The TrapWire Threat Meter (TTM) may possibly be at high-red alert since WikiLeaks dumped more shocking surveillance emails from the hacked global intelligence company Strafor. Privacy SOS reports on "the revelation of an enormous, shadowy surveillance company with deep ties to the CIA: Trapwire exploded on the surveillance scene like a bat out of hell. And people are justifiably freaked out about it."
TrapWire is run by Abraxas Corp's Abraxas Applications. The 2007 whitepaper [PDF] described TrapWire as "a unique, predictive software system designed to detect patterns of pre-attack surveillance." No wonder photographers continue to be treated as potential terrorists, since TrapWire says terrorist pre-attack surveillance includes "photographing, measuring and signaling." This Private Paste from Justin Ferguson, who helped spread the word of this leak, states, "It's essentially a system setup to detect surveillance, so if you've ever taken a picture of basically anything 'important' you were probably flagged in a 'suspicious activity report' (SAR). It's logged to a central database and then cross-site reports are disseminated."
When DHS launched the SARs database, senior homeland security official John Cohen stressed that "authorized users of the [SARs] system are instructed on how to distinguish between behavior that warrants scrutiny and lawful conduct that doesn’t justify attention from the government." Yet this Stratfor email claims a TrapWire benefit of using the system is to "help 'walk back the cat' after an attack to identify terrorist suspects and modus operandi.” But mission creep infects all technology and databases store everything forever on everyone waiting to be data-mined; with all the ridiculous you-might-be-a-terrorist-if lists identifying much more than real terrorists, we never know what might be considered suspicous tomorrow. This note states, “Surv footage can be walked back and track the suspects from the get go w/facial recognition software (or TrapWire) technology." Didn't the EFF warn us that most Americans are in a facial recognition database even now? This 2006 United States Patent and Trademark Office says TrapWire uses "pan-tilt-zoom cameras" and human reports entered into databases using a "10-characteristic description of individuals" and an "8-characteristic description vehicles."
Public Intelligence says Stratfor emails imply "that TrapWire is in use by the U.S. Secret Service, the British security service MI5, the Royal Canadian Mounted Police, as well as counterterrorism divisions in both the Los Angeles and New York Police Department" and the LA fusion center. The emails also suggest that TrapWire is in use at military bases around the country. "A July 2011 email from Burton to others at Stratfor describes how the U.S. Army, Marine Corps and Pentagon have all begun using TrapWire and are 'on the system now.' Burton described the Navy as the 'next on the list'."
This 2009 email from Stratfor Chairman Don Kuykendall says that TrapWire's clients included Scotland Yard, #10 Downing, the White House, and many MNC's (multinational corporations). There were also plans to introduce TrapWire to "Wal Mart, Dell and other Fred cronies." I recall a big push by DHS involving TV screens and See Something Say Something videos at Walmart encouraging regular Wally World Joes to turn into citizen spies and report other allegedly suspicious shoppers. In 2010, Homeland Secretary Janet Napolitano said, "This partnership will help millions of shoppers across the nation identify and report indicators of terrorism, crime and other threats to law enforcement authorities."
iWatch pulls community member reporting into the TrapWire search engine and compares SARs across the country...with potential matches being fed back to the local LE agency. An amazing amount of good quality reporting is coming in from alert citizens (and police officers) in the DC area in particular.
There are plenty of alarming TrapWire facts released in Antisec hacktivist-acquired Statfor email dumps. In an attempt to separate fact from hysterical fiction spreading through the interwebz, Privacy SOS has nicely outlined TrapWire's early history and the basics of what TrapWire does. The article also points to this "disturbing" leaked email from Burton stating, "Regarding SF landmarks of interest -- they need something like TrapWire more for threats from activists than from terror threats. Both are useful, but the activists are ever present around here."
The Stratfor emails were mirrored since WikiLeaks was under massive DDoS attacks, but even the mirrors were attacked. Russia Today reported, "Australian activist Asher Wolf wrote on Twitter that the DDoS attacks flooding the servers of WikiLeaks supporter sites were reported to be dropping upwards of 40 gigabits of traffic per second. On Friday, WikiLeaks tweeted that their own site was sustaining attacks of 10 Gb/second, adding, 'Whoever is running it controls thousands of machines or is able to simulate them'."
This is just scratching the TrapWire surface, but it's also interesting to note what Cryptome added. Regarding Microsoft and NYPD's all-seeing Big Brother crime and terrorism prevention system aka the "Domain Awareness System," Cryptome has a plethora of Private Paste information listed under "Renamed TrapWire Spying System - NYPD-Microsoft Domain Spying System."
Like this? Here's more posts:
- EFF: Americans may not realize it, but many are in a face recognition database now
- HOPE 9: Whistleblower Binney says the NSA has dossiers on nearly every US citizen
- NSA Whistleblower Drake: You're automatically suspicious until proven otherwise
- Doubly Ludicrous: DEA war on drugs 'failed' so why log us via license scanners?
- Perfect, persistent, undetectable hardware backdoor
- DEFCON Kids: Hacking roller coasters and the power grid with cell phones
- Kingpin aka Joe Grand of Prototype This: The Birth of Hardware Badge Hacking
- Leak Police have gone crazy: Danger Room under fire for leaking imaginary weapon
- Microsoft & NYPD launch an all-seeing Big Brother crime & terrorism prevention system
- Hacking Humanity: Human Augmentation on the Horizon
- Black Hat: Microsoft incorporates BlueHat Prize finalist defensive tech & releases EMET 3.5 Preview
- Going Dark in the Golden Age of Cyber-Surveillance?
- Stealthy Wi-Fi Spy Sees You Through Walls Thanks to Your Wireless Router
Follow me on Twitter @PrivacyFanatic
Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. Smith has a diverse background in information technology, programming, web development, IT consulting, and information security. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.
Smith is an independent contractor and is not affiliated with any vendor that makes or sells information technology.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited