From: James M. Atkinson Date: Sat Aug 25, 2001 7:18pm Subject: Re: Used Piece Wanted At 1:21 PM -0400 8/25/01, Robert Motzer wrote: >Hi List, > >I'm looking for a used Kaiser 1080-H telephone analyzer. If anyone has a >lead on one please contact me off-list at: 1RCM@M... > >Thanks ... Bob Motzer I am interested in used Micro-tel/MA-Com gear, Watkins Johnson stuff (special pieces), TRW Sigint goodies, Xetron, Condor, Sonoma, and EMI/EMC gear, and so on. I am also interested in purchasing used REI, Dektor, Kaiser, TSA, Cooke, bell, an just about any other hard-core TSCM gear, plus manuals, courseware, and related items. I am most interested in "used and abused", defective, and even broken equipment. -jma -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3573 From: gkeenan Date: Sat Aug 25, 2001 11:47am Subject: Re: Fw: TN/LEO - Misc. Hi Charles, Thanks for the info. I'll pass it on along with the links. Over the weekend I'll have a look at those sites myself. Tell the truth, it's got me kinda curious as well; especially since I'm not a pro in this area. I have heard of this before; bombs being accidentally triggered by a signal from another transmitter -- probably because there was no encryption on the receiver to differentiate between the bomber's transmitter and another tuned to the same freq. But I never really was sure just how things like this worked; only very basically since I spent 20 years in the Navy as a telecommunications specialist (I retired in '83, though, so I imagine things have changed somewhat (hehe)). Thanks again! Jerry ----- Original Message ----- From: "Charles P" To: ; "gkeenan" Sent: Saturday, August 25, 2001 2:38 AM Subject: Re: [TSCM-L] Fw: TN/LEO - Misc. > Hi Gerry, > > > > 3574 From: Steve Uhrig Date: Sat Aug 25, 2001 7:55pm Subject: Radios and explosives? Once upon a midnight dreary, gkeenan pondered, weak and weary: > So my question is how close do you have to get to a bomb with > a Motorola HT 1000 transmitting around 150 MHz before it sets > off? As a state licensed explosives shooter with 10 years' experience there, and 160 hours' formal schooling in electroexplosive devices courtesy of Holex and your tax money, I can discuss this with some degree of authority. The answer is: 2.8 feet. Scratch that. Change it to: "It depends". Some bombs will not be affected by any (reasonable) level of RF. Some bombs will trigger with a small amount of RF on the proper frequency barely above the noise floor. Most devices will fall somewhere between these two extremes. A mechanically triggered device may not be affected at all by RF, unless the RF is loud enough and of a suitable frequency to cook the thing, as if it were in a microwave oven. This is not likely. If a device is set to trigger by RF, all bets are off, as you can not know the level of sophistication the bomber has built into the thing. The crudest thing might be a simple receiver, cheap scanner, walkie talkie or some other piece of junk with a wide open front end. These potentially could be susceptible to low levels of RF at any frequency. More likely, the bomber would have something more sophisticated, at a minimum a pager and more typically something more elaborate. There would be nothing to be gained by discussing this in any more detail here and now. When you see the signs in construction areas about turning off two way radios, that is a basic mandatory requirement which largely is a useless effort. A lot of work has been done determining the susceptibility of squibs to RF at different frequencies, power levels, length of "Seminole" wiring (the bright yellow insulated 22 gauge solid conductor zip cord wiring you see) to the squibs, etc. These charts all assume a professional explosives tech is handling the squibs on the construction site. A professional operation will maintain a short on the "bridge wire" of the squib until the instant of firing, as well as many other safety factors. None of these apply to a bomber who does not care about being in compliance with NFPA (National Fire Protection Ass'n) guidelines, safety, or keeping his license. But in reference to the above, very strong RF levels are needed to fire the squibs. A squib, by the way, is a small explosive charge usually electrically triggered by a bridge wire. A bridge wire is a resistive element which heats, instantaneously, when you apply sufficient voltage and current to it. The squib is a low level initiator, used to trigger a high explosive. High explosives must be inititated in stages, starting with something easy to ignite like a squib, then progressing through several intermediate stages, up to the main charge. You can't just light a fuse coming out of a stick of dynamite like in the cartoons. Low frequencies, like amateur shortwave, at high power levels, like many hundreds of watts, at close ranges, were shown in tests to be a potential danger to commercial blasting operations. Higher frequencies, like VHF and UHF public safety, cell phones, etc. were not threats in any normal installation. What happens is the relatively long leads from the firing point to the electric squib in a commercial installation act as antennas. Even though the squib is shorted, it is shorted at the blasting device control panel. This leaves coincident lengths, which of course will be different with each installation, where the leads are resonant at some or another frequency and could couple significant energy into the squib if RF close to that frequency is present. In the real world, for this to happen would require a combination of conditions so complex as to be almost impossible. It is unlikely one of the demolition team members would be operating a high powered amateur radio transmitter in his car in immediate proximity to the Seminole wiring laid out to the squibs. Even were this to be the case, he would have to be at a frequency coincidentally close to resonant with one of the squib lines. Anymore, displaying signs advising of blasting activity and requesting one to turn off two way radios merely tempts burrheads with CB linears to go key down as they drive by the area. Getting back to the question presented, remember basic physics and basic theory which should be instinctive to anyone involved in TSCM, where field strength decreases exponentially with an increase in distance. The well known "inverse square law" is how many of us count on Scanlocks and CPM-700s and the like to detect low powered devices. Double the distance between a transmitter and a receive antenna, and the field strength drops to 1/4 the strength. Quadruple the distance, and the field strength is down to one sixteenth. This holds true whether you go from one foot away to four feet away, or one hundred feet to four hundred feet away. The reverse is also true. Move in closer (halfway) to an unknown transmitter you are sniffing, and the field strength quadruples. This is how a few milliwatt bug can be found by a Scanlock when a many thousand watt transmitter is a few miles away. At some point when you get close enough, the small bug will be louder than the remote high powered transmitter. Move maybe a few inches away, though, and you might lose the bug and pick up the high powered signal. That is not the purpose of this discussion, though. Just laying some foundation. The points with RF around explosive are: 1)Moving an RF source (two way radio, cell phone) a little further away decreases the strength of RF into the suspect device by a much larger amount. 2)Only the most crude explosive devices would be triggered by simple RF. 3)Low frequencies, very unlikely to be used, are far more of a threat than higher frequencies where public service two way communications operate. This may be a bit of a misnomer, as in an IED (Improvised Explosive Device), leads may be shorter and thus closer to resonance and more effective at picking up RF at higher frequencies. Path loss increases as frequency increases though (this means higher frequencies work in our favor). 4)You must specify a number of exact parameters before you can say whether "X" condition is a danger or not. You would have to know the details of the IED, the frequency of the two way radio, the power output, the antenna efficiency, the precise distance from the transmitter's antenna to the IED, whether anything other than atmosphere is between the transmitter and the IED, and a number of other factors. Most of these are unknown. 5)SOP when dealing with any suspected explosive device is to avoid any RF near the thing. The further away the better, the higher the frequency the better. The chances of your two way radio triggering a bomb are slim. However, the chances are not zero. Therefore, avoid using the radio in the vicinity of any suspected device. Moving away a distance from a suspected device before you use your radio gives you a substantially larger safety margin. The gentleman asking the original question, if he is tasked with writing a response plan where lives may hang on his work, should consult an expert in the subject matter, not clowns like us on various lists. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 3575 From: James M. Atkinson Date: Sun Aug 26, 2001 8:36am Subject: A former US Air Force sergeant could face the death penalty after being charged with spying. US Arrests Satellite 'Spy' http://www.sky.com/skynews/storytemplate/storytoppic/0,,30200-1027518,00.html A former US Air Force sergeant could face the death penalty after being charged with spying. Brian Regan was arrested http://static.sky.com/images/pictures/1038600.jpg as he tried to board a flight to Europe and is accused of passing damaging national defence secrets to unidentified foreigners. Satellite He had been working as a contract worker for the agency that runs spy satellites. It is claimed Regan passed several 'top secret' documents and aerial photographs from CIA reports, newsletters, and a document relating to satellite capabilities of another country to foreign contacts. His home and office have been searched and encrypted messages, addresses and phone numbers of foreign diplomats confiscated. 'Conspired' Kenneth Melson, attorney for Virginia, said Regan "conspired to transmit classified US national defense information to a person or persons he knew was working for a foreign government with the intent to aid that foreign government and to injure the United States." He refused to say which country or countries Regan, 38, was accused of serving. A hearing next Wednesday will decided whether Regan, a married man with four children, be held pending his trial. If convicted he could face a life sentence or even the death penalty. FBI counter-intelligence agent Robert Hanssen was arrested earlier this year and admitted to spying for Moscow over a period of 20 years. He was accused of selling secrets related to satellites, early warning systems, defense systems and communications. Last Modified: 11:23 UK, Saturday August 25, 2001 -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3576 From: James M. Atkinson Date: Sun Aug 26, 2001 8:34am Subject: Spy 'sold top secrets to Libya' Vol XXIV NO. 159 Sunday 26 August 2001 Spy 'sold top secrets to Libya' http://www.gulf-daily-news.com/Articles.asp?Article=4490&Sn=WORL WASHINGTON: Retired US Air Force sergeant Brian P Regan had access to some of the nation's most sensitive defence secrets, and federal prosecutors allege he took elaborate steps to share that information with a foreign government that a federal source identified as Libya. The FBI capped an investigation of Regan, 38, by arresting him at Washington's Dulles International Airport before he could board a flight to Zurich, Switzerland. According to a government affidavit, FBI agents were watching when Regan, went to his job at a National Reconnaissance Office (NRO) facility in Chantilly, Virginia, earlier on Thursday. Regan's last assignment with the Air Force had been at the NRO, the builder and operator of US spy satellites, whose very existence was an official secret until 1992. In July, Regan returned there as a civilian employee of TRW, a government contractor in Fairfax, Virginia, and his security access was reinstated. According to the affidavit: monitoring Regan's office with a video camera, the FBI watched him log on to Intelink, a classified computer system for the US intelligence community. Regan read a secret document on his computer, taking notes in a small notebook, which he put in his front pants pocket. Later in the morning, while Regan was in a meeting, the FBI searched his minivan and found a bag containing encrypted messages and handwritten notes listing addresses and phone numbers for the diplomatic offices of an unidentified country in Switzerland and Austria. Regan had reservations to fly to Zurich via Frankfurt, Germany. The father of four had told colleagues he and his family were going to Disney World, in Florida. At about 5.30pm, FBI agents stopped Regan as he was trying to pass through an airport security checkpoint. FBI Special Agent Steven A Carr questioned him, and Regan denied knowing about cryptanalysis and coding. But the agents then showed photos of documents found earlier in his bag. "This is my stuff," he said, shortly before he was arrested. In addition to the documents, the affidavit said agents found items in Regan's possession including the small notebook that he had been using in his office, three rubber gloves, a hand-held global positioning system device and a piece of paper in his shoe listing names and addresses in a European country. -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3577 From: James M. Atkinson Date: Sun Aug 26, 2001 8:38am Subject: Accused Air Force Spy May Have Been Working for Libya Accused Air Force Spy May Have Been Working for Libya http://www.foxnews.com/story/0,2933,32878,00.html Saturday, August 25, 2001 An artist's rendering of Brian P. Regan appearing before U.S. Magistrate Judge Welton Sewell on Friday in U.S. District Court in Alexandria, Va . http://www.foxnews.com/images/34820/7_21_airforcespy.jpg Federal prosecutors said Friday that retired Air Force Sergeant Brian P. Regan had access to some of the United States' most sensitive defense secrets, and that he shared that information with a foreign government. A federal source identified that government as Libya. The FBI arrested Regan, 38, at Washington's Dulles International Airport Thursday before he could board a flight to Zurich, Switzerland. The bureau had earlier that day watched him go to work at a National Reconnaissance Office facility in Chantilly, Va., earlier Thursday, according to an affidavit released Friday. The NRO - a builder of U.S. spy satellites whose very existence was an official secret until 1992 - was Regan's last assignment with the Air Force. In July, Regan returned there as a civilian employee of TRW, a government contractor in Fairfax, Va., and his security access was reinstated. According to the affidavit, the FBI had been monitoring Regan's office with a video camera and observed him logging on to Intelink, a classified computer system for the U.S. intelligence community. Regan read a secret document on his computer, took notes in a small notebook, and then put the notebook in his front pants pocket. At about 9 a.m Thursday, while Regan was in a meeting, the FBI searched his minivan and found a bag containing encrypted messages and handwritten notes listing addresses and phone numbers for the diplomatic offices of an unidentified country in Switzerland and Austria. Regan had reservations to fly to Zurich via Frankfurt, Germany. A father of four, Reagan had told colleagues he and his family were going to Disney World. At about 5:30 p.m., FBI agents stopped Regan as he was trying to pass through an airport security checkpoint. FBI Special Agent Steven A. Carr questioned him, and Regan denied knowing about cryptanalysis and coding. But the agents then showed photos of documents found earlier in his bag. "This is my stuff," he said, shortly before he was arrested. In addition to the documents, the affidavit said agents found items in Regan's possession including the small notebook that he had been using in his office, three rubber gloves, a hand-held global positioning system device and a piece of paper in his shoe listing names and addresses in a European country. On Friday, Regan had little to say before U.S. Magistrate Judge Welton Sewell in nearby Alexandria, Va. Sporting a goatee and dressed in a striped polo shirt, Regan told the judge in a barely audible voice that he couldn't hire a lawyer. The judge said the court could appoint one. Prosecutors asked that Regan be held without bond on a charge of conspiracy to commit espionage, and a combined detention and preliminary hearing was set for Wednesday. Prosecutors said the maximum sentence on conviction were life in prison or, in certain cases, the death penalty, and a $250,000 fine. Prosecutors would not name the country or countries for which Regan allegedly conspired to spy. But a government source, speaking on condition of anonymity, said one was Libya. The affidavit said Regan was suspected of being the source of a number of classified documents received by an unnamed country. The documents included secret electronic images, a secret CIA intelligence report and a secret document related to a foreign country's satellite capability. It was unclear what interest Libya might have in such material. Private analysts said Libya is chiefly concerned with the military activities of its North African neighbors and U.S. knowledge of Libya's chemical weapons program. A search of Regan's work computer showed that his password had been used to access some of the documents and to access Intelink addresses associated with other documents, authorities said. The affidavit didn't say whether Regan received any compensation for his alleged actions, but did mention he had debts of $53,000 earlier this year. Regan, a native of Brooklyn, N.Y., lives with his wife and children in one of about a half-dozen attached townhouses at the end of a quiet street in suburban Bowie, Md. Regan served in the Air Force from August 1980 until retiring in August 2000 as a master sergeant with a number of military honors. He was trained in cryptanalysis and his responsibilities included administering the Intelink Web site, the affidavit said. The Associated Press contributed to this report -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3578 From: James M. Atkinson Date: Sun Aug 26, 2001 8:37am Subject: Former GI is charged with spying - Codebreaker left Air Force for private contractor Former GI is charged with spying http://www.chicagotribune.com/news/nationworld/chi-0108250166aug25.story?coll=chi%2Dnews%2Dhed Codebreaker left Air Force for private contractor By Naftali Bendavid Washington Bureau Published August 25, 2001 WASHINGTON -- A former U.S. Air Force sergeant was charged Friday with conspiracy to commit espionage, making him the second individual with high-level access to government secrets to be accused of spying this year. Brian Regan, 38, worked at the National Reconnaissance Office, which operates the nation's spy satellites, until last year when he was hired by defense contractor TRW. Regan was arrested Thursday evening at Dulles International Airport outside Washington as he prepared to board a Lufthansa flight to Switzerland. When he was stopped, Regan had a spiral notebook in which officials say he had apparently jotted notes from classified documents. Hidden in his shoe was a piece of paper with names and addresses in Europe, and his carry-on bag contained a handheld "Global Positioning System" device, which officials said can be used to locate specific sites for espionage exchanges. Prosecutors provided only sketchy information about Regan's alleged espionage activities, suggesting that their investigation was continuing. They would not say which countries Regan allegedly spied for, and in court documents they referred only to "Country A" through "Country D." U.S. Atty. Kenneth Melson, the chief prosecutor for Eastern Virginia, spoke briefly to reporters outside the courthouse. "Mr. Regan conspired to transmit classified U.S. national defense information to a person or persons he knew was working for a foreign government, with the intent to aid that foreign government and bring injury to the United States," Melson said, echoing the language of espionage laws. Probe began last fall The arrest came seven weeks after prosecutors reached a plea deal with Robert Hanssen, a longtime agent in the FBI's counterespionage unit who spied for Moscow for 15 years. While two espionage cases in such a short period are an embarrassment for the intelligence community, Regan's alleged activities appear to pale in comparison with Hanssen's. It was last fall that the FBI began investigating Regan, a resident of Bowie, Md., who is married with four children. During his 20-year Air Force career, Regan became an expert in cryptanalysis, or deciphering codes, and he ran a classified Web site called Intelink that was part of a computer network for U.S. intelligence officials. Regan's last posting for the Air Force was at the National Reconnaissance Office, a spy satellite agency whose existence was an official secret until 1992. When he was hired by TRW, Regan was assigned to continue working with the highly secretive office. The FBI focused on Regan after discovering that a batch of classified documents, from secret photographs to CIA papers, had been illegally provided by someone in a sensitive position to an unnamed foreign country. The documents were accompanied by instructions on how to avoid detection by the U.S. government. They also included encrypted messages outlining contact information, including an e-mail address. Suspicious data found The FBI discovered that this e-mail account had been accessed nine times from public libraries in Maryland, investigators said in court papers, and all of those libraries were near Regan's house or on the route between his home and office. FBI agents also searched Regan's computer at the National Reconnaissance Office, allegedly turning up suspicious information. For example, someone using Regan's password had allegedly accessed the same documents that had found their way to the unnamed foreign country. In addition, agents found misspellings on Regan's computer that allegedly coincided with those in the messages that had been sent to the foreign country. When FBI agents began conducting surveillance on Regan, they said in court papers, they began observing mysterious cloak-and-dagger behavior on the part of the former military man. "FBI agents have observed Regan conducting what appear to be surveillance detection runs, that is, conducting multiple U-turns, pulling over to the side of the road, and appearing to be checking to see whether he is under surveillance," the FBI said. The investigation came to a head Thursday, when Regan was allegedly planning to fly to Zurich via Frankfurt, Germany. That day, the FBI conducted surveillance on Regan in his office via closed-circuit TV. They allegedly saw him looking at secret documents on his computer and then jotting notes in a small notebook. Regan allegedly did not tell his employer, TRW, that he planned to leave the country that day, as required by his security clearances. Instead, he told a co-worker he was driving to Orlando to take his family to Disney World, and even scrawled "Orlando, Florida" on a board in his office to indicate where he would be. When Regan arrived at Dulles at 5:30, he was approached by FBI agents while passing through a security checkpoint. In addition to several encrypted messages, Regan was allegedly carrying five blank business envelopes, three rubber gloves and four finger-sleeves, which could be used for clandestine activities. `This is my stuff' When questioned by agent Steven Carr, Regan allegedly denied knowing anything about cryptanalysis and coding. But when he was shown photos of code-related documents that had been seized from his carry-on bag, Regan acknowledged, "This is my stuff." In contrast to Hanssen's 15-year spying spree, which included providing sensitive documents that led to the execution of two double agents, Regan is suspected of turning over a few documents that were mostly available on a Web site, albeit a classified one. Also, while Hanssen received $1.4 million in cash and jewelry, court papers cite no evidence that Regan received any money, though they did note that he had debts of $53,000. Still, more information could emerge on the Regan case. Regan appeared in court in Alexandria, Va., Friday afternoon. Magistrate Judge Welton Sewell told Regan he would receive a court-appointed lawyer and then ordered him held without bond. Copyright C 2001, Chicago Tribune -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3579 From: James M. Atkinson Date: Sun Aug 26, 2001 8:41am Subject: Regan Spy Case Chronology Spy Case Chronology http://www.guardian.co.uk/breakingnews/US/0,3560,1129514,00.html Saturday August 25, 2001 8:10 pm Events leading up to the arrest of retired Air Force master sergeant Brian P. Regan, who was arrested Thursday and charged Friday with conspiring to commit espionage. An FBI affidavit says: 2000: August: Regan retires from the Air Force, gives up his high-level security clearance and his access to Intelink, a classified computer system for the U.S. intelligence community. His last assignment had been at the National Reconnaissance Office, the builder and operator of U.S. spy satellites. October: Regan Goes to work for military contractor TRW Inc., in Fairfax, Va. Fall: U.S. officials learn that a nation - identified as Country A in the affidavit and said to be Libya by a government source - had received classified U.S. national defense documents. They include electronic images taken by satellites, a CIA intelligence report and a secret document related to a foreign country's satellite capability. Country A also received messages with details on how to communicate without being detected by the U.S. government; an offer to provide more classified information; and instructions to send responses to an e-mail address on a free e-mail service. That e-mail account had been set up under the name ``Steven Jacobs'' on Aug. 3, 2000. The account was accessed nine times between August 2000 and January 2001 from computers at public libraries, most of them in Maryland near Regan's home. 2001: April: Investigators search Regan's former office and computer at the NRO in Chantilly, Va. They find that Regan's password was used to access many of the documents received by Country A. A search of electronic records shows that on the same day that Regan accessed a copy of a CIA report, he flew to Iceland and then to countries in Europe. June: FBI agents begin watching Regan. Also this month, Regan uses the Internet at a public library but does not sign off the computer. That allows the agents watching him to find out which Web sites he visited. One site contained the address for the diplomatic office of an unidentified country in Switzerland. On June 21, Regan sends an e-mail from an account in his own name to his wife. The e-mail includes encryption information that is similar to the technique used in encrypted documents received by Country A. Five days later, Regan flies to Munich, Germany. The FBI searches his checked suitcase and finds glue and packing tape. July: Regan is assigned to work at the NRO for his company as a civilian. His security clearance is reinstated. Aug. 23: FBI agents monitoring Regan's NRO office with a video camera watch him log on to Intelink to read a secret document. Reagan takes notes in a small notebook, which he puts in his front pants pocket. At about 9 a.m., while Regan is in a meeting, the FBI searches his minivan. Agents find a bag containing encrypted messages and handwritten notes listing addresses and phone numbers for the diplomatic offices of an unidentified country in Switzerland and Austria. In a suitcase, they find a bottle of Elmer's glue and role of tape. Regan had reservations to fly to Zurich, Switzerland, via Frankfurt, Germany. The father of four tells a co-worker he and his family are driving to Disney World. He writes ``Orlando, Florida'' on a board in his office suite to show where he would be while off. At about 1 p.m., Regan arrives at Dulles International Airport near Washington. He checks his suitcase, which is later taken by the FBI. But Regan is bumped to a later flight. He returns to the NRO for a few hours and later goes back to the airport. At about 5:30 p.m., FBI agents stop Regan as he was trying to pass through an airport security checkpoint. FBI Special Agent Steven A. Carr questions him, and Regan denies knowing about cryptanalysis and coding. The agents then show him photos of documents found earlier in his bag. ``This is my stuff,'' Regan says, shortly before he is arrested. The agents find in Regan's possession: the small notebook that he had been using in his office, three rubber gloves, a hand-held global positioning system device and a piece of paper in his shoe listing names and addresses in a European country. -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3580 From: James M. Atkinson Date: Sun Aug 26, 2001 8:42am Subject: Article from German c't magazine. http://www.heise.de/ct/english/99/04/174/ Article from German c't magazine. English translation by Eva Wolfram. PRICKED EARS by Stefan Krempl, Michael Schmidt, Jürgen Kuri Bugging operations on data lines and computers are a profitable business 'Telekom - die machen das' (Telekom - they do it) has been on TV screens all over Germany. But it's not only German Telekom who do it - in many cases, there are more parties involved in data transmission. Uninvited guests hope for confidential and economically exploitable information when listening in on data lines and computer systems. In the business world, industrial espionage has always been a part of everyday life. And the modern means of communication as well as the booming Internet have also made individual users the targets of snoopers. Although a home user's AOL password or home banking data will be of little interest to industrial spies, simply accessing a company network via Telekom from home can enable competitors to start snooping around. And in industrial espionage, whatever seems imaginable will also be put into practice. What many people may consider to be far-fetched conspiration theories is unfortunately very real in this area. The more important research and development become for a company in a 'knowledge-based' economy, the more will the value of ideas and lab results increase in its competitors' eyes. The increasing importance of know-how correlates with the increasing use of computer technology in industry: Monitors and computers can be found in any office and are interconnected, telephones and fax machines incorporate chips and are controlled through software like all other communications devices. More electronic company devices mean better possibilities for increasingly inconspicuous bugging operations as business technology is bound to have its weaknesses somewhere. There are no exact figures describing the unlawful distortion of competition. 'Industrial espionage is a very dark area', says Michael Dickopf, media spokesman for the German Bundesamt fŸr Sicherheit in der Informationstechnik (federal office for the security in information technology, BSI). Every now and again, we find reports with examples of the damage snoopers do in the media. In 1986, for example, the German Bundesamt fuer Verfassungsschutz (federal office responsible for defending the constitution) is said to have already estimated annual losses of up to DM 20 billion for the German economy (Manfred Fink, Lauschziel Wirtschaft, Abhšrgefahren und -techniken, Vorbeugen und Abwehr, Stuttgart 1996, http://www.fink-consulting.de/lausch.htm). The American Society for Industrial Security's (ASIS) investigation for the U.S. even resulted in a damage of about US$ 515 billions for the year 1996. -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3581 From: James M. Atkinson Date: Sun Aug 26, 2001 8:43am Subject: Espionage -- How France Listens to the Whole World Paris Weekly Details French Electronic 'Espionnage' Abilities EUP20010406000153 Paris Le Nouvel Observateur (Internet Version-WWW) in French 05 Apr 01 [Article by Vincent Jauvert: "Espionage -- How France Listens to the Whole World"] [FBIS Translated Text] It is one of the largest tapping centers in the world. At this secret base protected by watchtowers, police dogs and electrified barbed wire, 13 immense parabolic antennas spy day and night on all the international communications transiting through the satellites they monitor. Where is this base whose photo Le Nouvel Observateur has published here? In the United States? In Russia? No, in the Perigord region, on the Domme plateau, next to Sarlat airport. The site is officially (and modestly) referred to as the "radio center." Here, the French spy service, the DGSE [General Directorate for External Security], monitors hundreds of thousands -- millions? -- of telephone calls, e-mails, files, and faxes on a daily basis. This is the main site for the French Republic's "big ears." It is not the only one. Like the United States and the English- speaking countries with close ties to it, France has over the past ten years set up a global interception network. Le Nouvel Observateur can confirm the existence -- and publish photos -- of three other DGSE "satellite" tapping bases. One -- code- named "Fregate" -- is hidden in the Guyanese forest, at the heart of the Kourou space center. The other, completed in 1998, is attached to the side of the Dziani Dzaha crater on the French island of Mayotte in the Indian Ocean. Both are managed jointly with the BND (Bundesnachrichtendienst), the German secret service. The third center is located in the western suburbs of Paris, on the Orgeval plateau, at Alluets-le-Roi. A total of about 30 antennas "cover" nearly the entire globe, with the exception of the Siberian North and a part of the Pacific. There will soon be other stations. Expanding its "satellite" tapping network is one of the DGSE's "priorities," the rapporteur for the 2001 defense budget, Jean-Michel Boucheron, writes. The French secret service has more resources available every year for this purpose. A new station is being built on the Albion plateau, where nuclear missiles were stored before the silos were dismantled; a fifth is planned for the Tontouta naval air base in New Caledonia. Of course, this network is -- and will remain -- much less powerful and efficient than the US system on which it is modeled, one which has often been discussed in recent months and is commonly referred to as "Echelon." The American NSA [National Security Agency] is 30 times richer than its French counterpart, the technical directorate of the DGSE. The former employs 38,000 people, the latter 1,600. The smaller Frenchelon," as the Americans and their partners call it, is no less of a threat to privacy. Including that of the French. Here is why: When they are transmitted by one of the satellites monitored by the Domme, Kourou, or Mayotte bases, our communications with other countries or the DOM-TOM [French Overseas Dominions and Territories] may be intercepted, copied, and disseminated by the DGSE, without any monitoring commission having any say in the matter. None! A situation that is unique in the West. Every democratic country that has equipped itself with satellite tapping services has set up safeguards -- laws and monitoring bodies -- to protect its citizens from the curiosity of the "big ears." Every one, led by Germany and the United States. But not France. Nonetheless, our country has been spying on communications satellites for 30 years. The SDECE [Foreign Intelligence and Counterintelligence Service] set up its first parabolic antenna at Domme, at the site of a small radio interception center, in 1974. The antenna measured 25 centimeters in diameter and still exists. Another followed soon afterwards. "At the beginning, there were only a few satellites, the Intelsats," explains a veteran of the technical directorate. "We were able to 'suck up' a large portion of international traffic." However, in 1980, as the explosion in global telephony began, more and more satellites were put into orbit: Eutelsat, Molniya, Inmarsat, Panamsat, Arabsat. "We were quickly overwhelmed," recounts a former senior official. "The Domme center found itself under-equipped, ridiculous -- and we at the DGSE were a laughingstock for our American and British colleagues." In 1984, the head of the secret service, Admiral Lacoste, pressed Francois Mitterrand: "We need another interception station." France, he claimed, had an ideal site for this type of operation: the Kourou space center. Ideal? It was located very near the Equator, that is, in the best possible spot for listening in on communications satellites, nearly all of which are geostationary. The base would be located a few kilometers from the Ariane launching pad, meaning that its antennas would not attract attention. And moreover, economic espionage was the French secret service's new priority, and the United States its main target. And the satellites "covering" the United States were in orbit precisely above Guyana. To share the costs and reinforce the Franco-German alliance, Lacoste proposed bringing the BND into the adventure. The joint effort would be all the easier, the admiral explained, because the two services were already working together closely in interception stations in West Berlin and elsewhere in the FRG. The president gave the go-ahead in late 1984. The Rainbow Warrior [Greenpeace ship sunk by the DGSE in New Zealand] scandal, which arose a few months later, delayed the operation. The "Fregate" base would be inaugurated secretly in 1990 by Claude Silberzahn, the new director of the DGSE, and his German counterpart. Silberzahn wanted to go even farther. In his view, to reclaim its place among the major players, the DGSE needed new stations. The Gulf War gave him new arguments. American spies' technical exploits in Iraq were breathtaking. Francois Mitterrand and Prime Minister Michel Rocard were convinced. Silberzahn was authorized to launch a wide-ranging ten-year investment plan. He modernized the Domme center, bought a Cray supercomputer, and had the first parabolic antennas installed at Alluets-le-Roi, at a base previously reserved for the interception of radio waves. Finally, with the BND, he launched the site on Mayotte. This French territory in the Comoros archipelago is also close to the Equator. The tapping center would be located on Petite-Terre, a miniscule island where the Foreign Legion already had a base. From Mayotte, the DGSE's technical directorate could better "cover" Africa, the Middle East, and Asia, the up-and-coming continent. Completing the project would take five years. Sordid stories of cheated-on husbands are said to have slowed down the work. Today, the Republic's "big ears" have, as we have already said, 30 antennas on three continents. These mobile antennas can change direction several times a day, depending on the schedule or objectives of the service. All countries are subject to tapping, even allies. Member countries of the European Union too? "Of course," says the official. "Thanks to these satellites, we can spy on everyone where they live. No crazy plots, no risk of diplomatic incidents. This is why we invested so much." Which satellites are priority targets? "The ones that can provide us with the most political and economic information," says an expert. The Inmarsats, for example. Thanks to these satellites, anyone can telephone or send an e-mail or fax to (almost) anywhere on earth. All it takes is a little suitcase weighing two kilos. At its beginnings in 1982, subscribers to this service were mainly professional sailors and oil companies. Then the customer base expanded to include wealthy yachtsmen. "What a windfall for economic espionage! You cannot imagine the things these businessmen say 'in clear' over their boat telephones," a specialist explains. "They think they are safe in the middle of the ocean. They talk about contracts, projects, discoveries." And that is not all. The Inmarsat company has signed contracts with most major airlines and 650 business aircraft. When a passenger makes a telephone call in flight, it transits via one of these satellites ... to the satisfaction of the "big ears." Inmarsat is also used on the ground, most often in the earth's "hot spots," where telephone equipment is poor. The company has a total of 200,000 subscribers: journalists, diplomats, international civil servants, NGO officials, etc. "No very powerful computer is necessary to spy on this choice clientele," says an expert. "A maximum of 2,000 messages pass through an Inmarsat satellite simultaneously. This is ten to 50 times fewer than for the others." The others are the giants of global telephony: Intelsat, Eutelsat, PanAmSat. Several billion messages from every continent transit via these satellites every day. "It is impossible to ignore them," says an expert, "but difficult to process them as a whole. We have to choose the segments of the beam that interest us." And in particular, to identify the channels leased by the military, diplomats, or companies. Some companies use a new, inexpensive service known as VSAT: This network enables them to keep all their establishments throughout the world connected on a permanent basis. In Domme and Kourou, the DGSE "sucks up" traffic from Intelsat 801, which provides thousands of VSAT links between America and Europe. The big satellites also transmit the Internet. They have become highways -- backbones -- for the Web. Says one specialist, "10 percent of the traffic passes through them. This is not much, but we can intercept this 10 percent: The rest, which transits via optic fiber cables, is something else." Staff at the Mayotte center are impatiently awaiting the new Intelsat 902, which within a few months will be furnishing "backbones" in Africa, in Asia, and part of Russia. It will be positioned at 62 degrees east, just above the French island in the Indian Ocean. Other types of satellites targeted: Regional satellites, which "cover" only a portion of the planet. Like the Arabsats for the Middle East and North Africa. "Ah, the Arabsats!" sighs a former listener." "The information they provided us in the 1980s! On Qadafi during the Chad conflict or on Israel during the invasion of South Lebanon." Finally, there are the national satellites. Some countries are too poor and too large to set up a network of telephone cables throughout their territory. For internal communications, they use satellites: the Raduga in Russia, the Mabuhay in the Philippines, or the Dong Fang Hong in China. But the increase in the number of satellite operators -- there are more than 100 today! -- poses a problem for the DGSE. "Each one codes its beam and does not make the code for deciphering it public," says a former official. Obtaining the key requires all the secret service's resources. "Several methods exist, not all of them 'clean'," the expert continues. "You can negotiate with the operator. You say: 'France will give you part of its international traffic; in exchange, you give us this confidential protocol'." Another technique: "Bribe a company executive or promise him a medal." Yet another: "If you learn that a foreign secret service has this software, trade it for something else." You can also discreetly enter the operator's facility and steal the precious diskette. "The DGSE has a division that is very good at this type of burglary," says the expert. There remains the homemade solution: Discover the code yourself. "But that can take a long time. In the meantime, you miss a lot of things." For several months, one satellite has been a particular thorn in the side of French secret service engineers. It is Thuraya, launched last October by an Abu Dhabi company that offered its subscribers total coverage of mobile telephony in the Arab world. Its service will be operational in April. Its customers: senior Syrian officials, Libyan businessmen, Egyptian military officers. So many targets for the DGSE. "There is a catch," says the expert. "The Emirates are financing the operation, but Hughes, the American aerospace giant, is managing the system. And as concerns codes for the beam, Hughes knows a whole range of them. We have not yet found a solution." With greater or lesser difficulty, dozens of beams are thus sucked up every day by the DGSE's parabolic antennas. What happens afterwards? In cellars at the bases of these antennas, technicians and operators with "defense secrecy" clearance work in air- conditioned computer rooms. Grouped into day and night teams, some 200 work at Domme and Alluets-le-Roi, 40 or so at Mayotte and Kourou. The technicians scurry around in front of electronic control panels. They control the powerful equipment (amplifiers, demodulators, analyzers, decoders) that transforms satellite beams into faxes, e-mail, files, or voice messages. Their primary concern: deciphering encrypted communications, which is becoming more and more difficult. The operators, meanwhile, are seated in front of computer consoles. They check the automatic sorting of traffic. Only a few thousand intercepted messages reach secret service HQ on Boulevard Mortier in Paris each day. They are sent by optical fibers or protected radio links. The rest, the great majority, are thrown into an electronic trashcan. Selection is conducted on the basis of a dictionary of addresses and key words. "Addresses?" These are telephone numbers and e-mail addresses that the DGSE monitors constantly. Those of embassies, ministries, international organizations, NGOs, multinational companies -- the computer of the "big ears" holds several thousand from all over the world. When one of these addresses appears in the beam of a satellite being spied on, the communication is automatically recorded and sent to Paris. This type of surveillance has a name in tapping jargon: "routine." Key words? Another method of filtering flows of data. "A key word can be a proper name, a nickname, a chemical formula, a slang term, or an acronym," an expert explains. "We enter them into a file and wait." When one of these words appears, the computer goes into reverse and records the communication from the beginning. At the DGSE, this practice is known as "standby" or "trawling." "For e-mails, this computer sorting is very efficient," says another specialist. He adds: "Given the computers' capacities, we can in this way filter several million electronic messages a minute. A good search engine is all it takes. We need simply adapt it to our needs." It seems highly like that the DGSE uses the search tool developed by Lexiquest, a French company. When it comes to faxes, the sorting process is less efficient. Experts estimate the success rate at no more than 60 percent. Why so many failures? Because the computer does not "read" the fax directly. It must first be converted into bits by a character recognition program. If this phase is disrupted by transfer problems or illegible handwriting, the retranscribed fax will not make sense. It is lost to the "big ears." Despite these difficulties, the DGSE has always been one of the best spy services as concerns automatic processing of faxes -- hence its success in economic espionage. The situation is entirely different as regards speech. The DGSE has not developed techniques as effective as those of the NSA or Israel's Mossad. One expert confides, "Contrary to popular belief, it is very difficult to teach a computer to catch key words spoken during a telephone conversation 'on the fly'." Explanation: "Some people speak quickly, others slowly, some stammer, others have an accent. Result: The failure rate is very high." The French service is studying another sorting method that the Americans and Israelis have already developed: automatic transcription. The computer transcribes the entire telephone conversation, then a search engine finds the key words in the file that has thus been constituted. "Strange as it may seem, it is simpler to proceed like this." The Defense Ministry has just asked the best French speech processing laboratory, the Limsi in Orsay, to develop software for this purpose. After sorting comes listening. At the DGSE, several hundred people -- 300, 500? -- spend their days wearing headphones. "Keeping in mind that a good professional can process 50 to 100 conversations a day, you do the math!" says a veteran. The total is more than 15,000 a day or at least 5 million a year. Is the game worth the candle? This mass of information -- these millions of intercepted conversations, e-mails, or faxes -- is it really useful? The unanimous opinion is that "pearls," bits of secret information worthy of being transmitted to levels as high as that of the president of the Republic, are very rare. "A few dozen in the space of 20 years," says the former senior official. "And even then..." There were the cases, already cited, of Qadafi and Israel in the 1980s. Later, instructions for voting in the UN Security Council were intercepted. Recently, recordings of senior Serbian dignitaries have been transmitted to the Elysee [president's residence]. In fact, the real "gems" have other clients: several large French industrial groups. For two decades, the DGSE has been working in symbiosis with some 15 private or public firms. Between spies and bosses, it is a matter of give and take. The former provide economic and technological intelligence (the DGSE's specialized research service employs about 50 people). The latter furnish cover stories for agents on missions abroad. Former DGSE staffers who have been recruited by the firms involved serve as liaisons. At their former employer's HQ on Boulevard Mortier, they regularly take delivery of copies of faxes, e-mails, or draft contracts intercepted by tapping stations. The yield is sometimes excellent. "We often receive thanks from bosses," says the senior official. In 1998, the "big ears" enabled the French industrialists concerned to follow developments in a set of crucial negotiations on the merger -- which fell through in the end -- of German aerospace manufacturer Dasa and its British counterpart, British Aerospace. But there are not just "pearls," far from it. There is the rest of the work, the everyday routine, these thousands of reports of interceptions, "raw" reports as they are referred to at the DGSE, which pile up in the analysis department and are not always read. "For one good piece of information, there is so much useless bla-bla," says a secret service manager. "I wonder if all this is worth it." Many would prefer to see the DGSE invest in human intelligence services rather than technical systems. "With the fortunes we spend every year, we could set up so many agents abroad. After all, that is our real job." Threat to privacy? Without a doubt. Some of the millions of communications tapped could be yours. The risk is even higher if you call a region with few cable connections, like Africa, Russia, or the DOM-TOMs. Nothing prohibits the DGSE from intercepting your conversations or e-mails if they are transmitted by satellite. Worse, this type of espionage is implicitly authorized by a 1991 law establishing the Commission on Monitoring of Wiretaps. Article 20 of this law indeed stipulates that it is not within the powers of this new commission to monitor "measures taken by the public authorities to (...) monitor (...) transmissions via hertzian channels [Le Nouvel Observateur editor's note: That is, via the airwaves]." In other words, the body may monitor everything except "satellite" taps. "This exception was demanded by the highest state authorities," confides a former advisor to then Defense Minister Pierre Joxe. "Why? You may remember that at that time, the DGSE was launching a wide-ranging plan to modernize its 'big ears.' Compromising it was out of the question." A former Elysee staffer: "We wanted to give the secret service a free hand, not enclose it in a quota of authorized taps." The members of parliament could not make head nor tail of it. They should have been more curious. They would have learned that many democratic countries had already rigorously regulated the activities of their "big ears." In Germany, eight independent experts appointed by the parliament have monitored the BND's wiretapping activities since 1968; they constitute the "G10" commission. They have considerable power. They can interrogate all employees of the BND and view the entire tap production process. "The objective: to protect Germans' privacy," according to Professor Claus Arndt, who served on this commission from 1968 to 1999. When, during random sorting, the name of a German citizen or company appears, the BND must erase it, barring the express consent of the commission. "By the same token," says Professor Arndt, "the secret service must submit the entire list of key words it intends to use. It is not allowed to include the name of a German." By next June, a law should allow super-inspectors to visit any of the German secret service's sites, including the Kourou station. If France refuses to allow this, the president of the commission could call for the BND's withdrawal from the Guyanese base. In Australia, the "big ears" are under the surveillance of an inspector general designated by the government. He has the power to verify that the DSD, the espionage service, applies highly restrictive laws. For example, any information about an Australian collected by tapping stations must be destroyed. A destruction report must even be submitted to the inspector general. In Canada, a commissioner designated by the parliament is responsible for this task of monitoring. Each year, he drafts a public report. In the United States, the NSA's activities are monitored by an inspector general and the US attorney general. When will France follow suit? In recent months, members of Parliament have taken an interest in "big ears" ... belonging to the Americans. The Defense Commission recently issued a spiteful report about "Echelon" and the NSA (footnote: On the subject of Echelon, see "Global Electronic Surveillance," by Duncan Campbell, Allia Publishing). It is time for it also to study the practices of the DGSE and propose ways of monitoring them. This is an opportune time. A revolution in "tapping" is on the way. The secret service is planning to invest massively in interception of undersea cables. Before plunging into this adventure, could it not be subjected to a few democratic rules? [Description of Source: Paris Le Nouvel Observateur (Internet Version-WWW) in French -- left-of-center weekly magazine featuring domestic and international political news] -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3582 From: Marcelrf-iDEN Mobile Date: Sat Aug 25, 2001 8:37pm Subject: MAFIA Uses Nextel Phones- "Sammy The Bull" on Nextel- "How Business Gets Done Mafia Style" Bada-Bing Bada-Boom! CALEA At Work........ MAFIA Uses Nextel Phones- "Sammy The Bull" on Nextel- "How Business Gets Done Mafia Style" August 17, 2001 -- In the goofy world of the modern-day Mafia, a flexed biceps is worth a thousand words. Court documents unsealed yesterday reveal that Salvatore "Sammy Bull" Gravano - who pleaded guilty in May to running an Arizona "ecstasy" syndicate - has adopted nonverbal communication skills to keep his underlings in line. Brooklyn federal prosecutor Linda Lacewell wrote in a presentencing letter that after Gravano and his drug-ring lieutenant, Michael Papa, were busted on Arizona state charges of peddling millions of the mind-bending pills, they ran into each other in the hallway of a courthouse. "Papa saw Gravano in the [court] hallway," Lacewell wrote. "Gravano flexed his arm [indicating that Papa should 'be strong'] and winked at Papa." Later, abandoning nuance, Gravano allegedly had someone call Papa with a more direct message. Last April, prosecutors charge, Papa received a phone call "warning him that if he spoke [to authorities] about Gravano, the caller would 'chop [his] head off.'" Gravano's entreaties fell on deaf ears - Papa became a cooperating witness, anyway. It brought to an end a unique mob mentoring program born in the arid desert plains of Phoenix. During the formation of what Gravano called his "Arizona Mafia," the pugnacious Gambino hit man "schooled his underlings as to how to evade detection by law enforcement," Lacewell wrote. "For example, Gravano told the younger members not to carry drugs and large amounts of cash at the same time (in case of an encounter with law-enforcement officers) and not to conduct drug transactions in the same place (in case of surveillance)," according to the presentencing letter. But bad information will hamper even the best mob mentoring program."Gravano handed out Nextel brand cellular phones and told his underlings, incorrectly, that these telephones could not be wiretapped," Lacewell wrote. -- "NEXTEL1 IT'S NOT JUST NEXTEL" Subscribe to Nextel1: http://www.onelist.com/subscribe/NEXTEL1 "NEXTEL2 FOR iDEN SOFTWARE DEVELOPERS" Subscribe to Nextel2: http://www.onelist.com/subscribe/NEXTEL2 3583 From: DrPepper Date: Sun Aug 26, 2001 9:27am Subject: Re: Espionage -- How France Listens to the Whole World This is an interesting article. My question is, , , Why would anyone think that the French government would have any restrictions against listening to it citizens? They are, after all , , , A SOCIALIST Government. A perfect example of what can happen when the people choose safety and protection over freedom. Actually, they have neither one. -- Dr Pepper aka WB6GKI in the High Desert of California. Check out my LIVE Hamshack Cam at: http://www1.iwvisp.com/DrPepper/ham/ham.htm ============================================= "James M. Atkinson" wrote: > Paris Weekly Details French Electronic 'Espionnage' Abilities > > EUP20010406000153 Paris Le Nouvel Observateur (Internet Version-WWW) > in French 05 Apr 01 > > [Article by Vincent Jauvert: "Espionage -- How France Listens to the > ------------ major snippy de deee ------------------------------ > > DOM-TOM [French Overseas Dominions and Territories] may be > intercepted, copied, and disseminated by the DGSE, without any > monitoring commission having any say in the matter. None! A > situation that is unique in the West. > > Every democratic country that has equipped itself with satellite > tapping services has set up safeguards -- laws and monitoring > bodies -- to protect its citizens from the curiosity of the "big > ears." Every one, led by Germany and the United States. But not > France. > [Non-text portions of this message have been removed] 3584 From: Aimee Farr Date: Sun Aug 26, 2001 1:03pm Subject: RE: Espionage -- How France Listens to the Whole World Which reminds me.... "This transmission is confidential and intended for the named recipient. If made for the purpose of obtaining legal advice or preparing for legal proceedings, legal privilege will be claimed. If you are not the named recipient, any review, dissemination, distribution or copying of this communication is prohibited. If you received this transmission in error, please contact me immediately for instructions." I've been trying to track down the lawyer that came up with that crap, and arrest him as part of a spy plot for the longest. Leave it to lawyers to come up with, and propagate boilerplate confidentiality disclaimers so as to CYA while increasing the chances of interception and snooping. Moral: When a lawyer sees a problem, rather than fix it, we throw words at it. *shakes head* ~Aimee 3585 From: Steve Uhrig Date: Sun Aug 26, 2001 3:10pm Subject: Email and fax disclaimers > If you are not the named recipient, any review, dissemination, > distribution or copying of this communication is prohibited. > If you received this transmission in error, please contact me > immediately for instructions." The people who add these nonsense disclaimers to their emails and faxes have overblown egos. Such prattle is a waste of bandwidth, useless and worthless. Anyone appending this kind of garbage to their emails (especially) and faxes, permanently brands themselves in my mind as someone who thinks what they have to say is a lot more important than anyone else would think it was. Yeah. You sent this email on the web. I read it by mistake. I will instantly delete it, send you a certified letter saying I accidentally read it, cancel all my appointments and wait for your instructions on what to do, agree to make a series of appointments with a psychologist and take a series of hypnotic drugs to purge any memory of your secret squirrel critically important message from my mind, and hire a lawyer to defend me from the mayhem that certainly will come my way as a result of the legal action you will take against me because I profited from accidentally reading your misdirected fax or email. Yeah. We all know your communications are life and death critical, and nations can topple if they would fall into the wrong hands. You are important. Your communications are so vital you have to waste bandwidth and my time and storage with all these warnings and disclaimers. Get real. Sign your name, use an accepted email signature, and leave it at that. Forget all this crap you copied from someone who copied it from someone else who copied it from yet another someone else, and which none of you understand, but makes you feel warm and wet. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 3586 From: sebastien rittner Date: Sun Aug 26, 2001 4:08pm Subject: RE: Espionage -- How France Listens to the Whole World >How France Listens to the Whole World Does anyone can honestly tell me he believes, in a good faith, the NSA or other US agency does not use its power against its own civilians sometimes? If you THINK no, you've got to open your eyes. If you only SAY no, you've got to look at yourself in the mirror and watch your body language. Let's be honest... ===== email : sebastien@t... web : www.tscm-technician.net voicemail : (510)-496-2740 x2159 __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ 3587 From: Aimee Farr Date: Sun Aug 26, 2001 5:35pm Subject: RE: Email and fax disclaimers > Forget all this crap you copied from someone who copied it > from someone else who copied it from yet another someone else, > and which none of you understand, but makes you feel warm and > wet. Hold on a minute... that's the practice of law. Riddle: What's above a confidentiality email disclaimer on a PI mailing list? ~Aimee Mors et vita in manibus lingue. 3588 From: Steve Uhrig Date: Sun Aug 26, 2001 6:54pm Subject: RE: Email and fax disclaimers On Sunday 26 Aug 2001, the heroic and fearless Aimee Farr took time off from slaying several thousand ferocious Mongolian tribesmen employed as opposing counsel to post : > > Forget all this crap you copied from someone who copied it from > > someone else who copied it from yet another someone else, and > > which none of you understand, but makes you feel warm and wet. > Riddle: What's above a confidentiality email disclaimer on a PI > mailing list? Answer #1: A quote of all the last month's messages in one long 500K digest, ending with my verbiage on confidentiality disclaimers, also including all the headers, list footers, list ads and other garbage, with the sender of the message adding "me too". Answer #2: Same as above, except with the sender mailing to the list "unsubscribe". Steve 3589 From: Aimee Farr Date: Sun Aug 26, 2001 11:25pm Subject: RE: RE: Email and fax disclaimers > > Riddle: What's above a confidentiality email disclaimer on a PI > > mailing list? Steve wrote: > Answer #1: > > A quote of all the last month's messages in one long 500K > digest, ending with my verbiage on confidentiality disclaimers, > also including all the headers, list footers, list ads and other > garbage, with the sender of the message adding "me too". > > Answer #2: > > Same as above, except with the sender mailing to the list > "unsubscribe". Good answers, Steve. :-D ANSWER: _Something that used to be confidential_. ~Aimee 3590 From: James M. Atkinson Date: Mon Aug 27, 2001 10:04am Subject: Justice Department slams probe of Lee Justice Department slams probe of Lee 'A paradigm of how not to manage an important ... case,' report says By Dan Eggen THE WASHINGTON POST WASHINGTON, Aug. 27 - The FBI's investigation of Wen Ho Lee was more seriously bungled than officials have previously disclosed, with inept agents making amateurish mistakes and ignoring orders to consider other suspects, according to an unreleased portion of a classified Justice Department report. Originally charged with 59 felony counts, Wen Ho Lee pleaded guilty in September to one felony charge of mishandling classified information. THE 166-PAGE CHAPTER, part of a larger report on the Lee probe, outlines a succession of blunders, misjudgments and faulty assumptions by the FBI that contributed to the government's shoddy investigation of the former Los Alamos National Laboratory scientist. Lee was suspected of giving nuclear secrets to China. Inattentive FBI supervisors in Washington compounded the problem by failing to correct the mistakes or to keep the investigation on track. The chapter says FBI Director Louis J. Freeh was not kept informed of the case's shortcomings, including problems with the investigation in New Mexico and disagreement among government experts over the seriousness of the suspected security loss. "This investigation was a paradigm of how not to manage and work an important counterintelligence case," says the report, written by federal prosecutor Randy I. Bellows. If Lee was a spy, Bellows concludes, the FBI let him get away. If he was not, the bureau blew repeated opportunities to consider other options - including the possibility that nuclear weapons secrets were not obtained by the Chinese in the first place. Originally charged with 59 felony counts, Lee pleaded guilty in September to one felony charge of mishandling classified information after the government's case against him fell apart. He was not charged with espionage and has repeatedly denied giving information to China. Two other chapters of the exhaustive Bellows inquiry were released by the government earlier this month. They faulted the FBI and the Energy Department for their "slapdash" investigation. But the latest chapter, obtained by The Washington Post with some sensitive information blacked out, underscores how investigators botched the case. Among its revelations: Investigators in the FBI's Albuquerque office ignored an order from top FBI officials in December 1997 to open inquiries into suspects other than Lee and his wife, Sylvia. Those inquiries were not begun until 15 months later, after Lee had been fired. The photocopying of the outside of Lee's mail, known as a "mail cover" operation, was allowed to lapse for three months in 1997 because investigators failed to file a routine renewal application. Most of the supervisors and agents on the case didn't bother to read or question a flawed 1995 Energy Department report that Bellows called a "virtual indictment" of Lee. That report was the basis for opening a full FBI investigation. When the new head of Albuquerque's FBI office finally read the report in December 1998, he described it as a "piece of junk" that called into question the entire probe. The agent in charge of the case for its first three years, from 1994 to 1997, did not see the document obtained by the CIA that detailed what the Chinese knew about the W-88 nuclear warhead, the weapon that Lee was suspected of compromising. For years, the Lee probe was handled by solo agents who also investigated robberies and other duties, and it was frequently ranked as the lowest intelligence priority in the Albuquerque office. Top Washington officials also were unaware that when two rookie agents were sent to Albuquerque to bolster the Lee case in November 1996, they were assigned to other cases. Several agents assigned to the probe were unqualified for the task, Bellows found. One supervisor said that working with the first agent was "like pushing a cart with a dead donkey." Another supervisor called the second agent on the case a "reject." Taken together, FBI Assistant Director Neil Gallagher told the Bellows team, the first two agents to head the probe added up to "a third of an agent." STRING OF FBI EMBARRASSMENTS The report by Bellows, an assistant U.S. attorney in Alexandria, is the government's official account of the botched probe that led to Lee's nine-month incarceration. The prosecution of the former Los Alamos scientist spawned congressional hearings, civil lawsuits and a strong rebuke from the judge in the case, who said the treatment of Lee "had embarrassed this entire nation." Bellows's assessment is another in an extraordinary string of embarrassments for the FBI this year, including the compromise of national security secrets by spy Robert P. Hanssen; the FBI's failure to turn over thousands of pages of documents to defense attorneys in the Oklahoma City bombing case; and the loss of weapons and laptops computers by FBI agents. At least six reviews of FBI conduct are underway. FBI officials said the Bellows report, which was delivered to former attorney general Janet Reno in May 2000, has formed the foundation for wide-ranging reforms in the way the FBI and other U.S. intelligence agencies deal with national security investigations. FBI spokesman John Collingwood also said the bureau deserves criticism for its early mistakes in the Lee case. "Clearly, when the institution turned its full attention to the case [in 1999] as it should have from day one, the resources and expertise were in abundance," Collingwood said. "We should have done that earlier on." Lee's attorney did not return a telephone message left for him Friday. Bellows, who has not commented publicly on his report, could not be reached for comment. For 41 2 years, Bellows wrote, the case "proceeded at a pace that can only be described as languid, if not torpid," and "suffered from neglect, faulty judgment, bad personnel choices, inept investigation and the inadequate supervision of that inept investigation." The chapter, which serves as the report's overview of the FBI's role in the Lee case, also confirms and expands on many previously publicized missteps. These include the failure to examine Lee's computer use despite waivers allowing the FBI and the Energy Department to do so; the diversion of agents from the case; and the failure to monitor two trips that Lee made to Taiwan in 1998. Lee, a U.S. citizen born in Taiwan, was charged in December 1999 with 59 felony counts of mishandling classified information and violating the Atomic Energy Act, which could have brought a life sentence on conviction. After pleading guilty to the charge of mishandling classified information, he was sentenced to the time he had already served. Lee ultimately acknowledged copying classified nuclear data onto portable computer tapes and removing them from Los Alamos. Despite an intensive debriefing by the FBI under the terms of his plea agreement, the tapes have never been found. Lee has not publicly explained why he made them or what became of them. Lee is pursuing a civil lawsuit against the FBI and the departments of Energy and Justice for violating his privacy by leaking his name as a suspect. He is also sparring with the government to obtain clearances for the release of his memoirs. NO CRIME MAY HAVE OCCURRED Because the 800-page Bellows report was completed in May 2000, when Lee was in jail, it focuses largely on ways in which investigators failed to be aggressive enough in pursuit of the case. Nonetheless, Bellows also faults the FBI and the Energy Department for focusing exclusively on Lee and ignoring the possibility that the alleged crime - providing nuclear weapons secrets to China - may never have occurred. The FBI is not the only target of the critique. Another chapter of the report, also obtained by The Post, faults the Justice Department's Office of Intelligence Policy and Review for not granting the FBI a warrant to secretly monitor Lee's computer - although it says in hindsight that the bureau misstated facts underlying the request. Bellows also devotes chapters, including those already released, to criticism of the Energy Department for being too quick to focus on Lee and his wife as espionage suspects. The 1995 Energy report that prompted the FBI investigation, Bellows wrote, included "misleading representations" that further sharpened the focus on the Lees to the exclusion of others. But much of the most withering criticism is aimed at the FBI, which conducted an inquiry of Lee from April 1994 to November 1995 and launched a full-blown investigation in May 1996. For the next three years, Bellows concludes, the probe faltered and was often dormant because of the incompetence of the agents assigned to it. For extended periods, Bellows found, the investigation essentially ground to a halt. An agent said he did nothing on the probe for several weeks because he was working on other crime cases. In another instance, the investigation stalled for four months in late 1997 while the Albuquerque office awaited instructions from FBI headquarters. Yet when the investigative plan finally arrived that December from Washington, "they largely ignored it," Bellows found. One of the items was a mandatory directive to open preliminary inquiries on other suspects, which did not happen until March 1999. These and other blunders went largely unnoticed by Freeh, Bellows found. The FBI director was not briefed on the investigation until more than a year after it began, and important decisions - such as a 1996 memo requesting mail cover authority - were made by subordinates. As a result, Bellows concludes, "the Attorney General received a written briefing on the FBI's Wen Ho Lee investigation before the Director did." After June 1997, Freeh got regular updates on the case but was not informed that the Albuquerque office was, in the words of an FBI official, "screwing up and sitting on a time bomb." "By the time Director Freeh was finally briefed on the case, it was in trouble and the prognosis for the case seemed grim," Bellows wrote. "So much had already gone wrong." © 2001 The Washington Post Company -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3591 From: Aimee Farr Date: Mon Aug 27, 2001 11:45am Subject: Scarfo CIPA motion http://www.epic.org/crypto/scarfo/gov_cipa_motion.pdf FBI Invokes Classified Information Procedures Act in Computer Intrusion Case ~Aimee 3592 From: Aimee Farr Date: Mon Aug 27, 2001 0:05pm Subject: Private facial scanning databases Scottish bookstore scanning for "known shoplifters" The idea of private databases of "known agents" strikes me as uncool, and not altogether fantastical considering the lack of oversight past point-of-sale among biometric vendors. What casinos have put together gives one pause for thought. (Probably looks like a Pokemon card trading ring.) I would go bitch on the biometric guvvie list, but I think my talk of surreptitious biometrics "for the 4th Amendment" [*snicker*] might have me kicked off without explanation. If so, somebody in here was sure right about that kind of talk. ~Aimee 3593 From: Date: Mon Aug 27, 2001 2:28pm Subject: Reporter's Phone Records Subpoenaed Reporter's Phone Records Subpoenaed By PETE YOST .c The Associated Press WASHINGTON (AP) - The Justice Department obtained by subpoena the home telephone records of an Associated Press reporter for a period in which he wrote about the investigation of Sen. Robert Torricelli, the U.S. attorney's office in Manhattan has disclosed. In an Aug. 20 letter, the office of U.S. Attorney Mary Jo White said the government subpoenaed telephone records of John Solomon for incoming and outgoing calls at the reporter's home from May 2 to May 7. White was appointed last spring to oversee the Torricelli investigation. Justice Department spokeswoman Susan Dryden declined to comment on the matter Monday. On May 4, an AP story under Solomon's byline quoted unidentified law enforcement officials as saying Torricelli had been recorded on a wiretap in 1996 discussing fund-raising with relatives of a prominent Chicago crime figure. Law enforcement officials can face criminal penalties for disclosing information obtained under federal wiretaps. The unidentified officials told the AP that the intercepted call received new scrutiny two years later when allegations surfaced of thousands of dollars in illegal straw donations to Torricelli's campaign. According to the AP story, the law enforcement officials said several people have been questioned about the intercept and whether Torricelli or his staff ever encouraged them to disguise donations. ``We are outraged by what the Justice Department has done and we will seek any available legal redress,'' said AP President and CEO Louis D. Boccardi. ``Their actions fly in the face of long-standing policy that recognizes what a serious step it is to go after a reporter's phone records. We hope that this secret assault on the press is not an indication of the Bush administration's attitude toward a press free of government interference,'' Boccardi said. First Amendment lawyer Floyd Abrams said a Justice Department subpoena of a journalist's telephone records was extremely rare. ``I cannot say that every time the government seeks to obtain telephone records of journalists it necessarily violates the First Amendment, but there's no doubt that the decision of the government to go so far as to obtain these telephone records raises constitutional questions of a high order of delicacy,'' Abrams said. Deputy Attorney General Larry Thompson approved the subpoena for the reporter's records, according to the letter mailed to Solomon. Attorney General John Ashcroft disqualified himself from the matter. Torricelli campaigned last year for Ashcroft's Democratic opponent in the U.S. Senate race in Missouri. Ashcroft lost to Jean Carnahan, who stepped in after her husband was killed in a plane crash. ``I think the Ashcroft Justice Department is sending a bad signal,'' said Gregg Leslie, legal defense director of the Reporters Committee for Freedom of the Press. ``They are reopening avenues of investigation concerning journalists that we had hoped had been resolved.'' Leslie said that once the Justice Department determined it would subpoena the reporter's phone records, the agency could have given advance notification, providing the news media an opportunity to contest the matter. ``The idea here is that none of this is the typical kind of criminal evidence that can be destroyed, so why not give the news media a chance to challenge it?'' asked Leslie. The Code of Federal Regulations says negotiations are necessary prior to subpoenaing telephone records of a member of the news media if ``such negotiations would not pose a substantial threat to the integrity of the investigation.'' AP-NY-08-27-01 1924EDT 3594 From: A.Lizard Date: Mon Aug 27, 2001 5:29pm Subject: RE: RE: Email and fax disclaimers At 10:23 AM 8/27/01 +0000, you wrote: >Message: 15 > Date: Sun, 26 Aug 2001 23:25:33 -0500 > From: "Aimee Farr" >Subject: RE: RE: Email and fax disclaimers > > > > > Riddle: What's above a confidentiality email disclaimer on a PI > > > mailing list? > >Steve wrote: > > > Answer #1: > > > > A quote of all the last month's messages in one long 500K > > digest, ending with my verbiage on confidentiality disclaimers, > > also including all the headers, list footers, list ads and other > > garbage, with the sender of the message adding "me too". > > > > Answer #2: > > > > Same as above, except with the sender mailing to the list > > "unsubscribe". > >Good answers, Steve. :-D > >ANSWER: _Something that used to be confidential_. > > >~Aimee If it's *really* confidential, the sender has no business posting it to a mailing list. If it *really* needs to be secure, anyone who doesn't encrypt via PGP or hushmail or (is there a decent one-time-pad program out there?) is an idiot. A.Lizard ************************************************************************ Personal Web site http://www.ecis.com/~alizard Disaster prep info: http://www.ecis.com/~alizard/y2k.html Littleton Killings: http://www.ecis.com/~alizard/littleto.html backup address (if ALL else fails) alizard@o... IF YOU USE PGP, UPGRADE NOW! A major bug has been discovered in PGP, the new version with the bug fixed is available NOW. PGP 6.5.8 key available by request,keyserver,or on my Web site For e-mail privacy, download PGP from http://www.pgpi.org PGPfone v1.02 and v2.1 available for secure voice conferencing, get your own (W9x,NT,Mac) at http://www.pgpi.org/products/nai/pgpfone/ ************************************************************************ 3595 From: James M. Atkinson Date: Mon Aug 27, 2001 8:42pm Subject: FBI Affidavit - Alleged NRO spy [So where at the other two spies at the TRW facility?] United States District Court Eastern District of Virginia CRIMINAL COMPLAINT UNITED STATES OF AMERICA v. Brian P. Regan I, the undersigned complainant being duly sworn state the following is true and correct to the best of my knowledge and belief. From in or about fall 2000 through August 23, 2001, in Chantilly, Virginia, and elsewhere, in the Eastern District of Virginia defendant(s) did, unlawfully and knowingly conspire to commit espionage, that is, with intent and reason to believe that they were to be used to the injury of the United States and to the advantage of a foreign nation, communicate, deliver, and transmit to a foreign government and to a representative and agent thereof, directly and indirectly, documents and information relating to the national defense, in violation of Title 18 United States Code, Section(s) 794(c). I further state that I am a(n) Special Agent and that this complaint is based on the following facts: See Attached Affidavit Continued on the attached sheet and made a part hereof: Yes Signature of Complainant: Steven A. Carr Special Agent Federal Bureau of investigation at Alexandria, Virginia AUSA Robert A. Spencer Sworn to before me and subscribed in my presence, Date_______________ Name & Title of Judicial Officer_________________ Signature of Judicial Officer_______________ --------------------------------------------------------------------- AFFIDAVIT IN SUPPORT OF CRIMINAL COMPLAINT AND SEARCH WARRANT I, Steven A. Carr, being duly sworn, hereby state: 1. I am a Special Agent of the Federal Bureau of Investigation (FBI) and have been so employed for six years. I am currently assigned to the Washington Field Office to a squad responsible for foreign counterintelligence matters; I have worked in this field for six years. As a result of my involvement in counterintelligence investigations, and foreign counterintelligence training I have received, I am familiar with the tactics, methods, and techniques of foreign intelligence services and their agents. 2. As more fully described below, I respectfully submit that Brian P. Regan violated 18 U.S.C. § 794(c) in that he conspired to commit espionage by transmitting classified U.S. national defense information to a person he believed was an agent of a foreign government. Regan, with reason to believe that they were to be used to the injury of the United States and the advantage of a foreign nation, knowingly and unlawfully conspired to communicate, transmit, and deliver to a foreign government documents and information relating to the national defense of the United States, and did commit an overt act in furtherance thereof in the Eastern District of Virginia. 3. Information in this affidavit is based on my personal knowledge and on information provided to me by other counterintelligence investigators and law enforcement officers during this investigation. This affidavit relies on information provided by agencies of the United States Intelligence Community, which have cooperated with this investigation. This affidavit is not intended to be an exhaustive summary of the investigation against Regan, but is for the purpose of setting out probable cause in support of: a. A complaint charging Brian P. Regan with a violation of Title 18, United States Code, Section 794(c)(conspiracy to commit espionage); and b. A search warrant for a bag checked by Brian P. Regan onto a Lufthansa flight at Washington Dulles International Airport on August 23, 2001, which bag is more fully described in Attachment C to this affidavit. 4. Pursuant to the Foreign Intelligence Surveillance Act of 1978, as amended, Acting Attorney General Theodore B. Olson has approved use in this application, for law enforcement purposes, of information obtained and derived from searches and surveillance conducted under the authority of the act. BACKGROUND 5. Brian P. Regan is 30 years old, and he lives at [address deleted] Bowie, Maxyland. Regan is married and has two daughters and two sons. He served in the U.S. Air Force from August 1980 until retiring in August 2000. His training in the Air Force included cryptanalysis. His responsibilities included the administration of an Intelink website. Intelink is a classified U.S. government computer system accessible only by certain members of the U.S. Intelligence Community. Regan's last assignment with the Air Force was at the headquarters of the National Reconnaissance Office ("NRO"a) located in Chantilly, in the Eastern District of Virginia. During Regan's Air Force assignment at NRO, he had authorized access to classified U.S. national defense information up to the TOP SECRET level, and also had authorized access to sensitive compartmented information ("SCI"). Regan's access to Sensitive Compartmented Information was terminated when he retired from the Air Force on August 30, 2000. 6. The NRO is the national program to meet the U.S. government's intelligence needs through spaceborne reconnaissance. The NRO is an agency of the U.S. Department of Defense and receives its budget through that portion of the National Foreign Intelligence Program known as the National Reconnaissance Program, which is approved by both the Secretary of Defense and the Director of Central Intelligence. 7. Since October 2000, Regan has been employed by TRW in Fairfax, Virginia. On July 25, 2001, Regan's access to SCI was reinstated for his work for NRO as a TRW contractor. On July 30, 2001, Regan, as a TRW contractor, has been assigned to an NRO facility in Chantilly, Virginia. 8. Pursuant to Executive Order 12958 and its predecessor Executive Orders, information must be classified as TOP SECRET and properly safeguarded if the release of that information could reasonably be expected to cause "exceptionally grave damage to the national security." Pursuant to Executive Order 12958, and its predecessor, Executive Order 12356, information, the unauthorized disclosure of which reasonably could be expected to cause "serious damage to the national security," must be classified as "Secret." Pursuant to these same executive orders, "Confidential" information is information the unauthorized disclosure of which reasonably could be expected to cause damage to the national security. THE INVESTIGATION 9. In the Fall of 2000, reliable source information indicated that a number of U.S. government documents were provided to the government of Country A. The large majority of these documents are classified and relate to the U.S. national defense, and are not authorized for release to Country A. The remaining documents are portions of classified documents, which portions are unclassified, but which documents in their entirety are also not authorized for release to Country A. Most of the classified documents provided to country A consisted of electronic images, classified "Secret," taken from overhead platforms. Another document consisted of classified portions of a Centra1 Intelligence Agency intelligence report, classified "Secret," issued on a specific date. The particular copy of this report provided to Country A had been printed out eight days after the date the report was issued. Another of the documents consisted of two classified pages from a CIA newsletter, which newsletter overall is classified "Secret." Another of the documents was a document, classified "Secret," relating to a foreign country's satellite capability. Another of these documents was the unclassified cover page of a defense intelligence reference document classified "Top Secret." Another such document was one page from a document containing "Top Secret" information. Another such document was the unclassified table of contents for a particular intelligence manual classified "Top Secret." The documents also include two photographs, one classified "Secret" and the other classified "Confidential." 10. Also in the Fall of 2000, reliable source information revealed that an agent had provided the government of Country A separate information intended to accompany the documents described in paragraph 9, above. This accompanying information consisted of an introductory message, in English, and separate encrypted messages. The initial, unencrypted message appears to be an introductory letter containing instructions to prevent detection of the messages by the U.S. government. 11. The encrypted messages, which were decrypted by the U.S. government, set forth contact instructions, establish bona fides, and offered to provide additional classified information. In particular, the encrypted message gives instructions to respond to a specified email address on a free email provider. This email address was ostensibly established by one "Steven Jacobs," of a specific address in Alexandria, Virginia. Records of the provider indicate that this email address was established on August 3, 2000, and was accessed nine times between August 2000 and January 2001. Eight of the nine times this email address was accessed were from public libraries located in Anne Arundel and Prince George's Counties, Maryland. Regan's residence is located one half mile from a Prince George's County library with public internet access. One of the Anne Arundel County libraries used to access this account is in Crofton, approximately five miles from Regan's residence. Physical surveillance of Regan during May through August 2001 indicated that Regan regularly utilized the public internet access located in the Crofton library. The ninth library is the Tysons-Pimmit Library, in Falls Church, Virginia, which is located along the route Regan used to commute between his residence and his office. 12. The office formerly occupied by Brian P. Regan at the NRO, Chantilly, Virginia, was searched in April 2001. A copy of the intelligence manual referred to in paragraph 9, above, bearing Regan's name, was found on a shelf behind his former desk. 13. The computer formerly assigned to Brian P. Regan at the NRO, Chantilly, Virginia, was searched in April 2001. FBI special agents analyzed the hard drive of this computer and found that someone using Regan's password had surfed a large number of Intelink Uniform Resource Link ("URL") addresses pertaining to countries A, B and C. One of these URL addresses is for one of the overhead images discussed in paragraph 9, above. Also on the hard drive of Regan's computer were four URLs that correspond to the URL addresses for other documents described in paragraph 9, above. Other such URL addresses contain direct links to some of the other documents discussed in paragraph 9, above. In addition, NRO server records indicate that Regan's computer was used to gain access to three other documents described in paragraph 9, above. 14. Intelink audit records indicate that the URL for the CIA intelligence report described in paragraph 9, was accessed from the computer in Regan's former office at 8:52 p.m. on the date the particular copy of the report described in paragraph 9 had been printed out. NRO records indicate that Regan's electronic entry badge was used to enter his office suite at 1:55 p.m. on that date. Separate NRO security records indicate that Regan's passcode was used to set the alarm on the suite at 1:15 a.m. the following morning. Later that same day, Regan flew on a "space available" U.S. Air Force flight from Norfolk, Virginia, to Iceland, and thereafter traveled to additional locations in other countries in Europe. 15. The document noted in paragraph 9, above, which related to a foreign country's satellite capability, was composed expressly for and distributed at a course given at Colorado Springs, Colorado, that Regan attended July 28 through August 8, 1997. The course was given for members of the U.S. Intelligence Community with appropriate clearances. Regan was one of two NRO members who attended the course. Regan was the designated recipient for NRO for all classified materials distributed at the course. 16. Agents also have established that there are common spelling errors in the messages described in paragraphs 10, 11 and 12 above, and in documents typed on Regan's former NRO computer. 17. The FBI has had Regan under surveillance since June 2001. On several occasions while under surveillance, FBI personnel have observed Regan conducting what appear to be surveillance detection runs, that is, conducting multiple U-turns, pulling over to the side of the road, and appearing to be checking to see whether he is under surveillance. 18. On June 21, 2001, Regan sent an email from an account registered in his own name to an email account in the name of his wife. The email attached one page of alphanumeric encryption key that appears to be similar to the encryption technique described in paragraphs 10, 11 and 12, above. 19. On June 26, 2001, Regan traveled from Washington Dulles International Airport to Munich, Germany, on Lufthansa. Earlier, in June 2001, FBI surveillance observed Regan log onto the internet at a public library. When Regan departed, he failed to sign off the internet, so FBI personnel were able to observe which internet sites Regan had visited. One of the sites that Regan had visited provided the address for a diplomatic office of Country C in Switzerland. Regan also looked up a hotel in Zurich. Before Regan's flight departed on June 26, 2001, the FBI searched his checked suitcase, pursuant to a court order. Regan's suitcase contained glue and packing tape. Regan returned to Washington Dulles International Airport on July 3, 2001. 20. On August 23, 2001, the FBI conducted surveillance of Regan's office at NRO in Chantilly, Virginia, by closed circuit television, pursuant to a court order. Regan was observed looking at a "Secret" document on his computer terminal while taking notes in a small notebook which he took from, and returned to, his front pants pocket. A court-authorized search of Regan's computer confirmed that he had been logged onto Intelink accessing classified material. 21. Regan had reservations to Zurich, Switzerland, through Frankfurt, Germany, on Lufthanea, departing from Washington Dulles International Airport on August 23, 2001. Regan confirmed these reservations on August 11, 2001. Regan had reservations to return August 30, 2001. On August 23, 2001, Regan told a co-worker that he was driving to Orlando, Florida, to take his family to Disney World, leaving on August 27 and returning August 30, 2001. In addition, Regan wrote "Orlando, Florida" on a dry-erase board in his office suite, to indicate to his colleagues where he would be for this time period. Regan did not report to his employer, as required in light of his security clearances, that he would be traveling outside the country. 22. On August 23, 2001, at approximately 9:00 a.m., while Regan was occupied in a meeting at NRO, the FBI conducted a court-authorized search of Regan's Dodge Caravan. In that search, the FBI found a carry-on bag which contained four pages of what appears to be handwritten encrypted messages, one page of what appears to be a typewritten encrypted message, and what appears to be one page of a decryption key. The carry-on bag also contained handwritten addresses and phone numbers for diplomatic offices of Country D in Bern, Switzerland, and Vienna, Austria, and for a diplomatic office of Country C in Vienna. Also on the same day, the FBI searched, pursuant to a court order, the brown suitcase that is described in Attachment B. In that suitcase was a bottle of Elmer's glue and a roll of tape. 23. On August 23, 2001, Regan drove to Dulles Airport, arriving at approximately 1:00 p.m. Regan checked a brown suitcase at the Lufthansa counter. This suitcase was secured by the FBI and is in the custody of the FBI at Tyson's Corner, Virginia. Regan was bumped to a later flight. Regan then departed Dulles Airport and returned to his office at NRO. Regan drove back to Dulles Airport at approximately 5:3O p.m. and was stopped by the FBI in the airport terminal. Regan had with him, in his same carry-on bag, the same documents that were found in the search of his van earlier in the day. Also in Regan's carry-on bag when he was stopped by the FBI was an NRO document, marked "For Official Use Only," that listed classes available to members of the U.S. Intelligence Community. This document indicates the security clearance required to attend each class. This document consists of two pages, front and back, and FBI personnel had earlier observed Regan (via court-authorized closed circuit television) create this document by cutting and taping together documents, and then photocopying the taped-up document. When he was stopped, Regan was also carrying: approximately five blank, business-sized envelopes; three rubber gloves; and four finger sleeves. 24. Also in Regan's carry-on bag when he was stopped by the FBI at Dulles Airport on August 23, 2001, was a hand-held global positioning system ("GPS"). Based on my training and experience in intelligence matters, I know that a GPS unit can be used to locate a specific site for drop or signal sites. 25. On Regan's person when he was stopped by the FBI at Dulles Airport on August 23, 2001, was a spiral notebook, which appears to be the notebook in which Regan was taking notes while looking at classified information on his computar terminal earlier in the day on August 23, 2001. In addition, hidden in Regan's shoe, Regan had a piece of paper on which was written names and addresses in a country in Europe. 26. Regan was confronted by FBI special agents at the airport at approximately 5:35 p.m. In response to a question from this affiant, Regan denied knowledge of cryptology, coding and decoding. However, when shown photographs of the alphanumeric tables, which appear to be related to cryptology, which tables had been in his carry-on bag, he stated "This is my stuff." Regan was arrested shortly thereafter. 27. Financial checks indicated that in February 2001, Regan had consumer debts amounting to $53,000. 28. Based on the foregoing, I respectfully submit that there is probable cause to believe that Brian P. Regan knowingly and unlawfully conspired to commit espionage, that is, with intent and reason to believe that it would be used to the injury of the United States and to the advantage of a foreign nation, communicate, deliver, and transmit to a foreign government and to a representative and agent thereof, directly and indirectly, documents and information relating to the national defense, in violation of 18 U.S.C. § 794(c). I also respectfully submit that probable cause exists that fruits, evidence, and instrumentalities of a crime, namely, conspiracy to commit espionage, may be found in the suitcase that Regan checked at Dulles Airport on August 23, 2001, which suitcase is more fully described in Attachment B. Accordingly, I request a warrant to search the suitcase described in Attachment B for the items listed in Attachment A. Steven A. Carr Special Agent Federal Bureau of investigation Sworn to and subscribed before me this ____ of August 2001, ________________________ UNITED STATES MAGISTRATE JUDGE Alexandria, Virginia --------------------------------------------------------------------- ----------- ATTACHMENT A ITEMS TO BE SEIZED 1. Espionage paraphernalia, including devices designed to conceal and transmit national defense and classified intelligence information and material, and implements used by espionage agents to communicate with their handlers and with a foreign government, including, coded pads, signaling devices or implements, microdots, secret writing papers, any notes, letters, or written correspondence between Brian P. Regan and any agents of a foreign country, any computers (including laptops), computer disks, cameras, film, codes, telephone numbers, maps, photographs, and other materials relating to communication procedures or correspondence. 2. Records, notes, calendars, journals, maps, instructions, and classified documents and other papers relating to the transmittal of national defense and classified intelligence information. 3. United States and foreign currency, financial instruments, precious metals, jewelry, and other items of value, which are the proceeds of or assets derived from illegal espionage activities; any financial records of foreign or domestic bank accounts, including cancelled checks, statements, deposit slips, withdrawal slips, wire transfer requests and confirmations, account numbers, addresses, credit cards and credit card statements, financial and investment account records, reflecting proceeds or wealth from espionage activities, including financial records or documents in aliases. 4. Passports, visas, calendars, date books, address books, credit card and hotel receipts, airline records, reflecting travel in furtherance of espionage activities. 5. Identity documents (including those in aliases), including passports, licenses, visas, U.S. and foreign currency, instructions, maps, photographs, bank account numbers, and other materials related to emergency contact procedures and escape routes. 6. Materials used to alter documents, including glue and tape. 7. Safety deposit box records, including signature cards, bills, and payment records; any documents relating to storage sites where the defendant may be storing classified information or other items relating to espionage activities. 8. Federal, state, and local tax returns, work sheets, W-2 forms, 1099 forms, and related schedules. 9. Telephone bills and records, including calling cards and pager records. 10. Photographs, including photographs of co-conspirators. 1l. Computer hardware, software, and storage media, including any computer, laptop computer, modem, server, records, information and files contained within such computer hardware, software, or storage media. 12. Classified or official documents or information. --------------------------------------------------------------------- ----------- ATTACHMENT B DESCRIPTION OF SUITCASE TO BE SEARCHED The suitcase is a two-tone brown, cloth and leather-like, suitcase, approximately 24 by 18 inches, with two straps, with buckles, encircling the suitcase. The suitcase opens with zippers, and bears the words "Ricardo Beverly Hills." The suitcase has a Delta tag on it that reads: "K. Q. Feeley, [address deleted] Skaneatles, NY [deleted]" The suitcase has a Lufthansa tag on it that reads: "Brian Regan, [address deleted], Bowie, MD [deleted]" The suitcase is in the custody of the FBI in Tysons Corner, Virginia. -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3596 From: Scott Malcolm Date: Tue Aug 28, 2001 3:27pm Subject: Re:Private facial scanning databases > Subject: Private facial scanning databases The best part of the system is when a person wears a pair of sun glasses or a baseball cap their in a stealth mode and the data base no longer picks them out. ______________________________________________________________________ >Subject: Scarfo CIPA motion: http://www.knock-knock.com/federal_guidelines.htm (When warm milk just won't do.) Regards, Scott Malcolm Malcolm & Associates, Inc. Serving the State of Wisconsin http://www.execpc.com/~conf-pi Office 262 965 4426 / Fax 262 965 4629 3597 From: James Goldston Date: Wed Aug 29, 2001 7:13am Subject: RE: Email and fax disclaimers While the referenced disclaimer may be a personally-derived disclaimer, many firms attach banners at the bottom of every email message. In these cases it is beyond the control of the sender. James > -----Original Message----- > From: Steve Uhrig [mailto:steve@s...] > Sent: Sunday, August 26, 2001 4:11 PM > To: tscm-l@yahoogroups.com > Subject: [TSCM-L] Email and fax disclaimers > > > > If you are not the named recipient, any review, dissemination, > > distribution or copying of this communication is prohibited. > > If you received this transmission in error, please contact me > > immediately for instructions." > > The people who add these nonsense disclaimers to their emails > and faxes have overblown egos. [snip] 3598 From: Steve Uhrig Date: Wed Aug 29, 2001 9:18am Subject: RE: Email and fax disclaimers Once upon a midnight dreary, James Goldston pondered, weak and weary: > While the referenced disclaimer may be a personally-derived > disclaimer, many firms attach banners at the bottom of every > email message. In these cases it is beyond the control of the > sender. Regardless of the source, it still makes one look like someone with an overblown ego. And his employer, too. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 3599 From: James M. Atkinson Date: Wed Aug 29, 2001 9:52am Subject: Newspapers 1. The Wall Street Journal is read by the people who run the country. 2. The New York Times is read by people who think they run the country. 3. The Washington Post is read by people who think they ought to run the country. 4. USA Today is read by people who think they ought to run the country but don't understand the Washington Post. 5. The Los Angeles Times is read by people who wouldn't mind running the country, if they could spare the time. 6. The Boston Globe is read by people whose parents used to run the country. 7. The New York Daily News is read by people who aren't too sure who's running the country. 8. The New York Post is read by people who don't care who's running the country, as long as they do something scandalous. 9. The San Francisco Chronicle is read by people who aren't sure there is a country, or that anyone is running it. 10. The Miami Herald is read by people who are running another country. -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3600 From: James M. Atkinson Date: Wed Aug 29, 2001 10:14am Subject: Arkansas Woman Killed in Mistaken Rapture Arkansas Woman Killed in Mistaken Rapture ARKANSAS CITY (EAP) -- A Little Rock woman was killed yesterday after leaping through her moving car's sun roof during an incident best described as a "mistaken rapture" by dozens of eye-witnesses. Thirteen other people were injured after a twenty-car pile-up resulted from people trying to avoid hitting the woman who was apparently convinced that the rapture was occurring when she saw twelve people floating up into the air, and then passed a man on the side of the road who she claimed was Jesus. "She started screaming 'He's back!, He's back!' and climbed right out of the sunroof and jumped off the roof of the car," said Everet Williams, husband of 28-year-old Georgann Williams who was pronounced dead at the scene. "I was slowing down but she wouldn't wait till I stopped," Willams said. She thought the rapture was happening and was convinced that Jesus was gonna lift her up into the sky," he went on to say. "This is the strangest thing I've seen since I've been on the force," said Paul Madison, first officer on the scene. Madison questioned the man who looked like Jesus and discovered that he was on his way to a toga costume party, when the tarp covering the bed of his pickup truck came loose and released twelve blow-up sex dolls filled with helium which then floated up into the sky. Ernie Jenkins, 32, of Fort Smith, who's been told by several of his friends that he looks like Jesus, pulled over and lifted his arms into the air in frustration, just as the Williams' car passed him, and Mrs. Williams was sure that it was Jesus lifting people up into the sky as they passed by him, according to her husband, who says his wife was a devout Christian. When asked for comments about the twelve sex dolls, Jenkins replied, "This is all just too weird for me. I never expected anything like this to happen." -- ---------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ---------------------------------------------------------------------- Come, my friends, 'Tis not too late to seek a newer world. Push off, and sitting well in order smite The sounding furrows; for my purpose holds To sail beyond the sunset, and the baths Of all the western stars, until I die. - Tennyson, "Ulysses" ---------------------------------------------------------------------- 3601 From: Aimee Farr Date: Wed Aug 29, 2001 11:03am Subject: Konop to get a workover http://www.siliconvalley.com/docs/news/tech/026405.htm Appeals court reworking opinion in pilot lawsuit HONOLULU (AP) -- A federal appeals court panel said Tuesday it has withdrawn an opinion that supported the claims of a Hawaiian Airlines pilot who accused company officials of illegally entering his secure Internet site. The three-judge panel of the 9th U.S. Circuit Court of Appeals ruled in January that a California court erred when it did not order a trial on Robert Konop's claims that airline officials violated the Wiretap Act and other federal laws in 1995 by reading the Web site. The ruling was hailed as a victory for operators of private Web sites who want to guard against trespassers. [...] This is the result of heavy lobbying by LEA. A Google search should turn up some news material, for those interested. ~Aimee