Surveillance, secrecy, and ebay

Matt Blaze mab at crypto.com
Fri Jul 25 17:30:46 EDT 2008 

One of the less-discussed risks of widespread surveillance is
not just the abuse or misuse of intercepted content and meta-
data by the government, but its accidental disclosure. As
more and more private data gets collected, and as it sits
around for longer and longer, it becomes inevitable that some
of it will end up in surprising places.  No malice is required;
it's practically impossible to avoid.  And this is not merely
a hypothetical concern.  Case in point:

I recently indulged myself with a used Nagra SNST tape
recorder, a beautifully-engineered miniature reel-to-reel
device that was especially popular with law enforcement and
intelligence agencies from the 70's to the 90's.  (Hey, I'm a
old-school geek -- I like gadgets.)

The recorder came with with a tape reel, which I had assumed
was blank or erased. But a couple of days ago, I decided to
double check just to be sure.  To my surprise, the the tape
wasn't blank at all.  It contained a recording of a "wired"
confidential informant being sent out to buy drugs on behalf
of a state police agency in 1996.

The recording was pretty innocuous and boring, to be honest
(the deal never happened, and most of the tape is the sound
of a car being driven to the buy location).  But there was
a disturbing element: the tape contained the full names of both
the suspect and the supposedly "confidential" informant!

I've got an MP3 of the tape on my blog.  The names of the
hapless informant and suspect have been muted out in the name
of good sense:
   http://www.crypto.com/blog/watching_the_watchers_via_ebay/

Unfortunately, this is hardly an isolated incident; this sort of
inadvertent disclosure of sensitive information -- stuff that
could cause people real harm -- happens all the time.  And law
enforcement agencies can be among the most carless offenders.  A
couple of years ago, when my grad students and I were studying
telephone wiretaps and were buying up surplus law enforcement
wiretapping gear, we were disturbed to discover that almost none
of the equipment we bought had been sanitized before being sold
off.  Pen registers bought from several different agencies (on
ebay and other places) generally were delivered in the state in
which they were last used, configured complete with suspect's
telephone numbers and call detail records

None of this should be terribly surprising.  It's becoming harder
and harder to destroy data, even when it's as carefully controlled
as confidential legal evidence. Aside from copies and backups made
in the normal course of business, there's the problem of obsolete
media in obsolete equipment; there may be no telling what
information is on that old PC being sent to the dump, where it
might end up, or who might eventually read it.   More secure storage
practices -- particularly transparent encryption -- can help here,
but they won't make the problem go away entirely.   Once sensitive
or personal data is captured, it stays around forever, and the
longer it does, the more likely it is that it will end up somewhere
unexpected.  This is yet another reason why everyone should be
concerned about large-scale surveillance of the kind recently
authorized by Congress; it's simply unrealistic to expect that the
personal information collected will remain confidential for very
long.

-matt

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list