Saturday, June 9, 2018

Police Sued for Burying DNA Evidence that Kept an Innocent Man in Jail



Joshua Maxton has sued the City of Cincinnati and two of its police officials for suppressing DNA evidence that proved his innocence and kept him in jail on murder charges, facing a potential life sentence, for nearly seven months.

Maxton was arrested in June 2015 for the murder of eighteen-year-old Robin Pearl in the North Avondale neighborhood of Cincinnati. After being jailed for nearly a year, a jury found Maxton not guilty of the murder in June 2016. But it was only in the middle of trial that he and his lawyers learned that the police had obtained DNA evidence confirming Maxton’s innocence and identifying another assailant seven months earlier, which they kept hidden.

Soon after Maxton’s June 2015 arrest, witnesses came forward to identify another person named Donte Foggie as the lone shooter. These eyewitnesses stated that Maxton was not the shooter and that he did not even have a gun. Forensic evidence backed them up when no gunshot residue was found on Maxton’s hands. Over the next few months the case unraveled further: a Big K cola can that had been dropped near the shooter’s position on Burton Avenue was tested for DNA. Maxton’s DNA was not on the can. The police learned in October 2015 that the DNA belonged to Foggie.  (Seattle Times, June 9, 2018)
--

Why would the police let an investigation drag on for months, when there was evidence to support Mr. Maxton's innocence?

When allegations in the initial complaint were shown to be false (or at least lacking any clear evidence to support them), where was the probable cause to continue the investigation?

Allegations are not proof! Circumstantial evidence does not create probable cause!

When police officers focus their case on information that targets their suspect, but exclude or disregard information that would tend to clear that person; should those police officers be held personally responsible for investigative misconduct?  Should their supervisors be held responsible? What about the police department / agency itself?

You can read the civil rights complaint here.


Homeland Advanced Recognition Technology (HART)


According to the Homeland Security News Wire (June 8, 2018): "The U.S. Department of Homeland Security (DHS) is quietly building what will likely become the largest database of biometric and biographic data on citizens and foreigners in the United States. The agency’s new Homeland Advanced Recognition Technology (HART) database will include multiple forms of biometrics - from face recognition to DNA, data from questionable sources, and highly personal data on innocent people. It will be shared with federal agencies outside of DHS as well as state and local law enforcement and foreign governments.

The records DHS plans to include in HART will chill and deter people from exercising their First Amendment protected rights to speak, assemble, and associate. Data like face recognition makes it possible to identify and track people in real time, including at lawful political protests and other gatherings. Other data DHS is planning to collect—including information about people’s “relationship patterns” and from officer “encounters” with the public—can be used to identify political affiliations, religious activities, and familial and friendly relationships. These data points are also frequently colored by conjecture and bias."

HART is being developed by Northrop Grumman and is the organization’s next-generation recognition program, replacing the Automated Biometric Identity System (IDENT) built in the 1990s.  When fully implemented, the Northrop Grumman-developed HART will feature multi-modal processing and matching technology that uses a combination of face, finger and iris biometrics.
The old IDENT system currently contains around 240,000,000 records, the new HART system which will grow to encompass biometrics for 500,000,000 people, including hundreds of millions of Americans.

The huge holdings of the new HART database will be widely available to US government agencies. The DHS, which is responsible for Customs and Border Protection, Immigration and Customs Enforcement, and the Transport Security Administration, can share this data with other US agencies including the FBI and Department of Defense. Perhaps even more troubling is the sharing of highly-personal biometric data about citizens between governments. Privacy International points out that the US exchanges biometric data with authorities in the other ‘Five Eyes‘ countries – the UK, Australia, Canada, and New Zealand. Other regions too are increasing the sharing of sensitive information.

 

How to Leave Google Behind: Quick Guide to Take Back Your Privacy Online


For many the Internet is Google: Search, mail, videos - Google is the major player in all these fields. But Google uses all data it gathers across its services to post targeted ads, and to massively profit from the data many share so freely with the Internet giant. The time has come to stop this unlimited data mining and to take back our right to privacy! Here's a quick guide as to how you can use the Internet without sharing all your data with Google.

This guide is provided by Tutanota. These guys are a German e-mail provider and privacy advocates. If you don't have a Tutanota account, consider getting one - Tutanota is a great e-mail service, with may good features, and best of all they don't spy on you!





Friday, June 8, 2018

Hacked: 92 Million Account Details for DNA Testing Service

 
When you sign up to a website handling sensitive information, perhaps a medical service or social network, one of the basic things you’re probably hoping for is that the site can keep control of its users’ data. Unfortunately for customers of MyHeritage, a genealogy and DNA testing service, a researcher uncovered 92 million account details related to the company sitting on a server, according to an announcement from MyHeritage. The data relates to users who signed up to MyHeritage up to and including October 26, 2017—the date of the breach—the announcement adds.

Tutanota


Tutanota is a free, open-source, end-to-end encrypted email operating out of Germany. Tutanota uses zero-knowledge encryption, meaning that even Tutanota cannont access the content of your encrypted messages. In an article on their blog, How Tutanota Secures Your Private Key and Your Data at All Times, Tutanota explains how their encrypted e-mail service works.

With Tutanota you get an e-mail service that cares about your privacy and takes active steps to protect it.  I like, use, and recommend Tutanota. These guys do e-mail right.

Facebook Software Glitch Made Private Posts Public for 14 Million Users


KOMO 4 News reported (June 8, 2018):  Facebook says a software glitch made some private posts "public" for as many as 14 million users last month. Facebook says it has fixed the problem, in which millions of users around the world had their default sharing setting changed from private to public. Facebook says a software glitch made some private posts "public" for as many as 14 million users last month. The software bug affected new posts from May 18 to 22.
--

If it's on Facebook, it's NOT Private !  Regardless of what you think your privacy settings may be on social media, remember that those settings can fail because of a software glitch, or simply be changed as a result of an update to your social media account.

How to Create an Anonymous Email

 
Anonymity is a shield from the tyranny of the majority. . . . It thus exemplifies the purpose behind the Bill of Rights and of the First Amendment in particular: to protect unpopular individuals from retaliation . . . at the hand of an intolerant society. (McIntyre v. Ohio Elections Commission, 514 U.S. 334 (1995))


There are many reasons that someone might want to speak anonymously. Perhaps you are a whistleblower reporting fraud, waste, and abuse or security violations within your organization and fear retaliation for exposing these crimes. You may want to research and discuss a sensitive health or lifestyle issue without revealing your identity to others. It may be that you hold unpopular political and social beliefs and fear harassment and retaliation for expressing your opinion. Or, maybe you want to request public records without having your name and address entered into a government database.

Best VPN Services (May 22, 2018) published an interesting article, "How to Create an Anonymous Email". The article discusses the need for anonymous e-mail, and as the article's title suggests how to create one.

In addition to the information provided by Best VPN Services, I recommend that you always set up and access your anonymous e-mail accounts through TOR. By using TOR your IP address is not visible to the web-sites to which you connect, and your true IP address will not be contained in the headers of the e-mail you send from your web-based e-mail account, nor in the server logs of that e-mail service provider.

If the e-mail provider where you set up your anonymous account requires that you respond to a text message (SMS) to prove that you are human when setting up your account, try to accomplish this through a SMS Verification Message Web-Site. At a minimum, don't receive this verification text message on your personal cell-phone.

If your threat model includes the possibility of having your e-mail records subpoenaed, choose an e-mail provider in a country other than where you live. Records from foreign companies can be obtained through the Mutual Legal Assistance Treaty (MLAT); but having your e-mail account in a foreign country increases the effort that must be expended to obtain those records.

With an e-mail address that you signed up for using TOR, and to which you have provided no true information about yourself, you have an anonymous account. It is absolutely essential however that you never create a connection between your anonymous e-mail account and the real you. Never send an e-mail to yourself from this account or to anyone specifically associated with you such as close friends or family. Never use this account to sign up for anything that can be associated with you. And most importantly never log into this account without using TOR. One mistake can associate this anonymous account and every message ever sent from it with you. Carelessness got the Dread Pirate Roberts arrested, so keep this in mind.

If you truly want to remain anonymous in your communications it is essential that you are always careful to avoid leaving clues that can be traced back to the real you. Your writing style or use of unique words and phrases can give clues to your identity. Commenting about things that only you or a small group of people should have knowledge of can reveal your identity as well.

Never use your anonymous account to harass, threaten, or intimidate others. If you use your anonymous account for illegal purposes it will draw the attention of law enforcement, and focus greater scrutiny on your activities, thereby increasing your risk of being identified. Remember CIA Director David Petraeus and former military intelligence officer Paula Broadwell had their private communications uncovered by the FBI after Ms. Broadwell's on-line activity drew the attention of law enforcement. Don’t be Petraeus and Broadwell.

Finally, don’t use your anonymous e-mail account over a long period of time. Long term usage can create patterns that an analyst can use to identify you. When you have accomplished your purpose delete the account, and create a new one in the future if needed.

Justice Dept. Seizes New York Times Reporter’s Email and Phone Records


In a June 7, 2018 New York Times article we read: "A former Senate Intelligence Committee aide was arrested on Thursday in an investigation of classified information leaks where prosecutors also secretly seized years’ worth of a New York Times reporter’s phone and email records.

The former aide, James A. Wolfe, 57, was charged with lying repeatedly to investigators about his contacts with three reporters. According to the authorities, Mr. Wolfe made false statements to the F.B.I. about providing two of them with sensitive information related to the committee’s work. He denied to investigators that he ever gave classified material to journalists.

Court documents describe Mr. Wolfe’s communications with four reporters, using encrypted messaging applications.

News media advocates consider the idea of mining a journalist’s records for sources to be an intrusion on First Amendment freedoms, and prosecutors acknowledge it is one of the most delicate steps the Justice Department can take. “Freedom of the press is a cornerstone of democracy, and communications between journalists and their sources demand protection,” said Eileen Murphy, a Times spokeswoman.

The Justice Department had years of customer records and subscriber information from telecommunications companies, including Google and Verizon, for two email accounts and a phone number of the New York Times reporter. Investigators did not obtain the content of the messages themselves."
--

A major take away from this article is that while encryption will protect the content of your messages, it does not prevent others from seeing connections between the parties to the communication.

For communication to be secure you must protect both the content of your messages using encryption and the fact that you are communication with a specific person (i.e. a reporter) by using systems like Secure Drop or even Alt.Anonymous.Messages.

Thursday, June 7, 2018

Country Time Lemonade to Help Pay Govt. Fines for Kids' Lemonade Stands


According to Denver 7 ABC News, police in Colorado were called to shut-down a lemonade stand being run by two young boys (ages 6 & 4) over the Memorial Day weekend.

After the police forced the boys to shut-down their lemonade stand, saying the boys didn’t have the necessary permit, the city said that a permit was not required for children to run a lemonade stand.

In response, the Country Time Lemonade company is launching “Legal-Ade,” a team of people who will help lemonade stands deal with permit issues. If a child gets fined for running a lemonade stand, Legal-Ade will reimburse the cost of the fine or permit up to $300.

Of course, Country Time Legal-Ade is more of a marketing ploy than a true legal service, but the fact that children (and their parents) are being forced by police to shut down lemonade stands is just one more example of government overreach.

We saw this same type of police heavy-handedness in Overton, TX in 2015.

And in 2011, Forbes Magazine wrote an article about The Inexplicable War on Lemonade Stands.

Fortunately, August 20th is now unofficially National Lemonade Freedom Day, because when life gives you overbearing government regulations…make lemonade, or something.

See the National Lemonade Stand crack-down map here.

Supreme Court Says No License Is Necessary to Drive On Public Highways

 
“The right of a citizen to travel upon the public highways and to transport his property thereon, by horse-drawn carriage, wagon, or automobile, is not a mere privilege which may be permitted or prohibited at will, but a common right which he has under his right to life, liberty and the pursuit of happiness. Under this constitutional guaranty one may, therefore, under normal conditions, travel at his inclination along the public highways or in public places, and while conducting himself in an orderly and decent manner, neither interfering with nor disturbing another’s rights, he will be protected, not only in his person, but in his safe conduct.”

The Sovereign Citizen movement will often argue that the right of travel on the public highways (for non-commercial purposes) is a constitutionally protected right, not a privilege, and therefore they don't require a driver's license, vehicle license plates, or registration. But where do sovereign citizens get this idea? The We Are Change web-site lists several statements from the courts that are used to make the argument against the requirement for driver's licenses and vehicle registration.

Now, I believe that the sovereign citizen interpretation of the law tends to be wrong (as do judges in traffic courts when sovereign citizens are cited for driving without a license, or failure to register their vehicles).

The ability of the state to regulate drivers on the road dates to the dawn of the automobile in the 1916 Supreme Court decision regarding Frank J. Kane v. The State of New Jersey.

 A year prior to this the courts held that "The movement of motor vehicles over the highways is attended by constant and serious dangers to the public, and is also abnormally destructive to the ways themselves . . . In the absence of national legislation covering the subject a State may rightfully prescribe uniform regulations necessary for public safety and order in respect to the operation upon its highways of all motor vehicles — those moving in interstate commerce as well as others. And to this end it may require the registration of such vehicles and the licensing of their drivers . . . This is but an exercise of the police power uniformly recognized as belonging to the States and essential to the preservation of the health, safety and comfort of their citizens." - Hendrick v. Maryland 235 US 610 (1915)

In Wells v. Malloy 402 F. Supp. 856 (1975) the courts stated "Although a driver's license is an important property right in this age of the automobile, it does not follow that the right to drive is fundamental in the constitutional sense."

In 1999, the 9th Circuit of the U.S. Court of Appeals, in the case of Donald S. Miller v. the California Department of Motor Vehicles, ruled that there simply is no “fundamental right to drive. While the 'right of travel' is a fundamental right, the privilege to operate a motor vehicle can be conditionally granted based upon being licensed and following certain rules. If rules are broken or laws are violated, the State reserves the right to restrict or revoke a person’s privilege. Though clearly, there must be 'due process' – the right to a hearing – and there must be a good basis for the revocation or restriction.

Those active in the sovereign citizen movement may actually believe that their interpretation of case law is correct, and that they are not required to have a driver's license or vehicle registration; although perhaps more often they understand the legal requirement for driver's licensing and vehicle registration but refuse to comply with these laws as part of a political statement and on-going civil disobedience.

In 2013 (updated January 29, 2017) Police One published an article "What cops need to know about sovereign citizen encounters", stating: "Law enforcement officers across the country are experiencing a growing number of contacts with sovereign citizens, individuals and groups who possess a strong anti-government ideology. Because they believe the government, its representatives, laws and policies are illegitimate, sovereign citizens regularly find themselves in conflict with the law. Although it’s difficult to accurately access their numbers, it is safe to say that since 2000, their numbers and the violent incidents associated with them have increased."

In 2015, Police One published "5 responses to a sovereign citizen at a traffic stop".

So, did the U.S. Supreme Court really say that no license is necessary to drive on the public highways? Well, apparently not! While the courts have held that we have a fundamental right to travel, to move freely from one place to another, if we chose to do that traveling while operating a motor vehicle, then a driver's license and vehicle registration - along with compliance with the rules of the road (safe operation on the vehicle) are required.

Finally, if we return to the quote that began this post, taken from Thompson v. Smith, 154 SE 579 (Va. 1930) and read the next paragraph in the court's decision we find that "The exercise of such a common right the city may, under its police power, regulate in the interest of the public safety and welfare; but it may not arbitrarily or unreasonably prohibit or restrict it, nor may it permit one to exercise it and refuse to permit another of like qualifications... The regulation of the exercise of the right to drive a private automobile on the streets of the city may be accomplished in part by the city by granting, refusing, and revoking, under rules of general application, permits to drive an automobile on its streets; but such permits may not be arbitrarily refused or revoked, or permitted to be held by some and refused to other of like qualifications, under like circumstances and conditions."

Shining A Light On The Encryption Debate: A Canadian Field Guide


Access to strong encryption technology is integral to the defense of human rights in the twenty-first century. This technology is also essential for securing digital transactions, ensuring public safety, and protecting national security interests. Yet many state agencies have continued to argue that encryption poses an unacceptable barrier to their investigative and intelligence-gathering activities. In response, some governments have called for limits on the public availability and use of secure, uncompromised encryption technology. This report examines the parameters of this debate, paying particular attention to the Canadian context. It provides critical insight and analysis for policymakers, legal professionals, academics, journalists, and advocates who are trying to navigate the complex implications of this technology. You can download the complete report here.

State of Digital Rights (Australia)


The central message of this report is that the impact of digital regulation should be viewed through the prism of human rights law. Government attempts to control the digital world pose an inevitable tension between two fundamental human rights: fair access to the internet and personal rights to privacy and freedom of expression.  In the space of just a few years, the human rights movement has crashed into a technological, social and moral wall. The true impacts of serious violations of our personal digital rights are starting to hit very close to home for a lot of people, and the world will never be the same. You can download the complete report here.

Australia Drafts Laws Forcing Facebook and Google to Reveal Encrypted Data


According to The Guardian (June 6, 2018) - Technology companies such as Facebook and Google would be forced to give Australian security agencies access to encrypted data under legislation to be introduced by the Turnbull government. But the government has refused to say how the security agencies would access the data. Previous attempts to legislate to allow access through what is termed a “backdoor” for security agencies have been frustrated by tech companies’ reluctance to allow government interference. Backdoor entry points have been resisted because they could introduce weaknesses in encryption services that could be exploited. But Nigel Phair, from the Centre for Internet Safety at the University of Canberra, said if the legislation avoided having to use a backdoor entry to encrypted data then it was likely that it would use a “front door”, a means of accessing the information before it was encrypted. “What we’re probably talking about here is straight up an agreement with the device manufacturer [to] enable law enforcement agencies at some stage to get access to data.”
--

This is why it is important to use end-to-end, zero-access encryption. If a service provider holds your encryption keys, that provider may be compelled to compromise your private communications.


Wednesday, June 6, 2018

Russia World Cup 2018 - Scam Awareness


For those of you who will be in Russia for the 2018 World Cup, an article on Scam-Detector is worth reading to help protect yourself from travel scams.  Russia is clean, safe, and a great place to visit; but as with any major event, like the World Cup, there are those who may try to take advantage of unsuspecting tourists.

Item #20 (WiFi) in the Scam-Detector article mentions WiFi connections. I note that many WiFi connections in Russia are not encrypted at all, while others use some encryption method that is not always compatible with your device. For some reason St. Petersburg seems to have a lot of open / unencrypted wiFi connections. Maybe because it is a tourist area.

When WiFi is encrypted, most connections seem to be using WPA2, which is good.

While visiting Russia disable Wi-Fi when it is not needed, or at least turn off automatic connections to Wi-Fi networks and enable the "always use a secure connection" option on device settings. Be sure that you always connect through a VPN. (Of course, I recommend this as a regular practice regardless of where you are.)

Even those who aren't traveling to Russia will likely face an increased security risk from the World Cup, thanks to the legions of scammers and malware writers who will be using the hype of the event to lure in users. Keep an eye out for suspicious emails and offers related to the tournament, and don't download or install any 'codecs' served up by untrusted streaming sites.

Sex Trafficking in the Puget Sound Area


According to a report by Q13 Fox News (May 29, 2018), sex trafficking of children, teens has been growing in Puget Sound area.

Hundreds of children and teens are involved in sex trafficking across Western Washington. In King County, WA every night there are 500 minors exploited  said Beth Podvorac, center director at The Genesis Project, which helps victims of sex trafficking. Podvorac says the average age of entry into trafficking is just 13.

It’s not as common for girls to get kidnapped and thrown in the car, it’s most often the sex trafficker building a relationship with the girl and then trafficking her that way.  She adds that although it can happen to anyone, girls who come from less stable homes and ones who are looking to feel loved are easy targets for pimps, who pick up on their vulnerabilities. Podvorac says the pimps will often groom girls online or in person for a while before luring them into the sex trade.

According to data on the Genesis Project web-site:

The average age of entry into prostitution is 13.
71% experienced physical assault.
63% were raped.
89% wanted to escape prostitution immediately but didn’t have a way to do so.
75% had experienced homelessness.
68% met criteria for having Post Traumatic Stress Disorder (PTSD).

Some Ways to Prevent Your Child from Being Trafficked Into Prostitution:

Sex traffickers frequent malls, movie theaters, bowling alleys, parks, typical teen hang out areas, and around school grounds. Make sure your children are supervised and not alone when in these areas.

Sex traffickers are always looking for girls who are alone or isolated; if your child is with a group, she is much less likely to be targeted.

Check your child’s emails, social media, and internet activities. Many Sex traffickers will build a relationship with children through the internet over time in order to gain their trust.

Screen any boyfriend by checking his age and status in the community. Check with his parents to verify his age, any gang affiliation, or any criminal history. Sex traffickers are notorious for lying about their age and who they are in order to gain a girl’s–and even her parent’s–trust.

Have a code word or phrase. For example, saying “I’m fine” means “Not okay! I need help!”. This way, if they are in the hands of an abductor they can text you this code without raising the suspicion of the abductor or sex trafficker.

Use the percentage sign or some unique symbol that will allow your child to text you one quick symbol to tell you they are in trouble.

Have specific and periodic check in times with your children. Setting a recurring alarm on your child’s phone will help them remember to check in. If your child misses a check in time, you can set a response in motion assuming that they are in trouble.

Talk to your child about what to do if they get into trouble with someone who is threatening them.

The basic rule is to never go to the second location once you realize you are in danger. No matter what the threat, advise them to go to a figure of authority immediately.

It is a difficult discussion to have, especially with junior high age children, but 8 to 14 year-olds are the primary targets of sex traffickers. Children really need to be coached on how to respond to that type of threat if it happens to them.

Advise your child to never leave any drink, even water, unattended at any party or event. Sex traffickers will drop what they call a “roofie” into the drink which causes the victim to become submissive to anyone without bringing attention to the situation.


Apple Is Testing a Feature That Could Kill Police iPhone Unlockers (like Cellebrite)


According to an article on Motherboard (June 4, 2018) an upcoming security feature for the Apple iPhone will keep it from being exploited if it is seized by government agents.

Apple’s new security feature, USB Restricted Mode, is in the iOS 12 Beta, and it could kill the popular iPhone unlocking tools for cops made by Cellebrite and GrayShift.

On Monday, at its Worldwide Developers Conference, Apple announced features of iOS 12. One very important security feature is called USB Restricted Mode. The feature essentially forces users to unlock the iPhone with the passcode when connecting it to a USB accessory every time the phone has not been unlocked for one hour. That includes the iPhone unlocking devices that companies such as Cellebrite or GrayShift make, which police departments all over the world use to hack into seized iPhones.

That pretty much kills GrayShift and Cellebrite. If it doesn't let ANY type of data connection happen until it's unlocked, then you can’t exploit the device because you can't communicate with it.

The last two iOS beta releases, 11.4.1 beta and 12 beta, have USB Restricted mode on by default. The feature is included in the Touch ID, Face ID and Passcode settings. Despite being in some of the betas, the feature did not make it to 11.3 nor 11.4, the latest public release of iOS.

I look forward to USB Restricted Mode being included in all public releases of iOS. It is an important security feature needed by the community.



Facebook Gave Device Makers Deep Access to Data on Users and Friends


According to a June 3, 2018 article in the New York Times"Facebook has reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade... Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing... Some device partners can retrieve Facebook users’ relationship status, religion, political leaning and upcoming events, among other data."

Police Broke Into Manning's Home With Guns Drawn — in a “Wellness Check”


According to The Intercept (June 5, 2018) Police Broke Into Chelsea Manning's Home With Guns Drawn — in a “Wellness Check”.

Shortly after Chelsea Manning posted what appeared to be two suicidal tweets on May 27, police broke into her home with their weapons drawn as if conducting a raid, in what is known as a “wellness” or “welfare check” on a person experiencing a mental health crisis.

Manning, a former Army intelligence analyst turned whistleblower and U.S. Senate candidate, was not at home, but video obtained by The Intercept shows officers pointing their guns as they searched her empty apartment.

“This is what a police state looks like,” Manning said. “Guns drawn during a ‘wellness’ check.”

Welfare checks like this, usually prompted by calls placed to 911 by concerned friends or family, too often end with police harming — or even killing — the person they were dispatched to check on.

Manning was out of the country at the time of the incident, said Janus Cassandra, a close friend who was on the phone with her that night. “If Chelsea had been home when these cops arrived with guns drawn, she would be dead.”

The video is also available on YouTube.
--
A Treatment Advocacy Center (TAC) study from December 2015 found “people with untreated mental illness are 16 times more likely to be killed during a police encounter than other civilians approached or stopped by law enforcement.” 

TAC estimated a “minimum of 1 in 4 fatal police encounters ends the life of an individual with severe mental illness.” This was based on real-time databases compiled by the Washington Post and the Guardian. (This remains the case in 2017.)

So far in 2018 (as of June 5th), the Washington Post has documented 73 instances where police shot and killed individuals with mental illness.

Tuesday, June 5, 2018

Personal Security -- At Home, On the Street, & While Traveling



Personal Security--At Home, On the Street, & While Traveling (US Department of State)

Security Awareness Overseas: An Overview

Travel to High-Risk Areas

Safety and Security for the Business Professional Traveling Abroad (FBI)


Army's Rifles Are Going Off When They Shouldn't


Some of the Army's rifles appear to have a malfunction that causes them to fire when they aren't supposed to, causing the service to review all of its rifles to make sure they are functioning properly.

It all started with a video recorded by a soldier showing an M4A1 carbine firing when it shouldn't have. The video shows the rifle's selector switch between "semi" and "auto" fire modes. The soldier squeezes the trigger, but the rifle does not fire. Once the soldier moves to auto, the weapon discharges a round.

The M4A1 featured in the video was one of several carbines converted from the original M4 model, which offered a three-round burst instead of automatic fire. The conversions were part of the Army's Product Improvement Program, which added a heavier barrel and ambidextrous controls in addition to fully automatic fire.

Officials at U.S. Army Tank-Automotive & Armaments Command (TACOM) believe the issue goes beyond the converted weapons, however, so it has instituted a new policy requiring all M4 and M16 series rifles to be checked for the issue within 10 days of April 18 or prior to live fire. So far, approximately 50,000 weapons have been checked with a failure rate of about 6 percent, according to Army Tank-automotive and Armaments Command.  (Circa, June 5, 2018)

What Would You Do?


You've been tied up in meetings all morning, meetings that ran well into your lunch hour. You finally get a minute to slip out of your office and grab something to eat. You go to an ATM, put in your card and see the message "Transaction Denied. Please Contact Your Financial Institution." You go to your bank, but it is closed. The ATM at the bank says "Temporarily Out Of Service".  You begin to notice that businesses around you are closing early. You get out your cell-phone to make a call and hear the message "All circuits are busy now. Please try your call again later." As you look around you see that the police are blocking off streets and setting up check points...

The likelihood that you will survive a long-term emergency depends largely on survival planning done today. Planning and preparation will enable you to react to a developing situation quickly and safely.

If a disaster strikes in your community, you might not have access to food, water, or electricity for several days. You may think that you will have enough time to run to the grocery store, but stores quickly sell out of important supplies following emergency warnings.

Preparing emergency kits for your family is an important step in keeping them safe and healthy during a disaster.

Because your family may not be together when a disaster strikes it is important to create a plan in advance.

Your plan should include:
  • How you will get to a safe place
  • How you will contact each other
  • How you will get back together
  • What you will do in different situations

Depending on your threat model, there are many things you may need to plan for. It's Friday afternoon before a holiday weekend. As you approach your, home looking forward to a few days off, you see a police car parked on the street in front of your house. A black SUV with government plates, and another marked police vehicle are parked in your driveway. You see four or five uniformed police officers standing in front of your house... What would you do?  Do you run up to the closest police officer, declare that this is your home and ask what's going on? If they have a warrant for your arrest you'll be spending the long weekend in jail, before you can see a judge on Tuesday.

A few years ago Matthew David Keenan's Criminal Law Legal Blogs provided advice on what to do if you think that the police are looking for you.

Most of us are probably not overly concerned about being arrested by the police; but do you have a crazy ex-spouse/boyfriend/girlfriend, etc. that might be looking to cause you some problem. According to a study by the CDC, an estimated 15 percent of women and 6 percent of men have been a victim of stalking during their lifetimes. 61 percent of female victims and 44 percent of male victims were stalked by a current or former intimate partner. 7.5 million people were stalked in one year in the U.S.

If you need to drop out of sight for a few days, do you have a place to go and a plan to do so?

The U.S. State Department has a booklet, "Personal Preparedness Plan: Prepare for an Unexpected Departure from Post" that offers advice for someone who might have to leave an area on short notice.

According to the law enforcement and intelligence experts on CBS's Hunted, going on the run is a lot harder than you might think.



Survival, Evasion, and Fieldcraft


Evasion - Successfully evading capture by hostile forces depends upon personal preparation, planning for the contingency, and to some degree, fortunate circumstances or luck. Attention to detail when preparing an emergency action plan, complete familiarity with communications devices and emergency procedures, and knowledge of personal survival kit items, indigenous personnel, and regional knowledge (flora, fauna, topography, climate, etc.) will aid in successful evasion. Isolated persons should carefully consider contact with indigenous people. Many countries have citizens overseas in areas where there is strong potential for mixed attitudes towards foreigners. There may be a high-risk of indigenous persons responding negatively or even violently, and your presence may result in personal danger to them regardless of their sympathies. Areas controlled by insurgents and illegally armed groups or criminals, locations of mob activity, roads, railroads, trails, rivers, border crossings, and heavily populated areas are normally considered high-threat evasion environments. Individuals must take great care to prevent exposure or capture. As a first move, isolated persons should attempt to establish contact with friendly forces, break visual contact with hostile elements, and move to a secure hiding site. If in a damaged vehicle, move away for as long and as far as possible. If forced to abandon the vehicle, the isolated person should move fast and change directions frequently. When possible, the isolated person should evaluate the immediate situation and again establish communication with friendly forces. Only after careful consideration of their situation should they attempt to evade to an area to initiate recovery. Isolated persons should treat all travel as evasion.

How to Prepare for Evasion:
  • Follow all local force protection guidance to avoid hazardous situations.
  • Develop a plan to communicate, flee, and fight, if necessary. Holding out for a short span of time may make the difference in being taken prisoner or not.
  • Develop a plan of action with several backup plans before departing a secure area.
  • Be familiar with your route and map --study it in detail.
  • Ensure vehicles are reliable and have all necessary emergency equipment.
  • Study the local norms and be alert to situations and changes in behaviors of the locals that may signal that something bad is about to happen --clear the area.
  • Have a "grab and go" kit. It should include a communications device (cell phone or radio), water, basic first aid kit, etc. Consider including local clothing to assist in any necessary improvised disguise. A weapon with extra ammunition may be appropriate if local conditions permit lawful possession.
  • Have personal affairs in order, and prepare family members for the potential of isolation.
  • Develop the will to survive and resist. Mental preparation is invaluable, and demonstrating a strong will can help overcome seemingly overwhelming obstacles.

When you become isolated or separated in a hostile area, either as an individual or as a group, your evasion and survival skills will determine whether or not you return to friendly lines.
  • When unable to continue the mission or unable to rejoin your unit, leave the immediate area, and move to your last rally point.
  • Observe activity in the area and form a plan.
  • Traveling alone offers the least possibility of detection, but traveling in groups of two to three is more desirable.
  • Plan a primary and alternate route. Consider distance, cover, food, and water. The easiest and shortest route may not be the best.
  • Food and water are daily requirements. You can do without food for several days; water, however, is essential.
  • Move at night. Use the daylight to observe, plan, and rest in a hide site.
 
Hide Site. Should be an isolated, covered and concealed site selected during evasion. In the hide site, you should take inventory of your situation and accomplish tasks such as camouflage, resting, and planning the next movement. It is seldom used or occupied for more than 24 hrs.
 
When selecting a site consider the following:
  • Distance from natural lines of drift (water, roads and trails, ridges, and key terrain)
  • Vegetation-thick?
  • Concealed from all directions?
  • Away from populated or built up areas
  • Escape route
  • Location where humans do not normally habitat
 
Hole Up Area. This is an isolated area selected during movement. Use it when your physical condition requires that you stop for food, water, equipment maintenance, and rest. Generally, avoid occupying such a position for more than 72 hrs. When selecting a hole up area, consider-
  • Abundance of food and water
  • Isolated
  • Low population density
  • Security at all times
  • Movement in or around hole up area is still kept to a minimum
  • Decentralize-separate rest, food procurement, food preparation and so on.

Survival - With training, equipment, and the will to survive, you can overcome any obstacle you may face. You will survive. Understand the emotional states associated with survival. "Knowing thyself" is extremely important in a survival situation. It bears directly on how well you cope with serious stresses, anxiety, pain, injury, illness; cold, heat, thirst, hunger, fatigue, sleep deprivation, boredom, loneliness and isolation. You can overcome and reduce the shock of being isolated behind enemy lines if you keep the key word S-U-R-V-I-V-A-L foremost in your mind. Its letters can help guide you in your actions.

S - Size up the situation, the surroundings, your physical condition, and your equipment.
U - Undue haste makes waste; don’t be too eager to move. Plan your moves.
R - Remember where you are relative to friendly and enemy units and controlled areas; water sources (most important in the desert); and good cover and concealment. This information will help you make intelligent decisions.
V - Vanquish fear and panic.
I - Improvise/Imagine. You can improve your situation. Learn to adapt what is available for different uses. Use your imagination.
V - Value living. Remember your goal to get out alive. Remain stubborn. Refuse to give in to problems and obstacles. This will give you the mental and physical strength to endure.
A - Act like the natives; watch their daily routines and determine when, where, and how they get their food and water.
L - Live by your wits. Learn basic skills.

Camouflage. While evading, you may need to use field-expedient means to camouflage yourself, your equipment, and your site. Mud, charcoal, berries, vegetation, ash and blood can all be used to camouflage exposed skin and equipment. Natural vegetation can be fixed to clothing and equipment by using vines to secure it or cutting small holes in the rip stop uniform material and feeding vegetation into it. Whenever a site is constructed and camouflaged keep the following memory aid in mind. B L I S S

Blends In
Low Silhouette
Irregular Shape
Small Size
Secluded
 
 

Monday, June 4, 2018

Data Detox


Mozilla and the Tactical Technology Collective present the 8-Day Data Detox. This program can help you clean up your digital presence and be a little bit safer on-line.

Why detox?

Do you feel like your digital self is slipping out of control?

Have you let yourself install too many apps, clicked “I agree” a few too many times, lost track of how many accounts you’ve created? Perhaps you’re not as in-control of your digital life as you’d like to be.

Don’t despair; this data detox is for you. By the end of the next 8 days, you’ll be well on your way to a healthier and more in-control digital self!
Toxic data build-up

If we think about what one or two pieces of data tell others about us, it may not seem that big of a deal: who cares if I’m a fan of country music, have a nerdy passion for trains, or harbor a secret crush on Sam in Accounts?

The problem lies in what’s happening with all of these pieces of data: collected across all our devices, services and accounts, and analyzed, shared and sold. Taken together over time, intimate digital patterns emerge: our habits, movements, relationships, preferences, beliefs and secrets are revealed to those who collect and capitalize on them.

As you follow this data detox, you’ll get a glimpse into how and why this is all happening, and take practical steps to reduce your “data bloat” – a toxic build-up of data that can lead to uncomfortable consequences in the longer term.

So... check out the 8-Day Data Detox



Habeas Data: Privacy vs. the Rise of Surveillance Tech



Politico (June 3, 2018) published an excerpt from Habeas Data: Privacy vs. the Rise of Surveillance Tech, by Cyrus Farivar.

The police in Santa Clara, CA tracked a hacker through the warrantless use of a secretive surveillance technology known as a stingray, which snoops on cell phones. Stingrays, or cell-site simulators, act as false cell phone towers that trick phones into giving up their location. They have become yet another tool in many agencies’ toolbox, and their use has expanded with little oversight - and no public knowledge that they were even being used until the Hacker went on an obsessive quest to find out just how law enforcement tracked him. When he tugged on that thread, he found out something else: that police might be tracking a lot more than we even know on our phones, often without the warrants that are usually needed for comparable methods of invasive surveillance.

While StingRay is a trademark, stingray has since become so ubiquitous in law enforcement and national security circles as to also often act as the catch-all generic term - like Kleenex or Xerox. A stingray acts as a fake cell tower and forces cell phones and other mobile devices using a cell network (like Rigmaiden’s AirCard, which provided his laptop with Internet access) to communicate with it rather than with a bona fide mobile network. Stingrays are big boxes - roughly the size of a laser printer - like something out of a 1950s-era switchboard, with all kinds of knobs and dials and readouts. Stingrays can easily be hidden inside a police surveillance van or another nearby location.

All of our cell phones rely on a network of towers and antennas that relay our signal back to the network and then connect us to the person that we’re communicating with. As we move across a city, mobile networks seamlessly hand off our call from one tower to the next, usually providing an uninterrupted call. But in order for the system to work, the mobile phone provider needs to know where the phone actually is so that it can direct a signal to it. It does so by sending a short message to the phone nearly constantly—in industry terminology this is known as a ping. The message basically is asking the phone: “Are you there?” And your phone responds: “Yes, I’m here.” (Think of it as roughly the mobile phone version of the children’s swimming pool game Marco Polo.) If your phone cannot receive a ping, it cannot receive service. The bottom line is, if your phone can receive service, then the mobile provider (and possibly the cops, too) know where you are. (Politico June 3, 2018)

Credit Freezes Will Be Free for Everyone in Washington Starting June 6, 2018



Starting June 6, 2018, credit bureaus will be prohibited from charging you – or anyone else who lives in Washington – to freeze or unfreeze your credit file.

Until now, most state residents have been charged $10 to freeze their file at each of the big three credit bureaus – Equifax, Experian and TransUnion – and another $10 to thaw the account to apply for credit. There’s another $10 charge to refreeze the file.

A new state law that takes effect on June 6 requires both freezes and thaws to be free.

A security freeze does not impact your credit score and it does not affect any relationship you already have with a creditor. It will help prevent crooks from getting a credit card or taking out a loan in your name.

“When you freeze your credit file, no one – including you – can gain access that file, unless it’s been thawed by you using a special PIN or passcode.”

“Credit monitoring will only warn you after a problem has occurred, as opposed to a credit freeze which is designed to prevent a problem from occurring in the first place.”

A freeze isn’t a silver bullet. It won’t stop all forms of identity theft, but it is one of the few things you can do to fight back. And now you can do it for free.

Sunday, June 3, 2018

ProtonMail and Tutanota


ProtonMail has a good explanation of zero-access encryption on its blog. All e-mail stored on ProtonMail servers is encrypted. Thus, even if the server is hacked or ProtonMail is faced with a government demand for your data the only thing available on the ProtonMail server would be encrypted data. ProtonMail is headquartered in Switzerland, and its servers are located there as well. This means that a government request for your data would have to be made through the Swiss courts and comply with Swiss data privacy laws.

Tutnota discusses how its encryption protects your personal information on the Tutanota servers. With Tutanota The entire mailbox is end-to-end encrypted. The encrypted data can only be accessed by your company. This includes all emails and all contact information (address book) stored in Tutanota. All data is stored encrypted on our own servers in highly secured data centers located in Germany.

I use both ProtonMail & Tutanota and recommend them as excellent services to secure your personal and private communications.

Don't Be A Twit - Encrypt Your Shit !

In June 2017 (updated in November 2017) Medium published a comparison of Tutanota vs. ProtonMail.


ProtonMail - https://protonmail.com     Tutanota - https://tutanota.com   

Most Secure E-mail Services


A May 20, 2018 article on Make Tech Easier introduces 10 of the most secure e-mail services for better privacy. As the article says:

"You can’t have too much privacy in today’s all-seeing Internet of big corporations, nosey governments, and “14 Eyes.” (If you don’t know what that is, do your research!) You don’t need to be a criminal not to want your emails spied on, but to have a guarantee of that, you’ll need to find an email service with your privacy as its main concern."

Of the ten e-mail services:
  1. Disroot
  2. TorGuard
  3. Hushmail
  4. Runbox
  5. Mailfence
  6. ProtonMail
  7. Tutanota
  8. Posteo.de
  9. Kolab Now
  10. CounterMail

I personally like ProtonMail and Tutanota. I previously used Hushmail, but haven't done so in several years, and no-longer recommend them since they compromised their users e-mail accounts back in 2007.

E-mail is most secure with the above services when it remains on the provider's network (i.e. ProtonMail to ProtonMail), but in all cases you should look for an e-mail service that provides encryption both for messages in transit and while at rest on the e-mail provider's servers.

Little Brother and Homeland

 
Cory Efram Doctorow is a Canadian-British blogger, journalist, and science fiction author who serves as co-editor of the blog Boing Boing
 


Little Brother

Marcus, a.k.a "w1n5t0n," is only seventeen years old, but he figures he already knows how the system works - and how to work the system. Smart, fast, and wise to the ways of the networked world, he has no trouble outwitting his high school's intrusive but clumsy surveillance systems.

But his whole world changes when he and his friends find themselves caught in the aftermath of a major terrorist attack on San Francisco. In the wrong place at the wrong time, Marcus and his crew are apprehended by the Department of Homeland Security and whisked away to a secret prison where they're mercilessly interrogated for days.

When the DHS finally releases them, Marcus discovers that his city has become a police state where every citizen is treated like a potential terrorist. He knows that no one will believe his story, which leaves him only one option: to take down the DHS himself.


Homeland

In Cory Doctorow's wildly successful Little Brother, young Marcus Yallow was arbitrarily detained and brutalized by the government in the wake of a terrorist attack on San Francisco―an experience that led him to become a leader of the whole movement of technologically clued-in teenagers, fighting back against the tyrannical security state.

A few years later, California's economy collapses, but Marcus's hacktivist past lands him a job as webmaster for a crusading politician who promises reform. Soon his former nemesis Masha emerges from the political underground to gift him with a thumb drive containing a Wikileaks-style cable-dump of hard evidence of corporate and governmental perfidy. It's incendiary stuff―and if Masha goes missing, Marcus is supposed to release it to the world. Then Marcus sees Masha being kidnapped by the same government agents who detained and tortured Marcus years earlier.

Marcus can leak the archive Masha gave him―but he can't admit to being the leaker, because that will cost his employer the election. He's surrounded by friends who remember what he did a few years ago and regard him as a hacker hero. He can't even attend a demonstration without being dragged onstage and handed a mike. He's not at all sure that just dumping the archive onto the Internet, before he's gone through its millions of words, is the right thing to do.

Meanwhile, people are beginning to shadow him, people who look like they're used to inflicting pain until they get the answers they want.

Fast-moving, passionate, and as current as next week, Homeland is every bit the equal of Little Brother―a paean to activism, to courage, to the drive to make the world a better place.
--

Cory Doctorow's fiction novel Little Brother, and its follow-on Homeland are entertaining for those who enjoy fiction, and yet these fiction novels provide information on personal security and digital privacy while fighting back against government overreach and oppression.