Posts Tagged ‘spy’

You Got To Be Shitting Me Entry #97

May 4, 2014

NBC News

A relic from the Cold War appears to have triggered a software glitch at a major air traffic control center in California Wednesday that led to delays and cancellations of hundreds of flights across the country, sources familiar with the incident told NBC News.

On Wednesday at about 2 p.m., according to sources, a U-2 spy plane, the same type of aircraft that flew high-altitude spy missions over Russia 50 years ago, passed through the airspace monitored by the L.A. Air Route Traffic Control Center in Palmdale, Calif. The L.A. Center handles landings and departures at the region’s major airports, including Los Angeles International (LAX), San Diego and Las Vegas.

The computers at the L.A. Center are programmed to keep commercial airliners and other aircraft from colliding with each other. The U-2 was flying at 60,000 feet, but the computers were attempting to keep it from colliding with planes that were actually miles beneath it.

Though the exact technical causes are not known, the spy plane’s altitude and route apparently overloaded a computer system called ERAM, which generates display data for air-traffic controllers. Back-up computer systems also failed.

As a result, the Federal Aviation Administration (FAA) had to stop accepting flights into airspace managed by the L.A. Center, issuing a nationwide ground stop that lasted for about an hour and affected thousands of passengers.

At LAX, one of the nation’s busiest airports, there were 27 cancellations of arriving flights, as well as 212 delays and 27 diversions to other airports. Twenty-three departing flights were cancelled, while 216 were delayed. There were also delays at the airports in Burbank, Long Beach, Ontario and Orange County and at other airports across the Southwestern U.S.

In a statement to NBC News, the FAA said that it was “investigating a flight-plan processing issue” at the L.A. Air Route Traffic Control Center, but did not elaborate on the reasons for the glitch and did not confirm that it was related to the U-2’s flight.

“FAA technical specialists resolved the specific issue that triggered the problem on Wednesday, and the FAA has put in place mitigation measures as engineers complete development of software changes,” said the agency in a statement. “The FAA will fully analyze the event to resolve any underlying issues that contributed to the incident and prevent a reoccurrence.”

Sources told NBC News that the plane was a U-2 with a Defense Department flight plan. “It was a ‘Dragon Lady,’” said one source, using the nickname for the plane. Edwards Air Force Base is 30 miles north of the L.A. Center. Both Edwards and NASA’s Neil A. Armstrong Flight Research Center, which is located at Edwards, have been known to host U-2s and similar, successor aircraft.

The U.S. Air Force is still flying U-2s, but plans to retire them within the next few years.

Gary Hatch, spokesman for Edwards Air Force Base, would not comment on the Wednesday incident, but said, “There are no U-2 planes assigned to Edwards.”

A spokesperson for the Armstrong Flight Research Center did not immediately return a call for comment.

Developed more than a half-century ago, the U-2 was once a workhorse of U.S. airborne surveillance. The plane’s “operational ceiling” is 70,000 feet. In 1960, Francis Gary Powers was flying a U-2 for the CIA over the Soviet Union when he was shot down. He was held captive by the Russians for two years before being exchanged for a KGB colonel in U.S. custody. A second U.S. U-2 was shot down over Cuba in 1962, killing the pilot.

Advertisements

You Got To Be Shitting Me Entry #23

July 30, 2011

By Mike Flacy | Digital Trends 

Built by Mike Tassey and Richard Perkins, the Wireless Aerial Surveillance Platform (otherwise known as the WASP) is a flying drone that has a 6-foot wingspan, a 6-foot length and weighs in at 14 pounds. The small form factor of the unmanned aerial vehicle allows it to drop under radar and is often mistaken for a large bird. It was built from an Army target drone and converted to run on electric batteries rather than gasoline. It can also be loaded with GPS information and fly a predetermined course without need for an operator. Taking off and landing have to be done manually with the help of a mounted HD camera. However, the most interesting aspect of the drone is that it can crack Wi-Fi networks and GSM networks as well as collect the data from them.

It can accomplish this feat with a Linux computer on-board that’s no bigger than a deck of cards. The computer accesses 32GB of storage to house all that stolen data. It uses a variety of networking hacking tools including the BackTrack toolset as well as a 340 million word dictionary to guess passwords. In order to access cell phone data, the WASP impersonates AT&T and T-Mobile cell phone towers and fools phones into connecting to one of the eleven antenna on-board. The drone can then record conversations to the storage card and avoids dropping the call due to the 4G T-mobile card routing communications through VOIP.

Amazingly, this was accomplished without breaking a single FCC regulation. The drone relies on the frequency band used for Ham radios to operate. Not wanting to get into legal trouble with AT&T and T-Mobile, they tested the technology in isolated areas to avoid recording phone conversations other than their own. The duo play to discuss how to build the WASP at the DEFCON 19 hacking conference.

You Got To Be Shitting Me Entry# 7

May 4 2011

By JOE MANDAK (AP)

PITTSBURGH – You didn’t pay your bill. We need our computer back. And here’s a picture of you typing away on it, the computer rental company told a client as it tried to repossess the machine.

Those allegations appear in a federal lawsuit alleging that the firm, Atlanta-based Aaron’s Inc., loaded computers with spyware to track renters’ keystrokes, make screenshots and even take webcam images of them using the devices at home. The suit filed by a Wyoming couple Tuesday raises anew questions of how invasive custodians of technology should be in protecting their equipment.

Computer privacy experts said Aaron’s, a major furniture rental chain, has the right to equip its computers with software it can use to shut off the devices remotely if customers stop paying their bills, but they must be told if they’re being monitored.

“If I’m renting a computer … then I have a right to know what the limitations are and I have a right to know if they’re going to be collecting data from my computer,” said Annie Anton, a professor and computer privacy expert with North Carolina State University.

But the couple who sued Aaron’s said they had no clue the computer they rented last year was equipped with a device that could spy on them. Brian Byrd, 26, and his wife, Crystal, 24, said they didn’t even realize that was possible until a store manager in Casper came to their home Dec. 22.

The manager tried to repossess the computer because he mistakenly believed the Byrds hadn’t paid off their rent-to-own agreement. When Brian Byrd showed the manager a signed receipt, the manager showed Byrd a picture of Byrd using the computer — taken by the computer’s webcam.

Byrd demanded to know where the picture came from, and the manager “responded that he was not supposed to disclose that Aaron’s had the photograph,” the lawsuit said.

Aaron’s, which bills itself as the nation’s leader in the sales and lease ownership of residential furniture, consumer electronics and home appliances, said the lawsuit was meritless. It said it respects its customers’ privacy and hasn’t authorized any of its corporate stores to install the software described in the lawsuit.

The Byrds contacted police, who, their attorney said, have determined the image was shot with the help of spying software, which the lawsuit contends is made by North East, Pa.-based Designerware LLC and is installed on all Aaron’s rental computers. Designerware is also being sued in U.S. District Court in Erie.

Aaron’s, with more than 1,800 company-operated and franchised stores in the United States and Canada, said the Byrds leased their computer from an independently owned and operated franchisee. Aaron’s, which also manufactures furniture and bedding, said it believes that none of its more than 1,140 company-operated stores had used Designerware’s product or had done any business with it.

Tim Kelly, who said he’s one of the owners of Designerware, said he wasn’t aware of the lawsuit and declined to comment.

Two attorneys who are experts on the relevant computer privacy laws, the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, said it’s difficult to tell if either was broken, though both said the company went too far.

Peter Swire, an Ohio State professor, said using a software “kill switch” is legal because companies can protect themselves from fraud and other crimes.

“But this action sounds like it’s stretching the self-defense exception pretty far,” Swire said, because the software “was gathering lots of data that isn’t needed for self-protection.”

Further, Swire said the Computer Fraud and Abuse Act “prohibits unauthorized access to my computer over the Internet. The renter here didn’t authorize this kind of access.”

Fred Cate, an information law professor at Indiana University agrees that consent is required but said the real question might be: “Whose consent?”

Courts have allowed employers to record employee phone calls because the employers own the phones. Similar questions arise as digital technology becomes more omnipresent, Cate said.

“Should Google let you know they store your search terms? Should Apple let you know they store your location? Should your employer let you know ‘We store your e-mail’?” Cate said.

Last year, a Philadelphia-area school district agreed to pay $610,000 to settle two lawsuits over secret photos taken on school-issued laptops, admitting it captured thousands of webcam photographs and screen shots from student laptops in a misguided effort to locate missing computers.

Harriton High School student Blake Robbins, then 15, charged in an explosive civil-rights lawsuit that the Lower Merion School District used its remote tracking technology to spy on him inside his home. Evidence unearthed in the case showed that he was photographed 400 times in a two-week period, sometimes as he slept, according to his lawyer, Mark Haltzman.

The FBI investigated whether the district broke any criminal wiretap laws, but prosecutors declined to bring any charges. The district no longer uses the tracking program.

The Byrds want the court to declare their case a class action and are seeking unspecified damages and attorneys’ fees. The privacy act allows for a penalty of $10,000 or $100 per day per violation, plus punitive damages and other costs, the lawsuit said.

“It feels like we were pretty much invaded, like somebody else was in our house,” Byrd said. “It’s a weird feeling, I can’t really describe it. I had to sit down for a minute after he showed me that picture.”