Group items tagged

When then-FBI Director James Comey announced he was closing the Hillary Clinton email investigation for a second time just days before the 2016 election, he certified to Congress that his agency had “reviewed all of the communications” discovered on a personal laptop used by Clinton’s closest aide, Huma Abedin, and her husband, Anthony Weiner.

At the time, many wondered how investigators managed over the course of one week to read the “hundreds of thousands” of emails residing on the machine, which had been a focus of a sex-crimes investigation of Weiner, a former Congressman. Comey later told Congress that “thanks to the wizardry of our technology,” the FBI was able to eliminate the vast majority of messages as “duplicates” of emails they’d previously seen. Tireless agents, he claimed, then worked “night after night after night” to scrutinize the remaining material. But virtually none of his account was true, a growing body of evidence reveals.

the networks now compete with one another to generate outrage—not at the spying, mind you, but at Snowden for violating the law.

The Trump Administration’s decision to continue hyping a failed Yemeni raid, despite all evidence to the contrary, as having netted a trove of intelligence continues to blow up in their face tonight, as Pentagon officials once again affirmed that the information gathered was minimal, and things they already knew about. Some equipment was recovered giving them some insight into tactics, but so far none of the laptops and cellphones seized has any useful information on it. This is in keeping with what other US officials said just two days prior, that no “actionable” intelligence was gathered in the raid, but is in direct contradiction to claims by President Trump last night at the Congressional address, and Vice President Mike Pence today, that “significant” intelligence was obtained. The first major foreign military operation on his term, President Trump has invested a lot of effort into portraying the operation as an unquestioned success. Repeated concessions from the military that there were myriad problems, and things didn’t go nearly as well as intended, have all been dismissed, with Trump continuing on with the success claims.

That we never really get good information on what the source of intelligence is for future raids means it’s likely impossible to ever conclusively prove no actionable intelligence came from Yemen, though the fact that the Pentagon keeps saying this is the case certainly lends credence to the idea that the operation, on top of all of its other failures, didn’t accomplish anything intelligence-wise.

The latest leaks from WikiLeaks' Vault 7 is titled “Dark Matter” and claims that the CIA has been bugging “factory fresh” iPhones since at least 2008 through suppliers.

And here is the full press release from WikiLeaks: Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.   Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting" allowing an attacker to boot its attack software for example from a USB stick "even when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.   "DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI, kernel-space and user-space implants.   Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent version "DerStake" are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.   Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.   While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.

The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. and the Pentagon’s Cyber Command have implanted nearly 100,000 “computer network exploits” around the world, but the hardest problem is getting inside machines isolated from outside communications.

Obama administration officials insist "possible military dimensions" of Iran’s nuclear program must be resolved to the satisfaction of the IAEA to complete a nuclear agreement. But the term refers to discredited intelligence from suspect sources. One of the issues Obama administration officials are insisting must be resolved to the satisfaction of the International Atomic Energy Agency (IAEA) before any nuclear agreement may be concluded involves "possible military dimensions." That term refers to documents long discredited by German intelligence but which the United States and the IAEA have maintained came from a covert Iranian nuclear weapons program. A former senior German official has now revealed that the biggest collection of documents cited as evidence of such a covert Iran program actually came from a member of the Iranian terrorist organization Mujihedin-E-Khalq (MEK) and that German intelligence sought to warn the George W. Bush administration that the source of the documents was not trustworthy.

The use of those documents to make a case for action against Iran closely parallels the Bush administration's use of the testimony of the now-discredited Iraqi exile called "Curveball" to convince the US public to support war against Iraq. The parallel between the two episodes was recognized explicitly by the German intelligence service, the Bundesnachrichtendienst (BND), according to Karsten Voigt, who was the German Foreign Office's coordinator of North American-German relations. Voigt provided details of the story behind the appearance of the mysterious Iran nuclear documents in an interview with this writer last March for a book on the false narrative surrounding Iran's nuclear program that is newly published, Manufactured Crisis. 

In 2004, Powell and his State Department team still regarded the MEK as a disreputable terrorist organization, but the neoconservatives in the administration viewed it as useful as an anti-regime tool. The MEK was known to have served the interests of Israel's Mossad by providing a way to "launder" intelligence claims that Israel wanted to get out to the public but didn't want identified as having come from Israel. In the best-known case, the group's political front organization, the National Council of Resistance in Iran, had revealed the location of the Iranian uranium enrichment facility at Natanz in an August 2002 press conference, but it had been given the coordinates of the construction site by Israeli intelligence, according to both a senior IAEA official and an Iranian opposition group source, cited by Seymour Hersh and New Yorker writer Connie Bruck, respectively. The purported Iranian documents conveyed by the MEK to Western intelligence also displayed multiple indications of having been fabricated by an outside actor. The clearest and most significant anomaly was that the drawings of efforts to redesign the Shahab-3 missile to accommodate a nuclear weapons showed a missile that had already been abandoned by Iran's Defense Ministry by the time the drawings were said to have been made, as was confirmed by former IAEA deputy director general for safeguards, Olli Heinonen, in an interview with this writer. The Iranian abandonment of the earlier missile design became known to foreign analysts, however, only after Iran flight-tested a completely new missile design in August 2004 - after the "laptop documents" had already been conveyed to the BND by its MEK source. Whoever ordered those drawings was unaware of the switch to the new missile design, which would rule out a genuine Iranian Defense Ministry or military program.

The U.S. National Security Agency has the ability to snoop on nearly every communication sent from an Apple iPhone, according to leaked documents shared by security researcher Jacob Appelbaum and German news magazine Der Spiegel.  An NSA program called DROPOUTJEEP allows the agency to intercept SMS messages, access contact lists, locate a phone using cell tower data, and even activate the device’s microphone and camera. 

According to leaked documents, the NSA claims a 100 percent success rate when it comes to implanting iOS devices with spyware. The documents suggest that the NSA needs physical access to a device to install the spyware—something the agency has achieved by rerouting shipments of devices purchased online—but a remote version of the exploit is also in the works. Appelbaum says that presents one of two possibilities: “Either [the NSA] have a huge collection of exploits that work against Apple products, meaning they are hoarding information about critical systems that American companies produce, and sabotaging them, or Apple sabotaged it themselves,” Appelbaum said at the Chaos Communication Conference in Hamburg, Germany. 

“Do you think Apple helped them with that?” Appelbaum asked. “I hope Apple will clarify that.”

On Sunday, the German publication Der Spiegel revealed new details about secretive hacking—a secretive hacking unit inside the NSA called the Office of Tailored Access Operations, or TAO. The unit was created in 1997 to hack into global communications traffic. Still with us, Jameel Jaffer, deputy legal director of the ACLU, director of the ACLU’s Center for Democracy, and Glenn Greenwald, the journalist who first broke the story about Edward Snowden. Glenn, can you just talk about the revelations in Der Spiegel?

And one of the ways that they’re doing it is that they intercept products in transit, such as if you order a laptop or other forms of Internet routers or servers and the like, they intercept it in transit, open the box, implant the malware, factory-seal it and then send it back to the user. They also exploit weaknesses in Google and YouTube and Yahoo and other services, as well, in order to implant these devices. It’s unclear to what extent, if at all, the companies even know about it, let alone cooperate in it. But what is clear is that they’ve been able to compromise the physical machines themselves, so that it makes no difference what precautions you take in terms of safeguarding the sanctity of your online activity.

But we’ve actually been working, ourselves, on certain stories that should be published soon regarding similar interdiction efforts. And one of the things that I think is so amazing about this, Amy, is that the U.S. government has spent the last three or four years shrilly, vehemently warning the world that Chinese technology companies are unsafe to purchase products from, because they claim the Chinese government interdicts these products and installs surveillance, backdoors and other forms of malware onto the machinery so that when you get them, immediately your privacy is compromised. And they’ve actually driven Chinese firms out of the U.S. market and elsewhere with these kinds of accusations. Congress has convened committees to issue reports making these kind of accusations about Chinese companies. And yet, at the same time, the NSA is doing exactly that which they accuse these Chinese companies of doing. And there’s a real question, which is: Are these warnings designed to steer people away from purchasing Chinese products into the arms of the American industry so that the NSA’s ability to implant these devices becomes even greater, since now everybody is buying American products out of fear that they can no longer buy Chinese products because this will happen to them?

When it comes to modern firewalls for corporate computer networks, the world's second largest network equipment manufacturer doesn't skimp on praising its own work. According to Juniper Networks' online PR copy, the company's products are "ideal" for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company's special computers is "unmatched" and their firewalls are the "best-in-class." Despite these assurances, though, there is one attacker none of these products can fend off -- the United States' National Security Agency.

Specialists at the intelligence organization succeeded years ago in penetrating the company's digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.

The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA's department for Tailored Access Operations (TAO). In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such "implants," as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet. Some of the equipment available is quite inexpensive. A rigged monitor cable that allows "TAO personnel to see what is displayed on the targeted monitor," for example, is available for just $30. But an "active GSM base station" -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.

But while the interviewer focused on the Skype revelation, I thought the most interesting part was the other claim, “that the National Security Agency already had pre-encryption stage access to email on Outlook.”  Say what??  They can see the plaintext on my computer before I encrypt it? That defeats any/all encryption methods. How could they do that? Bypass Encryption While most outside observers think the NSA’s job is cracking encrypted messages, as the Prism disclosures have shown, the actual mission is simply to read all communications. Cracking codes is a last resort.

The NSA has a history of figuring out how to get to messages before or after they are encrypted. Whether it was by putting keyloggers on keyboards and recording the keystrokes or detecting the images of the characters as they were being drawn on a CRT. Today every desktop and laptop computer has another way for the NSA to get inside. Intel Inside It’s inevitable that complex microprocessors have bugs in them when they ship. When the first microprocessors shipped the only thing you could hope is that the bug didn’t crash your computer. The only way the chip vendor could fix the problem was to physically revise the chip and put out a new version. But computer manufacturers and users were stuck if you had an old chip. After a particularly embarrassing math bug in 1994 that cost Intel $475 million, the company decided to fix the problem by allowing it’s microprocessors to load fixes automatically when your computer starts.

Starting in 1996 with the Intel P6 (Pentium Pro) to today’s P7 chips (Core i7) these processors contain instructions that are reprogrammable in what is called microcode. Intel can fix bugs on the chips by reprogramming a microprocessors microcode with a patch. This patch, called a microcode update, can be loaded into a processor by using special CPU instructions reserved for this purpose. These updates are not permanent, which means each time you turn the computer on, its microprocessor is reset to its built-in microcode, and the update needs to be applied again (through a computer’s BIOS.). Since 2000, Intel has put out 29 microcode updates to their processors. The microcode is distributed by 1) Intel or by 2) Microsoft integrated into a BIOS or 3) as part of a Windows update. Unfortunately, the microcode update format is undocumented and the code is encrypted. This allows Intel to make sure that 3rd parties can’t make unauthorized add-ons to their chips. But it also means that no one can look inside to understand the microcode, which makes it is impossible to know whether anyone is loading a backdoor into your computer.

Q: Right. I read in Peter Jenkins’ analysis of your book that Israel has fabricated certain documents, including the information said to have been retrieved from a laptop computer in Iran in 2004, as you mentioned earlier, and the fabricated, fake data helped keep Iran’s nuclear controversy alive. Would you please elaborate more on Israel’s involvement in providing the U.S. and the IAEA with the false and groundless data and how they complicated Iran’s nuclear dossier? A: Well, I think that evidence that Israel was fabricating these documents that the IAEA received in 2005 as well as later documents turned over to the IAEA directly by Israel in 2008 and 2009, according to Mohamed ElBaradei, is very strong, and there are several indicators that it was an Israeli job. One is that we know the Mujahedin-e-Khalq turned these documents over to German intelligence; that’s where they came from. A former German intelligence official gave me a detailed account of that in an interview I did with him last year for my book. So, that’s the first indication that it was an Israeli job, because the MEK, we know, has been used by Israel to provide the intelligence they didn’t want to be known as coming from Israel on more than one occasion. And of course the MEK has let its name to testimony to support the Israeli point of view on accusations of Iranian terrorism, specifically in the case of the Buenos Aires bombing of the AMIA community center in 1994. That’s one indicator. The second indicator is that we know the Israelis had a program in Mossad to influence the foreign governments and news media on Iran and that office sometimes basically claimed that there were documents that come from inside Iran that they would share with the governments and the press. So they had a special office for operations against Iran. So, I’m quite convinced that Israel was behind these documents.

It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors. Freedom Hosting’s operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It’s not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control. The new details emerged in local press reports from a Thursday bail hearing in Dublin, Ireland, where Marques, 28, is fighting extradition to America on charges that Freedom Hosting facilitated child pornography on a massive scale. He was denied bail today for the second time since his arrest in July. Freedom Hosting was a provider of turnkey “Tor hidden service” sites — special sites, with addresses ending in .onion, that hide their geographic location behind layers of routing, and can be reached only over the Tor anonymity network. Tor hidden services are used by sites that need to evade surveillance or protect users’ privacy to an extraordinary degree – including human rights groups and journalists. But they also appeal to serious criminal elements, child-pornography traders among them.

On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident. The FBI also didn’t respond to inquiries from WIRED today. But FBI Supervisory Special Agent J. Brooke Donahue was more forthcoming when he appeared in the Irish court yesterday to bolster the case for keeping Marques behind bars, according to local press reports. Among the many arguments Donahue and an Irish police inspector offered was that Marques might reestablish contact with co-conspirators, and further complicate the FBI probe. In addition to the wrestling match over Freedom Hosting’s servers, Marques allegedly dove for his laptop when the police raided him, in an effort to shut it down.

The apparent FBI-malware attack was first noticed on August 4, when all of the hidden service sites hosted by Freedom Hosting began displaying a “Down for Maintenance” message. That included at least some lawful websites, such as the secure email provider TorMail. Some visitors looking at the source code of the maintenance page realized that it included a hidden iframe tag that loaded a mysterious clump of Javascript code from a Verizon Business internet address. By midday, the code was being circulated and dissected all over the net. Mozilla confirmed the code exploited a critical memory management vulnerability in Firefox that was publicly reported on June 25, and is fixed in the latest version of the browser. Though many older revisions of Firefox were vulnerable to that bug, the malware only targeted Firefox 17 ESR, the version of Firefox that forms the basis of the Tor Browser Bundle – the easiest, most user-friendly package for using the Tor anonymity network. That made it clear early on that the attack was focused specifically on de-anonymizing Tor users. Tor Browser Bundle users who installed or manually updated after June 26 were safe from the exploit, according to the Tor Project’s security advisory on the hack.

In a sweeping victory for privacy rights in the digital age, the Supreme Court on Wednesday unanimously ruled that the police need warrants to search the cellphones of people they arrest.While the decision will offer protection to the 12 million people arrested every year, many for minor crimes, its impact will most likely be much broader. The ruling almost certainly also applies to searches of tablet and laptop computers, and its reasoning may apply to searches of homes and businesses and of information held by third parties like phone companies.“This is a bold opinion,” said Orin S. Kerr, a law professor at George Washington University. “It is the first computer-search case, and it says we are in a new digital age. You can’t apply the old rules anymore.”

The sordid tale of marital infidelity, cyber-stalking, and spilled secrets surrounding former CIA director David Petraeus is scheduled to come to a close Thursday, when the former four-star general is sentenced for his crimes. But Petraeus’s punishment will likely have lasting ramifications on future leak cases, national security lawyers said. They argue the government is cutting its own throat by offering him a more lenient sentence in the wake of harsher penalties to other leakers and creating a double standard that can be exploited by defense attorneys in future cases.“This is a horrible choice by the government,” said Mark Zaid, a national security lawyer for more than two decades. “I think it is going to have a negative impact. The judges who are going to be truly objective are going to look at the Petraeus case. Going forward, it is going to hurt the government’s cases.”

The hearing Thursday to sentence Petraeus for giving his former girlfriend and biographer highly classified information will happen only a few miles from her home in North Carolina. Petraeus will enter his plea on one misdemeanor count of unauthorized removal and retention of classified material before U.S. Magistrate Judge David Keesler in Charlotte. Petraeus is the second director of the CIA to be convicted for actions while leading the agency. President Nixon’s director, Richard Helms, was convicted in 1978 of lying to Congress about the CIA’s role in overthrowing President Salvador Allende of Chile. He received a two-year suspended sentence and a $2,000 fine.

And after John M. Deutsch, who served under President Clinton, left office, he was accused of mishandling classified information on his laptop. He lost his security clearance, but he was never prosecuted. Clinton pardoned him on his last day as president. Petraeus has the distinction, however, of being the only director forced to resign because of misdeeds while serving,

Here are the emails. An article written by Umar Cheema is also on the Web, will post link once I am on my laptop. http://cirp.pk/e-mail.htm (edit: although some names have been blacked out, you can still view them by taking mouse over the links! e.g. First email is by Hassan Noor.. to Mike Novell, tkrift (??), Amanullah Khan.. CC is Afnan Aleem) These basically proves that everyone in the Abbotabad commission (except Mr Ashraf Qazi), including a very senior judge and general, were working under the influence of Save The Children NGO Retired General Nadeem was directly working under them! Afridi was NOT tortured by ISI. He did give ISI some false statements which the ISI didn't dig deeper because it suited them! (Example he was working for CIA since 2008, not 2009 as ISI was led to believe) Edit: Here is the article: http://www.thenews.com.pk/Todays-Ne...s-Abbottabad-Commission-was-penetrated-by-CIA -- All these NGOs should be banned and thrashed! ISI should publically hang foreign agents! (Even if they are Generals)

The NGO has neither denied the email record and the contents it carried (when shown by The News for seeking version) nor offered specific comments but that: “Our assistance to the Abbottabad Commission and its members including Gen Nadeem was within the legal parameters and Abbottabad Commission mandate to find facts.” Nadeem was not available for comments, however, his close aide termed the allegations as utterly “rubbish and non-sense” when comments were sought after showing the email record A transcript of internal wrangling: Muhammad Hassan Noor Saadi, deputy country director of Save the Children, met Gen (R) Nadeem on November 20, 2012 that followed his email to four senior colleagues. The report was primarily compiled by ‘our friend’, his email reads, and was endorsed by the Chairman but one of the members, Ashraf Qazi, was not in agreement with them. He wrote a dissenting note criticising Chairman Justice (R) Javed Iqbal and Gen (R) Nadeem ‘for being soft on certain institutions (including Save the Children).’

Another member, Abbas Khan, was neither willing to sign the report in its current shape, discloses email record, nor wanted to put a dissenting note hence decided to prolong his stay in the US where he went on the ‘pretext of medical ground’. More alarmingly, the NGO was granted access to the Commission’s report well before it was sent to the prime minister. Save the Children had uninterrupted access to the four drafts prepared in June 2012 by the members including the chairman, email record available with The News indicates. All favours granted to Save the Children on behalf of the Commission were in clear breach of public trust raising question marks about the integrity of the members. The chairman of the NGO, Save the Children, was contacted by The News. He initially agreed to meet but later stopped taking calls and did not respond to messages sent to him.Nadeem also felt confident, the email record shows, that he would be able to convince the panel with the answers given by the NGO and urge his colleagues to go by the facts presented by Save the Children instead of believing on the contents of Afridi’s statement. Gen (R) Nadeem also advised the NGO, an email of the country director reads, to fight the expulsion of our expatriate as otherwise the ISI would move quickly to close down the country programme before the Commission report comes out.

Regin, an advanced spyware program widely believed to have been developed by US and British intelligence agencies, was found on a USB stick belonging to an official in German Chancellor Angela Merkel's office, Berlin sources say.Sources said the incident occurred months ago and said that the hackers involved could not be identified.

The malware was discovered after a mid-level official in the European policy section of the chancellery reportedly took home a document on her USB flash drive to read on her private laptop.

When she later inserted the USB drive into her chancellery computer, an anti-virus alert came up.Dr Merkel's staff are not supposed to use their private computers for work for fear of transferring a virus this way.

In a new court filing, the Department of Justice revealed that it kept a secret database of telephone metadata—with one party in the United States and another abroad—that ended in 2013. The three-page partially-redacted affidavit from a top Drug Enforcement Agency (DEA) official, which was filed Thursday, explained that the database was authorized under a particular federal drug trafficking statute. The law allows the government to use "administrative subpoenas" to obtain business records and other "tangible things." The affidavit does not specify which countries records were included, but specifically does mention Iran. This database program appears to be wholly separate from the National Security Agency’s metadata program revealed by Edward Snowden, but it targets similar materials and is collected by a different agency. The Wall Street Journal, citing anonymous sources, reported Friday that this newly-revealed program began in the 1990s and was shut down in August 2013.

The criminal case involves an Iranian-American man named Shantia Hassanshahi, who is accused of violating the American trade embargo against Iran. His lawyer, Mir Saied Kashani, told Ars that the government has clearly abused its authority. "They’ve converted this from a war on drugs to a war on privacy," he said. "[Hassanshahi] is not accused of any drug crime but they used this drug enforcement information to gather information against him, that's contrary to the law, and we will revisit that. We will bring motions in the court and we will appeal if necessary." Neither the DEA nor the Department of Justice immediately responded to Ars' query as to whether this program is continuing under a different authority.

The story begins in 2011, when a Department of Homeland Security (DHS) agent received a tip about someone who might be in violation of American sanctions against Iran. The source provided an e-mail from an Iranian businessman, Manoucher Sheiki, who was involved in acquiring power grid equipment. A second Homeland Security agent, Joshua Akronowitz, wrote in a 2013 affidavit that he searched Sheiki’s Iranian phone number in this database, but declined to explain exactly what kind of database it was. Akronowitz found that the Iranian number came up exactly one time in the database, and was linked to an 818 number, based in Los Angeles County. That number turned out to be the Google Voice number of Hassanshahi. DHS then subpoenaed Google, and got Hassanshahi’s call log and later, metadata on his Gmail account. By early 2012, the agency found out that he was set to return to Los Angeles from Iran. At LAX Airport, customs agents seized his phone, laptop, thumb drives, camcorder, and SIM cards and sent them to Homeland Security. Last year, Kashani, Hassanshahi’s lawyer, argued that this evidence should be suppressed on account that it was the "fruit of the poisonous tree"—obtained via illicit means. In support of his arguments, Kashani cited an important ongoing NSA-related lawsuit, Klayman v. Obama, which remains the only instance where a judge has order the NSA metadata program to be shut down—that order was stayed pending an appeal. (Earlier this month, Ars explored Klayman and other pending notable surveillance cases.)

Montreal (AFP) - A Canadian charged for refusing to give border agents his smartphone passcode was expected Thursday to become the first to test whether border inspections can include information stored on devices.Alain Philippon, 38, risks up to a year in prison and a fine of up to Can$25,000 (US$20,000) if convicted of obstruction.He told local media that he refused to provide the passcode because he considered information on his smartphone to be "personal."Philippon was transiting through the port city of Halifax on his way home from a Caribbean vacation on Monday when he was selected for an in-depth exam.

"Philippon refused to divulge the passcode for his cell phone, preventing border services officers from their duties," Canada Border Services Agency said in an email.The agency insists that the Customs Act authorizes its officers to examine "all goods and conveyances including electronic devices, such as cell phones and laptops."But, according to legal experts, the issue of whether a traveler must reveal the password for an electronic device at a border crossing has not been tested in court. "(It's) one thing for them to inspect it, another thing for them to compel you to help them," Rob Currie, director of the Law and Technology Institute at Dalhousie University, told public broadcaster CBC.Philippon is scheduled to appear in court on May 12.