Millions of documents about chemical toxicity have been compiled into database, ToxicDocs, now available online


Image: Millions of documents about chemical toxicity have been compiled into database, ToxicDocs, now available online

(Natural News)
There is no doubt that toxic products are everywhere you look these days. For every headline about a product recall, there are countless other items that are either ignored or given a free pass, slowly poisoning us and our planet.

Public health historians David Rosner and Gerald Markowitz have been documenting the history of toxic agents since the 1980s. During their career, they’ve investigated such disturbing topics as lead poisoning in children, asbestos, and PCBs.

Throughout the years, they have accessed and organized millions upon millions of documents, and many of these have been used to support lawsuits against chemical companies. However, this treasure trove of papers became quite difficult for them to sort through as the documents piled up.

In the early 2000s, they finally decided to place the entire collection online for public view. However, the project took some time to get off the ground. With the help of Merlin Chowkwanyun, they placed the papers in a searchable format to provide easy access to anyone who wanted to read them, from students and scholars to journalists and consumers.

You can find the site at ToxicDocs.org. It is a joint presentation from the Center for the History and Ethics of Public Health at Columbia University and the City University of New York’s Graduate Center.

The collection includes internal documents from corporations and trade associations. You’ll find secret internal memos, slides, unpublished scientific studies, reports from expert witnesses, emails and other documents.

On the main page, you’ll get a taste of what you can find in the database. For example, there are notes from a Monsanto meeting that took place in 1969 to figure out how to deal with their toxic PCBs. The documents show that one of their solutions was to “sell the hell out of them.”

They’ve also dug up a historical newsreel that was produced in the 1950s to promote Monsanto’s chemical and plastic products.

You don’t need to sign up for an account to use the site, although doing so will allow you to take advantage of extra features like creating a list of favorites. Creating an account is simply a matter of providing an email address and password.

The site has a very simple interface that was designed with speed in mind, but they’ve also provided a five-minute guide to finding the information that you need quickly. You can type anything you want into the site’s search bar to carry out a basic text search, but the sheer volume of documents means that some topics will require further refinement. For example, in their Advanced Search feature, you can narrow down your results by a range of years, the toxic substance or firm in question, or a particular special selection.

Thumbnails are provided to give you a quick idea of what type of document you are about to pull up, and you can click on individual pages to view bigger versions of them. They’ve also made it easy for people to share links to the documents with others so you can spread the word about corporate dishonesty and dangerous products. Those who sign up for an account can also bookmark documents.

It’s time for all the lies and deceit to be exposed

A similar database, The Poison Papers, was also recently launched, although it is smaller in scope and concentrates only on the pesticide and chemical industries. It is now becoming quite clear that consumers are tired of being lied to, and sites like these are finally helping people open their eyes up to all of the deceit that goes on in the name of profit.

Follow more news on chemical pollution and its impact on our world by reading Pollution.news.

Sources include:

ScienceDaily.com

ToxicDocs.org

<!–

–>

Source Article from http://www.naturalnews.com/2018-01-26-toxicdocs-millions-of-documents-about-chemical-toxicity-have-been-compiled-into-database.html

China Is Creating a Database of Its Citizens’ Voices to Boost its Surveillance Capability






China Is Creating a Database of Its Citizens’ Voices to Boost its Surveillance Capability


October 23rd, 2017

In other news, Google Home Capable of Voice Printing Multiple Users.

Via: Time:

The Chinese government has collected tens of thousands of “voice pattern” samples from targeted citizens and is inputting them into a national voice biometric database, according to a Human Rights Watch report published Monday.

The idea is that an automated system, thought to still be in development, will use the database to pick out individual voices in telephone and other conversations, boosting the government’s already expansive surveillance capabilities.

The system is reportedly being developed by a Chinese voice recognition and artificial intelligence specialist called iFlytech. It adds another spoke to existing biometric information like fingerprints and DNA samples, as well as identification numbers and other personal details.















<!–

–>











<!– AD CAN GO HERE

Buy gold online - quickly, safely and at low prices

END: AD CAN GO HERE –>

Leave a Reply


You must be logged in to post a comment.







Source Article from http://www.cryptogon.com/?p=51854

No Forfeiture-Database Backup With Millions on the Line, NYPD Admits


MANHATTAN — New York City is one power surge away from losing all of the data police have on millions of dollars in unclaimed forfeitures, a city attorney admitted to a flabbergasted judge on Tuesday.

“That’s insane,” Manhattan Supreme Court Judge Arlene Bluth said repeatedly from the bench.

This morning’s revelation stems from a request filed in 2014 by the nonprofit group Bronx Defenders under New York’s Freedom of Information Law.

In the previous fiscal year, Bronx Defenders noted, the NYPD reported seizing more than $6 million in cash and property. Intermingled with the open forfeitures from past years, this meant that the NYPD a balance sheet of more than $68 million in seized currency in any given month in 2013.

Bronx Defenders wants to study department records on the forfeitures, but city attorney Neil Giovanatti has argued that the NYPD lacks the technical capability to extract information from its forfeiture database.

Judge Bluth appeared gobsmacked Tuesday to hear about the precarious position of data in the police department’s PETS database, short for Property and Evidence Tracking System.

“Do you want the Daily News to be reporting that you have no copy of the data?” Bluth asked Giovanatti.

“That deserves an exposé in the New York Times,” the judge added later.

Giovanatti struggled to assuage Bluth’s concerns. “He says the database is in IBM,” the attorney said when asked whether any NYPD personnel understand that system’s back end.

An expert for the Bronx Defenders undermined this point in an affidavit to the court.

“Based on the information I have reviewed about the technical specifications of PETS’s hardware and software, it is my opinion that it is technologically feasible to retrieve much of the data sought from PETS by running queries directly on the underlying [IBM] DB2 database,” said Robert Pesner, a former chief enterprise architect for the city’s Department of Housing Preservation and Development.

Pages: 1 2

If you haven’t already, be sure to like our Filming Cops Page on Facebook and follow us on Twitter.

Please visit our sister site Smokers ONLY

<!–

(function(d) {
var params =
{
id: “3c7936d6-71e2-4cba-afb4-95ed4171941f”,
d: “ZmlsbWluZ2NvcHMuY29t”,
wid: “365543”,
cb: (new Date()).getTime()
};

var qs=[];
for(var key in params) qs.push(key+’=’+encodeURIComponent(params[key]));
var s = d.createElement(‘script’);s.type=’text/javascript’;s.async=true;
var p = ‘https:’ == document.location.protocol ? ‘https’ : ‘http’;
s.src = p + “://api.content-ad.net/Scripts/widget2.aspx?” + qs.join(‘&’);
d.getElementById(“contentad365543”).appendChild(s);
})(document);
–>

Filming Cops

Source Article from http://filmingcops.com/no-forfeiture-database-backup-millions-line-nypd-admits/

How They Do It–Israel suspends plan to set up database of Jewish students in US

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 5,788 other followers

Source Article from https://theuglytruth.wordpress.com/2017/10/16/how-they-do-it-israel-suspends-plan-to-set-up-database-of-jewish-students-in-us/

Unconcerned About Trump’s Militarization of Police? This Database Shows What Your Local Cops Have

10331033

Washington, DC — This week the Trump administration announced that they were lifting an Obama administration ban on certain military grade weapons being sold to state and local police for pennies on the dollar. While there is a growing awareness that local law enforcement has received massive amounts of surplus military hardware under the federal 1033 program, authorized by the National Defense Authorization Act, exactly what equipment local law enforcement agencies have been stockpiling has remained largely obscured from the public’s view.

The public controversy over the militarization of the police, for many Americans, began during the 2014 riots in Ferguson, Missouri. Images beamed across the media echo chamber revealed what looked like a war zone in Afghanistan or Iraq — with police kitted out in Marine-issue camouflage and military-grade body armor, toting short-barreled assault rifles, and rolling around in MRAPs (mine resistant armored personnel) vehicles — virtually indistinguishable from US soldiers abroad.

In addition to Ferguson, the extreme militarization of police was clearly on display during the Standing Rock protest, as police looked and acted more like a heavily armed military contingent than peace officers sworn to uphold the law.

Shortly after the American public became widely aware, and largely outraged, over the extreme militarization of their local police forces, President Obama signed an Executive Order (EO) that blocked certain large-caliber weapons, armored vehicles with tracks, grenade launchers, bayonets, and other heavy military hardware from being re-purposed from battlefields across the globe to small town USA.

President Obama argued at the time, that police utilization of such weapons of war cast the police as an “occupying force,” and only served to deepen the divide between police and the community.

“We’ve seen how militarized gear can sometimes give people a feeling like they’re an occupying force, as opposed to a force that’s part of the community that’s protecting them and serving them,” Obama said in announcing the ban in 2015.

The new Trump plan for the 1033 program goes into effect immediately and completely rolls back the Obama EO that blocked state, county, and local police depart from obtaining military weapons of war.

The surplus sharing agreement, also known as the “1033 program,” was originally created by Congress nearly 30 years ago as part of the National Defense Authorization Act, and was intended to assist local law enforcement in drug investigations.

The program was expanded in 1997 to include all local law enforcement operations, including counter-terrorism. Since then, according to the government, more than $5 billion in gear has been transferred to state, local and tribal law enforcement agencies.

Make no mistake that America has been quietly arming its police for battle with its own citizens, under the guise of the drug war, since the early 1990s.

As part of its misguided “war on drugs,” policy makers decided that if police were to act like drug warriors, they needed to be equipped like warriors. Since that time, almost $5 billion in military hardware was transferred from the military to law enforcement, according to a report by the ACLU. By giving military hardware to law enforcement for free, the NDAA and 1033 program encourages police to employ military-like tactics and weaponry.

To give you an idea of the absolute absurdity of the 1033 program, and how it unnecessarily militarizes small town police departments, law enforcement in Watertown, Connecticut, (population 22,514) acquired a mine-resistant, ambush-protected (MRAP) vehicle (sticker price: $733,000), designed to protect soldiers from roadside bombs, for $2,800. To date there has never been a landmine reported in Watertown, Connecticut.

Police in Bloomington, Georgia, (population: 2,713) acquired four grenade launchers through the program, The Atlanta Journal-Constitution reported.

Police in small towns in Michigan and Indiana have used the 1033 Program to acquire “MRAP armored troop carriers, night-vision rifle scopes, camouflage fatigues, Humvees and dozens of M16 automatic rifles,” the South Bend Tribune reported.

The distribution of these weapons of war has largely been shielded from public view. However, the database below will show you what your department has acquired through the program.

Now anyone can look up this information on a database using information supplied by the military’s Defense Logistics Agency and Law Enforcement Support Office. All one has to do is type in their State and County jurisdiction and they are able to see exactly what their local law enforcement agencies have received under the federal 1033 program.

Take a look and see what type of military armaments your local police department is stockpiling; mine resistant armored personnel carriers, helicopters, M-16’s, M-14’s, M-4’s, grenade launchers?

The extreme militarization of the police begs the question: who are the local police preparing to use these weapons of war against?

Using history as an indicator, as the founding fathers clearly warned, Americans should be wary of the police operating as an oppressive standing army.

“The means of defense against foreign danger, have been always the instruments of tyranny at home. Among the Romans it was a standing maxim to excite a war, whenever a revolt was apprehended. Throughout all Europe, the armies kept up under the pretext of defending, have enslaved the people.”  – James Madison

Select your state and your county to see exactly how militarized your local law enforcement agencies have become.

Source Article from http://thefreethoughtproject.com/1033-trump-program-database/

How CIA Spies Access India’s Biometric Aadhaar Database, by Shelley Kasli

JPEG - 36.1 kb

Today WikiLeaks published secret documents from the ExpressLane project of the CIA [1]. These documents show one of the cyber operations the CIA conducts against liaison services — which includes among many others the National Security Agency (NSA), the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).

The OTS (Office of Technical Services), a branch within the CIA [2], has a biometric collection system that is provided to liaison services around the world — with the expectation for sharing of the biometric takes collected on the systems. But this ‘voluntary sharing’ obviously does not work or is considered insufficient by the CIA, because ExpressLane is a covert information collection tool that is used by the CIA to secretly exfiltrate data collections from such systems provided to liaison services.

ExpressLane is installed and run with the cover of upgrading the biometric software by OTS agents that visit the liaison sites. Liaison officers overseeing this procedure will remain unsuspicious, as the data exfiltration disguises behind a Windows installation splash screen.

JPEG - 158.7 kb

The core components of the OTS system are based on products from Cross Match, a US company specializing in biometric software for law enforcement and the Intelligence Community [3]. The company hit the headlines in 2011 when it was reported that the US military used a Cross Match product to identify Osama bin Laden during the assassination operation in Pakistan [4].

Cross Match certified by UIDAI

Cross Match was one of the first suppliers of biometric devices certified by UIDAI for Aadhaar program [5]. The company received the Certificate of Approval from the Indian Government in 2011. Cross Match received the Certificate of Approval for its Guardian fingerprint capture device [6] and the I SCAN dual iris capture device [7] on October 7, 2011. Both systems utilize Cross Match’s patented Auto Capture feature, which quickly captures high-quality images with minimal operator involvement.

The Certificate of Approval, was issued after completion of all tests required to demonstrate compliance with the quality requirements of UIDAI. The certification body consists of the Standardization, Testing and Quality Certification (STQC) Directorate for the Government of India’s Department of Information Technology (DIT) and the UIDAI. The tests performed by the STQC included the following criteria: Physical & Dimensional, Image Quality, Environmental (Durability/Climatic), Safety, EMI/EMC, Security, Functional, Performance, Interoperability, Ease of Use & Ergonomics.

PNG - 287.2 kb

Majority of the UIDAI certified enrollment agencies use Cross Match devices across India. Cross Match was also the first company to receive the Provisional Certificate for use in the UID program in September, 2010. Video featuring the Cross Match Guardian and I SCAN devices has been taken down from the official UIDAI website.

Francisco Partners

In 2012, Francisco Partners acquired Cross Match Technologies Inc. [8]. The company has more than 5,000 customers worldwide and over 250,000 products deployed in over 80 countries. Cross Match’s customers include the U.S. Department of Defense, Department of Homeland Security, U.S. State Department and various state and local governments ; as well as numerous foreign governments and law enforcement agencies. It also provides biometric solutions to customers in transportation, critical infrastructure, financial services, education, and healthcare sectors.

One of Francisco Partners portfolio company is an Israeli cyber weapons dealer called NSO Group [9]. The company’s Pegasus iOS malware was linked to attacks on iPhones of a prominent UAE activist and a Mexican journalist [10].

Researchers from the University of Toronto’s Citizen Lab and mobile security firm Lookout raised questions about the ethics of NSO Group, a government spyware provider founded by an alum of Israel’s vaunted intelligence agencies [11]. Francisco Partners bought its stake in the company for $120 million in 2014. Citizen Lab uncovered NSO’s Pegasus malware targeting iPhones of a Mexican journalist and a UAE activist. The same day, Forbes reported that Francisco Partners added Circles to its roster of investments, another Israeli-founded surveillance firm, which sold contentious gear to hack a part of global telecoms networks, known as SS7 [12]. That cost the private equity firm $130 million, a source close to the deal told Forbes.

Spying governments, activists & journalists

Francisco Partners also ran Turkey’s spy operations by selling its deep packet inspection product for surveillance [13]. Deep packet inspection enables surveillance at the outset. Its very purpose is to open up “packets” of data flying across networks and inspect them to check if they should pass. DPI has made headlines for controversial use cases. China, for instance, likes to use DPI in its infamous censorship and surveillance systems. Sunnyvale, California-based Blue Coat Systems, in which Francisco Partners was a significant investor, saw its DPI technology censoring the internet in Syria in 2011, just as the civil war was erupting. Human rights activists looked on agog, but Blue Coat later said resellers were to blame and that it had not given permission for the technology to be shipped to the country. One reseller was later slapped with a maximum fine of $2.8 million by the Bureau of Industry and Security (BIS) [14]. (Francisco Partners also has stakes in Barracuda Networks and Dell Software, which both ship DPI products).

Aadhaar’s biometric pioneer

The foundation of the Aadhaar program is based on biometric and demographic data that is unique to each citizen. This data can only be collected by leveraging biometric devices and compatible software – the second and third stages of the Aadhaar value chain [15].

PNG - 20.9 kb

Cross Match’s Indian partner for the UID program is Smart Identity Devices Pvt. Ltd. (Smart ID) [16]. Smart Identity Devices, or Smart ID, has been the biometric pioneer and leader for the Aadhaar program. Smart ID provides biometric technology, smart card, and information and communication technology products and services for numerous sectors, such as financial services, logistics, government, and IT security. Launching commercial operations in 2008, Smart ID is based in Noida, India and is led by Sanjeev Mathur. The company’s devices are being used by enrollment agencies across India for the Aadhaar program.

Smart ID’s products and services range from biometric products, to mobile application solutions, to services such as Aadhaar enrollment, training, project management, IT hosting, and business correspondent management. As of 2014, Smart ID was able to carry out enrollment activities across India in states such as, Jharkhand, Tamil Nadu, Orissa, Uttar Pradesh, West Bangal, and Madhya Pradesh. Smart ID has already enrolled more than 1.2 million citizens into the Aadhaar program through its enrollment agencies. In July 2011, the UIDAI recognized Smart ID as being one of the three best enrollment agencies in Aadhaar for enrolling more than 25 million citizens in a very short time frame.

The price of a Smart ID Patrol ID fingerprint scanner was approximately $2300 in 2014. And these devices were installed across the country. It would be interesting to know how much did the Indian government pay this CIA front company for the exercise. Lets say UIDAI installed 10,000 such bugged CIA devices across the country for enrollment (which is a very conservative estimate), the staggering cost would be 1.473.554.800 Rs.

PNG - 19.9 kb

How CIA agents can access Aadhaar database in real-time

A number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use [17]. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked.

Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency’s OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically “exfiltrating” information from computer systems) for specific operations [18]. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff.

Among the list of possible targets of the collection are ‘Asset’, ‘Liason Asset’, ‘System Administrator’, ‘Foreign Information Operations’, ‘Foreign Intelligence Agencies’ and ‘Foreign Government Entities’. Notably absent is any reference to extremists or transnational criminals. The ‘Case Officer’ is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The ‘menu’ also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA’s ‘JQJIMPROVISE’ software to configure a set of CIA malware suited to the specific needs of an operation.

PNG - 77.8 kb

At the bottom of this page, you will find the official training manual that contains the detailed steps for carrying out the installation and configuration of Cross Match for the Aadhaar Enrolment Client. This manual also describes the process of importing master data after downloading it from the UIDAI Admin Portal.

It is remarkable that Aadhaar and Al-Qaeda mean the same thing, which is “database” – Manu Joseph pointed out this tweetable fact in his piece on Live Mint [19]. What we might add is that it is also remarkable that both Aadhaar and Al Qaeda are illegitimate sons of the same mother!

Source Article from http://www.voltairenet.org/article197580.html

How CIA Spies Access India’s Biometric Aadhaar Database, by Shelley Kasli

JPEG - 36.1 kb

Today WikiLeaks published secret documents from the ExpressLane project of the CIA [1]. These documents show one of the cyber operations the CIA conducts against liaison services — which includes among many others the National Security Agency (NSA), the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).

The OTS (Office of Technical Services), a branch within the CIA [2], has a biometric collection system that is provided to liaison services around the world — with the expectation for sharing of the biometric takes collected on the systems. But this ‘voluntary sharing’ obviously does not work or is considered insufficient by the CIA, because ExpressLane is a covert information collection tool that is used by the CIA to secretly exfiltrate data collections from such systems provided to liaison services.

ExpressLane is installed and run with the cover of upgrading the biometric software by OTS agents that visit the liaison sites. Liaison officers overseeing this procedure will remain unsuspicious, as the data exfiltration disguises behind a Windows installation splash screen.

JPEG - 158.7 kb

The core components of the OTS system are based on products from Cross Match, a US company specializing in biometric software for law enforcement and the Intelligence Community [3]. The company hit the headlines in 2011 when it was reported that the US military used a Cross Match product to identify Osama bin Laden during the assassination operation in Pakistan [4].

Cross Match certified by UIDAI

Cross Match was one of the first suppliers of biometric devices certified by UIDAI for Aadhaar program [5]. The company received the Certificate of Approval from the Indian Government in 2011. Cross Match received the Certificate of Approval for its Guardian fingerprint capture device [6] and the I SCAN dual iris capture device [7] on October 7, 2011. Both systems utilize Cross Match’s patented Auto Capture feature, which quickly captures high-quality images with minimal operator involvement.

The Certificate of Approval, was issued after completion of all tests required to demonstrate compliance with the quality requirements of UIDAI. The certification body consists of the Standardization, Testing and Quality Certification (STQC) Directorate for the Government of India’s Department of Information Technology (DIT) and the UIDAI. The tests performed by the STQC included the following criteria: Physical & Dimensional, Image Quality, Environmental (Durability/Climatic), Safety, EMI/EMC, Security, Functional, Performance, Interoperability, Ease of Use & Ergonomics.

PNG - 287.2 kb

Majority of the UIDAI certified enrollment agencies use Cross Match devices across India. Cross Match was also the first company to receive the Provisional Certificate for use in the UID program in September, 2010. Video featuring the Cross Match Guardian and I SCAN devices has been taken down from the official UIDAI website.

Francisco Partners

In 2012, Francisco Partners acquired Cross Match Technologies Inc. [8]. The company has more than 5,000 customers worldwide and over 250,000 products deployed in over 80 countries. Cross Match’s customers include the U.S. Department of Defense, Department of Homeland Security, U.S. State Department and various state and local governments ; as well as numerous foreign governments and law enforcement agencies. It also provides biometric solutions to customers in transportation, critical infrastructure, financial services, education, and healthcare sectors.

One of Francisco Partners portfolio company is an Israeli cyber weapons dealer called NSO Group [9]. The company’s Pegasus iOS malware was linked to attacks on iPhones of a prominent UAE activist and a Mexican journalist [10].

Researchers from the University of Toronto’s Citizen Lab and mobile security firm Lookout raised questions about the ethics of NSO Group, a government spyware provider founded by an alum of Israel’s vaunted intelligence agencies [11]. Francisco Partners bought its stake in the company for $120 million in 2014. Citizen Lab uncovered NSO’s Pegasus malware targeting iPhones of a Mexican journalist and a UAE activist. The same day, Forbes reported that Francisco Partners added Circles to its roster of investments, another Israeli-founded surveillance firm, which sold contentious gear to hack a part of global telecoms networks, known as SS7 [12]. That cost the private equity firm $130 million, a source close to the deal told Forbes.

Spying governments, activists & journalists

Francisco Partners also ran Turkey’s spy operations by selling its deep packet inspection product for surveillance [13]. Deep packet inspection enables surveillance at the outset. Its very purpose is to open up “packets” of data flying across networks and inspect them to check if they should pass. DPI has made headlines for controversial use cases. China, for instance, likes to use DPI in its infamous censorship and surveillance systems. Sunnyvale, California-based Blue Coat Systems, in which Francisco Partners was a significant investor, saw its DPI technology censoring the internet in Syria in 2011, just as the civil war was erupting. Human rights activists looked on agog, but Blue Coat later said resellers were to blame and that it had not given permission for the technology to be shipped to the country. One reseller was later slapped with a maximum fine of $2.8 million by the Bureau of Industry and Security (BIS) [14]. (Francisco Partners also has stakes in Barracuda Networks and Dell Software, which both ship DPI products).

Aadhaar’s biometric pioneer

The foundation of the Aadhaar program is based on biometric and demographic data that is unique to each citizen. This data can only be collected by leveraging biometric devices and compatible software – the second and third stages of the Aadhaar value chain [15].

PNG - 20.9 kb

Cross Match’s Indian partner for the UID program is Smart Identity Devices Pvt. Ltd. (Smart ID) [16]. Smart Identity Devices, or Smart ID, has been the biometric pioneer and leader for the Aadhaar program. Smart ID provides biometric technology, smart card, and information and communication technology products and services for numerous sectors, such as financial services, logistics, government, and IT security. Launching commercial operations in 2008, Smart ID is based in Noida, India and is led by Sanjeev Mathur. The company’s devices are being used by enrollment agencies across India for the Aadhaar program.

Smart ID’s products and services range from biometric products, to mobile application solutions, to services such as Aadhaar enrollment, training, project management, IT hosting, and business correspondent management. As of 2014, Smart ID was able to carry out enrollment activities across India in states such as, Jharkhand, Tamil Nadu, Orissa, Uttar Pradesh, West Bangal, and Madhya Pradesh. Smart ID has already enrolled more than 1.2 million citizens into the Aadhaar program through its enrollment agencies. In July 2011, the UIDAI recognized Smart ID as being one of the three best enrollment agencies in Aadhaar for enrolling more than 25 million citizens in a very short time frame.

The price of a Smart ID Patrol ID fingerprint scanner was approximately $2300 in 2014. And these devices were installed across the country. It would be interesting to know how much did the Indian government pay this CIA front company for the exercise. Lets say UIDAI installed 10,000 such bugged CIA devices across the country for enrollment (which is a very conservative estimate), the staggering cost would be 1.473.554.800 Rs.

PNG - 19.9 kb

How CIA agents can access Aadhaar database in real-time

A number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use [17]. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked.

Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency’s OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically “exfiltrating” information from computer systems) for specific operations [18]. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff.

Among the list of possible targets of the collection are ‘Asset’, ‘Liason Asset’, ‘System Administrator’, ‘Foreign Information Operations’, ‘Foreign Intelligence Agencies’ and ‘Foreign Government Entities’. Notably absent is any reference to extremists or transnational criminals. The ‘Case Officer’ is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The ‘menu’ also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA’s ‘JQJIMPROVISE’ software to configure a set of CIA malware suited to the specific needs of an operation.

PNG - 77.8 kb

At the bottom of this page, you will find the official training manual that contains the detailed steps for carrying out the installation and configuration of Cross Match for the Aadhaar Enrolment Client. This manual also describes the process of importing master data after downloading it from the UIDAI Admin Portal.

It is remarkable that Aadhaar and Al-Qaeda mean the same thing, which is “database” – Manu Joseph pointed out this tweetable fact in his piece on Live Mint [19]. What we might add is that it is also remarkable that both Aadhaar and Al Qaeda are illegitimate sons of the same mother!

Source Article from http://www.voltairenet.org/article197580.html

How CIA Spies Access India’s Biometric Aadhaar Database, by Shelley Kasli

JPEG - 36.1 kb

Today WikiLeaks published secret documents from the ExpressLane project of the CIA [1]. These documents show one of the cyber operations the CIA conducts against liaison services — which includes among many others the National Security Agency (NSA), the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).

The OTS (Office of Technical Services), a branch within the CIA [2], has a biometric collection system that is provided to liaison services around the world — with the expectation for sharing of the biometric takes collected on the systems. But this ‘voluntary sharing’ obviously does not work or is considered insufficient by the CIA, because ExpressLane is a covert information collection tool that is used by the CIA to secretly exfiltrate data collections from such systems provided to liaison services.

ExpressLane is installed and run with the cover of upgrading the biometric software by OTS agents that visit the liaison sites. Liaison officers overseeing this procedure will remain unsuspicious, as the data exfiltration disguises behind a Windows installation splash screen.

JPEG - 158.7 kb

The core components of the OTS system are based on products from Cross Match, a US company specializing in biometric software for law enforcement and the Intelligence Community [3]. The company hit the headlines in 2011 when it was reported that the US military used a Cross Match product to identify Osama bin Laden during the assassination operation in Pakistan [4].

Cross Match certified by UIDAI

Cross Match was one of the first suppliers of biometric devices certified by UIDAI for Aadhaar program [5]. The company received the Certificate of Approval from the Indian Government in 2011. Cross Match received the Certificate of Approval for its Guardian fingerprint capture device [6] and the I SCAN dual iris capture device [7] on October 7, 2011. Both systems utilize Cross Match’s patented Auto Capture feature, which quickly captures high-quality images with minimal operator involvement.

The Certificate of Approval, was issued after completion of all tests required to demonstrate compliance with the quality requirements of UIDAI. The certification body consists of the Standardization, Testing and Quality Certification (STQC) Directorate for the Government of India’s Department of Information Technology (DIT) and the UIDAI. The tests performed by the STQC included the following criteria: Physical & Dimensional, Image Quality, Environmental (Durability/Climatic), Safety, EMI/EMC, Security, Functional, Performance, Interoperability, Ease of Use & Ergonomics.

PNG - 287.2 kb

Majority of the UIDAI certified enrollment agencies use Cross Match devices across India. Cross Match was also the first company to receive the Provisional Certificate for use in the UID program in September, 2010. Video featuring the Cross Match Guardian and I SCAN devices has been taken down from the official UIDAI website.

Francisco Partners

In 2012, Francisco Partners acquired Cross Match Technologies Inc. [8]. The company has more than 5,000 customers worldwide and over 250,000 products deployed in over 80 countries. Cross Match’s customers include the U.S. Department of Defense, Department of Homeland Security, U.S. State Department and various state and local governments ; as well as numerous foreign governments and law enforcement agencies. It also provides biometric solutions to customers in transportation, critical infrastructure, financial services, education, and healthcare sectors.

One of Francisco Partners portfolio company is an Israeli cyber weapons dealer called NSO Group [9]. The company’s Pegasus iOS malware was linked to attacks on iPhones of a prominent UAE activist and a Mexican journalist [10].

Researchers from the University of Toronto’s Citizen Lab and mobile security firm Lookout raised questions about the ethics of NSO Group, a government spyware provider founded by an alum of Israel’s vaunted intelligence agencies [11]. Francisco Partners bought its stake in the company for $120 million in 2014. Citizen Lab uncovered NSO’s Pegasus malware targeting iPhones of a Mexican journalist and a UAE activist. The same day, Forbes reported that Francisco Partners added Circles to its roster of investments, another Israeli-founded surveillance firm, which sold contentious gear to hack a part of global telecoms networks, known as SS7 [12]. That cost the private equity firm $130 million, a source close to the deal told Forbes.

Spying governments, activists & journalists

Francisco Partners also ran Turkey’s spy operations by selling its deep packet inspection product for surveillance [13]. Deep packet inspection enables surveillance at the outset. Its very purpose is to open up “packets” of data flying across networks and inspect them to check if they should pass. DPI has made headlines for controversial use cases. China, for instance, likes to use DPI in its infamous censorship and surveillance systems. Sunnyvale, California-based Blue Coat Systems, in which Francisco Partners was a significant investor, saw its DPI technology censoring the internet in Syria in 2011, just as the civil war was erupting. Human rights activists looked on agog, but Blue Coat later said resellers were to blame and that it had not given permission for the technology to be shipped to the country. One reseller was later slapped with a maximum fine of $2.8 million by the Bureau of Industry and Security (BIS) [14]. (Francisco Partners also has stakes in Barracuda Networks and Dell Software, which both ship DPI products).

Aadhaar’s biometric pioneer

The foundation of the Aadhaar program is based on biometric and demographic data that is unique to each citizen. This data can only be collected by leveraging biometric devices and compatible software – the second and third stages of the Aadhaar value chain [15].

PNG - 20.9 kb

Cross Match’s Indian partner for the UID program is Smart Identity Devices Pvt. Ltd. (Smart ID) [16]. Smart Identity Devices, or Smart ID, has been the biometric pioneer and leader for the Aadhaar program. Smart ID provides biometric technology, smart card, and information and communication technology products and services for numerous sectors, such as financial services, logistics, government, and IT security. Launching commercial operations in 2008, Smart ID is based in Noida, India and is led by Sanjeev Mathur. The company’s devices are being used by enrollment agencies across India for the Aadhaar program.

Smart ID’s products and services range from biometric products, to mobile application solutions, to services such as Aadhaar enrollment, training, project management, IT hosting, and business correspondent management. As of 2014, Smart ID was able to carry out enrollment activities across India in states such as, Jharkhand, Tamil Nadu, Orissa, Uttar Pradesh, West Bangal, and Madhya Pradesh. Smart ID has already enrolled more than 1.2 million citizens into the Aadhaar program through its enrollment agencies. In July 2011, the UIDAI recognized Smart ID as being one of the three best enrollment agencies in Aadhaar for enrolling more than 25 million citizens in a very short time frame.

The price of a Smart ID Patrol ID fingerprint scanner was approximately $2300 in 2014. And these devices were installed across the country. It would be interesting to know how much did the Indian government pay this CIA front company for the exercise. Lets say UIDAI installed 10,000 such bugged CIA devices across the country for enrollment (which is a very conservative estimate), the staggering cost would be 1.473.554.800 Rs.

PNG - 19.9 kb

How CIA agents can access Aadhaar database in real-time

A number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use [17]. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked.

Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency’s OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically “exfiltrating” information from computer systems) for specific operations [18]. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff.

Among the list of possible targets of the collection are ‘Asset’, ‘Liason Asset’, ‘System Administrator’, ‘Foreign Information Operations’, ‘Foreign Intelligence Agencies’ and ‘Foreign Government Entities’. Notably absent is any reference to extremists or transnational criminals. The ‘Case Officer’ is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The ‘menu’ also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA’s ‘JQJIMPROVISE’ software to configure a set of CIA malware suited to the specific needs of an operation.

PNG - 77.8 kb

At the bottom of this page, you will find the official training manual that contains the detailed steps for carrying out the installation and configuration of Cross Match for the Aadhaar Enrolment Client. This manual also describes the process of importing master data after downloading it from the UIDAI Admin Portal.

It is remarkable that Aadhaar and Al-Qaeda mean the same thing, which is “database” – Manu Joseph pointed out this tweetable fact in his piece on Live Mint [19]. What we might add is that it is also remarkable that both Aadhaar and Al Qaeda are illegitimate sons of the same mother!

Source Article from http://www.voltairenet.org/article197580.html