Kill Process
Page 28
“Why’s the packet different?”
“Onion routing and obfuscation. Each node decrypts, removes address information, then pads with random data to change the length of the packet and re-encrypts. If she’s smart, she’s doing this specifically to make the analysis we’re doing far harder. I was one step ahead of her, figured she’d try that and so I created a statistical search model adjusting for data permutation. Now, here at Filter Cafe, we see an actual Internet connection, a VPN connection originated at a coffee shop in San Diego and terminating at the same MAC address as the device that sent those packets. You know what this means, right? We’re going to have to run the whole shebang again, because there’s no way this connection originated in San Diego. We have to keep going backwards.” Pete smiles. “Get me more compute time. You might want to ask for a few hours, because this will take a while.”
Chris shakes his head. “I can’t go back to Enso twice in one day. Can’t you do the search at ONI, and assume you’re looking for another endpoint within a few blocks?”
Pete hems and haws, but agrees to try.
Thirty minutes later, he finds the matching node, a hotel in the Gaslamp district. Pete passes the information on to Daly.
“You ought to send a team out. There’s a device somewhere within signal range of each of these access points. You might be able to track the hardware back to Angie.”
“What do I tell them to look for?”
“It could be anything from a laptop to a box the size of a deck of cards. It’ll need power. They’ll need to triangulate the wi-fi signal of every device that’s connecting to the access points of these coffee shops. I’ll give them the technical details.”
Chris nods. “Give me a bit.” He disconnects from Pete and wonders if he’s getting in over his head.
His typical private job was easy. The customer wants data on someone, Chris pulls their complete file from the central database, analyzes it himself, and turns over what the client asked for.
Angie has proven vastly more difficult. So far, he’s involved Naval Intelligence, the psych arm housed in the Army, and the NSA. He wonders if it’s time to go back to the client for a higher fee. Not yet. It might be better to trade for a favor.
He makes a call to his liaison at the FBI, and using his official FCC identity, claims he’s investigating a pirate radio station. He gets the FBI to deploy a tech team in San Diego to find the hardware connecting the coffee shop with a hotel bordering the Gaslamp District.
He reconnects with Pete. “Listen, I want someone on Angie full-time. Let’s compromise her phone, her computer, her office. I want every email as she’s composing it, see every photo she takes, I want her phone mic on 24/7 and a transcript of every conversation, and I want to know what she eats for breakfast.”
Pete shakes his head. “We still don’t know for sure she’s done anything.”
“Let’s make damn sure of it then. If she doesn’t have anything to hide, fine. We can discontinue after a week.”
“We’ll need a rotating team then, three analysts around the clock if you want that level of observation.”
“Do it,” Chris says.
Pete sighs and types something into his computer only he can see, then turns away to talk to someone off-screen. “Done,” he says, when he comes back in front of the camera. “It’ll probably be eight hours or so before we’ve compromised everything.”
“What’s next on backtracking the onion network?”
“I go home,” Pete says. “I’ve got dinner with my kids. I’ll finish it tomorrow.”
“Come on, I need this now.”
“The data’s not going away. The search could take days.”
“Backtrack one more node for me.”
Pete stares at the floor for a minute. “Fine. Let me call my wife.” Pete leaves, probably so he can call from outside the secure environment of their office. When he comes back a few minutes later, he bangs on the keyboard harder.
Chris ignores the passive aggressive behavior. Pete’s working, and that’s what matters.
Except soon Pete stops typing.
“This stuff has an impact, you know. My kid’s got a homework project I’m supposed to help her with.”
“This is government business,” Chris says. “We’re tracking down a potentially dangerous computer criminal. You can’t compare that to a homework project.”
“Except there’s always someone. A terrorist needs fact-finding, or a politician might be corrupt. It doesn’t ever stop. My daughter, she only gets so many homework projects. If I don’t help her now, I’ve missed the opportunity for all time.”
Daly stares at Pete through the video connection. “What is wrong with your priorities? A woman running a soon-to-be influential tech company may be a major computer hacker. Have you read her chat messages? She told her employees she wants them to encrypt every message sent over the system and specifically tells them not to use any of the protocols we’ve compromised. Do you know what this could do to national security? This isn’t a run-of-the-mill investigation of some freak halfway around the world.”
Pete leans in close to the video camera. “I get it, and that’s why I’m still here. You and Enso come in with these urgent requests all the time, though. I’ve missed every one of my kids’ performances this year. You two need a little more respect.”
Chris leans back in his chair. One of the things that makes him so effective in his job is that he’s just as innocuous as can be. No matter where he goes, people see him as a pushover. He’s deliberately cultivated what he’s come to think of as negative presence. Where some people use their walk, posture and stance to command people’s attention, when Chris walks into a room, everyone’s eyes wander past him, and they wonder why they even looked up in the first place. The downside of this is even nerds like Pete think they can boss him around. Of course, if he rose to the challenge, it would defeat the whole purpose of cultivating negative presence in the first place.
He falls into the chair a little deeper and says “Of course, Pete. I’ll talk to Enso about it.”
Pete nods, and goes back to typing.
While Pete’s staring off at another window on his own screen, Chris stares at Pete’s brachial plexus, where the bundle of nerves exits the spinal column near the neck and feathers into the separate nerves controlling the arm. He’d strike Pete there, stunning him and leaving him without use of his arms for a few minutes. Then he’d leisurely strangle him. Kind of hard to do through the video camera through.
Mastering negative presence requires channeling his proclivities more deeply. Daly leans back in his chair and waits.
An hour later he’s deep in meditation when Pete breaks the silence.
“Damn.”
“What?”
“I traced her back through two more nodes. This isn’t easy. It’s not like we have metadata for every single transmission in the world. I need to compensate for missing nodes, correlate across records, and account for the fact she’s transmogrifying the data at each node. Working backwards from San Diego, the data originated from a hospital’s intranet. I had to compromise their firewall so I could access the router’s logs, which they fortunately preserved, to find a doctor’s computer, and then back through this same doctor’s home PC, which was accessing the work computer through LogMeIn, and from that doctor to a server in Sweden. Luckily we compromised the Swedish ISP’s trunk line way back, so we have all that data. Then we run into a problem.”
“What?”
“The Swedish connection originates from a node in the Russian botnet.”
“Damn.”
“Exactly,” Pete says. “They’ve got their own onion network. We’ve partially compromised it, but our coverage is spotty. The NSA has the records, but it’s under the jurisdiction of the Department of Justice Computer Crime division. You’re going to need to their permission.”
Chris had no contacts at DOJ. Enso could make it happen, and even then, only with a lot of questions
.
“Okay, look. Forget about backtracking the connection to Brazil. What about pattern matching the size and timing of packets? She’s here in Portland. Do we see data traffic originating from anywhere in Portland, similar to what you’ve found between the nodes in her network?”
“I’m going to need another NSA search.”
“Goddamnit, I can’t, not today.”
“That’s okay. Because I’m heading home.” Pete gets up his chair. Peers down at the camera. “I’m going to see my kid before she goes to bed. You can send me the NSA search approval tomorrow.”
Pete disconnects the video conference.
The little shit! Chris hurls his phone at the wall, glass splinters, and it falls to the ground.
Chris takes a deep breath. This bitch is making his life miserable. She’s going to pay for it, one way or another. Time to take a look up close and personal.
CHAPTER 37
* * *
ON THE WAY to the storage facility to break into Lewis’s email, I call Thomas.
“Thomas, there’s some crazy shit happening at work. The financing didn’t close, and Tomo is trying to buy us.” I fill him in on the details. “I’m sorry about yesterday and this morning. I want to set your expectation: I have no idea what I’m going to be doing or where I will be until this all gets resolved. Don’t freak out, okay?”
I have to admit, a hostile takeover of your company is a pretty good get-out-of-jail-free card for ignoring your boyfriend and being MIA for twenty-four hours.
“Holy cow,” he says. “You need anything from me?”
“Understanding and patience.”
“You got it. I’m sorry about this morning. I had no idea all this was going on.”
“It’s okay. I’ll let you know as soon as I learn anything significant.”
I hang up and realize that was easier than expected. Granted, I’ve got a killer excuse, but still, now I don’t need to worry about being incommunicado and Thomas being worried. There’s part of me that’s pissed about the whole dynamic, and why I should be accountable to Thomas at all. A different part of me says Thomas deserves nothing less than the full truth.
“Stop!” I yell at myself. Great, I’ve become one of those crazy drivers who talks out loud to themselves. “Be quiet. I need to think.”
By the time I enter my storage room, I’ve created a plan. Lewis is no dummy. He won’t have left a record on Tomo, or any phones with Tomo installed. He’d know enough to use a burner phone, or an unassociated computer. I need to treat him as an aware adversary, not your typical clueless computer user.
I do all my usual setup: secured machine images, VPN, onion routing using my boxes.
I won’t be caught unaware of developments this time: the spare computer is set up with my email and usual stuff, going through a different trunk line on the fiber optic connections I’ve hijacked from Sprint on the other side of the cinderblock room. From there I VPN right back in to my home network through a neighbor’s Internet connection. To anyone else in the world who’s spying on me, I’ll appear to be working from home.
On my hacking computer, I download all of Lewis’s records. His email, chat records, and his text message, of course. I also grab all his metadata: the IP addresses he connects from, the geocoordinate history of his Tomo-connected phone, and his website browsing history.
On my local machine, I set my software to search for patterns, the same sort of data crunching I do to identify asshole abusers, but in this I’m looking for any interesting patterns.
While that’s working in the background, I connect to Dead Channel. Nathan’s already online waiting for me.
Angel> Am I suddenly interesting or something? Why are you always watching me?
SysOp> Because someone is watching you.
Angel> Yes, you.
SysOp> No, a different someone. Department of Motor Vehicles. Purchasing history. Emails. VPN history.
My mind nearly falls out learning that Nathan knows all this. It’s one thing to obtain access to the raw data. That’s relatively easy. You only need either a backdoor into the system, or a user login, or access to someone who has one of those. To know when other people are accessing the data implies something far greater: it means you’ve compromised their system to install these little alerts. Or you’re watching traffic over the network and see the requests as they go over the wire. Or, and this is even crazier, you’ve compromised the watchers themselves: the people and software that exist to detect any compromise in the system.
I wonder whether my relationship with Nathan goes deep enough to ask Nathan how he’s monitoring data access at that level. Then the bigger question hits me.
Angel> Who’s watching me?
SysOp> You tell me.
Argh. That’s just like Nathan to pull his Zen master philosophical bullshit.
There’s really only three basic possibilities. First, the government could be watching me, either because they know of my murders or because my online behaviors triggered counter-terrorist detection algorithms. Second, Tomo is investigating me because of my role in Tapestry. Third, a random hacker is trying to figure out who Angel of Mercy is.
I work my way through the options backwards. The odds of an errant computer jock tracking me down is low, probably the lowest it’s ever been since I’ve kept such a minimal profile for so long. Still, it’s not zero. Sometimes people try to track down old hackers, to figure out if they’ve given up the trade, been caught, or what.
If Tomo was investigating me, they could use an employee to track down my internal data. They might hire someone for a bit of corporate espionage, to access my Tapestry email and files. It would be a little unusual to look up my purchasing history, but maybe they’re blindly trying to discover something compromising they can use as leverage. On the other hand, DMV records would be pretty meaningless. What would they do, blackmail me for a speeding ticket? I’ve heard of people being caught having an affair when they’re pulled over with someone else in the car. It’s a long shot though, and I’m not even married. Maybe it’s Tomo.
The only other option is the government. It seems a little silly. On the one hand, I doubt local police would know what a VPN is, let alone be able to break the encrypted connection to access the underlying data. Not that I’m trying to toot my own horn, but only a federal agency with a three-letter acronym would possess the ability to track me. This hypothetical TLA agency would have access to the centralized intelligence databases created by the NSA. There’d be no reason to pull DMV records or purchasing history because they’d already store that data in their own database. It would be a waste of effort.
Hmm . . .
Angel> Was the first thing pulled the DMV records?
SysOp> :)
Angie> The government then. They fetch the same data over and over again, rather than trusting what’s already stored.
SysOp> Bingo.
Knowing the government was investigating me didn’t make me feel any better.
Angel> Why?
SysOp> That’s not the right question. Think who, not why.
Angel> I don’t want to play your games now.
SysOp> Chill. I promise this is interesting.
If they were on to me for the murders, it would be the FBI.
Angel> FBI?
SysOp> Try again.
If I triggered counter-terrorism detection rules, then the NSA. Or was it DHS? I can never remember who handles that.
Angel> NSA or DHS?
SysOp> Nope.
Well, that was interesting. What was left?
Angel> Secret Service?
SysOp> Now you’re just guessing. Office of Naval Intelligence.
Angel> Joking?
SysOp> Serious. ONI, “America’s premier maritime intelligence service” according to their own site.
What could I have done to merit involvement from Naval Intelligence? Had I killed any sailors or officers? I ran through the last year in my head. I couldn’t remembe
r all the details of every asshole I’ve killed, though I’d surely recall if they were Navy. I stayed clear of military systems because there are too many cyber security grunts guarding against the inevitable Chinese attack to make that worth the risk.
Angel> Any other requests from ONI?
SysOp> Thousands. Here are some interesting ones. Governor Whitmore, who suddenly decided not to run for reelection. Pierre Martin, CTO of the number two French telecom company, fired after a newspaper revealed he spent company funds on prostitutes. And this one: Congresswoman DeWalt, who was investigating black intelligence organizations before she spontaneously dropped it to focus on gun control.
A mushroom cloud of an explosion goes off in my head. Nathan’s found a black agency. I back away from the computer, suddenly nauseous. Public government agencies at least pay lip service to things like laws and people’s rights. The deeper and darker those agencies get, the less such niceties are observed. Nathan’s excited about his discovery, but my life is evaporating before my eyes. I could cease to exist at a moment’s notice.
* * *
Nathan and I agree there’s nothing much to do about the government observation, except to be ten times as cautious about my digital tracks.
SysOp> You can’t trust anything, not even your hardware, no matter how well you scrub it.
I’m prepared to hear they’d track my email and web browsing, though I’m surprised Nathan believes they’d compromise my physical devices.
Angel> My phone and computer are always with me.
SysOp> Right now? They’ll track you to the storage facility.
Angel> I bagged them both. EMF-proof.
SysOp> They only need a few seconds. You know about Avogadro and China, right?
Angel> No, what?
SysOp> When an Avogadro Corp employee goes to China, once they come back they take the employee’s phone and laptop and stick them in a giant shredder. The laptops are so thoroughly compromised with malware in software, firmware, and even hardware bugging devices they can’t ever be trusted. The laptops are typically out of employees’ hands for less than ten minutes as they go through customs. If that’s what China can do in ten minutes, what do you think the US government can do while you’re looking the other way?