Using Foreign Nationals to Bypass US Surveillance Restrictions

Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on that operation.

New documents received by Motherboard show that over 100 of those phones were shipped to users in the US, far more than previously believed.

What’s most interesting to me about this new information is how the US used the Australians to get around domestic spying laws:

For legal reasons, the FBI did not monitor outgoing messages from Anom devices determined to be inside the U.S. Instead, the Australian Federal Police (AFP) monitored them on behalf of the FBI, according to previously published court records. In those court records unsealed shortly before the announcement of the Anom operation, FBI Special Agent Nicholas Cheviron wrote that the FBI received Anom user data three times a week, which contained the messages of all of the users of Anom with some exceptions, including “the messages of approximately 15 Anom users in the U.S. sent to any other Anom device.”

[…]

Stewart Baker, partner at Steptoe & Johnson LLP, and Bryce Klehm, associate editor of Lawfare, previously wrote that “The ‘threat to life; standard echoes the provision of U.S. law that allows communications providers to share user data with law enforcement without legal process under 18 U.S.C. § 2702. Whether the AFP was relying on this provision of U.S. law or a more general moral imperative to take action to prevent imminent threats is not clear.” That section of law discusses the voluntary disclosure of customer communications or records.

When asked about the practice of Australian law enforcement monitoring devices inside the U.S. on behalf of the FBI, Senator Ron Wyden told Motherboard in a statement “Multiple intelligence community officials have confirmed to me, in writing, that intelligence agencies cannot ask foreign partners to conduct surveillance that the U.S. would be legally prohibited from doing itself. The FBI should follow this same standard. Allegations that the FBI outsourced warrantless surveillance of Americans to a foreign government raise troubling questions about the Justice Department’s oversight of these practices.”

I and others have long suspected that the NSA uses foreign nationals to get around restrictions that prevent it from spying on Americans. It is interesting to see the FBI using the same trick.

Tags: , , , , ,

Posted on January 13, 2022 at 9:35 AM45 Comments

Comments

Hedo January 13, 2022 10:07 AM

It’s not a trick. It’s called a “favor” or “thanks, I owe you one”.
It’s what’s at the heart of most corrupt/ed or tainted operations within
most corrupt organizations. Loopholes are nothing new, not rocket science.
People have been using them as far back as recorded history goes, and beyond.
Tax loopholes are some of the most used/abused methods to get around the
laws that are on the books. But hey what do I know.

Speaking of loopholes, check this out, money laundering in plain sight:
https://forums.stevehoffman.tv/threads/new-tax-scam-on-ebay.1074335/

Clive Robinson January 13, 2022 11:08 AM

@ ALL,

Stewart Baker, partner at Steptoe & Johnson LLP, and Bryce Klehm, associate editor of Lawfare

You should all be aware that Stewart Baker was the “National Security Agency”(NSA) senior legal person as General Counsel when much of this “loop hole” policy was either formulated or enacted. He also was “holding the rudder” at the “Department of Homeland Security”(DHS) and a few other places[1] so everything he says should be treated with significant caution, and his writings are truely scary if you believe in a right to privacy and all that entails.

But what can be said of these “loop hole” activities? Well they might not be legislatively “illegal” but is it “lawful” or “moraly acceptable”? Many would say no.

These are questions we should be asking with significant prejudice, and binding consequences.

After all the NSA, CIA, FBI, DOJ and several more have all been caught not just pushing legal boundries but flouting them to the point of criminal behaviour. Do they get sanctioned? No of course not, so what incentive have they got to change their behaviours (other than maybe be a little less overt).

Silicon Valkey Corps went along ignoring “Safe Harbour” legislation that the EU had put in place to protect EU citizens and fobbed everyone off with excuses for their behavioirs but made no effort to change. So the EU brought out some legislation with real teeth and suddenly Sillicon Valley Big Corp woke up. The US needs strong privacy protection for not just all it’s citizens but everyone that has involvment with the US it’s corporations and businesses and ordinary US citizens no matter where they are.

[1] https://reason.com/people/stewart-baker/page/3/

Clive Robinson January 13, 2022 11:25 AM

@ Hedo,

Speaking of loopholes, check this out, money laundering in plain sight

Not just “money laundering” it’s a trick used by “blackmailers” as well with the likes of “trading cards” and “art”.

Certain criminals have used “art” as a way to pay people for years, likewise “interior designers” and other “intellectual services”.

The key thing they all have in common is the “product” has no real verifiable value. So providing the person is carefull they can get away with it for years.

But look at it another way, if you buy up say Startreck trading cards at a couple of dollars each put them in a twenty dollar frame, write number X of a limited collection on it, sign it, and issue a nice certificate of authenticity, what’s it now worth? Simple answer, what anyone is prepared to give you…

SwashbucklingCowboy January 13, 2022 11:43 AM

Is this legal? In the US people that act as agents for law enforcement need to (in theory) comply with the same restrictions as law enforcement.

EvilKiru January 13, 2022 12:36 PM

@SwashbucklingCowboy: I thought they asked Australian police operating out of Australia to do the monitoring, rather than private Australians operating in the US.

Ted January 13, 2022 1:10 PM

So could Australia’s AFP only communicate info to the FBI on US-based ANOM phones if this info pertained to ‘threat to life’?

It’s interesting that this case has a different legal approach since people who were using ANOM phones were considered as participants in a criminal enterprise under RICO in part due to ANOM’s restricted distribution.

SwashbucklingCowboy January 13, 2022 1:35 PM

@EvilKiru Given my understanding (which may be wrong) I think that’s a distinction without a difference. Anyone that acts on behalf of US law enforcement is theoretically bound by the same rules as the agency for which their actions are performed. Otherwise, law enforcement can just avoid a statute by getting someone else to act on their behalf and the Constitution and statutes are then meaningless.

Ted January 13, 2022 3:22 PM

Joseph Cox says in Motherboard article that it’s not clear how the ANOM phones sent to US addresses were distributed or used. So these phones may have then been sent outside the US or otherwise? I know he seems alarmed about the number of phones sent to the US, so I wonder if he has reason to be.

There was an ANOM press conference (aka Operation Trojan Shield) in June 2021 where someone in the audience asked why this operation had the focus on criminal enterprise and not international terrorism. A Deputy US Attorney responded and added this:

“I can say this, anybody who is using an encrypted communication device should be on notice… that their communications are subject to being intercepted by law enforcement, whether it’s in the United States or internationally.”

He goes on to say that of the 27 million messages that the FBI reviewed, every message that involved criminal activity was passed on to the appropriate authorities. I am not an expert on this, but I wonder what jurisdiction Australia or a third country has to inform other parties on matters outside the scope of the FBI.

EvilKiru January 13, 2022 4:02 PM

@SwashbucklingCowboy: I agree that’s how it SHOULD work, but 3-letter agencies are known to gin up ways to work around the way things should work, because they seem to care more about “getting results” than such trivia as following the law.

Wannab techguy January 13, 2022 4:41 PM

@Mexaly-“Always Remember: Law Enforcement serves itself first.” Yes correct!
@EvilKiru-Very true!

Anders January 13, 2022 4:52 PM

@ALL

This is also the reason why NATO CCDCoE is here,
in Estonia, Tallinn.

Estonia is a small country just next to big Russia.
In return to our NATO membership and the protection
US provides us, US has basically a wild card here to do
whatever they want, break any law, any civil rights etc.
Estonia don’t even think a twice to extradite people to
US. And it’s a perfect place to monitor Russian network
without having to worry any consequences.

And rumor goes, that STUXNET was created here, in CCDCoE.
After 2007 attacks Israel was first here, wanted to know
EVERYTHING. Then Americans came.
So i’m very sad that out host decides to give a speech here
at CCDCoE event. This is military, offensive, doing harm.

Cybersecurity in Estonia has been hijacked by military, any
discovery, any enhancement goes to them. Here in Estonia nobody
can create any commercial software suite without US demanding
a backdoor. Since Estonia is under heavy US influence, they of
course get it. Just as it was with Skype.

hxxps://www.theguardian.com/technology/2013/jun/20/skype-nsa-access-user-data

So I’m sad here. Our host must use his great power and knowledge
for the good, not helping the military.

Clive Robinson January 13, 2022 4:54 PM

@ SwashbucklingCowboy, EvilKiru,

Given my understanding (which may be wrong) I think that’s a distinction without a difference. Anyone that acts on behalf of US law enforcement is theoretically bound by the same rules as the agency for which their actions are performed.

Yes, but the reason which underlies this is “fruit from the poisoned vine”.

In the US if a defendents representatives find out that evidence presented by the prosecution has been incorectly gathered they can make a motion not just to dismiss the evidence, but if the incorrect gathering appears to be intentional –as in this case– have the entire case dismissed.

Similar evidential rules exist in other places but by no means all.

The problem and where the loop hole exists is how “evidence from foreign jurisdictions” is handled. We see this with “extradition cases”. There is unfortunately a presumption of equality, that is any evidence presented by a foreign jurisdiction is smilarly untainted as to pass the evidentiary rules. Clearly this is not the case here.

This by the way is not the first time this nonsense has come up. In Europe the Dutch hame some very lax surveillence rules, even compared to the likes of the UK. So for years British police forces got warned about the likes of drug shipments comming in. Arresting people whilst in the process of commiting a crime, hides the need for how the police forces knew when and where to be to perform the arrests, as it would not get the main evidence against the defendants removed.

The thing is, that all Law Enforcment have over the years been moving the goal-posts further and further appart to get their scoring average up. As long as the “Ref” who is responsible for oversight does not see to dozy or cares not to look for various reasons they have been able to get away with it.

However one case a couple of decades back was so far off of the line that something had to be done (but in my view not enough).

In the UK there used to be two agencies for getting income into the Treasury, “Customs and Excise” and “Inland Revenue” for historic reasons the former had all sorts of powers that even police forces did not. They hatched a scheme to catch cross boarder money laundering via the misuse of bonded alcohol and tobacco warehouse. In effect setting themselves up as money launderes by proxy through entrapment… Yup. When they had their big round up, a lot of people were caught in the net not all of who were laudering money just carrying out business and taking advantage of “favourable rates” etc.

When the first cases started getting to court a whistelblower appeared, and as things unrolled the judge was shall we say not impressed… And to cut a long story short Customs and Excise not just lost it’s coveted powers, it ended up subsumed under it’s hated rivals, the at best incompetent Inland Revenue…

https://www.theguardian.com/uk/2002/nov/26/2

But were the actual perpetrators of this scheme punished, did they get prosecuted, fined or imprisoned? Did they get sacked and stripped of their pensions? I’ll let you look it up.

Untill we raise the pain threshold to where this sort of “moving the goal-posts” has serious consequences like “life imprisonment” then law enforcment will keep moving the goal-posts.

vas pup January 13, 2022 6:10 PM

Israel says it broke up Iranian spy network that recruited women
https://www.bbc.com/news/world-middle-east-59977916

“Israel’s internal security agency has arrested five Israelis accused of spying for its arch-enemy Iran.
The case involves four Jewish women of Iranian descent, who the Shin Bet said were recruited by a handler claiming to be a Jewish man living in Iran.
The women were allegedly paid thousands of dollars to take photos of sensitive sites, monitor security arrangements, and make connections with politicians.”

Clive Robinson January 13, 2022 7:12 PM

@ vas pup, all,

This thread is in reality about those in positions of power believing that the rules for the good of society in general should be ignored for their own benifit.

Or you could put it another way that those in hierarchical structures show not only psychopathic behaviour they also strongly exhibit socially undesirable traits such as narcissism and a form of sadism where they relish being able to make people suffer in furtherance of their own ambitions.

As an example that critically effects security in a wider context (bio) you might want to consider,

https://www.bbc.co.uk/news/uk-politics-59989946

To say that all those involved are not fit and should be promptly removed I know will fall on “deaf ears” with those who could accomplish it. But we should be asking the question,

“If there are no sanctions, what incentive is there for such people to follow the rules?”

Clive Robinson January 13, 2022 9:01 PM

@ SpaceLifeForm, Ted, ALL,

With regards the GPS meta-data of the Anom phones.

To those who know a little about communications, with appropriate study they realise just what a “dog lead” mobile units like handsets are in very local area –ie cell and smallet– communications.

In essence the accuracy of triangulation as a first order approximation is related to 1/(r^2) so the accuracy goes up dramatically as the size of the “cell” is reduced.

Less obvious untill pointed out is that there is a relationship between triangulation and GPS or other point of refrence location system.

If you log all mobile usage triangulation against GPS –generally good to less than ten meters on location– and other information such as photographs –that can be fixed to points within a few hundredths of a meter– you can build up a cross refrence “lookup table” that makes the triangulation results rather more accurate (especially as they are based on time not angle so multipath from reflections can be removed).

But the one point none of those who used Anom and ended up being arrested is that the “trusted” something they made no attempt to verify or more importantly mitigate.

Secure communications consits of two main parts,

1, Preventing message content becoming known by third parties.
2, Preventing the act of communication becoming known by third parties.

That is the first generally referes to “Cryptography” and the second “Traffic analysis”. Neither of which is well understood by most people, especially when considering all the aspects of “trust”, especially when you do not have the capability of being able to “verify” systems not built and controled by you.

It’s why with crypto I’ve previously said “Don’t trust mitigate”. It does not matter a jot how secure or trustworthy a technical system is, if the message has already been secured before it gets to the technical system.

It’s no secret that the voice encoders used by mobile phones are based on work from the NSA. Less well known is that “Code-excited linear prediction”(CELP) systems are actually very resistant to coherent communications such as acoustic modems using even simple “Frequency Shift Keying”(FSK) or frequency inversion. In fact if you were looking for a system designed to be “anti-encryption” in an audio system you would be hard pressed to find a better one[1]…

So securing audio over the traditional audio channel in mobile phones is very dificult (as several crowd funded attempts have found out). It also makes mitigating it very difficult. However doing it on a data communications path is trivial in comparison, but mitigating this in a phone can be extreamly difficult for quite a few reasons (not least being how do you know ambient audio that contains your unencrypted speach is not being sent from the phones microphone or even speaker).

The Anom users wanted “convenience” without understanding the implications of it with regards security.

But that is only half the story… The other half is foiling traffic analysis or as I jokingly call it “sliping the leash”. The moment you broadcast a signal you are telling people where you are, it’s unavoidable. Worse the mobile phone network works by you sending periodic signals, so the position of the mobile transmit antenna is known irrespective of GPS or other message content.

How do you mitigate this? Well the easiest and most reliable way is not to use mobile phones. There are other ways but they all require good “OpSec” and very very few people are sufficiently disciplined to do it at the best of times. If your adversary throws in a little “stress” into a situation most people will be incapable of maintaining any kevel of “OpSec”, so discussing other mitigations is a bit pointless.

[1] Why are “Code-excited linear prediction”(CELP) systems so “anti-encryption? Well the full answer is complicated, but the simple answer is well simple. Firstly note the “LP” in CELP is “Linear Prediction” what this means is it expects the successive input samples to be highly predictable based on quite a number of preceading samples. As a general rule of thumb encryption trys very hard to be “random” that is each sample would be entirely unrelated to any other sample. So the CELP coder will fail unless the “random” is of sufficiently low bandwidth that it stays the same over the required number of samples, that alone is sufficient to stop most speach encryption. Secondly note the “CE” it stands for “Code-excited” whilst this is very dificult to explain in depth the simple explanation is that any signal such as a sinewave put into a CELP system will have no reliable phase or frequency corespondence at the output. Which means most digital modems that are highly reliant on phase and frequency can not work… Combined the result is highly “anti-encryption” even simple frequency inversion encryption does not fare well.

SpaceLifeForm January 13, 2022 9:45 PM

@ Clive, Ted, ALL

Secure communications consists of two main parts,

1, Preventing message content becoming known by third parties.

2, Preventing the act of communication becoming known by third parties.

The crooks do not get it.

In this instant case, even if they thought they had bought a vowel, they never realized that there were multiple second third parties.

I could expound on this, but I will not for Security Reasons.

Connect the dots. Think outside the box.

I have already dropped plenty of clues.

Ted January 13, 2022 10:44 PM

@Clive, SpaceLifeForm

Stewart Baker and Bryce Klehm’s article in Lawfare (“Legal Tetris and the FBI’s ANOM Program”) has an interesting analysis. Mind you, this is the first time I’ve heard the term legal tetris.

They point to a guess based on public documents that a master encryption key was sent with each ANOM message. They said that AFP may “need to brace for tough reviews” on this as Australia’s TOLA law bans “build[ing] a systemic weakness, or a systemic vulnerability, into a form of electronic protection.”

I don’t know what’s come of this. However, if the encryption key was sent with each message, who couldn’t see them?

The other thing is that these criminals were not security experts by trade. They were invited to purchase these devices by well-known crime figures who had “a tremendous impact on users adopting specific hardened encrypted devices.”

On top of that some ANOM phone users were reportedly paying $1,700 for a six-month subscription. It will be curious if any of the defendants attempt to make a case on the legality of this operation.

ResearcherZero January 14, 2022 12:16 AM

@Clive Robinson

“those in positions of power believing that the rules for the good of society in general should be ignored for their own benefit”

And it is said, “if you want to play with the big boys, first you have to learn to play by the rules.”

That is probably important in an Information Age.

JonKnowsNothing January 14, 2022 12:34 AM

@Clive, @SpaceLifeForm, @All

re: In essence the accuracy of triangulation as a first order approximation is related to 1/(r^2) so the accuracy goes up dramatically as the size of the “cell” is reduced.

One problem that people in refugee camps have is “no address”. A good number of governments, forms and webpages cannot function without a “street address or PO Box or other official designation”. It makes filing and receiving official documents difficult. (1)

The programs that have Address+* are none-too-bright and some enterprising folks that work with people having no-address circumstances, figured out a way to give them an address.

In short, they created an overlay of the camp area, using triangles set so that every tent lay withing one tile. The edges are given names so that every tent has a 3 name identifier. ex: LineA + LineD + Line99: Red Strawberry Sherbert.

This can be scaled as needed.

When this scale is used by LEAs, it means that they can use their triangulation data to find a much smaller area. (2)

===

1) Many post offices do try to figure it out odd addresses. A recent MSM story of mail that did get delivered with the starting clue of: “Lives across the road from the Spar…”

2) There is a iirc(badly) a program with G$$+LEAs to use all the scrapped images from the internet(3) and identify all objects on every image with triangulation-tag such that when layered into a bigger view the tagged items will align into a giant jigsaw puzzle.

Then using ML/AI/Scan against any new image to ID all objects and locations in any picture scraped.

eg: Collect wedding, vacation pictures and mark the relationship between trees, architectural details and special objects. With an unknown image, compare the background, trees and architectural details to locate exact place and position the of the camera.

Nearly every picture has GeoTags included or added, plus ShareWithFriends and FaceID with AutoShare features. So every picture come pre-geotagged and many pictures come with MugShotID from your contact list.

The G$$+LEA project is to geotag all pictures uploaded that Do Not have geotags included. Getting the names is just a bonus.

3) Image upload services like M$A$G$O$$ a part of the EULA/TOS is that you transfer ownership rights for the image(s) to the service. So G$ owns all the pictures uploaded to their service, and they do not need other permissions to use them.

ResearcherZero January 14, 2022 1:55 AM

“I and others have long suspected that the NSA uses foreign nationals to get around restrictions that prevent it from spying on Americans.”

Prosecutors in Australia have long gotten away with not following the instructions of the court, so it is probably an ideal candidate. Human rights law is also considerably weak, and often abuses of human rights go unpunished. Children as young as ten can be legally shackled and jailed in some states. Cases where people die in prison are quietly settled out of court and accompanied by a NDA, along with most police brutality cases.

Privacy laws and constitutional protections rely on being over the age of 18 as the state acts on behalf of the aggrieved party, while at the same time defends the state. Suppression orders are common if the case is politically sensitive, and very common if it involves minors. Victimhood should be avoided until the age of 18, as no one can publish the details if a suppression order is in place.

“systemic non-compliance” has long been a roaring trade

https://www.jurist.org/news/2020/09/australia-westpac-bank-to-pay-1-3b-fine-for-money-laundering-connected-to-child-exploitation-terrorism/

name.withheld.for.obvious.reasons January 14, 2022 2:15 AM

@ ResearcherZero

Prosecutors in Australia have long gotten away with not following the instructions of the court, so it is probably an ideal candidate.

If you have had a chance to read the opinion from the FISC[1], documents and charges the NSA with multiple accounts of the NSA abusing the quasi-judicial body. Worse, Bates states that effectively the NSA was instructing, making diminutive, the court. The NSA was telling the FISC what was or was not acceptable. It is on of the most damning of critiques within the U.S. government, of the U.S. government. The PCLOB never reached this observation nor made recommendations that would obviate this behavior. Don’t know why this never reached a level of attention that it is certainly due.

[1] FISC Opinion, Judge Bates, 3 Oct 2011 (https://www.aclu.org/sites/default/files/field_document/October 2011 John Bates FISC Opinion.pdf.)

Dave January 14, 2022 2:54 AM

The Five Eyes have been doing this for decades to get around domestic surveillance restrictions, the first documented example was in 1983 when Margaret Thatcher got the CSE to spy on members of her government that she thought might not be “on side” as she put it (she actually asked the GCSB and they outsourced it to the CSE so they could say with a straight face that they didn’t spy on their own citizens). It’s news that the FBI is now also doing it, but standard procedure for the Five Eyes.

John January 14, 2022 3:15 AM

@Clive,

“Hard to pass data through CELP”

I suppose? Isn’t this really a pretty trivial problem of designing a modem signal that sounds like voice?

And the even more interesting problem of CELP side channels. Perhaps a ‘noise’ added to the voice signal prior to CELP encoding.

In the olden days I did a data under voice modem. The voice was 300-3400 and the data was ‘rumbling’ below 300hz. Worked pretty well.

There was also a similar sort of thing that put data in the ‘middle’ of the voice band. It had much wider bandwidth.

John

ResearcherZero January 14, 2022 4:46 AM

@name.withheld.for.obvious.reasons

It’s quite an ask for the Australian government to exempt itself from powers to intercept the rest of the world’s communications. They have recently picked up a magistrate, a prosecutor and a lawyer, yet the members of the current government wish to escape these very same laws.

“The federal government appears to have abandoned its plan to extend controversial encryption-busting powers to federal, state and territory anti-corruption bodies, despite previously endorsing such a move.”
https://www.itnews.com.au/news/gov-holds-off-extending-encryption-powers-to-anti-corruption-bodies-574535

There are some very good reasons why laws should be applied equally, and ‘politically exposed persons’ should not be exempted from those rules, as this weakens the very same security that these laws are allegedly meant to protect. If someone approaches you and says “let’s get rich together”, you should probably wonder why:

“The Russian SVR allegedly provided the suspects with bank accounts, homes, cars and regular payments in order to facilitate “long-term service” inside the United States, where, according to the criminal complaint, the individuals were supposed to “search [for] and develop ties in policymaking circles” in the United States.”
https://www.wired.com/2010/07/whos-who-in-the-russian-spy-ring/

Ten Russian agents were flown to Vienna hours after they admitted in a US court to being agents for a foreign country.
https://www.bbc.com/news/10564994

Anna Chapman has been selected as the next MP for Vladimir Putin’s ruling party, United Russia, in the southern region called Volgograd, an area where she was raised.
https://www.foxnews.com/world/sexy-russian-ex-spy-to-run-for-parliament

Instead of sitting in a British courtroom, the man suspected by British detectives of the fatal poisoning of the former KGB agent Alexander Litvinenko will now sit in Russia’s lower house of parliament. As such, he will be immune from extradition and prosecution.

…Vladimir Zhirinovsky, even suggested that Mr Lugovoy might take up a post on the Duma’s security committee, which oversees intelligence issues and co-operation.
https://www.independent.co.uk/news/world/europe/murder-suspect-lugovoy-wins-place-in-parliament-762136.html

Paul Erickson, the longtime Republican operative who had a multiyear romantic relationship with accused Russian agent Maria Butina, was indicted on 11 counts wire fraud and money laundering charges.
https://abcnews.go.com/US/accused-russian-agent-maria-butinas-boyfriend-paul-erickson/story?id=60900080

We have heard about concerns over Russian influence in the past but China, British intelligence officials say, has now become their top priority.

An alert from the security service said Christine Ching Kui Lee “established links” for the Chinese Communist Party (CCP) with current and aspiring MPs.
She then gave donations to politicians, with funding coming from foreign nationals in China and Hong Kong.

The UFWD is alleged to be seeking to “cultivate relations” with “influential figures” to ensure the UK political landscape is favourable to the CCP and to challenge those that raise concerns about the party, including over human rights.

The security service said Ms Lee had “extensive engagement with individuals across the UK political spectrum”, including the now disbanded All Party Parliamentary Group, called Chinese in Britain.
https://www.bbc.com/news/uk-politics-59984380

25 November 2019

The allegations – first aired by local network Nine – assert that a suspected Chinese espionage ring approached a Chinese-Australian man to run as an MP.

The 32-year-old man has since died in unexplained circumstances.

Mr Zhao gave information about the alleged approach to the Australian Security Intelligence Organisation (Asio) last year, Nine reported.

He was found dead in a hotel room in Melbourne in March. Police have not been able to establish how or why he died, and his death has prompted a coroner’s inquiry.
https://www.bbc.com/news/world-australia-50541082

After a businessman said Chinese agents sought to implant him in Parliament, that revelation and other espionage cases have finally signaled the end of a “let’s get rich together” era.
https://www.nytimes.com/2019/11/28/world/australia/china-spying-wang-liqiang-nick-zhao.html

Covert foreign intrusion into the heart of Australian politics was “something we need to be very, very careful about”

Any person in political office was a potential target, he said, with the full impact perhaps not apparent for decades.

“I do worry about the issue of financing political parties,” he said. “We need a mechanism that maintains parties free of foreign influence.”
https://www.smh.com.au/politics/federal/insidious-former-asio-boss-warns-on-chinese-interference-in-australia-20191121-p53cv2.html

We are being asked to give up our privacy, yet the very same government wants to maintain it’s privacy. Despite choosing to become politicians, swearing an oath to the constitution, and being public figures, they ask that the law not also apply equally to them, in spite of the risks that might impose.

If that is the case then Russia and China may have already succeeded. The Australian government is certainly not establishing a lot of trust with it’s people, people are clearly divided, and only recently has any policy to counter cognitive warfare has begun to be developed. It’s almost as if government was selectively ignoring intelligence assessments for the last 30 years.

“Acting U.S. Homeland Security Secretary Chad Wolf told a former top aide to stop providing assessments of the threat of Russian interference in the Nov. 3 election and to play down U.S. white supremacist activity”
https://www.reuters.com/article/us-usa-election-whistleblower/u-s-intelligence-official-told-to-halt-russian-2020-election-meddling-threat-assessments-whistleblower-idUSKBN26032Q

Nothing has changed much since the 90’s, one may have assumed they learned something from history, and all those previous intelligence assessments they ignored. They said, “stop providing assessments on Russia activities” back then as well.

Curious January 14, 2022 4:50 AM

I would chalk this one up as a corruption of powers. If something was thought of as “not being ethical”, it would then not seem appropriate if obviously intending to circumvent own laws in some creative way.

Philosophically speaking, if there is one word in my daily life that would instantly make me skeptical of myself, is whenever I wonder if something I wrote or said was suspected of being ‘sophistry’, as if not being honest with myself. A related issue would be if I kept harping on the same point all too often, or maybe for some all too familiar reason, as if just repeating myself all too casually with the risk of speaking standing on the proverbial soap box just for the fun of it (or paid work even). I think then a key point in evaluating something to be like sophistry or not, would be to try account for one’s relevance, one’s interesting in any given problem about for which one had something pressing to say.

I can’t help but think that there is a basic problem if a nation state appear to be associating the mere charicature of a principle (“protecting life” or “national interest” and/or “security”), as the means to call for action, thus being similar to sophistry. As if making the point was more important than explaining oneself with sincerity. At the very least one would expect a call to action to be based off that of ‘necessity’, but not principle. With ‘necessity’ you would plausibly require offering ‘an explanation’ for why something is really deemed necessary, but if you link that right back to calling on a principle, then, you end up with circular reasoning with no proper justifcation other than this mere arbitrary use of a principle.

In my part of the world, I could swear I saw an article some years ago discussing how the police would be at odds in policing certain potentially new but populist laws should they be made effective (an addition to traffic laws I think it was), because of how the police could not be expected to even want to police the new laws, so the laws would practically be moot in this way (so a bad law, if not enforced). So, in the spirit of things, why have surveillance laws that aren’t effective?

Rhetorical questions:
Are surveillance laws effectively “secret laws” specifically they way such law are made beforehand and practiced?

I think if principles were to be just the fine print of things, then, I think one can argue that such principles, or such principled understandings, can’t be generalized. Seems rather obvious to me that, the more specialized any professed principle becomes, the more worthless it becomes to people, because then the fewer can rely on such principles to have any meaning, effectively making them undemocratic, as if there at the end was maybe one man or woman, to decide things on his own, at his or her own discretion.

So, ultimately I won’t pretend to care about this particular subject matter in Bruce’s article (I also live in Europe), but I also know that the idea of cirumventing laws by making other countries do your own surveillance for your is 100% predictable and should imo ideally be something covered by law, if having laws is good for everybody. Again, why having laws that simply favor discretionary use? That would be like anti-law to me. One familiar issue of mine is how local police by their own admission do not have resources to even investigate lesser crimes when they are filed to the police, and so they hand you an A4 page with lots of text explaining this, a supposed issue of lacking resources; but to not follow the law themselves, should really be an entirely different type of issue.

Lastly, I can’t help but wonder if it makes perfect sense to at least consider the problem of parallel construction in this case with FBI. Makes me wonder if the idea of parallel construction is even covered by law as a known type of problem. Would make for nice terminology I would think if spelled outright in the law books. One basic idea, one term. Maybe somebody else here know something about that.

Clive Robinson January 14, 2022 5:30 AM

@ John,

Isn’t this really a pretty trivial problem of designing a modem signal that sounds like voice?

It’s very far from trival as you will find if you try it.

The result of encryption by definition is random. CELP does not do random it needs predictability.

So after you digitize your voice to around 2.4k bits per second and then encrypt it you need as a minimum a flat amplitude, frequency and phase response audio channel of the same bandwidth as the symbol rate for a modem to work. Which with CELP not having a reliable frequency and phase response nor having a steady state makes life difficult. To get an idea of how CELP works consider it to be a narrow bandpass filter the center frequency of which tracks the predominant frequency in the signal. Therefore you have to consider the Shannon limit involved and actually it’s quite low, which does not matter with voice or other audio which has a realy low symbol rate, high data rate random data on the otherhand…

A lot of people make the mistake of thinking “we just need to nerd harder” to solve the problem. It realy does not work that way, and they have spent a lot of money finding that “nerding harder” only gets them well over the cliff edge of diminishing returns.

Feel free to try, but my advice would be first to “learn the math” atleast you will get a level of education you can use for a PhD out of your effort.

Winter January 14, 2022 5:49 AM

@Clive, John
“It’s very far from trival as you will find if you try it.”

It is trivial.

Take your encrypted message, encode it into base64 and feed it into a text-to-speech synthesizer. Or you can have a human read it out.

The bandwidth is not very high, but I know it has been done by several countries to send encrypted messages over the air waves.

Clive Robinson January 14, 2022 5:52 AM

@ Ted,

With regards,

They said that AFP may “need to brace for tough reviews” on this as Australia’s TOLA law bans “build[ing] a systemic weakness, or a systemic vulnerability, into a form of electronic protection.

There is a big difference between “building” and “using” the product of a system.

It is as far as I know quite legal for the FBI to design and build such a system. Though legally they can not use “some” of the product. They can however use information from other Law Enforcment entities as part of their investigations (but not as evidence).

Further as far as I know it’s quite legal for the Aus Police to use all of the product and pass it on to other Law Enforcment entities.

So the FBI “build” the Aus “use” both legal. They also cooperate which is again legal.

Draw it out as a chart and you will see there is space enough to get a truck through.

The issue is that legislators did not envisage their Law Enforcment entities “actively cooperating” to avoid with others in different jurisdictions to actively avoide legislative restrictions.

So one set of legislators solve a problem one way, and a diferent set of legislators solve a different problem a different way. In either case the end results are similar so legislators think “job done”. However bounce it across a juresdictional boundry and both “road blocks” are avoided…

Expect to see more of this kind of legaslative “road block” dodging as time goes on. It’s just starting to be the new game in town, and bassed on history I’ll take a guess at it taking around two decades for legislation to catch up and stop it, if it ever does.

John January 14, 2022 6:57 AM

@Clive,@Winter

Hmm…

It is trivial…. It is not trivial….

Sounds like I hit a nerve?

Probably already being done?

I don’t encrypt my data. I have a hard enough time understanding it as plain text!

John

Hedo January 14, 2022 7:41 AM

It is probably much easier to gain access (backdoor/keylogger) to the receiving end, then read the decrypted content/message than to go through all the trouble trying to break the encryption or to obtain the key. More than two ways to skin the cat.

Clive Robinson January 14, 2022 9:22 AM

@ Winter, John, ALL,

Take your encrypted message, encode it into base64 and feed it into a text-to-speech synthesizer. Or you can have a human read it out.

You are not talking about “voice encryption” I very specificaly was because of “usability issues” or if you prefere “convenience” in use.

If you read carefully I already outlined such low bandwidth communication was possible by reducing the data bandwidth into the very limited CELP effective bandwidth.

The “text-to-speach” method gives you the required “LP” and avoids the “CE” issues but has a very terible symbol to bandwidth ratio around 2000-4000 to one…

Oh and is not very convenient to many people as they can easily “out type it”…

Winter January 14, 2022 9:40 AM

@Clvie
“If you read carefully I already outlined such low bandwidth communication was possible by reducing the data bandwidth into the very limited CELP effective bandwidth.”

With modern (LPC) vocoders, you can do so many nice manipulations with the signal. And you can easily store an hour or so of speech and put in whatever you like. The receiving end can record it all and do all kinds of off-line analysis.

For the vocoder, you can manipulate the pitch signal, the noise parts, or the higher formants. Too many options to count. As vocoder voice quality is miserable anyway, your manipulations won’t attract much attention.

JonKnowsNothing January 14, 2022 10:22 AM

@ Clive, @Ted,

re: There is a big difference between “building” and “using”

There is also a difference between “of” and “with”.

Some things are more nuanced or perhaps maybe nuanced-enhanced.

Clive Robinson January 14, 2022 11:45 AM

@ Winter,

And you can easily store an hour or so of speech and put in whatever you like. The receiving end can record it all and do all kinds of off-line analysis.

Again you are not getting the point.

The point is to do voice encryption for convenient use by users, so it has to work just like an ordinary phone with direct timely to a few milliseconds interaction between both users.

This is what “Jack-Pair” tried to do and failed.

Do I have ways to forefill the “LP” requirment, yes but the issue is to transform random into predictable that means two things,

1, Reduction in information bandwidth.
2, Increase in information latency.

You can trade each other off a bit but not by much.

Your suggestion of using text-to-speach would give you one symbol a second or there abouts. Which equates to,

1, 5 bits per second data rate.
2, 1 second data latency.

The data rate is the equivalent of “ten words a minute” which was not considered “competent” over a century and a half ago for telegraphists.

You would actually do better with Morse Code which would easily give you twenty five words a minute.

It does pass the “LP” requirment and more importabtly is uneffected by the “CE” issues as it is neither frequency or phase sensitive in use.

And yes before you ask, I’ve seen this demonstrated just for fun with two Morse Code Practice oscillators and two mobile phones in two seperate rooms, after a discussion about “testing” remotely (which came up again with Covid lockdown).

But none of it solves the issue of talking to some one directly, which is what is required by users, along with low battery consumption, small form factor etc…

If you think you can do this, feel free to go ahead and try, even get crowdsourced funding, but I have a very good idea of where you will end up.

Winter January 14, 2022 12:00 PM

@Clive
“The point is to do voice encryption for convenient use by users, so it has to work just like an ordinary phone with direct timely to a few milliseconds interaction between both users.”

Scramblers are very old technology. RT voice encryption is what GSM mobile phones do standard. But do you want to do steganography with voice? You better then learn a lesser known language Mpur, or Bororo will do fine.

non random pseudo generator January 14, 2022 3:07 PM

That FBI had the Australian Federal Police (AFP) monitor people in behalf of the FBI. And afterwards AFP just shared the data with FBI, according to their data sharing agreements.

It’s all “kind of obvious”, actually.

The same as when a company or government agency says that “we will not sell your data”. They could be just blatantly lying but they could also be “giving it away”, “renting it”, “leasing it”, “lending it temporarily”, like until the year 3099 which is still technically “temporarily”.

JonKnowsNothing January 14, 2022 6:21 PM

@non random pseudo generator, @All

re: The same as when a company … says that “we will not sell your data”. They could be just blatantly lying…

In the distant rear view mirror of USA Business Practices, there was one company that was famous for their corporate stance that “They would not ever sell your address”.

This was before email, when spam primarily showed up in your physical post box as advert papers, catalogs and cards. The advert papers ended up in the bottom of the canary cage which was a nice eco-dual-use after toxic printer ink was banned.

This company had been around for a long time and catered to the Techies of the Day, by selling vacuum tubes and other radio equipment. Later they broadened out to early computer kit(s).

They made a good charge at converting to the computer market and did hold a primary position for along time, pre-PC and pre-Apple. However, once IBM and Apple bombarded the market place with their Charlie Chaplin rip-off videos and Beatles rip-off logo, there was no way they could compete.

A slow and painful corporate death took place and eventually it expired.

Except there was ONE THING they had worth millions and millions of dollars(US) and that was the: Never Sold Customer Address List . Blue and Core just salivated over the list along with a number of other wannabes.

Court happened, law suits happened, judges happened.

The question was:

The people who had provided names, address and phone numbers had been guaranteed that no other business/entity would get their names from the company.

Did the guarantee of privacy still hold IF the company making that guarantee no longer existed?

The judge gave it away. To the highest bidder, of course.

That company kept their promise and tried to keep their promise even after the business failed.

Their promise was ripped away by the courts because another business paid $$$ to have that privacy stripped off.

Animal scavengers are more polite than what took place.

Jarnizivy January 15, 2022 9:33 AM

@ non random pseudo generator

Actually USA and Australia used unnamed third Country to mitigate messages as they would have violated many countries privacy laws by intercepting messages without a warrant. They did this when they needed they to read messages outside Australia.

Afterwards this message collection was done by a unnamed third party country who had information exchange contract with both countries so they did not brake any surveillance laws of other countries. Laws were broken by some unknown country, even a acting under the guidance of FBI.

They are not disclosing who this 3rd country is.

This is simply whitewashing information. Many countries forbid using evidence gathered by torture. Well just hire unnamed third country to torture the information out and then provide the info where needed as legal assistance. Problem solved.

This method of information gathering created a a whole set of legal issues if these practices will be accepted.

Sumadelet January 15, 2022 10:30 AM

Re: voice over compressed voice channels:

Proceedings of the IEEE International Conference on Consumer Electronics Berlin (ICCE-Berlin), Berlin, Germany, 6-9 September, 2015
Data transmission via GSM voice channel for end to end security

h++ps://www.researchgate.net/publication/304296823_Data_transmission_via_GSM_voice_channel_for_end_to_end_security

ELMAR, 2008. 50th International SymposiumVolume: 1
Performances of Digital Modulations for Data Transmission over Voice Dedicated Channels
h++ps://www.researchgate.net/publication/224370692_Performances_of_digital_modulations_for_data_transmission_over_voice_dedicated_channels

Worth reading to give background on why @Clive Robinson is so sceptical about data-over-compressed-voice-codecs.

I read somewhere (can’t find it now) of a demonstration of sending data in parallel to voice by getting roughly 1.6 kbit/s throughput with a minor decrease in the voice intelligibility (presumably MOS score).

Moving from technology demonstrations to actual practical equipment that can be used in the field under less than ideal conditions is a hard task, not to be underestimated.

Sumadelet January 15, 2022 2:01 PM

Re: data over compressed voice channels

NOT voice over compressed voice channels – I didn’t proofread the previous posting adequately.

Anyway, I found the reference to transmitting ‘hidden’ data over ACELP

IEEE International Conference on Acoustics, Speech and Signal Processing, 2008. ICASSP 2008.

High rate data hiding in ACELP speech codecs

h++ps://www.researchgate.net/publication/224312993_High_rate_data_hiding_in_ACELP_speech_codecs

The concept has been examplarily [sic] applied to the AMR speech codec (12.2 kbit/s mode) and it is shown that steganographic data can be reliably transmitted at a rate of up to 2 kbit/s both with a negligible effect on the subjective quality of the coded speech and with reasonable computational complexity.

Note that, as ever, a laboratory demonstration does not mean a practical implementation is easy, or even possible.

Anonymous. January 16, 2022 2:08 PM

A few commenters seem to have missed a key point: there are no US defendants. Precisely for some of the issues raised above, this data could not be used in US court cases except in very limited circumstances; consequently, no US-based suspects were arrested.

SpaceLifeForm January 18, 2022 9:23 PM

@ Ted, ALL

A few commenters seem to have missed a key point: there are no US defendants.

Patience Young Grasshopper.

Remember, over 100 Anom phones were shipped to NYC.

Remember, an Airtag in a car does not track the driver, but the car.

And the other occupants.

Rudy, your slip is showing.

Casus Belli January 23, 2022 10:50 AM

For legal reasons, the FBI did not monitor outgoing messages from Anom devices determined to be inside the U.S. Instead, the Australian Federal Police (AFP) monitored them on behalf of the FBI, according to previously published court records.

U.S. authorities are looking for Australian criminals in this case, and the involvement of foreign nationals in serious organized crime in the United States apparently leads to a jursidiction of martial law with somewhat looser requirements for a warrant.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.