We are interested in the 'encryption' used in these over-the-air queries... ........... http://ap.tbo.com/ap/breaking/MGAUW7L9HWC.html Handhelds Join Handcuffs at Boston Airport in Fight Against Terrorism By Leslie MillerAssociated Press Writer Published: Jan 15, 2002 BOSTON (AP) - A pager-sized device that's more likely to be found in a Wall Street briefcase than on a state trooper's belt may take its place in the war against terrorism. Logan International Airport is the first in the nation to test the BlackBerry as an electronic gateway to state and federal criminal databases, giving law enforcement officers the kind of immediate information resource they've longed for, but lacked. The wireless devices, made by Waterloo, Ontario-based Research in Motion since 1999, are ubiquitous in the corporate world, particularly by businesspeople who spend a lot of time away from their desks and need to check e-mails or surf the World Wide Web. The BlackBerries being tested at Logan are packaged with software that lets officers send encrypted queries to state and federal databases over a wireless network and get responses in less than a minute. State trooper Barry Newell carries his BlackBerry on patrols around Logan. With the device, Newell can check whether a suspicious person is on the FBI's terrorist watch list - without using a radio, dispatcher, cruiser or computer. "The beauty of this system is you can do it yourself," Newell said. Logan officials are using the system as part of their effort to strengthen security after 10 terrorists boarded two passenger jets on Sept. 11 and crashed them into the World Trade Center. The BlackBerry patrols began two months ago after Aether Systems Inc., which makes the PocketBlue software, offered to let Logan try the $89-a-month devices for free. Aether said airports in three other major cities are considering similar tests, but declined to say where. At Logan, 10 troopers who'd been trained in counterterrorism were taught to scroll through the BlackBerry's menu and send simple queries to a distant computer about a suspect's criminal history. A "hit" automatically sends an alarm to other troopers carrying a BlackBerry. It's more efficient than a phone or radio query. "If you go and ask for a couple of registration checks through a dispatcher, they'll get a little upset because you're adding to the workload," said Gerald Burke, director of the New England Law Enforcement Management Institute. Newell said he's identified several stolen cars in Logan's parking using the device. Whether the BlackBerries could have helped prevent the terrorist attacks isn't clear because the watch list only came into being after Sept. 11, FBI spokeswoman Gail Marcinkiewicz said. "There was intelligence information out there," she said. "But the watch list as we know it, as of Sept. 11, that format did not exist." State Police Capt. Thomas Robbins, Logan's interim public safety director, thinks the BlackBerry-toting troopers may become a permanent fixture at the airport, which is trying everything from facial recognition systems to training ticket agents to recognize suspicious activity. Aether's PocketBlue software was launched in June and is now being used by law enforcement agencies in seven states, said David Grip, marketing director for the mobile government division of the company, which has headquarters in Owings Mills, Md. "Since Sept. 11, there's now a focus within airports and port authorities to use the product," he said, adding Logan is the first airport to try it. Law enforcement agencies are also using the software in Ohio, Florida, California, Minnesota and the District of Columbia, he said. There may be a market for the software, but, "there's a little bit of a feeding frenzy," said Tim Quillin, an analyst with Stephens Inc. in Little Rock, Ark. Federal transportation officials are open to the experiment. "We're interested and looking at anything that might improve transportation security," said Paul Takemoto, spokesman for the Transportation Security Administration.
On 15 Jan 2002, at 10:26, Eric Murray wrote:
On Tue, Jan 15, 2002 at 10:44:46AM -0600, xganon wrote:
We are interested in the 'encryption' used in these over-the-air queries...
ARDIS, the protocol the Blackberry uses, does an XOR with a 32 bit constant of the day.
Eric
You're kidding, right? George
On Tue, Jan 15, 2002 at 11:37:03AM -0800, georgemw@speakeasy.net wrote:
On 15 Jan 2002, at 10:26, Eric Murray wrote:
On Tue, Jan 15, 2002 at 10:44:46AM -0600, xganon wrote:
We are interested in the 'encryption' used in these over-the-air queries...
ARDIS, the protocol the Blackberry uses, does an XOR with a 32 bit constant of the day.
Eric
You're kidding, right?
Probably not. I haven't seen the spec so I'm not 100% sure, but this is the info I dug up after 10 minutes of googling. http://www.counterpane.com/crypto-gram-9904.html "And the Mobitex protocol used by ARDIS and RAM mobile for wireless email is another example of something that is complex for error correction and robustness but has essentially no security. And software for monitoring this circulates around the net as well. ARDIS does use XORing with a 32 bit constant of the day to provide some fig leaf of security, but obviously determining the constant is trivial..." Sad, isn't it? Eric
On Tuesday, January 15, 2002, at 11:31 AM, Eric Murray wrote:
Probably not. I haven't seen the spec so I'm not 100% sure, but this is the info I dug up after 10 minutes of googling.
http://www.counterpane.com/crypto-gram-9904.html
"And the Mobitex protocol used by ARDIS and RAM mobile for wireless email is another example of something that is complex for error correction and robustness but has essentially no security. And software for monitoring this circulates around the net as well. ARDIS does use XORing with a 32 bit constant of the day to provide some fig leaf of security, but obviously determining the constant is trivial..."
Sad, isn't it?
Something that's sad is that the National Security Agency has abdicated its role in helping to secure communications critical to these United States. To wit, its COMSEC role. Part of the charter of the NSA is to provide COMSEC for critical communications, including ensuring strong ciphers. Because it has spent much of the past decade trying to slow down strong encryption and introduce back doors into commercial products, the very consumer products that are now being bought in droves by Congressmen and other employees typically have extremely weak crypto in them. Blueberries and similar devices are now being given to Congressmen and other government employees and officials as a means of communicating with them in times of national emergency. Laptops with kiddie-grade disk security ("Datawhack uses a proprietary virtual one time pad which uses a secret algorithm to encrypt your disk") are the norm. Cellphones are easily interceptable. And this is, not surprisingly, what those inside the Beltway (and outside, actually, as the effective radius has pushed way out into the sprawl of Virginia and Maryland former horse country regions) are buying at their local Circuit City and Best Buy stores. Thank the NSA and folks like Dorothy Denning for stunting the implementation of good crypto in consumer products. Good to know that Al Quaida knows the ARDIS hacks and will have them ready to go when they strike next: Blueberry Emergency Alert to Rep. Barney Frank: "Rep. Frank, report soonest to this [isolated] location in the woods [where our agents can kill you]. signed, Agent Farr [Abdullah Al Ragheda]." --Tim May, Occupied America "They that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin, 1759.
nobody@xganon.com (xganon) writes:
We are interested in the 'encryption' used in these over-the-air queries..............
http://ap.tbo.com/ap/breaking/MGAUW7L9HWC.html
Handhelds Join Handcuffs at Boston Airport in Fight Against Terrorism By Leslie MillerAssociated Press Writer Published: Jan 15, 2002
BOSTON (AP) - A pager-sized device that's more likely to be found in a Wall Street briefcase than on a state trooper's belt may take its place in the war against terrorism.
Logan International Airport is the first in the nation to test the BlackBerry as an electronic gateway to state and federal criminal databases, giving law enforcement officers the kind of immediate information resource they've longed for, but lacked.
The wireless devices, made by Waterloo, Ontario-based Research in Motion since 1999, are ubiquitous in the corporate world, particularly by businesspeople who spend a lot of time away from their desks and need to check e-mails or surf the World Wide Web.
The BlackBerries being tested at Logan are packaged with software that lets officers send encrypted queries to state and federal databases over a wireless network and get responses in less than a minute.
State trooper Barry Newell carries his BlackBerry on patrols around Logan. With the device, Newell can check whether a suspicious person is on the FBI's terrorist watch list - without using a radio, dispatcher, cruiser or computer.
"The beauty of this system is you can do it yourself," Newell said.
Logan officials are using the system as part of their effort to strengthen security after 10 terrorists boarded two passenger jets on Sept. 11 and crashed them into the World Trade Center.
The BlackBerry patrols began two months ago after Aether Systems Inc., which makes the PocketBlue software, offered to let Logan try the $89-a-month devices for free. Aether said airports in three other major cities are considering similar tests, but declined to say where.
At Logan, 10 troopers who'd been trained in counterterrorism were taught to scroll through the BlackBerry's menu and send simple queries to a distant computer about a suspect's criminal history. A "hit" automatically sends an alarm to other troopers carrying a BlackBerry.
It's more efficient than a phone or radio query.
"If you go and ask for a couple of registration checks through a dispatcher, they'll get a little upset because you're adding to the workload," said Gerald Burke, director of the New England Law Enforcement Management Institute.
Newell said he's identified several stolen cars in Logan's parking using the device.
Whether the BlackBerries could have helped prevent the terrorist attacks isn't clear because the watch list only came into being after Sept. 11, FBI spokeswoman Gail Marcinkiewicz said.
"There was intelligence information out there," she said. "But the watch list as we know it, as of Sept. 11, that format did not exist."
State Police Capt. Thomas Robbins, Logan's interim public safety director, thinks the BlackBerry-toting troopers may become a permanent fixture at the airport, which is trying everything from facial recognition systems to training ticket agents to recognize suspicious activity.
Aether's PocketBlue software was launched in June and is now being used by law enforcement agencies in seven states, said David Grip, marketing director for the mobile government division of the company, which has headquarters in Owings Mills, Md.
"Since Sept. 11, there's now a focus within airports and port authorities to use the product," he said, adding Logan is the first airport to try it. Law enforcement agencies are also using the software in Ohio, Florida, California, Minnesota and the District of Columbia, he said.
There may be a market for the software, but, "there's a little bit of a feeding frenzy," said Tim Quillin, an analyst with Stephens Inc. in Little Rock, Ark.
Federal transportation officials are open to the experiment.
"We're interested and looking at anything that might improve transportation security," said Paul Takemoto, spokesman for the Transportation Security Administration.
participants (5)
-
Anonymous -
Eric Murray -
georgemw@speakeasy.net -
Tim May -
xganon