malls, stadiums, or airports and
> enables marketing directed at a phone's precise location."
>
> How does that geo-location work? Devices in the network's coverage area
> are "heard" by more than one radio in those APs (the off-white boxes).
> Once the network hears a device from multiple APs, it can compare the
> strength and timing of the signal to locate where the device is. This is
> classic triangulation, and users of Aruba's AirWave software—as in the
> Cabela's example—report that their systems are able to locate devices to
> within a few feet.
>
> In the case of large, outdoor installations where APs are more spread
> out, the ability to know what devices are passing through is
> useful—especially, perhaps, to policing agencies, which could log that
> data for long-term storage. As networking products and their uses
> continue to evolve, they will only compound the "legal mystery" around
> how this technology could and should be used that Pell and Soghoian
> described in their Berkeley Technology Law Journal piece. Aruba's mesh
> network is state-of-the-art, but something significantly smarter and
> more sensitive will surely be on the market this time next year. And who
> knows how much better the software will get.
>
> An official spokesperson for Aruba wrote in an e-mail that the company
> could not answer The Stranger's questions because they pertained "to a
> new product announcement" that would not happen until Thanksgiving.
> "Aruba's technology," the spokesperson added, "is designed for indoor
> (not outdoor) usage and is for consumer apps where they opt in." This is
> in direct contradiction to Aruba's own user's manuals, as well as the
> fact that the Seattle Police Department installed an outdoor Aruba mesh
> network earlier this year.
>
> One engineer familiar with Aruba products and similar systems—who
> requested anonymity—confirmed that the mesh network and its software are
> powerful tools. "But like anything," the engineer said, it "can be used
> inappropriately... You can easily see how a user might abuse this
> ability (network admin has a crush on user X, monitors user X's location
> specifically)." As was widely reported earlier this year, such alleged
> abuses within the NSA have included a man who spied on nine women over a
> five-year period, a woman who spied on prospective boyfriends, a man who
> spied on his girlfriend, a husband who spied on his wife, and even a man
> who spied on his ex-girlfriend "on his first day of access to the NSA's
> surveillance system," according to the Washington Post. The practice was
> so common within the NSA, it got its own classification: "LOVEINT."
>
> Other Aruba clients—such as a university IT director, a university vice
> president, and systems administrators—around the country confirmed it
> wouldn't be difficult to use the mesh network to track the movement of
> devices by their MAC addresses, and that building a historical database
> of their movements would be relatively trivial from a data-storage
> perspective.
>
> As Bruce Burton, an information technology manager at the University of
> Cincinnati (which uses an Aruba network), put it in an e-mail: "This
> mesh network will have the capability to track devices (MAC addresses)
> throughout the city."
>
> Not that the SPD would do that—but we don't know. "We definitely feel
> like the public doesn't have a handle on what the capabilities are,"
> says Debelak of the ACLU. "We're not even sure the police department
> does." It all depends on what the SPD says when it releases its
> mesh-network protocols.
>
> "They're long overdue," says Lee Colleton, a systems administrator at
> Google who is also a member of the Seattle Privacy Coalition, a
> grassroots group that formed in response to SPD's drone and
> surveillance-camera controversies. "If we don't deal with this kind of
> thing now, and establish norms and policies, we'll find ourselves in an
> unpleasant situation down the road that will be harder to change."
>
> The city is already full of surveillance equipment. The Seattle
> Department of Transportation, for example, uses license-plate scanners,
> sensors embedded in the pavement, and other mechanisms to monitor
> individual vehicles and help estimate traffic volume and wait time. "But
> as soon as that data is extrapolated," says Adiam Emery of SDOT, "it's
> gone." They couldn't turn it over to a judge if they tried.
>
> Not that license-plate scanners have always been so reliable. Doug Honig
> of the ACLU remembers a story he heard from a former staffer a couple of
> years ago about automatic license-plate readers on police cars in
> Spokane. Automatic license-plate readers "will read a chain-link fence
> as XXXXX," Honig says, "which at the time also matched the license plate
> of a stolen car in Mississippi, resulting in a number of false alerts to
> pull over the fence."
>
> Seattle's mesh network is only one instance in a trend of Homeland
> Security funding domestic surveillance equipment. Earlier this month,
> the New York Times ran a story about a $7 million Homeland Security
> grant earmarked for "port security"—just like the SPD's mesh-network
> funding—in Oakland.
>
> "But instead," the Times reports, "the money is going to a police
> initiative that will collect and analyze reams of surveillance data from
> around town—from gunshot- detection sensors in the barrios of East
> Oakland to license plate readers mounted on police cars patrolling the
> city's upscale hills."
>
> The Oakland "port security" project, which the Times reports was
> formerly known as the "Domain Awareness Center," will "electronically
> gather data around the clock from a variety of sensors and databases,
> analyze that data, and display some of the information on a bank of
> giant monitors." The Times doesn't detail what kind of "sensors and
> databases" the federally funded "port security" project will pay for,
> but perhaps it's something like Seattle's mesh network with its ability
> to ping, log, and visually map the movement of devices in and out of its
> coverage area.
>
> Which brings up some corollary issues, ones with implications much
> larger than the SPD's ability to call up a given time on a given day and
> see whether you were at work, at home, at someone's else home, at a bar,
> or at a political demonstration: What does it mean when money from a
> federal agency like the Department of Homeland Security is being
> funneled to local police departments like SPD to purchase and use
> high-powered surveillance gear?
>
> For federal surveillance projects, the NSA and other federal spying
> organizations have at least some oversight—as flawed as it may be—from
> the Foreign Intelligence Surveillance Court (also known as the FISA
> court) and the US Congress. But local law enforcement doesn't have that
> kind of oversight and, in Seattle at least, has been buying and
> installing DHS-funded surveillance equipment without explaining what
> it's up to. The city council's surveillance ordinance earlier this year
> was an attempt to provide local oversight on that kind of policing, but
> it has proven toothless.
>
> It's reasonable to assume that locally gleaned information will be
> shared with other organizations, including federal ones. An SPD diagram
> of the mesh network, for example, shows its information heading to
> institutions large and small, including the King County Sheriff's
> Office, the US Coast Guard, and our local fusion center.
>
> Fusion centers, if you're unfamiliar with the term, are
> information-sharing hubs, defined by the Department of Homeland Security
> as "focal points" for the "receipt, analysis, gathering, and sharing" of
> surveillance information.
>
> If federally funded, locally built surveillance systems with little to
> no oversight can dump their information in a fusion center—think of it
> as a gun show for surveillance, where agencies freely swap information
> with little restriction or oversight—that could allow federal agencies
> such as the FBI and the NSA to do an end-run around any limitations set
> by Congress or the FISA court.
>
> If that's their strategy in Seattle, Oakland, and elsewhere, it's an
> ingenious one—instead of maintaining a few high-powered, herculean
> surveillance agencies designed to digest an immense amount of traffic
> and political scrutiny, the federal government could sprinkle an entire
> nation with lots of low-powered surveillance nodes and let them figure
> out the best way to route the data by talking to each other. By
> diffusing the way the information flows, they can make it flow more
> efficiently.
>
> It's an innovative solution—much like the Aruba mesh network itself.
>
> The Department of Homeland Security has not responded to requests for
> comment.
>
> --
> Dan Staples
>
> Open Technology Institute
> https://commotionwireless.net
> OpenPGP key: http://disman.tl/pgp.asc
> Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9
> _______________________________________________
> Commotion-discuss mailing list
> Commotion-discuss at lists.chambana.net
> https://lists.chambana.net/mailman/listinfo/commotion-discuss
>
>

-- 
Ben West
http://gowasabi.net
ben at gowasabi.net
314-246-9434
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-discuss/attachments/20131106/94ce495f/attachment-0001.html>