Re: [TSCM-L] Re: gov't-planted bugs & TSCM professionals from Andre Holmes on 2006-05-17 (file.mbox)

From: Andre Holmes <1a..._at_GTE.NET>
Date: Wed, 17 May 2006 02:31:29 -0400

Andre Holmes
Neptune Enterprise Security

----- Original Message -----
From: "Trixter aka Bret McDanel" <tri..._at_0xdecafbad.com>
To: <TSCM-..._at_googlegroups.com>
Sent: Tuesday, January 01, 1980 6:54 AM
Subject: [TSCM-L] Re: gov't-planted bugs & TSCM professionals

-----Original Message-----
>From: "Joo Faloopa"<ratla..._at_yahoo.com>
>Sent: 5/16/06 1:35:53 PM
>To: "tscm-..._at_googlegroups.com"<tscm-..._at_googlegroups.com>
>Subject: [TSCM-L] gov't-planted bugs & TSCM professionals
>
>So- and apologies if this topic has come up before, but I'm curious- if
you're conducting a sweep (in the US), and you find listening devices
planted (presumably legally) by LEAs, how would you handle that?
>

How would you know who planted them? Presumably they won't be marked
"property of US government". If you tell the client before you knew, then
it would be a hard case against you as it would require you knowingly do
something (ie 18 usc 2 aiding and abeting).

When they planted devices at one of gotti's underlings they did a remote
kill on the transmitters to make them somewhat harder to locate, and the
sweeper didn't find any. After he left, he was grilled about what he found,
what he said, etc. The fbi didn't know if he found anything since they were
off during the sweep.

So the pattern suggests that you won't know until after the fact. Now if
you go back a second time then a case against you would be easy...

I personally think it would be irresponsible to assume they are govt issue
and not tell the client if you found anything. And just because the device
appears to be govt issue doesn't mean its 'ours', as such it wouldn't be
there legally.

It is a hard problem too solve, as you mentioned screening clients may work
sometimes, but what if its part of a SEC investigation or other white
collar fraud? The person would appear to be a normal businessman. I doubt
screening would have worked against the execs of microsoft (anti-trust) or
the many telcos (sec fraud) etc. I am not saying there were bugs, but they
may have hired sweepers...

Now with aldrich ames (cia officer convicted of treason, evidence gathered
in part by bugs) you might get suspicious why a cia guy needs outside
sweepers but his wife was in on it so she may hire, or he can say they don't
do homes or ....

At any rate I would notify the customer and remove at their option. I like
to give people the option, since if removed its known compromised, but if
left 'gardening' can occur, which can reveal who is listening, or just burn
their resources up tracking down bogus info.
Received on Sat Mar 02 2024 - 00:57:28 CST

This archive was generated by hypermail 2.3.0 : Sat Mar 02 2024 - 01:11:46 CST