Secret Predictive Policing in New Orleans

Good thing we have a Constitution to prevent this kind of thing. /sarcasm

According to Ronal Serpas, the department’s chief at the time, one of the tools used by the New Orleans Police Department to identify members of gangs like 3NG and the 39ers came from the Silicon Valley company Palantir. The company provided software to a secretive NOPD program that traced people’s ties to other gang members, outlined criminal histories, analyzed social media, and predicted the likelihood that individuals would commit violence or become a victim. As part of the discovery process in Lewis’ trial, the government turned over more than 60,000 pages of documents detailing evidence gathered against him from confidential informants, ballistics, and other sources — but they made no mention of the NOPD’s partnership with Palantir, according to a source familiar with the 39ers trial.
And it gets worse.

Wikileaks Just Proved Us Right, But What Now?

I’m trying very hard to refrain from screaming, “I told you so!” because quite frankly, being right about this sucks. That being said, I and others who have been warning about the extent of the surveillance state were not only proven right yesterday, but we’re now seeing something almost past what even we envisioned. The ramifications of Vault7 will not be fully understood for some time; for most folks, possibly not ever because they won’t bother to learn them.

The natural reaction from the liberty cause will be, as usual, a variety of the same tired statements.

“It’s doesn’t matter what we do, they see it all anyway.” — While true, this is generally used as a crutch and excuse for not learning anything. What it SHOULD be is an impetus to learn other methods.

“They can COME GET SOME.” — These people are not even worth the time it takes to teach.  Bring me someone who is humble, teachable, and is driven by the right things and I can teach him to do just about anything in this arena.  (Hint: If the mere idea that your stupid mistake could get your contacts arrested or killed does not make you physically ill and willing to learn just about ANYTHING to prevent it from happening, you might not be worth teaching.)

The bottom line is this: you cannot engage in any computer based activities without being seen and identified unless you are using a specific kind of computer, a specific way, in a specific location, for a specific reason. There is no turnkey solution that will allow you to sit in your armchair and tool around on the Internet safely without being followed around, identified, and collected on. There just isn’t, and anyone who says there is, is either wrong or lying to you.

Don’t believe me — read the docs for yourself. Put it all together.  The information has been there for a long time; some of us just bothered to read it sooner.

You can still engage in certain activities online, but there is a very specific process that MUST be followed, and here’s the cold truth:

1. If you make one mistake in that process, you expose your network and activities.

2. If you are tired, cold, wet and hungry, you are more apt to make that fatal mistake.

3. The system is designed to amplify human error. (See where this is going yet?)

4. In short, you are looking at a lose-lose situation. You’re in a funnel designed to make you screw up, that has a contingency plan to catch you on any level. You started using Signal? Great. Too bad your phone is hacked at the hardware level before it even gets to Signal. You used a throwaway email address to send some messages and you did it from two towns away? Awesome. Too bad you drove your own car, in the toll lane, and took your phone.  Oh, you bought a burner phone? Fantastic. Too bad you wore your “KILL ‘EM ALL” shirt while doing it, and immediately activated it when you got back to your car…in the parking lot of the Best Buy where you’re getting your computer “fixed.”

Smart people will be using meatspace, they’ll be learning and applying tradecraft designed for more old school and low- or non-technical applications. They’ll stop needing to expand their contact network. I don’t need to know your group, I just need to know you. I don’t need to even know the person I need a get a message to, I just need to know how to get the message there. Stop thinking you need to know everyone, you don’t need 5000 friends on Facebook and you don’t need to get into every patriot group on social media. Everyone who has direct access to you is a liability to you, on some level. Minimize your liabilities.

Have a serious conversation with yourself about your own weaknesses, and who in your circle is a security risk. Stop letting your feelings and the “brother” this and “sister” that make your decisions for you.  Just because you think someone has your back doesn’t mean they’ll go to prison for you. It doesn’t mean they’ll let their kids go hungry for you.  And if Vault 7 teaches you anything, it should be that the forces aligned against you have no moral limits, no uncrossable lines, no place off limits.  Sit down in a quiet room by yourself and really think through the implications of that fact. Read through Vault 7’s disclosures and understand how far they are going every single day on a mass scale.  Do you really think they will have some moral issue with turning your so-called “brothers” and “sisters” against you? Or vice versa?

Bottom line is this: they’re playing high level chess and taking double/triple turns. Quit running around the board with your checkers, yelling for someone to king you.

Anonymous Twitter Account, Part 2

For some reason people have a hard time wrapping their heads around the idea of an anonymous Twitter account. The standard naysayers came out all over the web on the various sites who linked to my article, casting doubt and dispersion about whether it was even possible. So consider this a followup, for those who didn’t bother to actually read the article at the Intercept, and just went off of the headline.

The naysayers are correct in that your computer will give you away. That’s why you don’t use YOUR computer. Don’t use the laptop that is resting on your belly while you sit in your recliner. Don’t use your phone — especially the so-called ‘burner phone’ that you (foolishly) carry around in the same pocket as your regular phone. Don’t use the same desktop where you pen your ‘militia roll calls’ on Facebook or share your memes. Don’t use the computer of anyone you know.

Instead, you go get a cheap refurb computer, that has never connected to your home or work internet (or your favorite coffee shops and hangouts). You never use it at work or home, or anywhere else you frequently go. You use a VPN, you use Tor, and you make accounts that aren’t linked to you in any way.  You use email addresses created and accessed only on that laptop, only when on VPN, only on Tor, only when not home.

On top of all of that, you don’t drive your own car to wherever you’re going to set up, because you don’t want a license plate reader picking it up and putting you in that location at that time. Don’t wear your loud-and-proud gear. Dress to fit in and disappear inside whatever area you’re in.  If that means you dress like a hipster and blend into some eclectic little vegan shop with wifi, then so be it. Don’t use the same location over and over. Don’t become recognizable and memorable. For the love of all that’s holy, don’t take your cell phone with you. In fact, send it with someone else going another direction if you have to.

If you’re going to do it right, you wouldn’t follow anyone you know with your account, anyone you would normally follow, or who would follow you. Your entire function is PUSHING information, and so you wouldn’t respond to direct messages, click on links, or do anything else that detracts from your actual function.

Gee, you might be thinking. That sounds like a big pain in the rear end. A lot of trouble and annoyance, or even money.  Yup. That’s exactly what it is. Do you want to do it and get caught? Or do you want to do it correctly?

That’s why agitators and activists — the real ones — are so few and far in between. Because doing it right requires a lot more work than sharing memes on Facebook.