实际上，前加利福尼亚州长灰色迪维斯从他的兄弟、巴里、摩根Stanley经纪或者InfraGard成员在所谓的恐怖分子得到了一个技巧在加利福尼亚。 Gray, being a normal human being, phoned it in to authorities, thinking that if he knew (and his brother did as well as Enron), so should law enforcement, which pissed off the FBI abundantly. Somebody let the secret out of the bag, which is a no-no in SecretLand.

This story was also picked up by The Progressive in a report, titled “Exclusive! The FBI Deputizes Business.” Editor Matthew Rothschild wrote, “InfraGard is ‘a child of the FBI,’ says Michael Hershman, the chairman of the advisory board of the InfraGard National Members Alliance and CEO of the Fairfax Group, an international consulting firm.

“InfraGard started in Cleveland back in 1996, when the private sector there cooperated with the FBI to investigate cyber threats.

“’Then the FBI cloned it,’ says Phyllis Schneck, chairman of the board of directors of the InfraGard National Members Alliance, and the prime mover behind the growth of InfraGard over the last several years.

“InfraGard itself is still an FBI operation, with FBI agents in each state overseeing the local InfraGard chapters. (There are now eighty-six of them.) The alliance is a nonprofit organization of private sector InfraGard members.

“’We are the owners, operators, and experts of our critical infrastructure, from the CEO of a large company in agriculture or high finance to the guy who turns the valve at the water utility,’ says Schneck, who by day is the vice president of research integration at Secure Computing.” Doesn’t her double-life give you a warm and fuzzy feeling inside?

FBI Director Robert Mueller spoke to an InfraGard convention on August 9, 2005. He suggested “Those of you in the private sector are the first line of defense.” And so he asked InfraGard members to call the FBI if they “note suspicious activity or an unusual event.” Personally, I find InfraGard to be both “suspicious activity and an unusual event.” Who do I call?

Mueller also suggested members could sic the FBI on “disgruntled employees who will use knowledge gained on the job against employers,” a sort of quid pro quid. On the InfraGard website, Mueller tells us, “It’s a great program.” Yeah, Bob, especially that “shoot to kill under Martial Law” part.

The ACLU not so enthusiastic

“This special status concerns the ACLU,” Rothschild wrote.

“The FBI should not be creating a privileged class of Americans who get special treatment,” says Jay Stanley, public education director of the ACLU’s technology and liberty program. “There’s no ‘business class’ in law enforcement. If there’s information the FBI can share with 22,000 corporate bigwigs, why don’t they just share it with the public? That’s who their real ‘special relationship’ is supposed to be with. Secrecy is not a party favor to be given out to friends. . . .

“This bears a disturbing resemblance to the FBI’s handing out ‘goodies’ to corporations in return for folding them into its domestic surveillance machinery.

“When the government raises its alert levels, InfraGard is in the loop. For instance, in a press release on February 7, 2003, the Secretary of Homeland Security and the Attorney General announced that the national alert level was being raised from yellow to orange. They then listed ‘additional steps’ that agencies were taking to ‘increase their protective measures.’ One of those steps was to ‘provide alert information to the InfraGard program.’”

“They’re very much looped into our readiness capability,” says Amy Kudwa, spokeswoman for the Department of Homeland Security. “We provide speakers, as well as do joint presentations [with the FBI]. We also train alongside them, and they have participated in readiness exercises.”

“On May 9, 2007, George Bush issued National Security Presidential Directive 51 entitled ‘National Continuity Policy.’ In it, he instructed the Secretary of Homeland Security to coordinate with ‘private sector owners and operators of critical infrastructure, as appropriate, in order to provide for the delivery of essential services during an emergency.’”

Asked if the InfraGard National Members Alliance was involved with these plans, Schneck said it was ‘not directly participating at this point.’ Hershman, chairman of the group’s advisory board, however, said that it was.”

“InfraGard members, sometimes hundreds at a time, have been used in ‘national emergency preparation drills,’ Schneck acknowledges.

“’In case something happens, everybody is ready,” says Norm Arendt, the head of the Madison, Wisconsin, chapter of InfraGard, and the safety director for the consulting firm Short Elliott Hendrickson, Inc. ‘There’s been lots of discussions about what happens under an emergency.’ Which brings us to InfraGard members’ right “to shoot to kill in a Martial Law’ situation.’” Funny, how this keeps popping up.

Shoot to kill under Martial Law

The ACLU goes on to report, Rothschild noted, “One business owner in the United States tells me that InfraGard members are being advised on how to prepare for a martial law situation — and what their role might be. He showed me his InfraGard card, with his name and e-mail address on the front, along with the InfraGard logo and its slogan, ‘Partnership for Protection.’ On the back of the card were the emergency numbers that Schneck mentioned.

“This business owner says he attended a small InfraGard meeting where agents of the FBI and Homeland Security discussed in astonishing detail what InfraGard members may be called upon to do.

“’The meeting started off innocuously enough, with the speakers talking about corporate espionage,’ he says. ‘From there, it just progressed. All of a sudden we were knee deep in what was expected of us when martial law is declared. We were expected to share all our resources, but in return we’d be given specific benefits.’ These included, he says, the ability to travel in restricted areas and to get people out. But that’s not all.

“’Then they said when — not if — martial law is declared, it was our responsibility to protect our portion of the infrastructure, and if we had to use deadly force to protect it, we couldn’t be prosecuted,’ he says.

“I was able to confirm that the meeting took place where he said it had, and that the FBI and Homeland Security did make presentations there. One InfraGard member who attended that meeting denies that the subject of lethal force came up. But the whistleblower is 100 percent certain of it. ‘I have nothing to gain by telling you this, and everything to lose,’ he adds. ‘I’m so nervous about this, and I’m not someone who gets nervous.’

”Though Schneck says that FBI and Homeland Security agents do make presentations to InfraGard, she denies that InfraGard members would have any civil patrol or law enforcement functions. ‘I have never heard of InfraGard members being told to use lethal force anywhere,’ Schneck says.

“The FBI adamantly denies it, also. ‘That’s ridiculous,’ says Catherine Milhoan, an FBI spokesperson. ‘If you want to quote a businessperson saying that, knock yourself out. If that’s what you want to print, fine.’ But one other InfraGard member corroborated the whistleblower’s account, and another would not deny it.

“Christine Moerke is a business continuity consultant for Alliant Energy in Madison, Wisconsin. She says she’s an InfraGard member, and she confirms that she has attended InfraGard meetings that went into the details about what kind of civil patrol function — including engaging in lethal force — that InfraGard members may be called upon to perform.

“’There have been discussions like that, that I’ve heard of and participated in,’ she says.

Curt Haugen is CEO of S’Curo Group, a company that does ‘strategic planning, business continuity planning and disaster recovery, physical and IT security, policy development, internal control, personnel selection, and travel safety,’ according to its website. Haugen tells me he is a former FBI agent and that he has been an InfraGard member for many years. He is a huge booster. ‘It’s the only true organization where there is the public-private partnership,’ he says. ‘It’s all who knows who. You know a face, you trust a face. That’s what makes it work.’

“He says InfraGard ‘absolutely’ does emergency preparedness exercises. When I ask about discussions the FBI and Homeland Security have had with InfraGard members about their use of lethal force, he says: ‘That much I cannot comment on. But as a private citizen, you have the right to use force if you feel threatened.’

“’We were assured that if we were forced to kill someone to protect our infrastructure, there would be no repercussions,’ the whistleblower says. ‘It gave me goose bumps. It chilled me to the bone.” And probably most everyone else, which led probably to the following . . .

The ACLU’s ‘Surveillance-Industrial Complex”

Based on-going activities like the above, the ACLU developed a much larger, in-depth study, The Surveillance-Industrial Complex: How the American Government Is Conscripting Businesses and Individuals in the Construction of a Surveillance Society. Its Table of Contents includes . . .

Recruiting Individuals
“Watch” programs
Citizen vigilance
Recruiting Companies
Voluntary sharing of data
Purchasing data on the open market
Plentiful legal powers to demand private-sector data
Building in surveillance
The Patriot Act: Drafting industry into the government’s surveillance net
Enlistment in the government’s surveillance web hurts business
Mass Data Use, Public and Private
Data mining
Data aggregators
The advantages of private surveillance
Pro-Surveillance Lobbying and
Six Conclusions

This study’s 47 pages detail programs that turn the US into a national spy-fest, neighbors on neighbors, business on consumers, et al. It concludes with a series of convoluted FBI rationales for a self-inflicted oppression echoing Orwell’s 1984 and then some. You wonder what else is going on as you sleep, work, spend time with your family, and try to have a life.

Bottom line, this perverse, thousand-eyed Argus is here for one reason alone, to inspire fear, which in turn will diminish questioning and independent thought or criticism, which in turn will turn us into a nation of robots, who in turn will go unquestionably to fight the Empire’s endless wars and avoid considering 9/11 as an inside job, the keystone to this arch of misery.

I personally would like to tell InfraGard right now to go to hell, which is what they are trying to create in what is my beloved America. I grew up in World War II and this crap tops “Loose lips sink ships,” and all the various “please speak low” programs. It’s more redolent of the Hitler Youth Program, which encouraged youth to turn in their parents, family members, or neighbors who might speak ill of the Reich or der Fuhrer. This is the worst garbage imaginable, posing as patriotism.

It is nothing short of WAR IS PEACE, FREEDOM IS SLAVERY and IGNORANCE IS STRENGTH doublespeak. And now is the time, in the name of the Constitution of the United States of America to stop it.

Jerry Mazza is a freelance writer living in New York. Reach him at gvmaz@verizon.net.

Copyright © 1998-2007 Online Journal

By LEONARD PITTS JR.

In the beginning was the fingerprint.

It was in the 19th century that scientists realized the ridged whorls on the tip of the finger constituted a unique marker that could be used to tell one person from another. And eventually, the FBI built a massive database of fingerprints.

Then came DNA. In the 20th century, scientists learned to use the double helix nucleic acid molecule as a means of identification even more definitive than the fingerprint. And the FBI built a DNA database as well.

Now the feds are building yet another database. And it has some folks worried.

Maybe you missed it in the run-up to Super Duper Tuesday when the Associated Press reported last week that the FBI will soon award a $1 billion, 10-year contract for construction of an electronic file that would store not just fingerprints and DNA, but a vast compendium of other physical characteristics. We’re talking eye scans, facial shape, palm prints, scars, tattoos and other biometrics, all for the purpose of identifying and capturing bad guys.

But at least one privacy advocate thinks even good guys — and gals — have cause for concern. Barry Steinhardt, director of the ACLU’s Technology and Liberty Project, told CNN, “It’s the beginning of the surveillance society where you can be tracked anywhere, any time and all your movements, and eventually all your activities will be tracked and noted and correlated.”

I know what some of you are saying and it makes a certain amount of sense: If you haven’t done anything wrong, you have nothing to worry about. Well, I haven’t done wrong, but it worries me just the same.

The government has for years collected fingerprints — not just of criminals, but also of certain job applicants. What’s happening now, it could be reasonably argued, is only a high-tech extension of that. Except that instead of just your fingerprints, the government will also have on file the shape of your iris, that scar from your appendectomy and the tattoo on your inner thigh.

It’s a discomfiting reminder of the totalitarian states of “Fahrenheit 451″ and “1984,” oppressive regimes that saw everything, knew everything, regulated everything. Given the advances in technology and the ominous, Orwellian turn our government has lately taken, the comparison seems far less far-fetched than once it might have.

It’s not just the government, though. In recent years, the right to privacy, the right to simply be left alone, has also been eroded by the corporate community — everything from supermarket discount cards that track your buying habits to online businesses that install secret spyware in your computer. And we haven’t even mentioned that there is a camera on every street corner nowadays.

“I always feel like somebody’s watching me.” That used to be just the hook from a schlocky ’80s song. Increasingly, it is an apt description of modern life.

Now the FBI proposes to collect and collate still more personal information. It swears the information will be protected, and will be used only to ferret out criminals.

But I can’t help a certain wariness when I consider the ease with which the program could expand far beyond that mission. As Steinhardt sees it, first criminals, then job applicants and then, “Eventually, it’s going to be everybody.”

I admit, he might be wrong. But you know something? He might not.

Leonard Pitts Jr. is a syndicated writer in Washington.

By John Leyden

Analysis The FBI has reportedly sought the go-ahead to use a custom spyware package to bug terrorists and other national security suspects. Indirect evidence suggests that the request was likely to have been approved.

An application to use the Computer and Internet Protocol Address Verifier (CIPAV) spyware program was sought from the secretive Foreign Intelligence Surveillance Court in 2005, according to papers obtained by Wired after filling a Freedom of Information Act request.

The Foreign Intelligence Surveillance Court rubber-stamps surveillance orders and covert entries in cases involving national security or terrorism. The court, established by the 1978 Foreign Intelligence Surveillance Act, is based at the Justice Department’s headquarters. FISC hearings are closed.

Among the reams of papers released in response to Wired’s request (largely composed of internal emails and technical documents) are affidavits submitted by the FBI to the FISC star chamber to use the CIPAV package. The software is designed to log a target’s internet use, recording every IP address a suspect computer communicates with. It also performs an inventory of operating systems, installed and running applications and logs open ports, IP addresses and Mac addresses of targeted PCs.

The existence of CIPAV came to light in July when it emerged in affidavits that feds used the package to trace the perpetrators of high school bomb hoaxes. The FBI declined to answer Wired’s follow-up questions on its use of the surveillance tool.

FISC approved 2,072 warrants it considered in 2005 and 2,181 in 2006, rejecting none. Five requests were withdrawn before a ruling was made. Given this track record it seems more than probable that FISC approved the use of CIPAV.

Law Enforcement Trojan ploy

US authorities are far from alone in seeking approval for the use of “remote forensic software” (AKA a law enforcement Trojan) to bug the PCs of terrorist suspects. The German government is reportedly in the process of hiring coders to develop “white hat” malware capable of covertly hacking into PCs ahead of plans to change German law to allow the practice. Proposals by German firm Digitask to develop software to intercept Skype VoIP communications and SSL transmissions leaked onto the net last month.

The wider use of encryption and VoIP is creating problems for law enforcement agencies. Law enforcement use of spyware tactics might, according to some law enforcement officials at least, level the playing field by providing a vital extra tool in the fight against terrorism.

However, the scheme is fraught with difficulties.

Reality Bites

Would-be terrorists need only use Ubuntu Linux to avoid the ploy. And even if they stuck with Windows their anti-virus software might detect the malware. Anti-virus firms that accede to law enforcement demands to turn a blind eye to state-sanctioned malware risk undermining trust in their software, as evidenced by the fuss created when similar plans for a “Magic Lantern” Trojan for law enforcement surfaced in the US some years ago.

Graham Cluley, senior technology consultant at Sophos, said that its policy remained that it not give “special treatment” to malware written by the authorities.

“If CIPAV came into our labs we would add detection. The software would be unlikely to have a ‘copywriter FBI’ notice on it so it may be that we already detect it,” Cluley told El Reg.

A seminal academic paper written by Fred Cohen in 1984 showed that it was mathematically impossible to write something that was undetectable, or by similar reasoning, to write a perfect antivirus scanner. Faced with that possibility law enforcement officials would have little option but to request security vendors to deliberately ignore their spyware, an approach Sophos reckons is unworkable.

“If a customer suspects they may be under surveillance and sends a Trojan horse to us, we’re going to provide protection against it. We have no way of knowing if it was written by the German or US authorities and, even if we did, we wouldn’t know whether it was being used by the police or if it had been commandeered by a third party wishing to spy on our customer,” Cluley explained.

The picture gets even more complex if different nations develop their own law enforcement snooping software.

Cluley went on: “The Americans could theoretically write a piece of spyware to spy on criminals in its country and ask us not to detect it. The French may then ask us to detect the American spyware (in case the Americans use it against them). Who should we obey?”

“Security vendors can’t play favourites,” he added.

It would only require one security vendor (or indeed individual) to write a program which detects the authority’s spyware and the idea of convincing the world to turn a blind eye to detecting would fall down like a house of cards, Cluley concluded.

Tapping a phone line and installing malicious code on a user’s computer are sometimes compared as equivalent but important differences exist, according to Cluley. “Malicious code on a user’s computer can be copied, archived, adapted and - potentially - used by people who do not work for the authorities to spy on completely innocent victims,” he explained. ®

FBI Deputizes Private Contractors With Extraordinary Powers, Including ‘Shoot to Kill’

The FBI has a new set of eyes and ears, and they’re being told to protect their infrastructure at any cost. They can even kill without repercussion.

Matthew Rothschild

Today, more than 23,000 representatives of private industry are working quietly with the FBI and the Department of Homeland Security. The members of this rapidly growing group, called InfraGard, receive secret warnings of terrorist threats before the public does — and, at least on one occasion, before elected officials. In return, they provide information to the government, which alarms the ACLU. But there may be more to it than that. One business executive, who showed me his InfraGard card, told me they have permission to “shoot to kill” in the event of martial law. InfraGard is “a child of the FBI,” says Michael Hershman, the chairman of the advisory board of the InfraGard National Members Alliance and CEO of the Fairfax Group, an international consulting firm.

InfraGard started in Cleveland back in 1996, when the private sector there cooperated with the FBI to investigate cyber threats.

“Then the FBI cloned it,” says Phyllis Schneck, chairman of the board of directors of the InfraGard National Members Alliance, and the prime mover behind the growth of InfraGard over the last several years.

InfraGard itself is still an FBI operation, with FBI agents in each state overseeing the local InfraGard chapters. (There are now eighty-six of them.) The alliance is a nonprofit organization of private sector InfraGard members.

“We are the owners, operators, and experts of our critical infrastructure, from the CEO of a large company in agriculture or high finance to the guy who turns the valve at the water utility,” says Schneck, who by day is the vice president of research integration at Secure Computing.

“At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sector,” the InfraGard website states. “InfraGard chapters are geographically linked with FBI Field Office territories.”

In November 2001, InfraGard had around 1,700 members. As of late January, InfraGard had 23,682 members, according to its website, www.infragard.net, which adds that “350 of our nation’s Fortune 500 have a representative in InfraGard.”

To join, each person must be sponsored by “an existing InfraGard member, chapter, or partner organization.” The FBI then vets the applicant. On the application form, prospective members are asked which aspect of the critical infrastructure their organization deals with. These include: agriculture, banking and finance, the chemical industry, defense, energy, food, information and telecommunications, law enforcement, public health, and transportation.

FBI Director Robert Mueller addressed an InfraGard convention on August 9, 2005. At that time, the group had less than half as many members as it does today. “To date, there are more than 11,000 members of InfraGard,” he said. “From our perspective that amounts to 11,000 contacts . . . and 11,000 partners in our mission to protect America.” He added a little later, “Those of you in the private sector are the first line of defense.”

He urged InfraGard members to contact the FBI if they “note suspicious activity or an unusual event.” And he said they could sic the FBI on “disgruntled employees who will use knowledge gained on the job against their employers.”

In an interview with InfraGard after the conference, which is featured prominently on the InfraGard members’ website, Mueller says: “It’s a great program.”

The ACLU is not so sanguine.

“There is evidence that InfraGard may be closer to a corporate TIPS program, turning private-sector corporations — some of which may be in a position to observe the activities of millions of individual customers — into surrogate eyes and ears for the FBI,” the ACLU warned in its August 2004 report The Surveillance-Industrial Complex: How the American Government Is Conscripting Businesses and Individuals in the Construction of a Surveillance Society.

InfraGard is not readily accessible to the general public. Its communications with the FBI and Homeland Security are beyond the reach of the Freedom of Information Act under the “trade secrets” exemption, its website says. And any conversation with the public or the media is supposed to be carefully rehearsed.

“The interests of InfraGard must be protected whenever presented to non-InfraGard members,” the website states. “During interviews with members of the press, controlling the image of InfraGard being presented can be difficult. Proper preparation for the interview will minimize the risk of embarrassment. . . . The InfraGard leadership and the local FBI representative should review the submitted questions, agree on the predilection of the answers, and identify the appropriate interviewee. . . . Tailor answers to the expected audience. . . . Questions concerning sensitive information should be avoided.”

One of the advantages of InfraGard, according to its leading members, is that the FBI gives them a heads-up on a secure portal about any threatening information related to infrastructure disruption or terrorism.

The InfraGard website advertises this. In its list of benefits of joining InfraGard, it states: “Gain access to an FBI secure communication network complete with VPN encrypted website, webmail, listservs, message boards, and much more.”

InfraGard members receive “almost daily updates” on threats “emanating from both domestic sources and overseas,” Hershman says.

“We get very easy access to secure information that only goes to InfraGard members,” Schneck says. “People are happy to be in the know.”

On November 1, 2001, the FBI had information about a potential threat to the bridges of California. The alert went out to the InfraGard membership. Enron was notified, and so, too, was Barry Davis, who worked for Morgan Stanley. He notified his brother Gray, the governor of California.

“He said his brother talked to him before the FBI,” recalls Steve Maviglio, who was Davis’s press secretary at the time. “And the governor got a lot of grief for releasing the information. In his defense, he said, ‘I was on the phone with my brother, who is an investment banker. And if he knows, why shouldn’t the public know?’ ”

Maviglio still sounds perturbed about this: “You’d think an elected official would be the first to know, not the last.”

In return for being in the know, InfraGard members cooperate with the FBI and Homeland Security. “InfraGard members have contributed to about 100 FBI cases,” Schneck says. “What InfraGard brings you is reach into the regional and local communities. We are a 22,000-member vetted body of subject-matter experts that reaches across seventeen matrixes. All the different stovepipes can connect with InfraGard.”

Schneck is proud of the relationships the InfraGard Members Alliance has built with the FBI. “If you had to call 1-800-FBI, you probably wouldn’t bother,” she says. “But if you knew Joe from a local meeting you had with him over a donut, you might call them. Either to give or to get. We want everyone to have a little black book.”

This black book may come in handy in times of an emergency. “On the back of each membership card,” Schneck says, “we have all the numbers you’d need: for Homeland Security, for the FBI, for the cyber center. And by calling up as an InfraGard member, you will be listened to.” She also says that members would have an easier time obtaining a “special telecommunications card that will enable your call to go through when others will not.”

This special status concerns the ACLU.

“The FBI should not be creating a privileged class of Americans who get special treatment,” says Jay Stanley, public education director of the ACLU’s technology and liberty program. “There’s no ‘business class’ in law enforcement. If there’s information the FBI can share with 22,000 corporate bigwigs, why don’t they just share it with the public? That’s who their real ’special relationship’ is supposed to be with. Secrecy is not a party favor to be given out to friends. . . . This bears a disturbing resemblance to the FBI’s handing out ‘goodies’ to corporations in return for folding them into its domestic surveillance machinery.”

When the government raises its alert levels, InfraGard is in the loop. For instance, in a press release on February 7, 2003, the Secretary of Homeland Security and the Attorney General announced that the national alert level was being raised from yellow to orange. They then listed “additional steps” that agencies were taking to “increase their protective measures.” One of those steps was to “provide alert information to InfraGard program.”

“They’re very much looped into our readiness capability,” says Amy Kudwa, spokeswoman for the Department of Homeland Security. “We provide speakers, as well as do joint presentations [with the FBI]. We also train alongside them, and they have participated in readiness exercises.”

On May 9, 2007, George Bush issued National Security Presidential Directive 51 entitled “National Continuity Policy.” In it, he instructed the Secretary of Homeland Security to coordinate with “private sector owners and operators of critical infrastructure, as appropriate, in order to provide for the delivery of essential services during an emergency.”

Asked if the InfraGard National Members Alliance was involved with these plans, Schneck said it was “not directly participating at this point.” Hershman, chairman of the group’s advisory board, however, said that it was.

InfraGard members, sometimes hundreds at a time, have been used in “national emergency preparation drills,” Schneck acknowledges.

“In case something happens, everybody is ready,” says Norm Arendt, the head of the Madison, Wisconsin, chapter of InfraGard, and the safety director for the consulting firm Short Elliott Hendrickson, Inc. “There’s been lots of discussions about what happens under an emergency.”

One business owner in the United States tells me that InfraGard members are being advised on how to prepare for a martial law situation — and what their role might be. He showed me his InfraGard card, with his name and e-mail address on the front, along with the InfraGard logo and its slogan, “Partnership for Protection.” On the back of the card were the emergency numbers that Schneck mentioned.

This business owner says he attended a small InfraGard meeting where agents of the FBI and Homeland Security discussed in astonishing detail what InfraGard members may be called upon to do.

“The meeting started off innocuously enough, with the speakers talking about corporate espionage,” he says. “From there, it just progressed. All of a sudden we were knee deep in what was expected of us when martial law is declared. We were expected to share all our resources, but in return we’d be given specific benefits.” These included, he says, the ability to travel in restricted areas and to get people out. But that’s not all.

“Then they said when — not if — martial law is declared, it was our responsibility to protect our portion of the infrastructure, and if we had to use deadly force to protect it, we couldn’t be prosecuted,” he says.

I was able to confirm that the meeting took place where he said it had, and that the FBI and Homeland Security did make presentations there. One InfraGard member who attended that meeting denies that the subject of lethal force came up. But the whistleblower is 100 percent certain of it. “I have nothing to gain by telling you this, and everything to lose,” he adds. “I’m so nervous about this, and I’m not someone who gets nervous.”

Though Schneck says that FBI and Homeland Security agents do make presentations to InfraGard, she denies that InfraGard members would have any civil patrol or law enforcement functions. “I have never heard of InfraGard members being told to use lethal force anywhere,” Schneck says.

The FBI adamantly denies it, also. “That’s ridiculous,” says Catherine Milhoan, an FBI spokesperson. “If you want to quote a businessperson saying that, knock yourself out. If that’s what you want to print, fine.”

But one other InfraGard member corroborated the whistleblower’s account, and another would not deny it.

Christine Moerke is a business continuity consultant for Alliant Energy in Madison, Wisconsin. She says she’s an InfraGard member, and she confirms that she has attended InfraGard meetings that went into the details about what kind of civil patrol function — including engaging in lethal force — that InfraGard members may be called upon to perform.

“There have been discussions like that, that I’ve heard of and participated in,” she says.

Curt Haugen is CEO of S’Curo Group, a company that does “strategic planning, business continuity planning and disaster recovery, physical and IT security, policy development, internal control, personnel selection, and travel safety,” according to its website. Haugen tells me he is a former FBI agent and that he has been an InfraGard member for many years. He is a huge booster. “It’s the only true organization where there is the public-private partnership,” he says. “It’s all who knows who. You know a face, you trust a face. That’s what makes it work.”

He says InfraGard “absolutely” does emergency preparedness exercises. When I ask about discussions the FBI and Homeland Security have had with InfraGard members about their use of lethal force, he says: “That much I cannot comment on. But as a private citizen, you have the right to use force if you feel threatened.”

“We were assured that if we were forced to kill someone to protect our infrastructure, there would be no repercussions,” the whistleblower says. “It gave me goose bumps. It chilled me to the bone.”

The FBI is expected to announce this week the awarding of a $1 billion, 10-year contract to develop the largest and most comprehensive government biometrics database in history — with information on the palm prints, eye scans, tattoos, and other identifying physical data of citizens and those who pass through.

First up (…) are palm prints [said Thomas Bush, the FBI official in charge of the Clarksburg, West Virginia, facility where the FBI houses its current fingerprint database.] The FBI has already begun collecting images and hopes to soon use these as an additional means of making identifications. Countries that are already using such images find 20 percent of their positive matches come from latent palm prints left at crime scenes, the FBI’s Bush said.The FBI has also started collecting mug shots and pictures of scars and tattoos. These images are being stored for now as the technology is fine-tuned. All of the FBI’s biometric data is stored on computers 30-feet underground in the Clarksburg facility.

In addition, the FBI could soon start comparing people’s eyes — specifically the iris, or the colored part of an eye — as part of its new biometrics program called Next Generation Identification.

 Posted by Xeni Jardin,

Philip Giraldi

Most Americans have never heard of Sibel Edmonds, and if the U.S. government has its way, they never will. The former FBI translator turned whistleblower tells a chilling story of corruption at Washington’s highest levels—sale of nuclear secrets, shielding of terrorist suspects, illegal arms transfers, narcotics trafficking, money laundering, espionage. She may be a first-rate fabulist, but Edmonds’s account is full of dates, places, and names. And if she is to be believed, a treasonous plot to embed moles in American military and nuclear installations and pass sensitive intelligence to Israeli, Pakistani, and Turkish sources was facilitated by figures in the upper echelons of the State and Defense Departments. Her charges could be easily confirmed or dismissed if classified government documents were made available to investigators.

But Congress has refused to act, and the Justice Department has shrouded Edmonds’s case in the state-secrets privilege, a rarely used measure so sweeping that it precludes even a closed hearing attended only by officials with top-secret security clearances. According to the Department of Justice, such an investigation “could reasonably be expected to cause serious damage to the foreign policy and national security of the United States.”

After five years of thwarted legal challenges and fruitless attempts to launch a congressional investigation, Sibel Edmonds is telling her story, though her defiance could land her in jail. After reading its November piece about Louai al-Sakka, an al-Qaeda terrorist who trained 9/11 hijackers in Turkey, Edmonds approached the Sunday Times of London. On Jan. 6, the Times, a Murdoch-owned paper that does not normally encourage exposés damaging to the Bush administration, featured a long article. The news quickly spread around the world, with follow-ups appearing in Israel, Europe, India, Pakistan, Turkey, and Japan—but not in the United States.

Edmonds is an ethnic Azerbaijani, born in Iran. She lived there and in Turkey until 1988, when she emigrated to the United States, where she received degrees in criminal justice and psychology from George Washington University. Nine days after 9/11, Edmonds took a job at the FBI as a Turkish and Farsi translator. She worked in the 400-person translations section of the Washington office, reviewing a backlog of material dating back to 1997 and participating in operations directed against several Turkish front groups, most notably the American Turkish Council.

The ATC, founded in 1994 and modeled on the American Israel Public Affairs Committee, was intended to promote Turkish interests in Congress and in other public forums. Edmonds refers to ATC and AIPAC as “sister organizations.” The group’s founders include a number of prominent Americans involved in the Israel-Turkey relationship, notably Henry Kissinger, Brent Scowcroft, Richard Perle, Douglas Feith, and former congressman Stephen Solarz. Perle and Feith had earlier been registered lobbyists for Turkey through Feith’s company, International Advisors Inc. The FBI was interested in ATC because it suspected that the group derived at least some of its income from drug trafficking, Turkey being the source of 90 percent of the heroin that reaches Europe, and because of reports that it had given congressmen illegal contributions or bribes. Moreover, as Edmonds told the Times, the Turks have “often acted as a conduit for the Inter-Services Intelligence, Pakistan’s spy agency, because they were less likely to attract attention.”

Over nearly six months, Edmonds listened with increasing unease to hundreds of intercepted phone calls between Turkish, Pakistani, Israeli, and American officials. When she voiced concerns about the processing of this intelligence—among other irregularities, one of the other translators maintained a friendship with one of the FBI’s “high value” targets—she was threatened. After exhausting all appeals through her own chain of command, Edmonds approached the two Department of Justice agencies with oversight of the FBI and sent faxes to Sens. Chuck Grassley and Patrick Leahy on the Judiciary Committee. The next day, she was called in for a polygraph. According to a DOJ inspector general’s report, the test found that “she was not deceptive in her answers.”

But two weeks later, Edmonds was fired; her home computer was seized; her family in Turkey was visited by police and threatened with arrest if they did not submit to questioning about an unspecified “intelligence matter.”

When Edmonds’s attorney filed suit to obtain the documents related to her firing, Atty. Gen. John Ashcroft imposed the state-secrets gag order. Since then, she has been subjected to another federal order, which not only silenced her, but retroactively classified the statements she eventually made before the Senate Judiciary Committee and the 9/11 Commission.

Charismatic and articulate, the 37-year-old Edmonds has deftly worked the system to get as much of her story out as possible, on one occasion turning to French television to produce a documentary entitled “Kill the Messenger.” Passionate in her convictions, she has sometimes alienated her own supporters and ridden roughshod over critics who questioned her assumptions. But despite her shortcomings in making her case and the legitimate criticism that she may be overreaching in some of her conclusions, Edmonds comes across as credible. Her claims are specific, fact-based, and can be documented in detail. There is presumably an existing FBI file that could demonstrate the accuracy of many of her charges.

Her allegations are not insignificant. Edmonds claims that Marc Grossman—ambassador to Turkey from 1994-97 and undersecretary of state for political affairs from 2001-05—was a person of interest to the FBI and had his phone tapped by the Bureau in 2001 and 2002. In the third-highest position at State, Grossman wielded considerable power personally and within the Washington bureaucracy. He had access to classified information of the highest sensitivity from the CIA, NSA, and Pentagon, in addition to his own State Department. On one occasion, Grossman was reportedly recorded making arrangements to pick up a cash bribe of $15,000 from an ATC contact. The FBI also intercepted related phone conversations between the Turkish Embassy and the Pakistani Embassy that revealed sensitive U.S. government information was being sold to the highest bidder. Grossman, who emphatically denies Edmonds’s charges, is currently vice chairman of the Cohen Group, founded by Clinton defense secretary William Cohen, where he reportedly earns a seven-figure salary, much of it coming from representing Turkey.

After 9/11, Grossman reportedly intervened with the FBI to halt the interrogation of four Turkish and Pakistani operatives. According to Edmonds, Grossman was called by a Turkish contact who told him that the men had to be released before they told what they knew. Grossman said that he would take care of it and, per Edmonds, the men were released and allowed to leave the country.

Edmonds states that FBI phone taps from late 2001 reveal that Grossman tipped off his Turkish contact regarding the CIA weapons proliferation cover unit Brewster Jennings, which was being used by Valerie Plame, and that the Turk then informed the Pakistani intelligence service representative in Washington. It is to be assumed that the information was then passed on to the A.Q. Khan nuclear proliferation network.

Edmonds also claims that Grossman was instrumental in seeding Turkish and Israeli Ph.D. students into major American research labs by godfathering visas and enabling security clearances. She says that she reviewed transcripts in which the moles in the U.S. military and academic community involved in nuclear technology reportedly carried out several “transactions” involving the sale of nuclear material or information relating to nuclear programs every month, with Pakistan being a primary buyer. In the summer of 2000, the FBI recorded a meeting between a Turkish official and two Saudi businessmen in Detroit in which nuclear information stolen from an Air Force base in Alabama was offered: “We have a package and we’re going to sell it for $250,000,” the wiretap allegedly recorded. “The network appeared to be obtaining information from every nuclear agency in the United States,” Edmonds told the Times.

She further reports that beginning in 1999, the FBI was investigating senior Pentagon officials who were assisting agents of foreign governments, including Turkey and Israel. Edmonds has not publicly named names at the Pentagon, but a website linked to her appears to be a non-incriminating instrument for identifying suspects without doing so directly. Its “rogues gallery” includes photos of Richard Perle and Douglas Feith. Perle was chief of the Pentagon’s prestigious Defense Policy Board when Edmonds was working at the FBI, and Feith was undersecretary of defense for policy. If either were being investigated, it would be a matter of record, as would any reasons for dropping the investigation. “If you made public all the information that the FBI have on this case, you will see very high-level people going through criminal trials,” Edmonds told the Times.

She claims to have also learned that corrupt officials in the Turkish and Israeli Ministries of Defense falsified end-user certificates on weapons purchased in the United States to enable sales to third countries not allowed access to the technology. Principal recipients include the five “Stans” in central Asia—Pakistan, Uzbekistan, Kyrgyzstan, Tajikistan, and Kazakhstan.

Furthermore, Edmonds says that former House speaker Dennis Hastert and at least two other congressmen were investigated as suspected recipients of illegal political contributions or even bribes from Turkish sources. Her website gallery includes photos of Congressmen Roy Blount, Dan Burton, and Tom Lantos, though she has not otherwise implicated any of the three directly.

A low-level contractor might seem poorly positioned to expose major breaches of national security, but the FBI translators’ pool, riddled with corruption and nepotism, was key to keeping these secrets from surfacing. Edmonds’s claims that the section was infiltrated by translators who should never have received security clearances and who were deliberately failing to translate incriminating material are supported by the Justice Department inspector general investigation and by an FBI internal investigation, which concluded that she had been fired after making “valid complaints.” One translator, Melek Can Dickerson, who had worked for three Turkish front organizations under investigation—she failed to reveal this when applying for employment—allegedly stamped many documents of interest “not pertinent,” removed classified documents from FBI premises, and forged signatures on classified documents relating to 9/11 detainees. An Urdu translator was the daughter of a Pakistani Embassy employee who worked for Gen. Mahmoud Ahmad, the head of the Pakistani intelligence service who is accused of authorizing a $100,000 wire transfer to Mohammed Atta’s Dubai bank account immediately before 9/11. The Justice Department IG report confirmed Edmonds’s charge that translators’ section managers issued a go-slow order shortly after the terrorist attacks to create an artificial backlog that would justify an increase in budget and manpower. Those managers are reportedly still in place. Some have been promoted.

Edmonds’s revelations have attracted corroboration in the form of anonymous letters apparently written by FBI employees. There have been frequent reports of FBI field agents being frustrated by the premature closure of cases dealing with foreign spying, particularly when those cases involve Israel, and the State Department has frequently intervened to shut down investigations based on “sensitive foreign diplomatic relations.” One such anonymous letter, the veracity of which cannot be determined, cites transcripts of wiretaps involving Marc Grossman and a Turkish Embassy official between August and December 2001, described above, in which Grossman warned the Turk that Brewster Jennings was a CIA cover company. If the allegation can be documented from FBI files, the exposure of the Agency cover mechanism took place long before journalist Robert Novak outed the company in his column on Valerie Plame in 2003. The anonymous informant conveniently provides the FBI file number containing the transcripts of the recorded conversations: FBI Washington Field Office, Counterintelligence Division, Turkish Unit File 203A-WF-210023. According to the source, the FBI also recorded a subsequent conversation in which a Turkish official contacted the Pakistani Embassy to inform an ISI officer of Grossman’s warning. The FBI also reportedly informed the CIA of the Grossman conversations to determine if there was any “conflict of interest,” presumably to determine if the CIA was running its own operation that might be compromised as a result of the phone tap.

Curiously, the states-secrets gag order binding Edmonds, while put in place by DOJ in 2002, was not requested by the FBI but by the State Department and Pentagon—which employed individuals she identified as being involved in criminal activities. If her allegations are frivolous, that order would scarcely seem necessary. It would have been much simpler for the government to marginalize her by demonstrating that she was poorly informed or speculating about matters outside her competency. Under the Bush administration, the security gag order has been invoked to cover up incompetence or illegality, not to protect national security. It has recently been used to conceal the illegal wiretaps of the warrantless surveillance program, the allegations of torture and the CIA’s rendition program, and to shield the telecom industry for its collaboration in illegal eavesdropping.

Both Senators Grassley and Leahy, a Republican and a Democrat, who interviewed her at length in 2002, attest to Edmonds’s believability. The Department of Justice inspector general investigation into her claims about the translations unit and an internal FBI review confirmed most of her allegations. Former FBI senior counterintelligence officer John Cole has independently confirmed her report of the presence of Pakistani intelligence service penetrations within the FBI translators’ pool.

Edmonds wasn’t angling to become a media darling. She would have preferred to testify under oath before a congressional committee that could offer legal protection and subpoena documents and witnesses to support her case. She claims that a number of FBI agents would be willing to testify, though she has not named them.

Prior to 2006, Congressman Henry Waxman of the House Government Reform and Oversight Committee promised Edmonds that if the Democrats gained control of Congress, he would order hearings into her charges. But following the Democratic sweep, he has been less forthcoming, failing to schedule hearings, refusing to take Edmonds’s calls, and recently stonewalling all inquiries into the matter. It is generally believed that Waxman, a strong supporter of Israel, is nervous about exposing an Israeli lobby role in the corruption that Edmonds describes. It is also suspected that Waxman fears that the revelations might open a Pandora’s box, damaging Republicans and Democrats alike.

Edmonds’s critics maintain that she saw only a small part of the picture in a highly compartmentalized working environment, that she was privy to only a fragment of a large operation to penetrate and disrupt the groups that have been stealing U.S. weapons technology. She could not have known operational details of what the FBI was doing and why.

That criticism is serious and must be addressed. If Edmonds was indeed seeing only part of a counterintelligence sting operation to entrap a nuclear network like that of A.Q. Khan, the government could now reveal as much in general terms, since any operation that might have been running in 2002 has long since wound down. Regarding her access to operational information, Edmonds’s critics clearly do not understand the intimate relationship that develops between FBI and CIA officers and their translators. Operations run against a foreign target in languages other than English require an intensive collaboration between field officers and translators. The translators are invariably brought into the loop because it is up to them to guide the officers seeking to understand what the target, who frequently is double talking or attempting to conceal his meaning, is actually saying. That said, it should be conceded that Edmonds might sometimes have seen only a piece of the story, and those claims based on her own interpretation should be regarded with caution.

Another objection is that Edmonds would only have seen “raw intelligence” that does not provide nuance and does not really indicate whether someone is guilty. That argument has merit, and it is undeniable that many intercepted communications lack context. But it ignores the fact that someone recorded in the act of taking a bribe or interceding to have a suspect in a criminal investigation released is behaving with a certain transparency. One either takes money or does not. There is very little interpretation that can change that reality.

Sibel Edmonds makes a number of accusations about specific criminal behavior that appear to be extraordinary but are credible enough to warrant official investigation. Her allegations are documentable: an existing FBI file should determine whether they are accurate. It’s true that she probably knows only part of the story, but if that part is correct, Congress and the Justice Department should have no higher priority. Nothing deserves more attention than the possibility of ongoing national-security failures and the proliferation of nuclear weapons with the connivance of corrupt senior government officials. 

RAW STORY 

The Sunday Times has obtained a document that confirms that a file, which the FBI denied existed, could contain information about American officials stealing nuclear secrets for Turkish and Israeli spies, who would then sell the secrets to Pakistan and Saudi Arabia.

Earlier, FBI whistleblower Sibel Edmonds, 37, approached the Times about “explosive” communications she discovered between high-up American officials and Turkish and Israeli spies. A FOIA request to the FBI, for case number 203A-WF-210023, was answered with a claim that the case number did not exist.

“I can tell you that that file and the operations it refers to did exist from 1996 to February 2002,” says Edmonds.

One high-ranking official, identified by RAW STORY’s Larisa Alexandrovna as Marc Grossman, Ambassador to Turkey from 1994 to 1997. Grossman is said to have warned his cohorts not to do business with Brewster Jennings, a front company set up by the CIA. Brewster Jennings was also the “employer” of CIA operative Valerie Plame, whose cover, with Grossman’s help, was blown in what is widely believed to be a political hit job by the Bush Administration on her husband, Ambassador and Iraq war critic Joseph C. Wilson.

The entire Sunday Times article can be read HERE. More information is also available at The BRAD BLOG.

Plans for the US to access UK citizen’s personal information via a shared international database are disturbing: we shouldn’t sign up to it

Nick Clegg

News that the US government is in the process of constructing an international “wanted” database to share biometric information on a grand scale should be treated with caution. Biometrics - including DNA and fingerprints - are a vital weapon in the fight against crime. And cross-border crime is a growing problem. I am determined that Britain should work with our allies, in Europe and beyond, to defeat it. But giant databases that don’t have adequate privacy protection systems are not the right way forward.

The details of how the US system will operate are still opaque. They may bring forward proposals we should support.

But I won’t be holding my breath. It is typical of the US administration to go for overkill: giant solutions that sound great on paper but are based on unproven and even unworkable technologies. The “son of Star Wars” anti-ballistic missile system, which would attempt to shoot down incoming missiles, is a case in point. It’s cost billions but not only does it anger countries like Russia, it doesn’t even work.

Unfortunately, it is also typical of the UK government to doff its cap and sign up to any idea that emerges from Washington, however kooky. We’re signed up to son of Star Wars. I expect we’ll be signed up the FBI’s “Server in the Sky” too, whether it’s the right thing to do or not.

Biometrics are invaluable, but they are not 100% failsafe: nothing is. Remember: it’s the US terrorism operations that put Yusuf Islam (the musician formerly known as Cat Stevens) on a “no-fly” list.

And once data is in the hands of the US authorities, there is no getting it back. We already send them massive amounts of information about air passengers, through a deal brokered by the European Commission, without any guarantee it will be properly safeguarded once it reaches the US. It would be foolhardy to start sharing further information without a simple guarantee: that data collected under UK law should continue to be protected even after it leaves Britain.

We should share information when other countries can guarantee data protection standards that match, or exceed our own. Otherwise, who knows which one of us will be on the no-fly list next.

Surveillance shut off because of unpaid phone bills

BY LARA JAKES JORDAN

Telephone companies have cut off FBI wiretaps used to eavesdrop on suspected criminals because of the bureau’s repeated failures to pay phone bills on time.

A Justice Department audit released Thursday blamed the lost connections on the FBI’s lax oversight of money used in undercover investigations. In one office alone, unpaid costs for wiretaps from one phone company totaled $66,000.

In at least one case, a wiretap used in a Foreign Intelligence Surveillance Act investigation “was halted due to untimely payment,” the audit found. FISA wiretaps are used in the government’s most sensitive and secretive criminal and intelligence investigations and allow eavesdropping on suspected terrorists or spies.

“We also found that late payments have resulted in telecommunications carriers actually disconnecting phone lines established to deliver surveillance results to the FBI, resulting in lost evidence,” according to the audit.

More than half of 990 bills to pay for telecommunication surveillance in five FBI field offices were not paid on time, the report shows.

Assistant FBI Director John Miller said wiretaps were dropped only a few times because of the backed-up billing, which he said didn’t significantly set back the investigations under way.

FBI aims to amass huge database of people’s physical characteristics

By Ellen Nakashima

The FBI is embarking on a $1 billion effort to build the world’s largest computer database of people’s physical characteristics, a project that would give the government unprecedented abilities to identify individuals in the United States and abroad.

Digital images of faces, fingerprints and palm patterns are flowing into FBI systems in a climate-controlled, secure basement in Clarksburg. Next month, the FBI intends to award a 10-year contract that would significantly expand the amount and kinds of biometric information it receives.

In coming years, law-enforcement authorities around the world may be able to use iris patterns, face-shape data, scars and perhaps the unique ways people walk and talk to solve crimes and identify criminals and terrorists.

The FBI also will retain, upon request by employers, the fingerprints of employees who have undergone criminal background checks so the employers can be notified if employees have brushes with the law.

“Bigger. Faster. Better. That’s the bottom line,” said Thomas Bush III, assistant director of the FBI’s Criminal Justice Information Services Division (CJIS), which operates the growing database from its headquarters in the Appalachian foothills.

The increasing use of biometrics for identification is raising questions about the ability of Americans to avoid unwanted scrutiny. It also is drawing criticism from those who worry that people’s bodies will become de facto national-identification cards. Critics said such government initiatives should not proceed without proof the technology can pick a criminal out of a crowd.

The use of biometric data is increasing throughout the government. For the past two years, the Defense Department has been storing in a database images of fingerprints, irises and faces of more than 1.5 million Iraqi and Afghan detainees, Iraqi citizens and foreigners who need access to U.S. military bases. The Pentagon also collects DNA samples from some Iraqi detainees that are stored separately.

The Department of Homeland Security (DHS) has been using iris scans at some airports to verify the identity of travelers who have passed background checks and who want to move through lines quickly. The department also is looking to apply iris- and face-recognition techniques to other programs.

The DHS has a database of millions of sets of fingerprints that include records collected from U.S. and foreign travelers stopped at borders for criminal violations, from U.S. citizens adopting children overseas and from visa applicants abroad.

“It’s going to be an essential component of tracking,” said Barry Steinhardt, director of the Technology and Liberty Project of the American Civil Liberties Union. “It’s enabling the always-on-surveillance society.”

If successful, the FBI system, Next Generation Identification, will collect a wide variety of biometric information in one place for identification and forensic purposes.

In an underground facility the size of two football fields, a request reaches an FBI server every second from somewhere in the United States or Canada, comparing a set of digital fingerprints against the FBI’s database of 55 million sets of electronic fingerprints. A possible match is made — or ruled out — up to 100,000 times a day.

Soon, the server at CJIS headquarters also will compare palm prints and, eventually, iris images and face-shape data, such as the shape of an earlobe.

If all goes as planned, a police officer making a traffic stop or a border agent at the airport could run a 10-fingerprint check on a suspect and within seconds know if the person is on a database of the most-wanted criminals and terrorists. An analyst could take palm prints lifted from a crime scene and run them against the expanded database. Intelligence agents could exchange biometric information worldwide.

More than 55 percent of the search requests now are made for background checks on civilians in sensitive positions in the federal government and jobs that involve children and the elderly, Bush said. Those prints are destroyed or returned when the checks are completed.

But the FBI is planning a “rap-back” service, under which employers could ask the FBI to keep employees’ fingerprints in the database, subject to state privacy laws, so that if employees are arrested or charged with a crime, the employers would be notified.

Advocates said bringing together information from a wide variety of sources and making it available to multiple agencies increases the chances of catching criminals. The Pentagon has matched several Iraqi suspects against the FBI’s criminal-fingerprint database. The FBI intends to make criminal and civilian data available to authorized users, officials said. There are 900,000 federal, state and local law-enforcement officers who can query the fingerprint database today, they said.

The FBI’s biometric database, which includes criminal-history records, communicates with the Terrorist Screening Center’s database of suspects and the National Crime Information Center database, which is the FBI’s master criminal database of felons, fugitives and terrorism suspects.

The FBI is building its system according to standards shared by Britain, Canada, Australia and New Zealand.

At the West Virginia University Center for Identification Technology Research, 45 minutes north of the FBI’s biometric facility in Clarksburg, researchers are working on capturing images of people’s irises at distances of up to 15 feet, and of faces from as far away as 200 yards. Soon, those researchers will do biometric research for the FBI.

Covert iris- and face-image capture is several years away, but it is of great interest to government agencies.

Skeptics said such projects are proceeding before there is evidence they reliably match suspects against a huge database.

In the world’s first large-scale study on how well face recognition works in a crowd, the German government this year found that the technology, while promising, was not effective enough to allow its use by police.

The study was conducted from October 2006 through January at a train station in Mainz, Germany, which draws 23,000 passengers daily. The study found that the technology was able to match travelers’ faces against a database of volunteers more than 60 percent of the time during the day, when the lighting was best. But the rate fell to 10 to 20 percent at night.

To achieve those rates, the German police agency said it would tolerate a false positive rate of 0.1 percent, or the erroneous identification of 23 people a day. In real life, those 23 people would be subjected to further screening, the report said.

Accuracy improves as techniques are combined, said Kimberly Del Greco, the FBI’s biometric-services section chief. The Next Generation database is intended to “fuse” fingerprint-, face-, iris- and palm-matching capabilities by 2013, she said.

To safeguard privacy, audit trails are kept on everyone who has access to a record in the fingerprint database, Del Greco said. People may request copies of their records, and the FBI audits all agencies that have access to the database every three years, she said.

Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC), said the ability to share data across systems is problematic. “You’re giving the federal government access to an extraordinary amount of information linked to biometric identifiers that is becoming increasingly inaccurate,” he said.

In 2004, EPIC objected to the FBI’s exemption of the National Crime Information Center database from the Privacy Act requirement that records be accurate. The group noted that the Bureau of Justice Statistics in 2001 found that information in the system was “not fully reliable” and that files “may be incomplete or inaccurate.”

FBI officials justified that exemption by claiming that in law-enforcement data collection, “it is impossible to determine in advance what information is accurate, relevant, timely and complete.”

Privacy advocates worry about the ability of people to correct false information.

“Unlike say, a credit-card number, biometric data is forever,” said Paul Saffo, a Silicon Valley technology forecaster. He said he feared the FBI, whose computer-technology record has been marred by expensive failures, could not guarantee the data’s security.

“If someone steals and spoofs your iris image, you can’t just get a new eyeball,” Saffo said.

In the future, said Center for Identification Technology Research Director Lawrence Hornak, devices will be able to “recognize us and adapt to us.”

“The long-term goal is ubiquitous use of biometrics,” Hornak said. A traveler may walk down an airport corridor and allow his face and iris images to be captured without stepping up to a kiosk and looking into a camera, he said.

“That’s the key,” he said. “You’ve chosen it. You have chosen to say, ‘Yeah, I want this place to recognize me.’ ”

Washington Post staff researcher Richard Drezen contributed to this report.

Former Employee of CIA and FBI Pleads Guilty to Conspiracy, Unauthorized Computer Access and Naturalization Fraud

WEBWIRE

DETROIT – Nada Nadim Prouty, a 37-year-old Lebanese national and resident of Vienna, Va., pleaded guilty today in the Eastern District of Michigan to charges of fraudulently obtaining U.S. citizenship, which she later used to gain employment at the FBI and CIA; accessing a federal computer system to unlawfully query information about her relatives and the terrorist organization Hizballah; and conspiracy to defraud the United States.

The announcement was made today by Stephen J. Murphy, U.S. Attorney for the Eastern District of Michigan; Kenneth L. Wainstein, Assistant Attorney General for National Security; Willie T. Hulon, Executive Assistant Director of the FBI’s National Security Branch; Brian M. Moskowitz, Special Agent in Charge of the Detroit Office of U.S. Immigration and Customs Enforcement (ICE); and Kurt Rice, Chicago Field Office Special Agent in Charge for the U.S. State Department’s Diplomatic Security Service.

At a hearing in Detroit before the U.S. District Court Judge Avern Cohn, Prouty entered a plea of guilty to counts one, two and three of a second superseding information. Count one of the information charges conspiracy, for which the maximum penalty is five years imprisonment and a $250,000 fine. Count two charges unauthorized computer access, for which the maximum penalty is one year imprisonment and a $100,000 fine. Count three charges naturalization fraud, for which the maximum penalty is 10 years imprisonment and a $250,000 fine, and requires the court to de-naturalize the defendant.

“This case highlights the importance of conducting stringent and thorough background investigations,” said U.S. Attorney Stephen J. Murphy. “It’s hard to imagine a greater threat than the situation where a foreign national uses fraud to attain citizenship and then, based on that fraud insinuates herself into a sensitive position in the U.S. government. I applaud the excellent investigative work of the FBI, ICE and DHS, which led to the successful prosecution today.”

“It is a sad day when one of our public servants breaches our security and trust,” said Assistant Attorney General Kenneth L. Wainstein. “This defendant engaged in a pattern of deceit to secure U.S. citizenship, to gain employment in the intelligence community, and to obtain and exploit her access to sensitive counterterrorism intelligence. It is fitting that she now stands to lose both her citizenship and her liberty.”

“We became aware of this compromise in December 2005 and moved to address any further damage,”said Willie T. Hulon, Executive Assistant Director of the FBI’s National Security Branch. “The FBI worked closely with other agencies to investigate this matter. We continue to evaluate our security practices and will make any necessary changes.”

“Nada Proudy’s guilty plea should serve as a solemn warning to those who say they’ve pledged their allegiance to the United States and then make the conscious decision to place America’s interests at risk,” said Brian M. Moskowitz, Special Agent in Charge of the ICE Office of Investigations in Detroit. “Becoming a naturalized U.S. citizen is an honor and a privilege. ICE will do everything in its power to see that those who achieve this honor by fraud and deception are brought to justice.”

Naturalization Fraud

According to documents filed in court by the government, Prouty first entered the United States from Lebanon on June 24, 1989, on a one-year, non-immigrant student visa. After her visa expired, she remained in the country, residing in Taylor, Mich., with her sister, Elfat El Aouar, and an individual named Samar Khalil Nabbouth. In order to remain in the United States and evade U.S. immigration laws, Prouty later offered money to an unemployed U.S. citizen to marry her. On August 9, 1990, Prouty married the U.S. citizen. As planned, Prouty never lived with her fraudulent “husband,” but continued to live with her sister and Nabbouth.

Prouty later submitted a series of false, fraudulent and forged documents and letters to federal immigration officials to verify the validity of the fraudulent marriage in order to obtain permanent residency status, and, later, U.S. citizenship, thereby committing naturalization fraud. On Aug. 5, 1994, the former Immigration and Naturalization Service granted Prouty U.S. citizenship under the name “Nada Nadim Deladurantaye.” The following year, she filed for a divorce from her fraudulent husband, and later obtained a U.S. passport, which she used to travel overseas.

Talal Khalil Chahine

According to court documents, from May 1992 through April 1993, and again, from August through November 1994, Prouty was employed as a waitress and hostess at La Shish Inc., a chain of Middle Eastern restaurants in Detroit that was owned by Talal Khalil Chahine. During this time, Chahine wrote a letter for submission into Prouty’s immigration file attesting to the validity of Prouty’s false marriage.

Chahine is currently a fugitive believed to be in Lebanon. He, along with Prouty’s sister, Elfat El Aouar, and others were charged in 2006 in the Eastern District of Michigan with tax evasion in connection with a scheme to conceal more than $20 million in cash received by La Shish restaurants and to route funds to persons in Lebanon. Last month, Chahine was also charged in the Eastern District of Michigan, along with a senior ICE official in Detroit and others in a bribery and extortion conspiracy in which federal immigration benefits were allegedly awarded to illegal aliens in exchange for money.

Employment at FBI and CIA

In April 1999, through a series of false representations and use of her fraudulently procured proof of U.S. citizenship, Prouty, then known as “Nada Nadim Alley,” obtained employment as a special agent of the FBI. It was a prerequisite to FBI employment that she be a U.S. citizen. As a special agent with the FBI, Prouty was granted a security clearance and assigned to the FBI’s Washington Field Office to work on an extraterritorial squad investigating crimes against U.S. persons overseas. During her tenure with the FBI, Prouty was not assigned to work on investigations involving the international terrorist group Hizballah.

In August 2000, Prouty’s sister, Elfat El Aouar, entered into a marriage with Talal Khalil Chahine, the owner of La Shish Inc. In September 2000, Prouty, while employed as an FBI special agent, used the FBI’s computerized Automated Case System (ACS), without authorization, to query her own name, her sister’s name, and that of her brother-in-law, Talal Khalil Chahine. In addition, on or about June 4, 2003, Prouty accessed the FBI’s ACS and obtained information from a national security investigation into Hizballah that was being conducted by the FBI’s Detroit Field Office.

According to court documents, in August 2002, Prouty’s sister, Elfat El Aouar, and her brother-in-law, Talal Khalil Chahine, attended a fundraising event in Lebanon where the keynote speakers were Chahine himself and Sheikh Muhammad Hussein Fadlallah. Sheikh Fadlallah had previously been designated by the U.S. government as a Specially Designated Global Terrorist based upon his status as a leading ideological figure with Hizballah.

In June 2003, through a series of false representations and use of her fraudulently procured proof of U.S. citizenship, Prouty, then known as “Nada Nadim Prouty,” voluntarily left her position with the FBI and obtained employment with the CIA. It was also a prerequisite to CIA employment that she be a U.S. citizen.

On Nov. 6, 2007, Prouty resigned her position at the CIA. Pursuant to the terms of her plea agreement, she has agreed to fully and truthfully cooperate with the CIA on any matters the CIA deems necessary to transition Prouty out of its employment in a manner consistent with safeguarding the national security of the United States. This cooperation includes participation in debriefing and polygraph interviews.

The ongoing investigation into this matter is being conducted by the FBI and ICE, with assistance from the U.S. Department of State, Diplomatic Security Service, and the Internal Revenue Service.

The case is being prosecuted by Eric M. Straus, Chief of the National Security Unit, and Kenneth R. Chadwell, Assistant U.S. Attorney, from the U.S. Attorney’s office for the Eastern District of Michigan, as well as Mark J. Jebson, Special Assistant U.S. Attorney and Senior Assistant Chief Counsel for U.S. Immigration and Customs Enforcement.

News outlets are abuzz with the news of the guilty plea of Nada Nadim Prouty.

Despite fraudulently acquiring her citizenship and having close familial ties to Hezbollah, Prouty was able to pass background checks for both the CIA and the FBI.

Prouty pled guilty to improperly accessing the internal computer systems, apparently to get a status-check on investigations into Hezbollah, as well as herself and her family members.

The agencies appear to be playing down the incident with anonymous sources saying that there aren’t any counter-terrorism or counter-intelligence implications - although many observers are less sanguine.

Perhaps the media will take the opportunity to revisit the case of former FBI translator Sibel Edmonds.

Perhaps the media will be equally outraged that some of the spies in Sibel’s case are still working in senior positions at the FBI, and other spies were allowed to walk away without an investigation.

Perhaps not. I won’t hold my breath.

*****
Dodgy Background Checks?
The UK’s Independent reports:

“As a tale of incompetence by the intelligence services, the tale of Nada Nadim Prouty is hard to beat.”

What if the issue isn’t a matter of ‘incompetence’ though? As we saw in Sibel’s case, sometimes there really are ‘bad guys’ inside the agencies. It’s certainly not inconceivable that ‘bad guys’ in the agencies would recruit and promote similarly-minded folks. To the extent that might be true, it wouldn’t take very long for the bad guys to come to dominate the senior positions at the FBI.

If that sounds far-fetched, consider what Special Agent John Roberts said on the 60 Minutes show about Sibel’s case. John Roberts was head of the FBI’s Internal Affairs Department - so his words should carry some weight:

Mr. JOHN ROBERTS: I don’t know of another person in the FBI who has done the internal investigations that I have and has seen what I have and that knows what has occurred and what has been glossed over and what has, frankly, just disappeared, just vaporized, and no one disciplined for it.
[…]
Mr. ROBERTS: I think the double standard of discipline will continue no matter who comes in, no matter who tries to change. You have a certain group that will continue to protect itself. That’s just how it is.
[…]
BRADLEY: Have you found cases since 9/11 where people were involved in misconduct and were not, let alone reprimanded, but were even promoted?

Mr. ROBERTS: Oh, yes. Absolutely.
[…]
Mr. ROBERTS: Depends on who you are. If you’re in the senior executive level, it may not hurt you. You will be promoted.

Long term FBI agent Frederic Whitehurst from the FBI crime lab in Washington made a similar point, hypothetically, in an interview with Sibel and Scott Horton:

Dr Whitehurst: But right now there is not only no accountability (at the FBI), nobody audits the process, nobody can audit the process, so we don’t know how many of those people are crooks.

Think about this - and it’s not too far fetched - the FBI has (previously) been infiltrated by spies, Robert Hansen, Earl Pitt, whatever, by spies. Foreign governments have infiltrated the FBI. The FBI has had agents that have joined the mafia… Suppose that the top management of the FBI was compromised - what recourse do American citizens have? We don’t have any recourse. The safest place in the United States of America right now for a criminal is within the walls of FBI headquarters. The safest place! Nobody can touch those people! It’s terrifying.

Whitehurst makes a related point in that interview:

The Bureau has an expression: ‘Who is your juice-man back at HQ?’ Who is the guy that is supporting you?

As I documented in Sibel Edmonds’ Corrupt Boss is STILL the key to National Security, Sibel’s boss, Mike Feghali, engaged in all manner of espionage, including recruiting spies into the translation bureau and making sure that agents in the field didn’t receive translations that were directly relevant to ongoing investigations - including the 9/11 investigation. This has all been confirmed by the Inspector General’s report into Sibel’s case. Nonetheless, Feghali has been promoted and is now, currently, in charge of the entire Arabic translation desk, in charge of 300 translators, many of whom are his family and friends, and some “were openly celebrating the terrorist attacks on September 11.”

Who promoted Feghali, and why? Who are his ‘juice men’?

Why is Congress, and the media, silent on this matter?

Feghali also hired Melek Can Dickerson. Prior to joining the FBI, Dickerson worked for three different organizations - all of which were targets of FBI investigations, and she had ongoing relationships with people who were targets of FBI counter-intelligence and counter-terrorism operations.

How did the FBI miss this in their background checks?

In partnership with Feghali, Dickerson blocked translations into her friends, leaked information to them about the investigations, and engaged in all manner of other nefarious activities. Dickerson, and her husband then-USAF Major Douglas Dickerson, actually tried to recruit Sibel into the espionage network.

Again, even after this was confirmed by the FBI’s own investigation, Melek Can Dickerson was allowed to continue in her nefarious ways for another 6 months before she fled the country. Her husband, Douglas Dickerson, has since been protected by various interests withing the US Government, and has also promoted to Lieutenant Colonel, and still has his Top Secret/SCI clearance - giving him access to all manner of US military secrets that he might sell to the highest bidder.

Sibel describes it thusly:

“As mentioned above and confirmed by the Congress and the FBI, Melek Can Dickerson was hired and granted Top Secret Clearance despite the fact that she lied in her job application about her previous employments that were targets of FBI investigations, that she and her husband had on going personal and business relationships with FBI targets. Ms. Dickerson maintained her position and clearance even after the FBI confirmed that she had intentionally blocked and mistranslated intelligence/information related to the individuals and organizations she had ties with, and after two FBI targets were tipped off and hastily left the United States”

Why is Congress, and the media, silent on this matter?

Of course, Sibel isn’t the only person to make claims about dodgy background investigations. Take the case of John Cole, manager for counterintelligence operations covering Pakistan, Afghanistan and India at FBI HQ. He reported that:

Several translators from (Pakistan, Afghanistan and India ), who had ties/relationship with targets of FBI investigations and were found to be significant security risks, were hired by the FBI and placed in charge of translating intelligence in languages from Pakistan, Afghanistan, and India. In one case, the translator’s father was among the members of a FBI target organization, and in another case, the FBI discovered that one translator had been providing FBI top secret information to a foreign intelligence service.

Cole was forced out of the FBI after 18 years for raising these questions. Apparently he didn’t have the requisite Juice Men on his side.

Back to Prouty
Returning to the recent case of Nada Nadim Prouty, according to The Independent, in 1999, Prouty was “talent spotted” at the restaurant where she’d worked since 1990. Who recruited her? Who pushed her through the recruitment process? Who were her ‘Juice-Men’? Have they been promoted? Who facilitated Prouty’s 2003 move to the CIA and then to the “CIA’s most sensitive post” where she “participated in the debriefings of high-ranking al-Qaida detainees”?

The Prouty timeline, and her penalty, is also suspicious.

According to Michael Isikoff in Newsweek, buried in the penultimate paragraph of a 3 page article:

“(The FBI) discover(ed) Prouty’s connections to Hizbullah (in) December 2005… Eventually the bureau alerted the agency and the CIA later reassigned her to a less sensitive position… about a year ago, after she first came under suspicion.”

That is, the FBI has known about this for 2 years, and it took the CIA a full 12 months to downgrade her status, and then it took a further 12 months for the investigation and to negotiate her guilty plea. Of course, Prouty wasn’t charged with espionage, but rather, as one anonymous spin doctor described it:

“She took an illegal shortcut to the American dream, then she made some inappropriate computer searches.”

Heads were exploding over at Fox News at the apparent lenience of the punishment:

JOHN GIBSON, CO-HOST: We’re all breathless about this, an illegal immigrant spy with terror ties and the punishment — that’s it for the punishment?

KENNEDY: This has got a lot of people in the intelligence industry just completely freaked out that she’s only getting six to 12 months. I spoke with the Justice Department today. They say because she is going to cooperate and because she will be a key witness, this is what they arranged for her plea deal.

So which is it? “Inappropriate computer searches” or something more serious?

Former CIA agent Larry Johnson says:

“The CIA and FBI are going to great lengths to try to tamp this story down. But you don’t blow an ops officer’s career just because she took a sneaky peek of an classified file. For Christ’s sake. She had clearances. She did something beyond read.”

So why did Prouty get off nearly scot-free? The fake marriage and immigration charges appear to be the equivalent of Bernie Kerik’s ‘Nanny problem.’ Again, who are Prouty’s ‘Juice Men’? Did she blackmail them into giving her this apparent leniency? Did she threaten to expose them all?

Prouty’s guilty plea states that if she withdraws her guilty plea, the government shall “reinstate any charges that were dismissed as part of this agreement.” What are those charges? What are they holding over her head?

How many other spies?
Scott Horton asked Sibel about the reaction within the FBI when she began to report what was happening. Sibel replied:

“After this was confirmed - because the agent I worked for, he reported this issue to the Security Division - and it came down to this issue: If (the FBI) were to admit to this case, and investigate it, criminally investigate it and refer it to counter-espionage division, it would bring into question all the other Top Secret Clearances we had granted to other translators. That means they would come down and shake up this dept and - this is the exact words:

“Who knows how many more Dickersons would fall out if they were to come and shake up the Dept?”

Heaven forbid. Apparently they’d rather tolerate multiple cases of espionage than have a PR problem. Again, I’m not sure whether espionage vulnerability is regarded as a feature or a bug.

Traduttore tradittore
In fact, compromised translators are often more dangerous than compromised agents. “Traduttore tradittore” say the Italians - “The translator is the traitor.”

In the words of DoJ’s Inspector General Glenn Fine:

“The FBI’s linguists play a critical role in developing effective counterterrorism and counterintelligence information. Linguists are the first line of analysis for information collected in a language other than English.”

Compromised translators have the power to shift investigations away from targets, and given Feghali’s hiring practices, many of them were compromised. In Sibel’s case, Melek Can Dickerson simply told the agents that certain relevant phone calls between her friends were ‘not pertinent.’ The agents simply had no choice but to trust the translations. Eventually the agents suspected that something was amiss and asked Sibel to retranslate the wiretaps.

Given the enormous power of the translators, it’s not surprising that foreign interests would attempt to infiltrate the translation bureau. In fact, within the FBI, translators actually have significantly higher clearance authority than any of the actual agents. What is surprising is that the FBI doesn’t go to greater lengths to ensure the integrity of the translation unit. Again, one possibility is that various Juice Men prefer to have weaknesses in the system.

‘Illegal Alien’
I don’t know the truth behind the Prouty matter. I suspect it is much more serious than the agencies are currently trying to portray. On the other hand, I suspect that the ‘illegal alien’ (and to a lesser degree the Hezbollah connection) emphasis is merely a smokescreen for our friends on the Right.

I do know that there are more serious problems that we face - including the fact that we currently have traitors in the FBI translation department, and the Defense Department, and the State Department - and they are being protected today. And someone keeps promoting them. Sibel has been trying to bring these matters to our attention for 5 years - but neither our friends in congress, nor our friends in the media (for that matter, nor our friends in the blogosphere) appear very interested in listening to her - despite the fact that her allegations have all been confirmed.

Sibel has been trying, unsuccessfully, to get Henry Waxman to hold hearings into her case in Congress. (In ordinary circumstances, we might expect Waxman’s Government Reform Committee to hold hearings into the Prouty matter, but he wouldn’t dare do that without holding hearings into Sibel’s case.) Now Sibel is prepared to ‘tell all,’ at great personal risk, if a broadcast network will let her tell her story.

Sibel deserves our support.

Encrypted E-Mail Company Hushmail Spills to Feds

By Ryan Singel

Hushmail, a longtime provider of encrypted web-based email, markets itself by saying that “not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer.”

But it turns out that statement seems not to apply to individuals targeted by government agencies that are able to convince a Canadian court to serve a court order on the company.

A September court document (.pdf) from a federal prosecution of alleged steroid dealers reveals the Canadian company turned over 12 CDs worth of e-mails from three Hushmail accounts, following a court order obtained through a mutual assistance treaty between the U.S. and Canada. The charging document alleges that many Chinese wholesale steroid chemical providers, underground laboratories and steroid retailers do business over Hushmail.

The court revelation demonstrates a privacy risk in a relatively-new, simple webmail offering by Hushmail, which the company acknowledges is less secure than its signature product.

A subsequent and refreshingly frank e-mail interview with Hushmail’s CTO seems to indicate that government agencies can also order their way into individual accounts on Hushmail’s ultra-secure web-based e-mail service, which relies on a browser-based Java encryption engine.

Since its debut in 1999, Hushmail has dominated a unique market niche for highly-secure webmail with its innovative, client-side encryption engine.

Hushmail uses industry-standard cryptographic and encryption protocols (OpenPGP  and AES 256)  to scramble the contents of messages stored on their servers. They also host the public key needed for other people using encrypted email services to send secure messages to a Hushmail account.

The first time a Hushmail user logs on, his browser downloads a Java applet that takes care of the decryption and encryption of messages on his computer, after the user types in the right passphrase. So messages reach Hushmail’s server already encrypted.  The Java code also decrypts the message on the recipient’s computer, so an unencrypted copy never crosses the internet or hits Hushmails servers.

In this scenario, if a law enforcement agency demands all the e-mails sent to or from an account, Hushmail can only turn over the scrambled messages since it has no way of reversing the encryption.

However, installing Java and loading and running the Java applet can be annoying. So in 2006, Hushmail began offering a service more akin to traditional web mail. Users connect to the service via a SSL (https://) connection and Hushmail runs the Encryption Engine on their side. Users then tell the server-side engine what the right passphrase is and all the messages in the account can then be read as they would in any other web-based email account.

The rub of that option is that Hushmail has — even if only for a brief moment — a copy of your passphrase. As they disclose in the technical comparison of the two options, this means that an attacker with access to Hushmail’s servers can get at the passphrase and thus all of the messages.

In the case of the alleged steroid dealer, the feds seemed to compel Hushmail to exploit this hole, store the suspects’ secret passphrase or decryption key, decrypt their messages and hand them over.

Hushmail CTO Brian Smith declined to talk about any specific law enforcement requests, but described the general vulnerability to THREAT LEVEL in an e-mail interview (You can read the entire e-mail thread here):

The key point, though, is that in the non-Java configuration, private key and passphrase operations are performed on the server- side.

This requires that users place a higher level of trust in our servers as a trade off for the better usability they get from not having to install Java and load an applet.

This might clarify things a bit when you are considering what actions we might be required to take under a court order. Again, I stress that our requirement in complying with a court order is that we not take actions that would affect users other than those specifically named in the order.

Hushmail’s marketing copy largely glosses over this vulnerability, reassuring users that the non-Java option is secure.

Turning on Java provides an additional layer of security, but is not necessary for secure communication using this system[…]

Java allows you to keep more of the sensitive operations on your local machine, adding an extra level of protection. However, as all communication with the webserver is encrypted, and sensitive data is always encrypted when stored on disk, the non-Java option also provides a very high level of security.

But can the feds force Hushmail to modify the Java applet sent to a particular user, which could then capture and sends the user’s passphrase to Hushmail, then to the government?

Hushmail’s own threat matrix includes this possibility, saying that if an attacker got into Hushmail’s servers, they could compromise an account — but that “evidence of the attack” (presumably the rogue Java applet) could be found on the user’s computer.

Hushmail’s Smith:

[T]he difference being that in Java mode, what the attacker does is potentially detectable by the user (via view source in the browser).

“View source” would not be enough to detect a bugged Java applet, but a user could to examine the applet’s runtime code and  the source code for the Java applet is publicly available for review. But that doesn’t mean a user could easily verify that the applet served up by Hushmail was compiled from the public source code.

Smith concurs and hints that Hushmail’s Java architecture doesn’t technically prohibit the company from being able to turn over unscrambled emails to cops with court orders.

You are right about the fact that view source is not going to reveal anything about the compiled Java code. However, it does reveal the HTML in which the applet is embedded, and whether the applet is actually being used at all. Anyway, I meant that just as an example. The general point is that it is potentially detectable by the end-user, even though it is not practical to perform this operation every time. This means that in Java mode the level of trust the user must place in us is somewhat reduced, although not eliminated.

The extra security given by the Java applet is not particularly relevant, in the practical sense, if an individual account is targeted. (emphasis added) […]

Hushmail won’t protect law violators being chased by patient law enforcement officials, according to Smith.

[Hushmail] is useful for avoiding general Carnivore-type government surveillance, and protecting your data from hackers, but definitely not suitable for protecting your data if you are engaging in illegal activity that could result in a Canadian court order.

That’s also backed up by the fact that all Hushmail users agree to our terms of service, which state that Hushmail is not to be used for illegal activity. However, when using Hushmail, users can be assured that no access to data, including server logs, etc., will be granted without a specific court order.

Smith also says that it only accepts court orders issued by the British Columbia Supreme Court and that non-Canadian cops have to make a formal request to the Canadian government whose Justice Department then applies, with sworn affidavits, for a court order.

We receive many requests for information from law enforcement authorities, including subpoenas, but on being made aware of the requirements, a large percentage of them do not proceed.

To date, we have not challenged a court order in court, as we have made it clear that the court orders that we would accept must follow our guidelines of requiring only actions that can be limited to the specific user accounts named in the court order. That is to say, any sort of requirement for broad data collection would not be acceptable.

I was first tipped to this story via the Cryptography Mailing List, and Kevin, who had been talking with Hushmail about similar matters involving another case, followed up with Smith. We both agree Hushmail deserves credit for its frank and open replies (.pdf). Such candor is hard to come by these days, especially since most ISPs won’t even tell you how long they hold onto your IP address or if they sell your web-surfing habits to the highest bidders.

James Bovard

A federal appeals court has concluded that an FBI agent must go to trial on charges he coerced a false confession out of a prime suspect in the 9/11 attacks. But the FBI still insists that its agent did nothing wrong. And the feds swayed the court to suppress that portion of a recent decision detailing how the FBI agent used the threat of torture to break an innocent man.

Abdallah Higazy, a 30-year-old Egyptian student, arrived in New York City to study engineering at the Polytechnic University in Brooklyn on Aug. 27, 2001. A U.S. foreign-aid program reserved and paid for his room at the Millennium Hilton Hotel, next to the World Trade Center. After the first plane crashed into the World Trade Center, Higazy hot-footed it out of the hotel. After the terrorist attack, the hotel was sealed.

Three months later, guests were allowed to retrieve their belongings. When Higazy went to the hotel on Dec. 17, he was arrested and accused of possessing an aviation radio. (A hotel security guard reported finding the radio in a safe in his room.) Higazy denied owning the radio. He was arrested as a material witness and locked up in solitary confinement.

Higazy wanted to clear his name, so he agreed to take a polygraph test. FBI agent Michael Templeton wired him up for the test but then proceeded to browbeat him for three hours until he finally admitted to owning the radio. Higazy said the FBI agent warned him, “If you don’t cooperate with us, the FBI will … make sure Egyptian security gives your family hell.” The FBI refused to permit Higazy’s attorney, Robert Dunn, to be in the room while he was given the polygraph. After the interrogation, Higazy was “trembling and sobbing uncontrollably,” according to Dunn.

On Jan. 11, 2002, Higazy was indicted for lying to a federal agent. U.S. Attorney Dan Himmelfarb claimed that “the crime that was being investigated when the false statements [about the radio] were made is perhaps the most serious in the country’s history. A radio that can be used for air-to-air and air-to-ground communication is a significant part of that investigation.” The Washington Post noted that “federal officials paraded [Higazy] before the media as a terrorist.” The feds never bothered checking with the U.S. foreign-aid program to find out whether Higazy’s story about why he was staying at the hotel next to the World Trade Center was true.

The prosecutorial celebration flopped three days later when an American pilot showed up at the Millennium Hilton Hotel and asked for the aviation radio he had left in his room when the hotel was evacuated on 9/11. It soon became apparent that the hotel security guard (a former cop who had been fired by the Newark Police Department) had lied about finding the radio in Higazy’s room. The case collapsed and, a few days later, Higazy was awarded $3 for subway fare and released from jail. The FBI conducted an internal investigation and absolved Templeton of any wrongdoing.

In late 2002, Higazy sued, asserting that the FBI’s coercive interrogation violated his Fifth Amendment rights against self-incrimination. Federal judge Naomi Buchwald dismissed his case, declaring, “[Agent] Templeton’s conduct and threats as a matter of law cannot be classified as conscience-shocking or constitutionally oppressive.” Perhaps Buchwald believed that as long as Higazy’s mother and sister were not brutalized in front of him during the interrogation, the FBI had done nothing wrong.

A federal appeals court overturned this decision on Oct. 19, declaring that Higazy’s case deserved to go to trial. The original version of the decision detailed the tactics Templeton purportedly used to get Higazy’s confession. Two hours later, the court removed that portion of the decision from the Internet. The redacted portion of the decision (captured by bloggers before it was taken down) noted that the FBI agent admitted to knowing that Egyptian “laws are different than ours, that they are probably allowed to do things in that country … yeah, probably about torture, sure.” Thus, Templeton was aware that his threat would terrify Higazy.

The revised court decision replaced such key details with the following mundane notice: “For the purposes of the summary judgment motion, Templeton did not contest that Higazy’s statements were coerced.”

The FBI has long taught its agents that subjects of their investigation have “forfeited their right to the truth,” according to the ethics study guide at the FBI Academy. Perhaps, according to federal lawmen, it is a small step from lying to suspects to threatening to have their kinfolk tortured. The agency has done nothing in the nearly six years since this case began to indicate that the methods used in the Higazy case did not receive the full approval of FBI headquarters.

The initial Higazy arrest and release were landmarks showing how far feds would go to gin up evidence and headlines for the war on terror. The fact that the FBI approved of its agent’s methods - and the fact that a federal judge saw no problem with the interrogation - are further warning signs of constitutional decay. Keep your eyes on this case, because it could help determine how far feds can go to destroy innocent people.

By CAIN BURDEAU

A Louisiana legislator said Wednesday he is being investigated by the FBI and claimed it may be because he wouldn’t give agents information about possible wrongdoing by Rep. William Jefferson and New Orleans Mayor Ray Nagin.

State Sen. Derrick Shepherd denied any wrongdoing and said he has no evidence of wrongdoing by either Jefferson or Nagin. He has not been charged with a crime.

Earlier this week, an FBI agent testified in a court hearing that Shepherd, a Democrat from suburban Marrero, helped a convicted felon launder more than $140,000 in bogus construction bond fees last year and kept nearly half the money.

Shepherd, at a news conference, said FBI agents visited his home months ago asking if he could provide evidence of wrongdoing by Jefferson or Nagin.

“I would hate to think that this investigation of me is in any way, connected to my inability to provide any information related to the prosecution of Congressman Jefferson or any investigation of Mayor Nagin that may be under way,” Shepherd said.

U.S. Attorney Jim Letten, who has aggressively prosecuted New Orleans corruption cases, would not comment on Shepherd’s claims. “I am not going to respond to anything Mr. Shepherd says,” he said.

An FBI spokesman had no comment on Shepherd’s claims.

Nagin, a Democrat who toyed with a run for governor this fall but did not sign up for the race, has not been linked to allegations of wrongdoing in his two terms in office. He has boasted that he has run a scandal-free administration.

“I am disappointed by the reckless allegations made today by Senator Shepherd in an apparent effort to deflect attention from his own legal problems,” Nagin said.

“I want to be clear: I am not now, nor have I ever been, the subject of any investigation of wrongdoing. I have a proven track record of transparency and have been a champion of ethics and anti-corruption during my tenure as mayor,” he said.

In August, City Councilman Oliver Thomas stepped down after pleading guilty to federal charges of taking bribes during the administration of Nagin’s predecessor, Marc Morial. Federal authorities have been investigating City Hall corruption for years, netting several guilty pleas from people connected to Morial’s administration though Morial has not been accused of wrongdoing.

Jefferson, also a Democrat, is under indictment in Virginia on bribery, racketeering and other charges connected with an alleged Nigerian business scheme.

Jefferson was re-elected last year despite the indictment. Shepherd was one of several challengers in the primary election, placing third. He later endorsed Jefferson in a runoff election, which Jefferson won over the second-place finisher, state Rep. Karen Carter.