General Discussion

http://www.themediaconsortium.com/reporting/wp-content/uploads/2008/03/affidavit-bp-final.pdf

My name is Babak Pasdar, President and CEO of Bat Blue Corporation. I have given this affidavit to
Thomas Devine, who has identified himself as the legal director of the Government Accountability
Project, without any threats, inducements or coercion.

I have been a technologist in the computer and computer security industry for the past nineteen years
and am a "Certified Ethical Hacker" (E-Commerce Consultants International Council.) I have worked
with many enterprise organizations, telecommunications carriers, as well as small and medium sized
organizations in consulting, designing, implementing, troubleshooting, and managing security systems.
This statement is to make a record ofmy concerns about the privacy implications for our society from
what I personally witnessed at a major telecommunications carrier, as summarized below.

What I know:

• I know I saw a circuit that everyone called the "Quantico Circuit."

• I know that all other sites had store numbers or affiliate numbers. The "Quantico Circuit" was
the only site being migrated that had such a unique name.

• I know that it was a third party connecting to the client's network via the "Quantico Circuit."

• I know everyone was uncomfortable talking about it.

• I know that connecting a third party to your network core with no access control is against all
standard security protocols, and would fail almost any compliance standard.

• 1 know that I was a trusted resource. During the project, I at all times had access and control
over the communications to the most sensitive of the organization's systems. This included
their sales applications, billing systems, text messaging and mobile internet access, including email
and web. I even had a client badge for entry to the building and access to facilities.

• I know the client had Network VCRs situated at various locations throughout their data centers.
These devices collected and recorded all network communications and had the capacity to store
them for days, possibly weeks.

• I know that many of the organization's branch offices and affiliate systems did not have that
unfettered access, because I instituted the controls.

What is likely, based on normal industry practice:

• A third party had access to one or more systems within the organization.

• The third party could connect to one or more of the client's systems. This would include the
billing system, fraud detection system, text messaging, web applications. Moreover, Internet
communications between a mobile phone and other Internet systems may be accessed.

• The client could connect to one or more of the third party's systems.

• The client's Data and Cell networks are interconnected.

• It is unlikely that any logging was enabled for any access to the Quantico circuit, because the
client's technical experts suggested that this was not enabled. They were tentative in even
discussing the subject. Even if logging was enabled the logging system was so inappropriately
sized that it was useless.

What is possible due to consistency with known facts but for which I don't have proof:

• The third party may be able to access the billing system to find information on a particular
person. This information may include their billing address, phone number(s), as well as the
numbers and information of other people on their plan. Other information could also include
any previous numbers that the person or others on their plan called, and the outside numbers
who have called the people on the plan.

• The third party may be able to identify the Electronic Security Number (ESN) of the plan
member's phones. This is a unique identifier that distinguishes each mobile device on the
carrier's network.

• With the ESN information and access to the fraud detection systems, a third party can locate or
track any particular mobile device. The person's call patterns and location can be trended and
analyzed.

• With the ESN, the third party could tap into any and all data being transmitted from any
particular mobile device. This would include Internet usage, e-mails, web, file transfers, text
messages and access to any remote applications.

• It also would be possible in real-time to tap into any conversation on any mobile phone
supported by the carrier at any point.

• It would be possible for the third party to access the Network VCR devices and collect a variety
of information en masse. The Network VCR collects all communications between two systems
indiscriminately. It would then archive this information making it available for retrieval on demand.
The third party could access the Network VCR systems and collect all data
communications for single mobile device such as text messaging, Internet access, e-mail, web
access, etc. over some period of minutes, hours, days or weeks. The same can be done for
communications of multiple, many or even all mobile devices for some period of minutes,
hours, days or weeks.

• Even if the client did not provide specific login and access for the third party to one or more of
their systems, without any access controls it is possible for the third party to leverage
vulnerabilities to "compromise" the client systems and obtain control or collect sensitive
information.

Russell Tice Confirms Everything We’ve Surmised About Bush’s Illegal Wiretap Program
http://emptywheel.firedoglake.com/2009/01/21/russell-tice-confirms-everything-weve-surmised-about-bushs-illegal-wiretap-program/

First, Tice’s description of the program confirms everything we have surmised about the program. The program:

Established the means to collect all American communications
Analyzed meta-data to select a smaller subset of communications to tap further
Conducted human analysis of those messages
That is, the Bush administration used meta-data (things like length of phone call that have nothing to do with terrorism) to pick which communications to actually open and read, and then they opened and read them.

~snip~

And of course, everyone’s communications–everyone’s–were included in the totality of communications that might be tapped.

Including–especially–journalists. We knew that both Christiane Amanpour and Lawrence Wright’s communications were tapped. Well, apparently so were every other journalists’.

Tice figured out that they were getting journalists’ communications when he realized that they were separating out all the journalists’ communications–but then ensuring that those communications were still collected 24/7.

DOJ's secret subpoena of AP phone records broader than initially revealed
http://openchannel.nbcnews.com/_news/2013/05/20/18377209-dojs-secret-subpoena-of-ap-phone-records-broader-than-initially-revealed?lite

The Justice Department’s secret subpoena for AP phone records included the seizure of records for five reporters' cellphones and three home phones as well as two fax lines, a lawyer for the news organization tells NBC News.


David Schulz, the chief lawyer for the AP, said the subpoenas also covered the records for 21 phone lines in five AP office lines -- including one for a dead phone line at office in Washington that had been shut down six years ago. The phone lines at four other offices – where 100 reporters worked — were also covered by the subpoenas, Schulz said.

~snip~

Schultz said the subpoena for a Washington phone line that had been shut down years ago raises questions about assertions by Deputy Attorney General James Cole, in a letter last week, that the subpoenas were narrowly crafted and only issued after a "comprehensive investigation" that included over 550 interviews and reviewing tens of thousands of documents.

~snip~

Schultz confirmed that the subpoenas for the phone records were secretly issued to Verizon, which turned them over to the Justice Department without any initial notice to AP. On May 10, Justice notified AP of the subpoenas in a one-sentence letter, citing department guidelines that require such notice for media phone records after 90 days.