New Documents Show Thousands of Unreported Wiretaps by Canadian Cops

New Documents Show Thousands of Unreported Wiretaps by Canadian Cops:

Christopher Parsons, a postdoctoral fellow with The Citizen Lab at the University of Toronto’s Munk School of Global Affairs, called the finding a missing link in our understanding of the scope of electronic surveillance in Canada.

“Wiretap data is, in theory, being recorded. But subscriber data and CDR data—neither of those have to be recorded under government statue,” Parsons explained. “There’s nothing in the legislation that will require agencies to record how often they got those court orders.”

Microsoft, BlackBerry and Cogeco, who were also presents at the meeting between Public Safety and industry stakeholders, did not respond to a request for comment.

“I think what’s most telling is it seems that the parties that have the best records of anyone in Canada is corporate Canada,” Parsons said. “These are the people who are being forced to use their resources to provide assistance to law enforcement, and law enforcement can’t even be bothered to record and disclose themselves how often this is going on.“



Quebec’s organized-crime crackdown hinges on BlackBerry intercepts

Quebec’s organized-crime crackdown hinges on BlackBerry intercepts:

Over 1 million PIN to PIN messages intercepted. Hopefully consumers will begin to realize that Blackberry has largely been blowing smoke about the security of their consumer-grade backend infrastructure.

Cellular Security Called Into Question. Again.

Worries about spectrum scarcity have prompted telecommunications providers to provide their subscribers with femotocells, which are small and low-powered cellular base stations. Often, these stations are linked into subscribers’ existing 802.11 wireless or wired networks, and are used to relieve stress placed upon commercial cellular towers whilst simultaneously expanding cellular coverage. Questions have recently been raised about the security of those low-powered stations:

Ritter and his colleague, Doug DePerry, demonstrated for Reuters how they can eavesdrop on text messages, photos and phone calls made with an Android phone and an iPhone by using a Verizon femtocell that they had previously hacked.

They said that with a little more work, they could have weaponized it for stealth attacks by packaging all equipment needed for a surveillance operation into a backpack that could be dropped near a target they wanted to monitor.

While Verizon has issued a patch for its femtocells, there isn’t any reason why additional vulnerabilities won’t be found. By placing the stations in the hands of end-users, as opposed to retaining control over commercially deployed cellular towers, third-party security researchers and attackers can persistenty test the cells until flaws are found. The consequence of this deployment strategy is that attackers will continue to find vulnerabilities to (further) weaken the security associated with cellular communications. Unfortunately, countering attackers will significantly depend on security researchers finding the same exploit(s) and reporting it/them to the affected companies. The likelihood of security researchers and attackers finding and exploiting the same flaws diminishes as more and more vulnerabilities are found in these devices.

In countries such as Canada, for researchers to conduct their research they must often first receive permission from the companies selling the femtocells: if there are any ‘digital locks’ around the technology, then researchers cannot legally investigate the code without prior corporate approval. Such restrictions don’t mean that researchers won’t conduct research, but do mean that researchers’ discoveries will go unreported and thus unpatched. As a result, consumers will largely remain reliant on the companies responsible for the security deficits in the first place to identify and correct those deficits, but absent public pressure that results from researchers disclosing vulnerabilities.

In light of the high economic costs of such identification and patching processes, I’m less than confident that femtocell providers are going to be investing oodles of cash just to potentially as opposed to necessarily identify and fix vulnerabilities. The net effect is that, at least in Canada, telecommunications providers can be assured that the public will remain relatively unconcerned about the security of providers’ products: security perceptions will be managed by preventing consumers from learning about prospective harms associated with telecommunications equipment. I guess this is just another area of research where Canadians will have to point to the US and say, “The same thing is likely happening here. But we’ll never know for sure.”


In Jewel, the Obama administration has already twice invoked the “state secrets” privilege, a mechanism left behind from the McCarthy-era persecution of Communist sympathizers which effectively lets the government ‘turn off’ the Constitution and the justice system whenever they feel that a case might jeopardize national security. The administration has promised to limit its use of the privilege to situations which present the potential for “significant harm” to the country. But that promise obviously hasn’t stopped them from deflecting recent challenges to warrantless wiretapping and other government counterterrorism initiatives — like indefinite detention provisions, or the secret program for targeted killings carried out by drones — nor will it necessarily restrain future administrations from doing the same.

Jewel may be the last chance for meaningful judicial review of the wiretapping programs in the foreseeable future. Failing that, the only remaining response for journalists and others dealing in sensitive overseas communications may be exactly what digital activists have been advocating for decades: widespread personal encryption. But aside from being somewhat impractical, the necessity of encrypted communications would more broadly underscore just how thoroughly the legal system has failed to protect citizens from unnecessary intrusion.

Lawful Access is Dead, Long Live Lawful Intercept!

So, the takeaway from this post is that Industry Canada’s proposed modifications significantly expand the volume and types of communications that ISPs must be able to intercept and preserve. Further, the Department is considering expanding interception requirements across all wireless spectrum holders; it needn’t just affect the LTE spectrum. We also know that Public Safety is modifying how ISPs have to preserve information related to geolocational, communications content, or transmission data. Together, these Departments’ actions are expanding government surveillance capacities in the absence of the lawful access legislation.

Industry Canada’s and Public Safety’s changes to how communications are intercepted should be put on hold until the government can convince Canadians about the need for these powers, and pass legislation authorizing the expansion of government surveillance. Decisions that are made surrounding interception capabilities are not easily reversed because once the technology is in place it is challenging to remove; as such, the government’s proposed modifications to intercept capabilities should be democratically legitimated before they are instantiated in practice.


The same vulnerabilities that enable crime in the first place also give law enforcement a way to wiretap — when they have a narrowly targeted warrant and can’t get what they’re after some other way. The very reasons why we have Patch Tuesday followed by Exploit Wednesday, why opening e-mail attachments feels like Russian roulette, and why anti-virus software and firewalls aren’t enough to keep us safe online provide the very backdoors the FBI wants.

* Matt Blaze and Susan Landau, “The FBI Needs Hackers, Not Backdoors