Watch out - Homeland Security is reading your email!!FBI investigation reveals bureau’s comprehensive access to electronic communicationsThe police that are spying on you probably read this email before you did!!!!I suspect a number of FBI agents have read this email before you did. Or if your reading it on the web page, a FBI agent probably read it just after I posted it.Remember if you are doing something illegal you certainly should not be talking about it in an email or posting it on the internet where federal, state, county, and local city cops watch our every move. You can encrypt your emails with something like PGP, but I suspect if you piss the Feds off enough they are willing to spend big bucks to get the folks at the NSA to decrypt your messages. And last but not least your telephone isn't that safe either. The police routinely illegally listen to our phone calls without the required "search warrants". Remember any time you use a cell phone you are also using a radio transmitter and EVERYTHING you say is broadcast onto the airwaves for anybody to listen to. FBI investigation of Broadwell reveals bureau’s comprehensive access to electronic communications By Greg Miller and Ellen Nakashima, Published: November 17 The FBI started its case in June with a collection of five e-mails, a few hundred kilobytes of data at most. By the time the probe exploded into public view earlier this month, the FBI was sitting on a mountain of data containing the private communications — and intimate secrets — of a CIA director and a U.S. war commander. What the bureau didn’t have — and apparently still doesn’t — is evidence of a crime. How that happened and what it means for privacy and national security are questions that have induced shudders in Washington and a queasy new understanding of the FBI’s comprehensive access to the digital trails left by even top officials. FBI and Justice Department officials have vigorously defended their handling of the case. “What we did was conduct the investigation the way we normally conduct a criminal investigation,” Attorney General Eric H. Holder Jr. said Thursday. “We follow the facts.” But in this case, the trail cut across a seemingly vast territory with no clear indication of the boundaries, if any, that the FBI imposed on itself. The thrust of the investigation changed direction repeatedly and expanded dramatically in scope. A criminal inquiry into e-mail harassment morphed into a national security probe of whether CIA Director David H. Petraeus and the secrets he guarded were at risk. After uncovering an extramarital affair, investigators shifted to the question of whether Petraeus was guilty of a security breach. When none of those paths bore results, investigators settled on the single target they are scrutinizing now: Paula Broadwell, the retired general’s biographer and mistress, and what she was doing with a cache of classified but apparently inconsequential files. On Capitol Hill, the case has drawn references to the era of J. Edgar Hoover, the founding director of the FBI, who was notorious for digging up dirt on Washington’s elite long before the invention of e-mail and the Internet. “The expansive data that is available electronically now means that when you’re looking for one thing, the chances of finding a whole host of other things is exponentially greater,” said Rep. Adam B. Schiff (D-Calif.), a member of the House intelligence committee and a former federal prosecutor. In this case, Schiff said, the probe may have caused more harm than it uncovered. “It’s very possible that the most significant damage done to national security was the loss of General Petraeus himself,” Schiff said. Not the usual boundaries The investigation’s profile has called attention to what legal and privacy experts say are the difficulties of applying constraints meant for gathering physical evidence to online detective work. Law enforcement officers conducting a legal search have always been able to pursue evidence of other crimes sitting in “plain view.” Investigators with a warrant to search a house for drugs can seize evidence of another crime, such as bombmaking. But the warrant does not allow them to barge into the house next door. But what are the comparable boundaries online? Does a warrant to search an e-mail account expose the communications of anyone who exchanged messages with the target? [Warrants, who needs stinking warrants. We will just do an illegal search and laugh when the illegal search causes you to spend thousands of dollars on lawyers to get it throw out. Remember the police are criminals who routinely break the law in an effort to put other criminals in jail. If cops didn't routinely commit perjury they wouldn't have a slang word for it which is testilying!!!] Similarly, FBI agents monitoring wiretaps have always been obligated to put down their headphones when the conversation is clearly not about a criminal enterprise. [Do you really think an FBI agent is going to put down the headphones and miss out on all that potentially incriminating dirt???] It’s known as minimization, a process followed by intelligence and law enforcement agencies to protect the privacy of innocent people. “It’s harder to do with e-mails, because unlike a phone, you can’t just turn it off once you figure out the conversation didn’t relate to what you’re investigating,” said Michael DuBose, a former chief of the Justice Department’s Computer Crime and Intellectual Property Section who now handles cyber-investigations for Kroll Advisory Solutions. Some federal prosecutors have sought to establish a “wall” whereby one set of agents conducts a first review of material, disclosing to the investigating agents only what is relevant. But Michael Sussmann, a former federal prosecutor who consults on electronic surveillance issues, said he thinks “that’s the exception rather than the rule.” [I suspect this is more about convincing juries that the FBI didn't do something illegal, and I doubt if it stops the cops from doing anything illegal.] It’s unclear whether the FBI made any attempt to minimize its intrusion into the e-mails exchanged by Broadwell and Petraeus, both of whom are married, that provided a gaping view into their adulterous relationship. Many details surrounding the case remain unclear. The FBI declined to respond to a list of questions submitted by The Washington Post on its handling of personal information in the course of the Petraeus investigation. The bureau also declined to discuss even the broad guidelines for safeguarding the privacy of ordinary citizens whose e-mails might surface in similarly inadvertent fashion. The scope of the issue is considerable, because the exploding use of e-mail has created a new and potent investigative resource for the FBI and other law enforcement agencies. Law enforcement demands for e-mail and other electronic communications from providers such as Google, Comcast and Yahoo are so routine that the companies employ teams of analysts to sort through thousands of requests a month. Very few are turned down. [Remember what I said about NEVER using email to talk about anything you do that illegal. The article just said the FBI routinely gets Google and Yahoo to help them spy on you!!!!] Wide access to accounts Although the Petraeus-Broadwell investigation ensnared high-ranking officials and had potential national security implications, the way the FBI assembled evidence in the case was not extraordinary, according to several experts. The probe was triggered when a Florida socialite with ties to Petraeus and Gen. John R. Allen, the U.S. military commander in Afghanistan, went to the FBI in June with menacing e-mails from an anonymous sender. [Even if you use an anonymous email the cops will almost certainly get the IP address that the email was sent from which probably will point to you!!!!] Schiff and others have questioned why the FBI even initiated the case. Law enforcement officials have explained that they were concerned because the earliest e-mails indicated that the sender had access to details of the personal schedules of Petraeus and Allen. The FBI’s first pile of data came from Jill Kelley, who got to know Petraeus and Allen when she worked as an unofficial social liaison at the military base in Tampa where both men were assigned. In early summer, Kelley received several anonymous e-mails warning her to stay away from Allen and Petraeus. Kelley was alarmed and turned over her computer to the FBI; she may also have allowed access to her e-mail accounts. The e-mails were eventually traced to Broadwell, who thought that Kelley was a threat to her relationship with Petraeus, law enforcement officials said. But the trail to Broadwell was convoluted. Broadwell reportedly tried to cover her tracks by using as many as four anonymous e-mail accounts and sending the messages from computers in business centers at hotels where she was staying while on a nationwide tour promoting her biography of Petraeus. According to some accounts, the FBI traced the e-mails to those hotels, then examined registries for names of guests who were checked in at the time. [See they can hunt down anonymous emails based on the IP address that sent them] The recent sex scandal that's rocked the armed forces and the CIA has highlighted an often-unseen problem in military families: Marital infidelity. Anthony Mason and Rebecca Jarvis speak with two Army wives to understand if infidelity is the military's dirty little secret. Once Broadwell was identified, FBI agents would have gone to Internet service providers with warrants for access to her accounts. Experts said companies typically comply by sending discs that contain a sender’s entire collection of accounts, enabling the FBI to search the inbox, draft messages and even deleted correspondence not yet fully erased. “You’re asking them for e-mails relevant to the investigation, but as a practical matter, they let you look at everything,” said a former federal prosecutor who, like many interviewed for this article, spoke on the condition on anonymity because the FBI inquiry is continuing. FBI agents can then roam through every corner of the account as if it were their own. [Which is why you should NEVER post illegal stuff on the internet!!!!!!] The capability to scour e-mail accounts has expanded the bureau’s investigative power dramatically, even in crimes previously seen as difficult to prosecute. For example, officials said, the ability to reconstruct communications between reporters and their sources helps explain why the Obama administration has been able to bring more leak prosecutions than all of its predecessors combined. E-mail searches vary in scope and technique, from scanning contents for key words “to literally going through and opening every file and looking at what it says,” a former Justice Department official said. Law enforcement officials said the FBI never sought access to Allen’s computer or accounts. It’s unclear whether it did so with Petraeus. But through Kelley and Broadwell, the bureau had amassed an enormous amount of data on the two men — including sexually explicit e-mails between Petraeus and Broadwell and questionable communications between Allen and Kelley. Petraeus and Broadwell had tried to conceal their communications by typing drafts of messages, hitting “save” but not “send,” and then sharing passwords that provided access to the drafts. But experts said that ruse would have posed no obstacle for the FBI, because agents had full access to the e-mail accounts. As they pore over data, FBI agents are not supposed to search for key words unrelated to the warrant under which the data were obtained. But if they are simply reading through document after document, they can pursue new leads that surface. “Most times, if you found evidence of a second crime, you would stop and go back and get a second warrant” to avoid a courtroom fight over admissibility of evidence, a former prosecutor said. But in practical terms, there is no limit on the number of investigations that access to an e-mail account may spawn. ‘Because of who it was’ There is nothing illegal about the Petraeus-Broadwell affair under federal law. Were it not for Petraeus’s prominent position, the probe might have ended with no consequence. But because of his job — and the concern that intelligence officers caught in compromising positions could be susceptible to blackmail — the probe wasn’t shut down. “If this had all started involving someone who was not the director of the CIA . . . they would have ignored it,” said David Sobel, senior counsel for the Electronic Frontier Foundation, a privacy group. “A bell went off because of who it was.” That consideration triggered a cascade of additional quandaries for the Justice Department, including whether and when to notify Congress and the White House. The FBI finally did so on election night, Nov. 6, when Deputy Director Sean Joyce called Petraeus’s boss, Director of National Intelligence James R. Clapper Jr. After being confronted by Clapper, Petraeus agreed to resign. President Obama said last week that there was “no evidence at this point, from what I’ve seen, that classified information was disclosed that in any way would have had a negative impact on our national security.” But the data assembled on Allen and Petraeus continue to reverberate. The FBI turned over its stockpile of material on Allen — said to contain as many as 30,000 pages of e-mail transcripts — to the Defense Department, prompting the Pentagon inspector general to start an investigation. The CIA has also launched an inspector general investigation into Petraeus and his 14-month tenure at the agency, seeking to determine, among other things, whether he used the perks of the position to enable his affair with Broadwell. If it follows its own protocols, the FBI will hold on to the data for decades. Former officials said the bureau retains records for 20 years for closed criminal investigations, and 30 years for closed national security probes. Sari Horwitz and Julie Tate contributed to this report.
Data Doctors: Are my emails private from government agencies? Posted: Monday, November 19, 2012 8:00 am By Ken Colburn, Data Doctors Q: What is Metadata? And after the scandal of General Petraeus, are our emails private from government agencies? - Jeremy A: E-mail has always been one of the least secure methods of transmitting data electronically and this recent scandal shows that even being tech-savvy isn’t much help. When an e-mail message is created and sent, the message passes through a number of mail servers (think of them as post offices for snail mail) and a record of where the message came from and where it went (via IP addresses) is also created by virtually every device that handles the message. Since most messages are sent in plain text, it’s technically possible for anyone or any system to read your message anywhere along the way (which is why e-mail encryption is important for sensitive messages). The reality is that most companies have very strict systems in place to keep just anyone from accessing those messages, but the opportunity still exists. [That is BS - Any person with computer administrative powers can read your emails. This is typically a "root" user in the UNIX or Linux worlds. But email administrators without "root" powers can also read your emails] The information about the message, a.k.a. the ‘metadata’ is how the scandal was exposed. If we continue the snail mail analogy, the post office stamps mail to help route it and DNA or fingerprints on the outside of an envelope can be used to help track down the sender of the mail without ever opening the mail. [Again he is oversimplifying things. This so called 'metadata' is part of the email. It's at the very beginning of each email, and if you can read it, you can also read the email.] Petraeus, the Director of the CIA, knew that sending and receiving e-mail from an anonymous account wouldn’t be safe, so he used a method commonly used by terrorists and teenagers: create draft messages, but never send them. If two people have the username and password for the same account, they can create messages for each other that don’t leave the usual trails described above. They save them as draft copies so the other can log in and read the draft, then respond in-kind without ever sending a traceable message. [Well that is almost right. When the message is created, edited or read it does travel over the internet and someone that is monitoring your internet traffic could read it] Had this been the only communication from the involved parties, they would likely never have been discovered but as usual, human error exposed the affair. The jealous mistress sent harassing e-mails from an anonymous account to another woman she thought was being flirtatious, which is a criminal violation and began the unravelling of the affair. The government can’t read your private messages without some level of due process, except in rare situations, but the process is what so many privacy advocates are concerned about. [That is in theory. In reality the FBI and Homeland security police are just as crooked as the criminals they hunt and they routinely illegally read people email, and after they discover a crime they will commit perjury and make up a lame excuse to get the search warrant they were supposed to have before they read your emails] The current laws were created when electronic storage was expensive and we all tended to use one device and delete things to save space. Today, storage is cheap and we use a plethora of devices that in turn create more records that we tend to keep for much longer periods. Under current laws, any e-mail that is 6 months old or older can be requested if a criminal prosecutor signs the request. If the message is less than 6 months old, a court order from a judge is required. [But that won't stop a crooked cop from illegally reading your data] In either case, something that the courts recognize as probable cause has to trigger the request when it comes to the averages citizen. If someone suspected that Petraeus was having an affair, that wouldn’t have been enough to allow the FBI to start requesting access to his personal e-mail accounts. His mistress’ harassing emails which violated part of the Electronic Communications Privacy Act is what opened to door and eventually lead to the exposure of the affair to the world. The lessons to be learned from this scandal are that e-mail has never been or will never be a secure way to communicate with others, if you want to make it more difficult for the government to access your messages, make sure you delete them before they are 6 months old and no matter how secure you think you are, all it takes is one simple human error (or jealous mistress) to render your ‘security system’ useless. [While that might be "technically" right, it is wrong in reality. Just because YOU logically delete one of your emails doesn't mean it is physically deleted from the server that keeps your message. And even if you logically delete a message, but it still physically exists on a server the police can read it. The same is true with files on your personal computer. While you may logically delete a file, it frequently continues to exist on your computer and if it does exist the police can still read it.] [The bottom line is if you have something that you want to remain private DON'T put it on the internet where 2 billion people might be able to read it.] |