***************************************************************
Security-news <security-news@resist.ca>
A security bulletin for autonomous resistance movements
Produced by the folks who bring you http://security.tao.ca
***************************************************************

September 16th, 2002

Far be it from us to promote a right-wing rag like the Economist, but
there is a really interesting article in the August 31st edition of that
magazine about the crackdown of civil liberties in the US and around the
world. The best thing about the article is the world map diagram that
shows what laws have been changed and where in the world repression has
increased. We have scanned the picture and posted it at
http://security.tao.ca/post911legal.jpg for y'all to check out.


**********************************
Security-news: Issue #7 - Contents
**********************************
* Security tip of the week: Bug Checking
* Updates to security.tao.ca
* News & Analysis: Colorado Activists Look at Police Files
* News & Analysis: Aussie Cops Flex Their New DNA Powers
* How-to: Discover a vehicle tracking device

*****
Security Tip of the Week: Bug checking
*****
High-tech bug checking devices may seem interesting and useful, but more
often serve the purpose of giving a false sense of security rather than
actually proving that an office or dwelling is bugged. Line-tap checkers
are equally useless, particularly in the face of "legal" taps (those
done via warrant at the switch source). Practicing common sense when
speaking in a dwelling, office, vehicle, or on the phone - is the only
way to defeat planted monitoring devices - one should always assume the
walls have ears.

*****
Updates to security.tao.ca
*****
At the top of the index page, there is now a link to the current
security bulletin which will be kept current, so you can always check
out the site for the latest activist security-news.


*****
News & Analysis: Colorado Activists Look at Police Files
Associated Press, September 4 2002
*****

DENVER (AP) - Holding the just-released 18-page file that had been
secretly compiled on her by police, activist Barbara Cohen smiled and
shrugged her shoulders. "Don't I look like a dangerous criminal?" the
barely 5-foot tall, 53-year-old gray-haired legal secretary asked.

About 200 people crowded the lobby of Police Department headquarters
Tuesday after officials opened 3,200 "spy files" on local activists and
organizations.

City officials have conceded police went too far when they began
documenting individuals and groups some three years ago. Mayor
Wellington Webb, himself the subject of police surveillance when he was
a young activist, has condemned the practice. He said it violated city
policy.

Many who waited for up to an hour to see their file received papers that
still smelled of black marker where police had deleted the names of
people linked to them. Some of these files, which were categorized by
groups, individuals and incidents, contained inaccurate information,
some said.

Cohen, who belongs to the group End the Politics of Cruelty, said she is
considering a lawsuit after police linked her to a motorcycle group she
never heard of.

News that religious and peace groups were among those placed under
surveillance since about 1999 drew charges of police misconduct, an
investigation by a three-judge panel and the decision to let some people
see their files before the reports are purged.

Mark Silverstein, legal director of the Colorado chapter of the American
Civil Liberties Union, had a file for speaking at a rally in February
2000, which he insisted he didn't attend.

"It sounds like I ran my mouth off at a rally, but I wasn't there," he
said.

The American Friends Service Committee, a Quaker group and a Nobel Peace
Prize winner, was listed as a criminal extremist group by police,
according to the ACLU.

So was the Chiapas Coalition, which supports the Mayans of the Chiapas
state in Mexico where there have been guerrilla uprisings.

Amnesty International was listed as a civil disobedience group. Some
officers were not properly trained in intelligence gathering and some
people and groups may have been misclassified as criminal extremists,
said C.L. Harmer, spokeswoman for the Department of Safety, which
oversees the police department. The system has been examined by outside
auditors and training is under way, she said.

Criminal intelligence gathering, however, remains an important police
tool, Harmer added.

"As we approach 9-11, I think it reaffirms the legitimate use of
legitimate criminal files," she said.

Records of people not suspected of crimes will be released to those
people, then purged after Nov. 1. However, the city attorney's office
will keep copies of all files, including those eliminated by police.

The names of people or groups considered legitimate targets of
surveillance, as determined by an outside auditor, will remain in the
files and won't be released.

Security-news note: The only thing at all unusual about this case is
that the state admitted to some wrong-doing. There are numerous examples
of state, provincial and federal government agencies spying on agencies
as "radical" as christian peace groups and legal entities such as trade
unions. We find it interesting that while the police have been ordered
to destroy these "wrongful" files, the state attorney's office will be
keeping copies of them... doesn't sound like the government is making
much of an apology for several years of ill-informed and heavy-handed
data collection. Oh well, 9-11 certainly justifies it... doesn't it?


*****
News & Analysis: Aussie Cops Flex Their New DNA Powers             
posted by ABC Melbourne to infoshop.org, September 03 2002              
*****

Police in Victoria (Australia) have announced that they will be forcibly
collecting DNA from almost 4000 ex-offenders living in the community.
Under draconian new laws that were passed in May, those ordered to give
their DNA will be arrested if they fail to do so once a four-week
deadline has expired. Once in police custody they will be given a second
chance to provide a sample.

If they still refuse, the police are now legally entitled to use
so-called "extraction teams" to remove prisoners from their cells and
forcibly restrain them while a nurse takes a blood test. All testing
will be videotaped and the police are banned from taking samples,
apparently this has to be done by a nurse. But the testing will be
conducted at police stations in the presence of police. Apparently the
samples will then be placed in "tamper-proof" containers and sent to the
Victorian Forensic Science Centre where they will be matched against the
Victorian DNA database of unsolved crimes before being passed on to the
Federal Government's "CrimTrac" system.

People who will be forced to comply with this violation of their human
rights are any persons who have been convicted of a list of 36 serious
offences. What all of these offences actually are has not been made
public yet; what is known so far is that anyone convicted for murder,
arson, burglary, serious assault, rape and drug offences will be forced
to give DNA.

Information has not yet been provided as to what type of 'drug offences'
the new laws will target.

It is worth pointing out that the last time mass DNA testing took place
in Victoria that it took place in the prison system. This testing was
done illegally however the government moved swiftly to change the law
and to backdate it meaning prisoners were left without a legal leg to
stand on. A great majority of the prisoners who were forced to provide
DNA were not 'serious offenders' as the police and media would have us
believe but mainly those convicted of drug-related crimes against
property. No doubt this will be the case once more.



*****
How to: Discover a vehicle tracking device 
Taken from portland.indymedia.org, September 9, 2002
*****

(This isn't really in how-to format, it actually comes from an email to
a list of technical security professionals - but it provides enough info
so that you know what to look for)

Summary:Spooks commonly use tracking devices installed in private
vehicles to monitor travel and associations of individuals. This
detailed description of vehicle tracking devices and their installation
reveals just how it's done!

Weblink: http://cryptome.org/track-this.htm

To: tscm-l@yahoogroups.com From: \"Greg H. Walker, Attorney At Law\"
<gwalker@riskontrol.com> Date: Fri, 06 Sep 2002 10:17:59 -0500 Subject:
[TSCM-L] Re: Tracking device detection

Dear Group:

I am a major user of RF tracking devices which just sit and wait for a
signal to respond and then their response is done so in a burst of about
20 microseconds.  In 5 years of using these devices I have never had one
found that was installed inside of the interior of the vehicle and the
cars have been in for repairs of every kind and nature, including
electrical repairs. We have had them on police cars (for the internal
affairs people) and on former military counter-intelligence people
(marital).

Steve and James are so correct when they say that only a really well
trained TSCMer will find them -- anybody else trying is just lucky if
they find one because of the very short burst -- some of are units are
queried every five minutes and others every 30 minutes and the schedule
changes from time of day and the day of the week depending on what we
expect the  vehicle to be engaged in.

We have had PI's with their toys try to find them, but never a hardcore
TSCM professional.

Since I never see anyone on this list within my operating area let me
give you some information.

We install the unit inside of the vehicle and actually take the interior
apart to put them in underneath the plastic panels that make up modern
vehicle interiors, on rare occasions we will put the unit in the trunk
back near the wall separating the trunk and the passenger
compartment,but on the side panels.  A favorite place in a truck is in
the passenger's side front kick panel.  Some vehicles also lend
themselves nicely to taking out the glove box and putting them deep
inside of the dash. On SUV's we often put them to either side of the
large tailgate type back door. We have been forced to put them under the
back seat, our least favorite spot and usually carve out some of the
foam in the seat to slip the unit into.

The units will have two wires coming from it, one will be a coaxial
cable which is the antenna (there is the unit and the antenna and the
unit can go darn near anywhere where it can be concealed, but the
placement of the antenna is absolutely key).  Our preferred spot is to
bring the cable up a sidepost of the vehicle nearest where we put the
unit and then put the antenna between the headliner and the metal roof
with the working end of the antenna (our antennas are either a flat
square or flat round and are about the size of a 3-1/2 inch floppy disk
and about 1/2 inch thick) pointing down into the passenger compartment
so that the burst will have plenty of glass to exit through.  In some
instances we have had to put them underneath the shelf between the back
seat and the rear window and on occasion in a side panel itself and once
or twice high up into the dashboard (usually a van or large truck
without a headliner).

By the way, you usually cannot find the antenna by palpating the
headliner or even visually examining the headliner because today
headliners are thick and foam padded.

The second wire will be a power supply wire and it will either go to a
battery set (ours are specially made and shrunk wrapped in a heavy black
plastic -- we have two sizes one consisting of 8 D size regular alkaline
batteries, usually Duracell, and the other consisting of, as I recall (I
can't find one to look at right now) 16  2/3 AA lithiums -- quite
expensive and also specially built and shrunk wrapped or it will go to
the vehicle's own power supply (which is what we do almost 100% of the
time today) {Steve and I have a friendly difference of opinion on the
legality of this, however, since under Texas law we have to the
permission of an owner or lessee of the vehicle to even install the
device it includes the consent to connect to the vehicle electrical
system} -- we will connect either to a full time live wire near where
the unit is placed or we will run a wire under the carpet, side molding,
etc. to the fuse box and we have a special little hook like thing that
fits into the fuse box underneath a regular fuse and is difficult to
detect. On rare occasions we have went direct to the battery.

Since most of our installations last a month or more we prefer the
hardwire so we don't have to keep getting the vehicle back to change
battery packs.  We have some installations that go on for a couple of
years.

One of the problems with the battery packs is their life span (the D
packs if queried every 15 minutes 24/7 will last anywhere from 12 to 14
days depending the how hot the area where they are placed gets (down
here in Texas the Summer heat reduces their time by about one day); the
2/3 AA lithiums run about the same length of time, but we only trust
them for 10 to 12 days. The lithium packs are small about 2-1/2" wide by
5" long and 1/2" thick and are light weight, but they are very expensive
-- the D packs are bulky and heavy.

I use a commercial radio shop that does fleet radio systems to make my
installs because they understand RF technology and are good at
disassembling and reassembling interiors of vehicles.  I do not
recommend that anyone use a car stereo shop or a mobile phone shop.

I hope that this is of help to true professional TSCMer's, again, Steve
and James are correct, leave this to true professional TSCMer's they
know what to look for and have the correct equipment.

Greg H. Walker, ARM* Attorney At Law President RisKontroL -- Risk
Management, Security Consulting & Investigations Houston, Texas (713)
850-0061

* Associate in Risk Management Designation (Insurance Institute of
America's Center For Advanced Risk Management Education)

WARNING NOTICE BY GHW:  Greg H. Walker's comments are not intended to be
and should absolutely not be taken as legal advice.  Unless you have
entered into a specific written agreement with him for legal services,
signed by both you and him, and paid him a retainer in good funds, then
he is not your Attorney, does not intend to be your Attorney and you
should not act nor refrain from acting based, in whole or in part, on
his comments.

***************************************************************
Security-news <security-news@resist.ca>
Good computer security is no substitute for good sense!                  
To sub or unsub - http://resist.ca/mailman/listinfo/security-news        
***************************************************************