Pokémon Go, a beta tested espionage project?

Pokémon Go, a beta tested espionage project?

by | Dec 31, 2019 | Articles

Pokémon Go, a beta tested espionage project?

To begin to understand where I’m coming from, we have to look at a little of the history behind a game that came out of nowhere, took the world by storm before going quiet.  However, given the hype it has created a market and momentum it created all of its own, it seems to be coming back.  It is always worth starting with a little history.

In 2001, a company called Keyhole Inc. was founded by John Hanke whose first job out of college was in a foreign affairs position within the U.S. government before he moved into the technology industry. Keyhole was an interesting choice of names as the name “Keyhole” is a homage to the KH reconnaissance satellites, the original eye-in-the-sky military reconnaissance system now some 50 years old.

Keyhole Inc. was a pioneering software development company specialising in geospatial data visualisation applications, it was acquired by Google in 2004 for $35 million. It was initially launched as a spin-off from a company called Intrinsic Graphics with initial funding coming from a Sony venture capital fund and others, with additional capital coming from the US graphics giant NVIDIA bundling deal including a company called In-Q-Tel.

The name, Keyhole combined with In-Q-Tel involvement starts to make the history of Pokémon Go very interesting in deed. In-Q-Tel was widely billed as the venture capital arm of the CIA and the majority of the funds it used for its venture with Keyhole came from the National Geospatial-Intelligence Agency (NGIC). Other funding came from the angel investor Brian McClendon who later became a VP with Google, when they acquired Keyhole, before moving to Uber.

The link between Keyhole and In-Q-Tel wasn’t as sinister as it could first seem when you understand the project that Keyhole was working on.  It was called Earth Viewer which later became the widely used opensource mapping and imagery tool, Google Earth when Google acquired Keyhole in 2004.

In 2010, the company behind Pokémon Go was founded, initially inside Google, by Keyhole’s founder, John Henke.  As it launched the initial game allowed a lot of activity for players for free which meant it quickly went viral across the globe; there were news storied of people chasing high priced ‘monsters’ all over the place and a rush to see who could get them all first.  There was no obvious revenue stream that would pay for this ground-breaking, complex interactive game.

Working on the principal that you get nothing for free the only answer to the lack of obvious revenue is you paid in some other way, and that way had to be data. So, on launch, if we look at the data the game could access on any facility, (spook speak for a phone, tablet, laptop or computer associated with an individual), we get a list of what, when you click install and accept terms, you have just allowed the app to access on an android device:

Identity

  • Find accounts on the facility

Contacts

  • Find accounts on the facility

Location

  • Precise location (GPS and network-based)
  • Approximate location (network-based)

Photos/Media/Files

  • Modify or delete the contents of your USB storage
  • Read the contents of your USB storage

Storage

  • Modify or delete the contents of your USB storage
  • Read the contents of your USB storage

Camera

  • Take pictures and videos

Other

  • Receive data from the internet
  • Control vibration
  • Pair with Bluetooth devices
  • Access Bluetooth settings
  • Full network access
  • Use accounts on the device
  • View network connections
  • Prevent the device from sleeping

So, what the game app can do with no difficulty is identify:

  • Where you are
  • Where you were
  • What route you took between those locations
  • When you were at each location
  • How long it took you to get between them
  • What you are looking at right now
  • What you were looking at in the past
  • What you look like
  • What files you have on your device and the entire contents of those files
  • What other facilities you are connected to
  • Access the data via Bluetooth and network connections on those other facilities

My next step was to look at the terms and conditions to see what was being done with all of this data.  I have used extracts to illustrate certain points and those extracts have been italicised for clarity, there are the boring T’s and C’s but worth a scan!

 Information Collected Using Cookies and other Web Technologies:  Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information on our Site.

We may use both session Cookies and persistent Cookies to identify that you (or your authorized child) have logged in to the Services and to tell us how and when you (or your authorized child) interact with our Services.

Some third-party services providers that we engage (including third party advertisers) may also place their own Cookies on your hard drive.

“Web Beacons” (also known as web bugs, pixel tags, or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services.

In essence, you agree to data collection capabilities to be put on the facility with the app and give it access to almost everything.

Information Related to Use of the Services:  Our servers automatically record certain information about how a person uses our Services. This may include information such as a User’s Internet Protocol (IP) address, user agent, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on, and other statistics.

Information Sent by Your Mobile Device:  We collect certain information that your (or your authorized child’s) mobile device sends when you (or your authorized child) use our Services, like a device identifier, user settings, and the operating system of your (or your authorized child’s) device, as well as information about your use of our Services while using the mobile device. We may use this information to provide the Services and to improve and personalize our Services for you (or your authorized child).

And the team are great, they tell you they are going to assess everything.

Location Information:  The App is a location-based game. We collect and store information about your (or your authorized child’s) location when you (or your authorized child) use our App and take game actions that use the location services made available through your (or your authorized child’s) device’s mobile operating system, which makes use of cell/mobile tower triangulation, wifi triangulation, and/or GPS. You understand and agree that by using our App you (or your authorized child) will be transmitting your (or your authorized child’s) device location to us and some of that location information, along with your (or your authorized child’s) username, may be shared through the App. For example, when you take certain actions during gameplay, your (or your authorized child’s) username and location may be shared through the App with other users who are playing the game. We may also use location information to improve and personalize our Services for you (or your authorized child).

They also tell you they will track you through your facility and the cell towers and wifi you use, gathering all of that data.  Think of the threat to your home router or the work routers?

International Transfer: Your (or your authorized child’s) PII may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your (or your authorized child’s) PII to us, we may transfer your (or your authorized child’s) PII to the United States and process it there.

And the ‘coup de grâce’ is the data will be transferred to the US for processing (there is an opt out clause, but it is buried and goes on to say if you do, the game won’t work (I paraphrased it.)

So what?

The US Foreign Intelligence Surveillance Act describes procedures for physical searches and electronic surveillance of activities of foreign entities and individuals where a significant purpose of the search or surveillance and the collection of information is to obtain “foreign intelligence information.” The term “foreign intelligence information” is defined to include information that relates to actual or potential attacks or grave hostile acts of a foreign power or an agent of a foreign power, sabotage, international terrorism, weapons of mass destruction, clandestine intelligence activity by or on behalf of a foreign power, or similar issues.

The Patriot Act enlarged the scope of the existing law to apply when “a significant purpose” of the search or surveillance is the collection of foreign intelligence thereby bringing the sort of capability provided through Pokémon Go into the legal statute for intelligence collection.

The FISA was amended in 2008 through the FISA Amendment Act (FAA) to permit the U.S. Attorney General and the Director of National intelligence to jointly authorize the targeting of non-U.S. persons reasonably believed to be located outside the United States, in order to acquire foreign intelligence information.

In essence by signing up to Pokémon Go, developed through a linke to US intelligence agency money, designed to encourage taking pictures where high priced ‘monsters’ appear whilst giving access to your location data and all of the data on your facility, with lots of play before revenue streams appear to start asking for money, you are asked to believe it is just a game?

Hell, if as a spook I had thought of it, getting a 9-year-old to take a picture of a top-secret entrance to an intelligence facility without putting a special ops team on the ground, would I do it? Yup, I would.

Does this mean Pokémon Go is an intelligence gathering tool for the US Government, nope, but the T’s&C’s at release mean it could be and it is a great example of what apps on facilities can do and if you don’t know who has developed them what are you losing to the world?

We worry about Huawei hardware, given the proliferation of app technology, we don’t need to worry about the hardware at all as it is not the issue and this blog is merely an illustration of what could be happening; or is it…………  A Happy New Year to all.

 

How can we be certain, the intelligence game?

How can we be certain, the intelligence game?

by | Apr 15, 2018 | Articles

How can we be certain, the intelligence game?

In the run-up to the action in the early hours of Sat 14thApril to bomb very specific targets in Syria to send a clear message, not just to Bashar Al-Assad but the world, that the use of chemical weapons is completely unacceptable, I have noted with sadness the large number of dissenters questioning the decisions of 3 elected heads of state, who represent the worlds policing body, the P5 of the United Nations Security Council.

Even after the attack, we have the leader of the opposition calling it illegal, questioning the decision making and the evidence to say it was Assad who carried out the horrific chlorine attack on Douma killing countless women and children.

The reports that came out of Douma alongside video released by the Syrian civil defence force, the White Helmets was not the evidence or intelligence the leaders of the USA, France and UK used to make their decision to bomb Syria, it was merely the initiator of a complex, layered process to understand what happened.

For the uninitiated, I am going to describe the sorts of processes that are in place to ensure that our leaders know that Assad’s forces were behind the chemical attack.  I am leaving myself open to criticism as I cannot go into the real detail of how systems work and what their exact capabilities are, but I ask that people recognise I have used these systems and processes in the past, I have personal experience. Also, intelligence can be wrong but the more independent sources used and the fact here there would be 3 independent national collection and assessment operations reduces that possibility enormously.

The Middle East and Syria, in particular, is a focus for the intelligence capabilities of many countries involved or affected by the conflict.  These will include the USA, UK, France, Russia, Turkey, Israel, Iran and many more. It is a part of the world with a huge volume of intelligence gathering platforms listening, sniffing, watching, reporting every piece of activity. Banks of analysts will be trying to analyse and interpret that activity, 24/7, 365 days a year – the intelligence cycle of direct, collect, analyse and disseminate is unending.

So, starting with the video from the White Helmets it gave a possible activity at a claimed time with a claimed weapon, how can we know it was a chlorine bomb dropped from an aircraft by Assad’s forces?

Once the reports started coming in, the banks of analysts pouring over their intelligence databases will have started to put together the questions they need answering, and looking for information collected that relates to those questions.  The first in this instance would be – was there an aircraft at the claimed time over Douma and if so what type was it, where did it come from and who owned it?

AWACS Airborne early warning aircraft and other capabilities are watching all aircraft movements on a continual basis – they can track hundreds of movements simultaneously and will know if one was there, what type of aircraft it was, civilian/military, fixed wing/rotary wing and possibly even the callsign and model.   They will know where it took off from, the route it took to Douma and where it went back to and the route with the exact times of all activities.

Cross-referencing the movement with signals intelligence data gathered from the aircraft, ships, UAVs and other assets hoovering up all radio traffic and more, there will be recordings of the aircraft’s crew checking in with their air traffic control and operational base. Those recordings will be translated, and translations checked.

So, we now know there was an aircraft in the right vicinity at the right time and we know where it came from and when.  Imagery Intelligence of the base it flew from the moment it took off going back in time will be poured over by imagery intelligence specialists looking for the preparation of the aircraft, the weapons being loaded onto it, the crew joining it and everything that happened prior to it taking off.  That capability exists and can be cross-referenced with capability from partner nations.

It will take time, but the loading of the aircraft will have been photographed. From those pictures an assessment of the weapon can be made – a barrel bomb is not easy to hide from the prying eyes of Western Intelligence. Once that assessment has been made and the number and types of vehicles used to move the weapon to the aircraft identified, the next task is to find the convoy which brought the bomb to the airfield.  Intelligence gathered by the likes of the US JSTARs or UK Sentinel R1 can look for movement from known weapons dumps to the airport over a period of time.  Various possibilities will be identified and will be cross-referenced with detailed imagery analysis of all of these sites and communications to and from the sites. The picture is building.

Human Intelligence (HUMINT) agents on the ground and Signals intelligence (SIGINT) assets will have been tasked to see what they can find out, what are personnel from the bases saying? What are the discussions Syrian military and political decision-makers having? How are they reacting to the international condemnation? What is being said between Assad’s people and the Russians? What are the Russians saying back to Moscow? Information in little snippets will be being fed to the analysts, agents will be talking to their contacts, supercomputers will be cross-referencing thousands of communications.

It is highly unlikely that there will be a report of the clarity, “Hello base, this is the heli, we have just dropped the chlorine bomb on Douma and are returning to base, over.” But what our intelligence will have told us is there was a Syrian aircraft over Douma at the time the alleged incident occurred, that aircraft came from an airfield where an object consistent with a barrel bomb was seen to be loaded.  That object is consistent with one loaded onto trucks from a known chemical weapons storage site. HUMINT and SIGINT will add further context.

Intelligence is an art, scientifically approached, it can be wrong, it never (well rarely) gives a 100% picture, but we can be confident that the picture it does give is pretty close to what actually happened.

What I have described above is not necessarily what happened in the run-up to the decision to attack Syria but it will be in the right ballpark….

Note: This blog is written by Philip Ingram MBE, a former British Army Intelligence Officer who has served in the Middle East and Cyprus. If you would like any further comment from Philip, please contact him by clicking HERE