Surveillance tech

There's no distance put between us
Safe enough for you to hide
I'm watching all of your secrets
The camera never lies
Elton John, Bernie Taupin, "The Camera Never Lies"
"We got a cit-rep 10-30 on A5D3, check it"

"Roger" I punch in the area and start to scan through the civic monitors. Robbery should be easy to find at this time of night, but I start up some help imrec software just to make sure. There: a man in dark jacket leans over a prone body, searching through the pockets. "Got it. 50 yards east of the crossing Helleman Street and 54th, just beneath monitor 5487. Seems to be a junkie, watch out". Nobody but a complete idiot would try a robbery without making sure there weren't any cameras around. Most likely the robber is fresh, stupid or flying high.

"He's moving east, I loose him from 5487" I put the network on the lookout for him; our cameras simply can't cover everything thanks to the budget and the ACLU. I get a brief glimpse from a traffic light camera at 55th, but nothing more. I start to worry about losing him. Then a nice, clear frontal shot from camera 5523. I can see his face, and behind him the approaching police cars. Nice - no escape physically or digitally. I start to run an ID check on him.

There are no more secrets, at least in principle. Modern surveillance equipment is so powerful that there is no place on Earth except possibly the deep ocean trenches where you can hide.

The planet is orbited by spy satellites operated by FOG and several private organizations, able to at the very least photograph where you are (in visible light, infrared and radio), tell the color of your coat and keep track of where you are moving. The resolution of the civilian satellites is good enough to track vehicles and lone individuals, and the military satellites in low earth orbit are even more powerful. However, they need to be above the horizon to work, which means the powers operating them have to either blanket the planet like the satellite phone constellations (very expensive; only the PRC is really trying) or accept occasional interruptions in coverage. Still, if somebody tracking you is willing to use the satellite nets and buy into the commercial spy sats they can get permanent monitoring over a certain region. It is hard to distinguish people well, but cars, boats and airplanes can easily be followed.

Most modern cities and towns are throughly watched using surveillance cameras "in order to deter criminality". Discreet eyes watch from traffic signs (where they help catch anybody driving against red or speeding; a character recognition program reads the license plate and a bill is automatically mailed to the offender), in the subway (to deter grafitti), in the malls (to catch shoplifters), from buildings (to watch over the streets) and even from airborne drones (traffic monitoring).

The frightening thing is that many welcome the cameras. They do give a bit of protection - a robber has to think twice before robbing somebody, since the robbery could be recorded and the escape route traced from camera to camera by the police. But they also allow the police (and higher agencies) to track people, and there is no doubt that face recognition programs combined with some social modeling systems can be used to track down who meets with who, gradually building social maps of possible subversive groups.

One interesting problem is the possibility of forging video. Using modern image processing it is quite feasible to forge a sequence of video images so that it is nearly impossible to prove that it is a forgery. After a series of famous legal battles in EU 2008-2010 where the evidence of the civic surveillance cameras were questioned validation was instituted. Validated cameras authentify their images by encrypting them with the help of a private key and a stream of random numbers sent from a central validation server of guaranteed integrity. This way it can be guaranteed that the images are from the right camera and were taken at the time they are timestamped. The system is slightly cumbersome, but mandated in the EU and US for all official cameras. It is of course possible for private corporations or organizations to set up their own validation servers, but they do not hold the same legal status as the official validation services. Video evidence from non validated cameras have no legal standing, and privately validated cameras are of uncertain standing; there are several processes going on around the world that hinge on the integrity of private validation.

It is quite possible to listen in on remote conversations using parabolic microphones or laser mikes. Lip-reading programs can analyze conversations seen by cameras (advanced versions for use in cold climates even take the movement of condensed breath into account). Sniffers are also quite widespread, able to detect the scent of things such as fire, explosives, cordite, drugs or humans.

Wiretap works as it always has, with the difference that thanks to the digital networks it can be done conveniently at a computer if you have the right access. By law, governments have wiretapping capabilities built into the digital communications infrastructure (of course only by court order, or if the suspected crime is serious enough or if it is a matter of national security...). This covers not just phone calls or net packets, but also the ability to track the physical location of cellular phones by checking which cell the signal comes from (not just when the phone is in use).

Bugs can be made extremely tiny, and inserted into a building in practically any way imaginable: hidden in furniture, a tiny speck in the corner of an envelope, dropped by a small flyer drone or even existing as an independent gnatbot. The weak part is how to report back; radio transmissions can be detected (advanced monitoring systems even notice squirt transmissions), infrared laser signals can be obscured and recording requires a compact recording medium and a way to bring back the bug. Some bugs are entirely software, hiding in the personal computers of people and secretly listening in through the microphone or even video camera, sending data back to their masters through the net. On the net monitoring programs can detect activities, intercept packets and trace connections. Some agents disguise themselves like legit services and pass on all relevant information to their owners, while appearing to act like normal.

Cryptography has grown into a huge business, but it is hard to keep things as safe as they should be given the human tendency of sloppiness. Public key cryptography can be broken given sufficiently immense computing power (like quantum computers, which nobody admits they have), especially if the users are not paranoid enough with how they use their keys. Many of the commercial crypto packages have trapdoors put into them by the security agencies. In the PRC, the US and the EU many official cryptosystems involve the user leaving a copy of the key in an escrow server, "only for release after a court order". The digital phone network can be tapped at will by the right agencies; in many nations there are even laws forbidding the sale of untappable communications equipment.

When examining a cryptographic software package, the question always remains, why should you trust this product? Even if you examined the source code yourself, not everyone has the cryptographic experience to judge the security. Even if you are an experienced cryptographer, subtle weaknesses in the algorithms could still elude you.
Philip Zimmermann, PGP documentation

DNA is accepted as evidence in many nations, and even a tiny flake of skin or part of a fingerprint can prove you were there. Databases of citizen's DNA exist in many nations, and cover at least everyone who has been born after the millennium, been admitted to a hospital, had a major medical check-up or been interrogated about a crime.

http://dir.yahoo.com/Business_and_Economy/Companies/Security/Surveillance_Equipment/

Sniffers

Sniffers are "artificial noses", biosensors able to detect minute concentrations of various chemicals in the air. The most common kind detect combustion gases and are used as a complement to smoke detectors. Instead of police dogs, "sniffer wands" are now used; small plastic wands with sniffer sensors that can detect the presence of explosives, guns or drugs and beep when they are detected. Other sniffer applications involve environmental monitoring and medical analysis.

The sensitivity of sniffers can be liability, since they can go off due to even minute wafts of the chemical they are sensitive to, leaving the user to figure out where the source is. Often users of sniffer wands turn down their sensitivity to avoid spurious alarms, which can be a great advantage to somebody trying to evade them. Sniffers are also limited by the kinds of molecules they can recognize, new drugs can evade them until the sensors are upgraded.

One area where police dogs still remain important is tracking people; sniffers cannot yet track individuals. However, there is plenty of research into tracking sniffers and the researchers are optimistic. The problem is to make a biosensor able to adapt itself to recognize a new smell from a sample; nanotechnology linked to neural networks seems to be a viable solution, but so far the tracker sniffers have proven highly unreliable.

Price: 100 IOU (standard issue), 150 IOU (customized smell) Spec, Rest

Sniffer Perfume

A clever way of marking a trail without appearing to do so: an odorless chemical is impregnated in the clothing or some other object. This creates a vapor trail that can be followed with a sniffer. It can also be used to mark possessions, and in combination with sniffer code in nanodevices start various activities.

Price: depends on the chemical, 1-10 IOU

Parabolic microphone

A long-range directional microphone able to pick up a conversation 100 meters away; it needs line-of-sight to work. Price: 400 IOU Spec, Rest (available from security firms, requires permit)

Tracking device

A tiny transponder, less than a centimeter across (even smaller versions exist) that sends out a signal when it receives a radio pulse. This can be used for tracking people, vehicles and just about everything else. Transponders can be hidden in clothing (fake coins are popular), glued onto surfaces using modified paintball bullets or just taped onto the underside of a car. Transponder code can be added to some nanorecipes, making it an integral part of the object. Price: 300 IOU Spec, Rest (available from security firms, requires permit)

Phone bug

An ancient device, but useful when you don't have access to the switching network like most FOG agencies. The bug is placed inside the phone (requires Poor Electronics) and then sends the signal to the owner. Price: 20 IOU Spec, Rest (available from security firms, requires permit)

Laser ear

An old classic - send an invisible laser beam against a window or any other resonant surface, and then extract the sounds from the return signal. It is often fairly noisy and requires some sound processing. The ear can be stopped by vibrating the surface with obscuring noise, either through special devices (quite expensive) or playing bunk music (might cause settling in the ground). Price: 1,000 IOU Spec, Rest/Ill

Cable tap

Taps the signals going through a cable. The simple version requires cutting off the cable somewhere and attaching the tap (Poor Electronics or Repair), the more advanced just detects electrical fields and can work up to ten centimeters from the cable (of course this won't work on fiber optics, which also requires more complex splicing). Price: 50/70 IOU Spec, Rest/Ill (available from security firms, requires permit)

Emission tracer

A scanner device that detects the emissions from wireless phones or wearables with cellular connections in the vicinity. It can either signal the presence of a phone (useful to avoid nasty surprises when you know you should be alone), or to track the phone by triangulating the signal. Price: 400, Spec

[Triangulating a phone requires an Electronics roll, usually Fair if the phone is relatively close by. If the phone is being used it gives a +1 bonus, and if the phone call is being monitored (so the tracer can compare the received signal with what is sent through the net) a +2 bonus. ]

TEMPEST

A system that receives and decodes electromagnetic emissions. Using this it is possible to tune in the screen of somebody's computer to see what he has on it, or the keyboard to detect keypresses. This can be done from over a hundred meters away. The tempest system requires a fairly noticeable antenna; while portable systems exist, most are placed in vehicles. Price: 3,000 IOU, Spec, Ill

The Complete, Unofficial TEMPEST Information Page

Bugs

The walls have ears. Bugs exist in a large variety of models, from cheap matchbox bugs sold mainly to jealous husbands to sota microbugs as invisible as a human hair. The main limitations are battery life and storage capacity (commonly around 72 hours of sound); wireless bugs can send their information within transmitter range (usually a few hundred meters). Some bugs store information for brief squirts to make detection harder, or are connected to recorders for later pickup.

Cost depends on the difficulty of finding them with Security: Mediocre: 15 IOU Fair: 60 Good: 120 Great: 240 Superb: 480 Spec, Rest/Ill (available from security firms, requires permit).

Types of wiretaps, bugs and methods

Covert cameras

Just as audio bugs have shrunk, so has surveillance cameras. Today there are cameras the size of a sugar cube or much smaller, and they can be built into things like e.g. clock radios, furniture or "no smoking" signs. Price: 50-200 IOU (installed inside an object), 100 IOU (minicamera), Spec, Rest (available from security firms, requires permit)

Movement detectors

Handy devices that can be fastened to different surfaces. When they are activated they will react to movements within a few meters and signal, either by beeping loudly or silently through an IR computer link. Price: 20 IOU each

The practice of surveillance

No more secrets!
Right now the UK is not a functioning dictatorship, but an infrastructure is in place that would have made the East German Stasi drool. Charlie Stross, 1998
One problem with this brave new world of surveillance is information overload. The NSA simply cannot monitor everything, even with an entire skyscraper filled with agent software. There is too much bandwidth, too much encrypted or obscure information, too many spurious connections that derail paranoid software and too many leads to follow up. Usually the agencies simply let the data flow past, make random sweeps and instead concentrate on tracking down crimes and criminals they have leads to.

The solution for the Concordat member is not to try to evade all the scanning, but to hide in plain sight. As long as you appear fairly ordinary few agencies will look for you, they have far too much data already. It is more profitable to look for known suspects than unknown suspects.

The Brinists think that the trend is irreversible: the technology to monitor everything is possible, hence it will be used. We better learn to live with it and make sure it is used for benign ends. After all, why should just the police have access to the civic camera network, shouldn't it be accessible to everyone? And why are there no official cameras in the police headquarters? After all, with the advent of camcorders police brutality became slightly riskier, and with ubiquitous monitoring the citizens could watch their governments, not just the reverse.

Privacy tech

Security. It doesn't exist in nature. No animal is so arrogant as to ever feel completely safe. Only humans believe they can find assured well-being through design... and technology. Some even believe it with a vengeance.
Jim Profit
There are ways of evading the eyes and ears. Beside the obvious possibility of behaving inconspicuously and blending in, various forms of technology can be used to at least temporarily hide.

Software

Sweeper Packages

Sweeper packages are used to scan a computer for unwelcome intrusions. They examine files for hidden viruses, unknown code, look for strange system activity and what passes out onto the net. After being run, they leave monitor routines behind to alert the owner if something happens.

Encryption

Encryption packages are absolutely essential, even if they shouldn't be trusted too much ("What use is strong crypto if a gnatbot can watch you type your password?"). Most modern encryption packages let the user send and decode messages using public key crypto of various kinds as well as authentify documents (which is legally binding in many nations). Commercial software sometimes contain mandated trapdoors for intelligence agency uses; serious people get their software from the cryptoanarchists and have several trusted people check it.

Anonymization

Anonymization systems are servers on the net that make a message untraceable (in theory). Most simply act by removing the header information, replacing it with a chosen nym and sending it on. There is a certain risk in that if security at the server is broken, the nym can be connected with the real name. One possibility is to route the message through a chain through several servers to minimize the risk; if they all lie in different jurisdictions the chance of law enforcement or others to break all of them becomes very low. Aware of the problem, most nations prohibit anonymization systems or require them to use key escrow, but there are several outlaw systems hidden around the globe in use.

Information Pools

Information pools are a way of making it impossible to tell who is sending what to who. Participants in a pool simply send their (encrypted) messages to everyone else; only the recipient can decrypt it, the software of the others simply ignore it. The software also generates random messages to drown out the real messages, traffic analysis becomes very hard unless one participant suddenly changes pattern noticeably. One of the beauties of information pools is that the participants doesn't need to know or even trust each other. The more participants the better, and several hidden groups can easily communicate side by side without noticing each other.

Steganography

Stego software hides encrypted messages in innocuous messages, such as digital images, political rants or websurfing packets. The recipient can then distill the real message from the messages when they have arrived.

Steganography

Techniques for data hiding

Masquerade Software

Masquerade software is somewhat similar to stego software and used to hide net activities under the cover of other other activities. Typical software makes it look like the user is connecting to a virtual, while the user is really doing something else. More advanced versions even play a virtual character in the virtual, to make sure anybody watching will believe the person is there. Similar software can learn the conversational patterns or daily life of people and generate more or less believable computer imitations, suitable for fooling surveillance systems (usually humans tend to notice the discrepancies after a while, but many agents are easily fooled).

Satellite monitoring software

Satelite monitoring software can be quite useful: it simply tells you which spy sats (and other sats) are above the horizon. If you can make an educated guess of who is looking for you (or have an agent do it), you can tell if you can be seen from above or if there is a window of obscurity.

Similar software for calculating dead zones in surveillance camera systems exist, although they are tricky to use - the layout of the place and all the cameras must be known, otherwise the software will show a deadly erroneous picture. One way of getting this information is to employ tiny gnatbots to scout beforehand, and then integrate what they have found into a surveillance map.

Mirage Programs

Mirage programs are a form of digital invisibility. They try to edit the camera pictures to remove certain things like a person moving about. They only work if they can be inserted into the camera software or the surveillance system, which is usually very hard for any police system or above, but given enough time it is quite possible to subvert (say) a building's internal security and move around (nearly) invisible. Mirage programs are somewhat limited, and when somebody really scrutinizes the system they will become apparent.

Hardware

Bug Sweepers

A broadband radio receiver that scans the spectrum trying to detect bug transmissions. Professional detectors help finding where the bug is, simple versions just signal the presence of a bug in the vicinity. [ Gives +2 to find the bug, if it is transmitting] Price: 250 IOU (simple), 500 IOU (professional) Spec

Noise Generators

Noise generators are a classic way of drowning out bugs, but have trouble with the most modern speech recognition bugs (or lipreaders).

Jamming

Jamming devices that send out strong radio signals or electric fields can be useful to disrupt bugs; they go all the way from small handheld devices that can impair signals from a room to military systems that jam almost all frequencies in the whole neighborhood.

The bug jammer is a device that attempts to jam bug transmissions (often with the option of spreading loud noise around itself). The effect depends on the bug and quality of the jammer. Price: 260-400 IOU Spec

The comm jammer a device that produces loud radio noise, disrupting communications in an area. Normal jammers just cover a fairly narrow frequency and will just affect (say) some cellular phones and wearables, but broadband jammers can disrupt many wavelength bands at once. Price: 600 IOU Spec, Ill

Debugged Phones

Debugged phones are cellular phones that have had their codes altered to make wiretapping harder; when the network tries to listen in they get the wrong number. They are somewhat impractical since the altered codes can mess up communications, are local to one cellular network and hard to call (since the caller will also get the wrong number). However, they are ideal for users of wearables on the run, who want a net link but don't want anybody to know where they are.

Quantum Lines

The ultimate form of communications security is quantum lines. They are fiber-optic cables or laser links where entangled photons are exchanged between special optical devices. Using some of the counterintuitive properties of quantum physics they enable unbreakable security ("Not even God can listen in!"), but the bandwidth is rather low (enough to exchange secure keys for other communication). Quantum lines are rare and expensive, used mainly for the truly important channels such as between banks or communications with military spy satelites.

One Time Pad Disk

One-time pad ciphers are mathematically unbreakable; the sender flips bits in the message randomly as determined by a table of random numbers, and the recipient does the same using his copy of the table. As long as the table is never re-used or stolen the cipher is unbreakable. The trouble is of course that both parts have to share the table, which means they have to meet and exchange it (dangerous). A pair of one time pad disks (enough random numbers for several hundred gigabytes of transmission) cost around 10 IOU/pair on the Market, if you trust the producers.

DNA fog

This is a trick invented by Nucleus to circumvent DNA fingerprinting on crime scenes. They developed a spray that contain short nucleotide sequences that completely mess up the PCR analysis. Spray the area throughly with the fast-drying spray, and when the police try to run the evidence through PCR they get junk results. The fog can be circumvented with some cleverness and once the police agencies get wind of it they will change procedures, but used judiciously right now this can save a cell. Price: 10 IOU/can (only available on the Market from Nucleus, although something similar could be cooked by most genehackers when in need)

Emission Shielding

Protects an enclosed area (or a device) from TEMPEST or bug transmissions. Involves covering it with a fine conducting mesh (including windows and doors; the doors are usually organized in the 'airlock' model). Often combined with EMP shielding. Price: Spec

A low budget solution is to use software that displays information in a way that makes it hard to unscramble using TEMPEST; this is often quite enough to protect against amateurs, but modern military grade TEMPEST equipment can see through it. A reversed use is to hide the algorithms in snooper programs, that sends inside information by changing the dithering on the screen to a TEMPEST receiver. Price: 50 IOU

Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations

Privacy beamer

A computer controlled low effect laser beam, about 0.1 W. Scans the environment to see what kind of reflexes that return by seeing changes in colors that are caused by anti-reflex treatment on security camera lenses. The advanced version then boosts the laser wattage to break the lens or blind the camera. Perfect for that quick moment of privacy. Price: basic (just detects cameras): 300, advanced (blinds): 800 Spec, Ill
InfoWar