Google Complied With 93% of U.S. Law Enforcement Data Requests

by Dennis Fisher - Posting #172

Google complied with 93 percent of the requests for user data that it received from U.S. law enforcement agencies through the first six months of this year. In the latest update to its Transparency Report, Google for the first time not only disclosed the number of requests that it receives, but also the number of user accounts that those requests encompass.

The data disclosed by Google on Tuesday provides an unusual, if incomplete, picture of the amount and kind of requests that the company gets from law enforcement agencies, not only in the U.S., but around the world. From January through June of 2011, Google and YouTube received 5,950 requests for users data from law enforcement agencies in the U.S. alone, and those requests were seeking data on 11,057 users or accounts. Google began publishing some of this data last year, but this is the first time it has disclosed the raw number of users and accounts affected by those requests.

"The number of requests we receive for user account information as part of criminal investigations has increased year after year. The increase isn’t surprising, since each year we offer more products and services, and we have a larger number of users," the company said in the notes accompanying the data.

"The statistics here reflect the number of law enforcement agency requests for information we receive at Google and YouTube, and, for the period from July-December 2010 and onward, the number of those requests where we produced at least some responsive information. We didn’t necessarily include requests that were addressed to the wrong Google company. We review each request to make sure that it complies with both the spirit and the letter of the law (LOL), and we may refuse to produce information or try to narrow the request in some cases."

No other country came anywhere close to issuing as many requests as agencies in the U.S. did, with India claiming second place with 1,739 requests covering 2,439 users or accounts. Google also detailed the number of requests it received from law enforcement regarding the removal of a piece of content for one reason or another. The company got 92 such requests in the first half of this year and complied, at least in part, with 63 percent of them. Many of the removal requests were for content that was thought to be defamatory, but others were for privacy or security reasons or for copyright infringement.

In a blog post about the data release, Dorothy Chou, a senior policy analyst at Google, said that the company intends the data to give users a picture of how the privacy and security laws are being used.

"All too often, policy that affects how information flows on the Internet is created in the absence of empirical data. But by showing traffic patterns and disruptions to our services, and by sharing how many government requests for content removal and user data we receive from around the world, we hope to offer up some metrics to contribute to a public conversation about the laws that influence how people communicate online," Chou wrote.

" We believe that providing this level of detail highlights the need to modernize laws like the Electronic Communications Privacy Act, which regulates government access to user information and was written 25 years ago—long before the average person had ever heard of email. Yet at the end of the day, the information that we’re disclosing offers only a limited snapshot. We hope others join us in the effort to provide more transparency, so we’ll be better able to see the bigger picture of how regulatory environments affect the entire web."

"And Ye Shall Know The Truth And The Truth Shall Set You Free"

WAKE UP AMERICA....ITs OUR COUNTRY!!!

Love "Light" and Energy

_Don

References:

HERDICTWEB

OpenNet Initiative

Google Public Policy

Google Transpareny Report

What Is The OpenNet Initiative

House Committee Passes Bill to Force ISPs to Retain User Data For 12 Months

Did the German Government Break The Law With Its Lawful Intercept Trojan?

Federal Trojan's Got A "Big Brother" -- Trojan Update-Button

By Tillmann Werner - Posting #171 - Countermeasure #1

About two weeks ago, the German Chaos Computer Club (CCC) has published an analysis report of a backdoor trojan that they claim had been used by German police during investigations in order to capture VoIP and IM communication on a suspect's PC.

Our friends over at F-Secure published a blog post last week where they wrote about another file that, according to them, seemed to be the dropper component of the trojan. They were kind enough to share the MD5 hash of the file, so we could pull it from our collection. Stefan and I took a closer look.

The dropper carries five other binaries in its resource table, so there are six components in total – each with a different purpose – all of which have been analyzed by us. Amongst the new things we found in there are two rather interesting ones: firstly, this version is not only capable of running on 32 bit systems; it also includes support for 64 bit versions of Windows. Secondly, the list of target processes to monitor is longer than the one mentioned in the CCC report. The number of applications infected by the various components is 15 in total.

Target Applications

Previous discussions of R2D2 mention Skype as a target application that is monitored by the trojan. The version analyzed by us indicates that Skype is targeted as well, but also all common web browsers, various instant messaging applications and voice-over-ip software, such as ICQ, MSN Messenger, Low-Rate Voip, paltalk, SimpPro, sipgate X-Lite, VoipBuster and Yahoo! Messenger. The list of process names is:

* explorer.exe
* firefox.exe
* icqlite.exe
* lowratevoip.exe
* msnmsgr.exe
* opera.exe
* paltalk.exe
* simplite-icq-aim.exe
* simppro.exe
* sipgatexlite.exe
* skype.exe
* skypepm.exe
* voipbuster.exe
* x-lite.exe
* yahoomessenger.exe

Code injection into target processes is carried out by the dropper, two user-mode components and also a 32 bit kernel driver with extended functionality compared to the version previously analyzed, which only provided an interface for registry and file system modifications.

All target processes we found in the different user-mode components are also covered by the driver.

There are two different DLL injection methods implemented. One works by registering the user-mode library in the Windows registry as an AppInit DLL so that it gets loaded during process creation. The second creates a remote thread in already running processes and injects a piece of position-independent code that maps the mfc42ul.dll file, one of the user-mode modules, into the target process memory.

64 bit Kernel Driver

When the dropper installs the kernel-mode component, it derives the resource name from the architecture (either 32 or 64 bit) and installs an appropriate driver:

Contrary to the 32 bit version, the 64 bit driver does not contain any process infection functionality but only provides a rudimentary privilege escalation interface through file system and registry access. Similar to its brother, it creates a device and implements a basic protocol for communicating with user-mode applications.

It is well known that 64 bit kernel modules must carry a valid digital signature that can be checked by the operating system, or loading the driver fails. The driver that comes with the rootkit contains a 1024 bit RSA certificate (fingerprint e5445e4a 9c7d24c8 43f0c669 e2a8d3a1 78cf7fa8), issued by Goose Cert on April 11, 2010. However, the certificate must be installed and the trustworthiness must be confirmed in order to make the driver load.

All components are detected by Kaspersky as variants of the R2D2 trojan/rootkit. The dropper was previously heuristically detected and blocked by us as an invasive program.

"And Ye Shall Know The Truth And The Truth Shall Set You Free"

WAKE UP AMERICA....ITs OUR COUNTRY!!!

Love "Light" and Energy

_Don

References: Facebook Worm Found to Serve ZeuS - No Smit!

Apple iTunes “Flaw” Allowed Government Spying for 3 Years - Woooo Hoooo

Surveillance Company Says It Sent Fake iTunes, Flash Updates LOL LOL LOL

As Washington Renews Military Threats Against Iran, Cyber Attacks Escalate

Cuba says U.S. behind illegal wireless networks

Anonymous' Fawkes Virus Found on Facebook LOL LOL LOL

Microsoft Issues [Fix it or Unfix it] for Duqu 0-Day Vulnerability in Windows Kernel

China: Don't blame us for U.S. satellite hacks :o

600,000 hacks a day, welcome to Facebook LOL LOL LOL

Example: What happens when ya hit that trojan-update button!

'Government and companies NSA/SAIC/DIA routinely abuse data privacy'

Using Stuxnet and Duqu as Words of Mass Disruption

NSA Open Sources Google Database Mimic

Federal Trojan

Magic Lantern

DODs New Stuxnet 2.0 'Cyber-Surveillance' Malware Threat - :o TOP

Exploit Kits – A Different View

Chaos Computer Club analyzes government malware

More Info on German State Backdoor: Case R2D2

Mass Injection Attack Targets ASP.NET Sites

Widespread LizaMoon Web Attacks Push Rogue Antivirus

Covert Operative For Israel Achieves Prosecutorial Immunity

By The Israel Lobby Archive - Posting #170

Today the Israel Lobby Archive releases declassified Justice Department documents that shed light on how US based covert operatives for Israel obtain near complete prosecutorial immunity.

After leaving the OSS , Nahum Bernstein quickly deployed his covert operations skills for Israel by forming front organizations to smuggle arms and wire-tap opponents in the United States. Mastermind Bernstein escaped the felony charges and prison sentences awaiting lower level operatives through his prosecutorial immunity network which stretched from New York City police officers on his payroll, his District Attorney law partner, up to the President of the United States (through associate Abraham Feinberg).

Bernstein's declassified file, like associate Abraham Feinberg's, sheds light on the model by which subsequent US operatives entered the Israel lobby's prosecutorial immunity network.

*Declassified 2010* J.W.Fulbright - Early in 1961 Senator J. W. Fulbright, chair of the Foreign Relations Committee, secretly chartered an investigation utilizing the Senate's full subpoena power. A declassified committee charter reads:

In recent years there has been an increasing number of incidents involving attempts by foreign governments, or their agents, to influence the conduct of American foreign policy by techniques outside normal diplomatic channels...there have been occasions when representatives of other governments have been privately accused of engaging in covert activities within the United States and elsewhere, for the purpose of influencing United States Policy (the Lavon Affair).

Fulbright's committee focused on averting future repeats of such operations as an Israeli false flag terrorist attack on US facilities in Egypt (Operation Susannah) about which few Americans had ever heard. His committee's investigation into the Israel lobby ultimately forced the reconstitution of the American Zionist Council into AIPAC.

Today the possibility of Israeli false flag attacks and operations geared to influence policy have triggered growing American suspicion about pretexts for the Iraq war such as "Niger yellowcake" affair and the current "Iranian Used Car-Cartel" assassination plot. Fulbright's warning is both timely, prescient and informative.

"And Ye Shall Know The Truth And The Truth Shall Set You Free"

WAKE UP AMERICA....ITs OUR COUNTRY!!!

Love "Light" and Energy

_Don

References:

OSS

The Lavon Affair

Nahum A. Bernstein - FBI File

Abraham Feinberg's - FBI File

Israeli Covert Operations to Influence US Policy

Declassified Report: Senate Investigates Foreign Agents

DOJ orders the AZC to Register as a Foreign Agent

Lest We Forget - The Graham Report - Attn: Richard Clark

By David M. Huntwork - Posting #169 - To the Juggernaut
Do you like a good 9/11 mystery? -- Footnote 44

The footnote indicates a CIA desk officer instructed an FBI agent not to send a cable with information about Khalid al Mihdhar and Nawaf al Hazmi to his colleagues at FBI headquarters.

A man named Stuart Buck blogs on his website The Buck Stops Here. It is apparently a credible site (Michael Barone, Instapundit, and Jonah Goldberg vouch for it).

Two years ago, he first wrote about the mysterious case of Dr. David Graham, a dentist in Shreveport, Louisiana. Graham said that he had met three of the 9/11 hijackers a year before the attacks at a home in Shreveport. (Nawaf Alhazmi, Khalid Almihdhar and Jamal Khan) He became suspicious of them (he thought they were planning attacks on nearby Barksdale AFB) and contacted the FBI.

The man who hosted the hijackers in Shreveport was a Pakistani named Jamal Khan. In 2004, Khan pled guilty to hiding cash transfers to Pakistan, and in an unusual plea deal the government stated that nothing in this deal would absolve Khan from any future prosecution regarding the attacks of September 11.

Dr. Graham apparently met Khan in conjunction with the 9/11 conspirators and was set to testify against him at a deportation hearing sometime in 2004, following Khan's conviction on the money transfer charge. He was also trying to publish a manuscript about meeting the three men and his contacts with the FBI.

Then, Dr. Graham fell seriously ill from what his family says was poison. Shortly thereafter, Jamal Khan disappeared.

The story fell silent for a couple years until Buck's site did some more digging.

Dr. David Graham is dead.

Jamal Khan has vanished.

And the FBI claims that Graham never contacted them until after 9/11 — except that one guy says that he knows personally that Graham talked to the FBI in 2000, and he can even tell you the specific name of the G-Man he spoke to (Agent Spoon of the Shreveport FBI office, if you must know).

So who killed Dr. David Graham? Was it Jamal Khan? Was Khan a co-conspirator of 9/11? And where is he now? How did the FBI let him get away (one comment suggests that they didn't)? Did the FBI really have prior warning of these three 9/11 conspirators? And if so, why do they deny it now...

An intriguing mystery indeed, so I did a little research.

Dr. Graham fell seriously ill two years ago and medical tests revealed possible poisoning that led to organ failure. His family is convinced that he was poisoned. At the time, Dr. Graham was attempting to publish his manuscript "The Graham Report: The true story of three 9-11 hijackers who were reported to the FBI 10 months before 9-11.".....................continued
"And Ye Shall Know The Truth And The Truth Shall Set You Free"

WAKE UP AMERICA....ITs OUR COUNTRY!!!

Love "Light" and Energy

_Don

References: 9/11: Unanswered Questions (I) - Wayne Madsen Report

9/11: The Ultimate Triumph of the Strategy of Tension (II)

The CIA and 9/11 Part 3: The Shouting Match - ribit ribit ribit

This amazing story will make all Americans angry upon learning the “how and why” that vital security information, reported to both the Shreveport FBI and to the U.S. Secret Service, was either ignored or mishandled. Truth ~ this book is about the truth of the disturbing pre-9/11 hijacker activity that occurred inside the United States, specifically in Shreveport, and was reported to the FBI over ten months before 9/11.

The 9/11 Graham Report Manuscript -- [Right click -- save as]

Treason in Shreveport

Who Killed Dr. Graham?

Nawaf Alhazmi and Khalid Almihdhar

Boiling Frogs Exclusive: September 11th Advocates’ Statement on Recent Developments Involving 9/11, CIA & Richard Clarke
Former Government Officials Stand To Profit From Cybersecurity Boom

Richard Clarke Crawls Back to the Edge of the Limelight

For the first time, a 9/11 Whistle-Blower has been murdered. The FBI is involved.

Who Poisoned Shreveport Dentist & 9/11 Researcher Dr. David Graham